bengsi
-
Innehållsantal
49 -
Gick med
-
Besökte senast
Allt postat av bengsi
-
. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Emma at 20:07:57 on 2012-08-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.2742 [GMT 2:00] . AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Tablet.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\TabUserW.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\Tablet.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Apoint\Apoint.exe C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Personal\bin\Personal.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ekort\ekort.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Program Files\Sony\VAIO Update Common\VUAgent.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\Apoint\Apvfb.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Windows\System32\vds.exe C:\Windows\system32\svchost.exe -k defragsvc C:\Windows\system32\taskhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uStart Page = hxxp://www.google.se/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-explorer: RestrictRun = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: RestrictRun = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {7DB2D5A0-7241-4E79-B68D-6309F01C5231} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {AA58ED58-01DD-4d91-8333-CF10577473F7} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {DBC80044-A445-435b-BC74-9C25C1C588A9} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} {2318C2B1-4965-11d4-9B18-009027A5CD4F} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} TB-X64: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 78.46.61.26 www.google-analytics.com. Hosts: 78.46.61.26 ad-emea.doubleclick.net. Hosts: 78.46.61.26 www.statcounter.com. Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-5-29 2143072] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920] R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416] R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856] R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568] . =============== Created Last 30 ================ . 2012-08-05 17:20:42 -------- d-----w- C:\Program Files\CCleaner 2012-08-05 16:12:01 -------- d-----w- C:\Users\Emma\AppData\Roaming\f-secure 2012-08-05 16:11:35 -------- d-----w- C:\ProgramData\F-Secure 2012-08-05 12:26:11 34656 ----a-w- C:\Windows\System32\TURegOpt.exe 2012-08-05 12:26:10 25952 ----a-w- C:\Windows\System32\authuitu.dll 2012-08-05 12:26:10 21344 ----a-w- C:\Windows\SysWow64\authuitu.dll 2012-08-05 12:25:15 -------- d-----w- C:\Users\Emma\AppData\Roaming\TuneUp Software 2012-08-05 12:24:59 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012 2012-08-05 12:24:11 -------- d-----w- C:\ProgramData\TuneUp Software 2012-08-05 12:23:27 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-08-05 12:23:27 -------- d--h--w- C:\ProgramData\Common Files 2012-08-03 13:00:42 -------- d-----w- C:\Program Files (x86)\ESET 2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe 2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe 2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe 2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe 2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix 2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes 2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM 2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll . ==================== Find3M ==================== . 2012-08-03 12:41:56 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-03 12:41:56 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe . ============= FINISH: 20:08:45,54 =============== Attach.zip
-
Sedan försökte jag med microsofts fix it-guide för hosts, men hur vet jag om det funkade (vilket det väl troligtvis inte gjorde...)? Köra en ny DDS?
-
Det står något i en svart ruta, men den försvinner så snabbt att det inte går att läsa. När jag kör ccleaner ser det ut så här efter analysen: och överst står det "Detaljer för filer som kan tas bort (OBS: Inga filer har tagits bort än)". Exempelvis verkar den ju vilja ta bort McAfee antivirus, Office, m.m. Vilket väl inte ska behövas?
-
Följde anvisningarna till punkt och pricka, i felsäkert läge den här gången, men det funkade ändå inte. Sedan betedde sig programmet inte som det står på punkt 3, utan stängde ner sig själv automatiskt efter någon mikrosekund (fast det såg jag i den andra guiden att det skulle göra?). Angående Ccleaner så lät jag den analysera först, och den ville radera flera program som jag vill/behöver spara, så vågade inte fortsätta med städningen ... kan man välja vilka den ska radera?
-
Ja.
-
Har försökt med den guiden innan också, och nu igen, men det funkar inte. Trots att jag är administratör och anger detta, säger datorn att jag inte har behörighet till mappen. Dessutom säger den att det redan finns en Hosts-fil när jag vill spara den nya, trots att den gamla är raderad :S
-
Scannade med malwarebytes, men den hittade inget. När jag försökte återställa hosts-filen gjorde jag som det stod här: http://support.microsoft.com/kb/972034/sv Först själv, eftersom guiden inte funkade i säkerhetsläget, och nu använde jag Fix it, men vet inte om det funkade... I vilket fall är de där jobbiga pop-up-grejerna fortfarande kvar :/
-
Har kört onlinescannern igen, men den hittade inget den här gången. Kanske för att McAfee tagit hand om det? Men det dyker fortfarande upp små popup-grejer på varenda sida jag går in på, som den här: Kan jag göra något åt det?
-
Körde en helscan med McAfee, och den rapporterade så här: Tänkte köra online-scannern igen så den kan ta bort det?
-
Så här säger Eset online scanner log: ------------------------- ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK --------------------- Denna var den enda fil den hittade: C:\Users\Emma\AppData\Local\eodpmun.exe a variant of Win32/Kryptik.AJIL trojan
-
Vad kan jag göra åt hosts-filen? Följde instruktionerna precis som det stod, och det verkade fungera åtminstone :/ För övrigt så kommer det upp små pop up-annonser i hörnet på mer eller mindre alla internetsidor jag går in på nu, inklusive den här (alltomwindows). Någon som vet varför? Har startat mitt virusprogram (McAfee) igen, och även kollat säkerhetsnivån på min webbläsare...
-
Här är resultatet från virustotal.com SHA256: f20220ecaa18c52fc73147f7758d22b3a17219896d3e752c2a6a7dfcd9c82859 SHA1: 98e29f4d488252a6817997010db07b53fc14c511 MD5: 582a0be42c6c8a4da1041334c55d7d7f File size: 444.0 kB ( 454656 bytes ) File name: eodpmun.exe File type: Win32 EXE Detection ratio: 13 / 41 Analysis date: 2012-08-03 12:50:59 UTC ( 1 minut ago ) 0 0 More details Antivirus Result Update AhnLab-V3 - 20120802 AntiVir TR/Ransom.Mbro.tfw 20120803 Antiy-AVL - 20120803 Avast Win32:Trojan-gen 20120803 AVG Win32/Cryptor 20120803 BitDefender - 20120803 ByteHero - 20120723 CAT-QuickHeal - 20120803 ClamAV - 20120803 Commtouch - 20120803 Comodo - 20120803 DrWeb Trojan.Fakealert.30673 20120803 Emsisoft - 20120803 eSafe - 20120802 ESET-NOD32 a variant of Win32/Kryptik.AJIL 20120803 F-Prot - 20120803 F-Secure - 20120803 Fortinet - 20120803 GData - 20120803 Ikarus - 20120803 Jiangmin - 20120803 K7AntiVirus - 20120802 Kaspersky Trojan-Ransom.Win32.Mbro.tfw 20120803 McAfee FakeAlert-SecurityTool.fa 20120803 McAfee-GW-Edition FakeAlert-SecurityTool.fa 20120802 Microsoft Rogue:Win32/Winwebsec 20120803 Norman W32/FakeAV.BFUV 20120803 nProtect - 20120803 Panda Trj/CI.A 20120803 Rising - 20120803 Sophos Mal/EncPk-AGC 20120803 SUPERAntiSpyware - 20120803 Symantec - 20120803 TheHacker - 20120801 TotalDefense - 20120802 TrendMicro - 20120803 TrendMicro-HouseCall - 20120803 VBA32 - 20120803 VIPRE - 20120803 ViRobot Trojan.Win32.A.Mbro.454656 20120803 VirusBuster - 20120802
-
Vågar inte säga något säkert, men ser inga tecken på att det är kvar när jag startar datorn nu (i normalt läge). Ovan är DDS från efter jag kört TFC. Cecilia: ja, trodde att Sansa bara råkade komma med, det är från min mp3. Men om det försvann är det väl bara att installera om den, eller hur?
-
. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Emma at 14:15:01 on 2012-08-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.2591 [GMT 2:00] . AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Tablet.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\TabUserW.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\Tablet.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Personal\bin\Personal.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\ekort\ekort.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Windows\SysWOW64\OBroker.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [AdobeBridge] mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe uPolicies-explorer: RestrictRun = 0 (0x0) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: RestrictRun = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {7DB2D5A0-7241-4E79-B68D-6309F01C5231} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {AA58ED58-01DD-4d91-8333-CF10577473F7} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {DBC80044-A445-435b-BC74-9C25C1C588A9} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} {2318C2B1-4965-11d4-9B18-009027A5CD4F} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} TB-X64: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 78.46.61.26 www.google-analytics.com. Hosts: 78.46.61.26 ad-emea.doubleclick.net. Hosts: 78.46.61.26 www.statcounter.com. Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960] R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416] R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192] S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568] S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736] S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] . =============== Created Last 30 ================ . 2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe 2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe 2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe 2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe 2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix 2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes 2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-02 15:26:44 454656 ----a-w- C:\Users\Emma\AppData\Local\eodpmun.exe 2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM 2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll . ==================== Find3M ==================== . 2012-07-28 11:43:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-28 11:43:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe . ============= FINISH: 14:18:04,63 =============== Attach.zip
-
Jag körde aldrig klart ComboFix, utan avbröt den för jag inte visste hur jag skulle göra. Ska jag köra den? Innan eller efter TFC? (har inte hunnit med den än, har bara bytt Hosts-filen).
-
Datorn funkar sådär i normalt läge (kan flytta på dokument och så där), men varken internet eller program går att starta. Spelar det någon roll att programmen kördes i säkert läge?
-
RogueKiller V7.6.4 [07/17/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User: Emma [Admin rights] Mode: Scan -- Date: 08/03/2012 12:25:27 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 7 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : SansaDispatch (C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND [sUSP PATH] HKUS\S-1-5-21-2128678161-3252551140-423464280-1000[...]\Run : SansaDispatch (C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost 78.46.61.26 www.google-analytics.com. 78.46.61.26 ad-emea.doubleclick.net. 78.46.61.26 www.statcounter.com. 108.163.215.51 www.google-analytics.com. 108.163.215.51 ad-emea.doubleclick.net. 108.163.215.51 www.statcounter.com. ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BEVT-26A0RT0 +++++ --- User --- [MBR] 36936ee8b0ff088f0bc3ce6dbaa3ae40 [bSP] dcd4736cb8dcc105dd1251df47b4ec48 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14552 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29804544 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30009344 | Size: 462286 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt ------------------------------------ RogueKiller V7.6.4 [07/17/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User: Emma [Admin rights] Mode: Remove -- Date: 08/03/2012 12:25:58 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 6 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : SansaDispatch (C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe) -> DELETED [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2) [HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1) [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost 78.46.61.26 www.google-analytics.com. 78.46.61.26 ad-emea.doubleclick.net. 78.46.61.26 www.statcounter.com. 108.163.215.51 www.google-analytics.com. 108.163.215.51 ad-emea.doubleclick.net. 108.163.215.51 www.statcounter.com. ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BEVT-26A0RT0 +++++ --- User --- [MBR] 36936ee8b0ff088f0bc3ce6dbaa3ae40 [bSP] dcd4736cb8dcc105dd1251df47b4ec48 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14552 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29804544 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30009344 | Size: 462286 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt --------------------------------- RogueKiller V7.6.4 [07/17/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User: Emma [Admin rights] Mode: Shortcuts HJfix -- Date: 08/03/2012 12:28:57 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ File attributes restored: ¤¤¤ Desktop: Success 1 / Fail 0 Quick launch: Success 1 / Fail 0 Programs: Success 28 / Fail 0 Start menu: Success 2 / Fail 0 User folder: Success 253 / Fail 0 My documents: Success 14 / Fail 0 My favorites: Success 0 / Fail 0 My pictures: Success 1 / Fail 0 My music: Success 18 / Fail 0 My videos: Success 0 / Fail 0 Local drives: Success 631 / Fail 0 Backup: [NOT FOUND] Drives: [C:] \Device\HarddiskVolume3 -- 0x3 --> Restored [D:] \Device\HarddiskVolume4 -- 0x2 --> Restored [E:] \Device\CdRom0 -- 0x5 --> Skipped [F:] \Device\HarddiskVolume5 -- 0x2 --> Restored ¤¤¤ Infection : ¤¤¤ Finished : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt --------------------------- De tre rapporterna från RogueKiller.
-
Jag tror att länken är ofullständig? Tack för hjälpen än så länge iaf!
-
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-08-03 11:32:48 ----------------------------- 11:32:48.902 OS Version: Windows x64 6.1.7601 Service Pack 1 11:32:48.902 Number of processors: 4 586 0x2502 11:32:48.902 ComputerName: EMMA-VAIO UserName: Emma 11:32:50.431 Initialize success 11:33:04.658 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 11:33:04.658 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3 11:33:04.658 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006c 11:33:04.658 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0 11:33:04.658 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006d 11:33:04.658 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0 11:33:04.674 Disk 0 MBR read successfully 11:33:04.674 Disk 0 MBR scan 11:33:04.690 Disk 0 Windows 7 default MBR code 11:33:04.690 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14552 MB offset 2048 11:33:04.705 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29804544 11:33:04.721 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462286 MB offset 30009344 11:33:04.752 Disk 0 scanning C:\Windows\system32\drivers 11:33:12.490 Service scanning 11:33:46.248 Modules scanning 11:33:46.248 Disk 0 trace - called modules: 11:33:46.295 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 11:33:46.295 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005373060] 11:33:46.295 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa80035b0e40] 11:33:46.311 5 ACPI.sys[fffff88000f887a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80042e3050] 11:33:46.311 Scan finished successfully 11:35:23.046 Disk 0 MBR has been saved successfully to "C:\Users\Emma\Desktop\MBR.dat" 11:35:23.046 The log file has been saved successfully to "C:\Users\Emma\Desktop\aswMBR.txt" (Från aswMBR)
-
Inlägget ovan är det programmet TDSSKiller skapade. När jag körde programmet sa den att inget hittades. Fortsätter med de övriga punkterna nu.
-
11:23:17.0739 3600 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 11:23:18.0269 3600 ============================================================ 11:23:18.0269 3600 Current date / time: 2012/08/03 11:23:18.0269 11:23:18.0269 3600 SystemInfo: 11:23:18.0269 3600 11:23:18.0269 3600 OS Version: 6.1.7601 ServicePack: 1.0 11:23:18.0269 3600 Product type: Workstation 11:23:18.0269 3600 ComputerName: EMMA-VAIO 11:23:18.0269 3600 UserName: Emma 11:23:18.0269 3600 Windows directory: C:\Windows 11:23:18.0269 3600 System windows directory: C:\Windows 11:23:18.0269 3600 Running under WOW64 11:23:18.0269 3600 Processor architecture: Intel x64 11:23:18.0269 3600 Number of processors: 4 11:23:18.0269 3600 Page size: 0x1000 11:23:18.0269 3600 Boot type: Safe boot with network 11:23:18.0269 3600 ============================================================ 11:23:18.0722 3600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:23:18.0722 3600 ============================================================ 11:23:18.0722 3600 \Device\Harddisk0\DR0: 11:23:18.0722 3600 MBR partitions: 11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C6C800, BlocksNum 0x32000 11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C9E800, BlocksNum 0x386E7030 11:23:18.0722 3600 ============================================================ 11:23:18.0737 3600 C: <-> \Device\Harddisk0\DR0\Partition1 11:23:18.0737 3600 ============================================================ 11:23:18.0737 3600 Initialize success 11:23:18.0737 3600 ============================================================ 11:23:32.0403 2528 ============================================================ 11:23:32.0403 2528 Scan started 11:23:32.0403 2528 Mode: Manual; 11:23:32.0403 2528 ============================================================ 11:23:33.0089 2528 0048881343150844mcinstcleanup - ok 11:23:33.0245 2528 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:23:33.0448 2528 1394ohci - ok 11:23:33.0542 2528 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 11:23:33.0542 2528 ACDaemon - ok 11:23:33.0604 2528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:23:33.0604 2528 ACPI - ok 11:23:33.0651 2528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:23:33.0651 2528 AcpiPmi - ok 11:23:33.0713 2528 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 11:23:33.0713 2528 Adobe LM Service - ok 11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc - ok 11:23:33.0932 2528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:23:33.0963 2528 adp94xx - ok 11:23:34.0010 2528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:23:34.0025 2528 adpahci - ok 11:23:34.0057 2528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:23:34.0072 2528 adpu320 - ok 11:23:34.0103 2528 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:23:34.0103 2528 AeLookupSvc - ok 11:23:34.0181 2528 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:23:34.0181 2528 AFD - ok 11:23:34.0228 2528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:23:34.0228 2528 agp440 - ok 11:23:34.0259 2528 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:23:34.0275 2528 ALG - ok 11:23:34.0306 2528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:23:34.0306 2528 aliide - ok 11:23:34.0369 2528 AMD External Events Utility (0773999e53bce395f2c76df004f1b814) C:\Windows\system32\atiesrxx.exe 11:23:34.0369 2528 AMD External Events Utility - ok 11:23:34.0400 2528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:23:34.0400 2528 amdide - ok 11:23:34.0447 2528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:23:34.0447 2528 AmdK8 - ok 11:23:34.0478 2528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:23:34.0478 2528 AmdPPM - ok 11:23:34.0525 2528 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:23:34.0525 2528 amdsata - ok 11:23:34.0571 2528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:23:34.0587 2528 amdsbs - ok 11:23:34.0603 2528 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:23:34.0603 2528 amdxata - ok 11:23:34.0649 2528 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys 11:23:34.0665 2528 ApfiltrService - ok 11:23:34.0712 2528 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:23:34.0712 2528 AppID - ok 11:23:34.0727 2528 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:23:34.0727 2528 AppIDSvc - ok 11:23:34.0774 2528 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:23:34.0774 2528 Appinfo - ok 11:23:34.0837 2528 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:23:34.0837 2528 arc - ok 11:23:34.0868 2528 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:23:34.0868 2528 arcsas - ok 11:23:34.0899 2528 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 11:23:34.0899 2528 ArcSoftKsUFilter - ok 11:23:34.0946 2528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:23:34.0946 2528 AsyncMac - ok 11:23:34.0993 2528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:23:34.0993 2528 atapi - ok 11:23:35.0133 2528 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 11:23:35.0164 2528 athr - ok 11:23:35.0710 2528 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys 11:23:35.0819 2528 atikmdag - ok 11:23:36.0022 2528 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:23:36.0038 2528 AudioEndpointBuilder - ok 11:23:36.0038 2528 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:23:36.0038 2528 AudioSrv - ok 11:23:36.0100 2528 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:23:36.0100 2528 AxInstSV - ok 11:23:36.0178 2528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:23:36.0194 2528 b06bdrv - ok 11:23:36.0256 2528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:23:36.0256 2528 b57nd60a - ok 11:23:36.0303 2528 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:23:36.0303 2528 BDESVC - ok 11:23:36.0319 2528 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:23:36.0319 2528 Beep - ok 11:23:36.0412 2528 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 11:23:36.0459 2528 BFE - ok 11:23:36.0568 2528 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:23:36.0615 2528 BITS - ok 11:23:36.0709 2528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:23:36.0709 2528 blbdrive - ok 11:23:36.0740 2528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:23:36.0740 2528 bowser - ok 11:23:36.0787 2528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:23:36.0787 2528 BrFiltLo - ok 11:23:36.0802 2528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:23:36.0802 2528 BrFiltUp - ok 11:23:36.0896 2528 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 11:23:36.0896 2528 BridgeMP - ok 11:23:36.0927 2528 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:23:36.0927 2528 Browser - ok 11:23:36.0974 2528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:23:36.0989 2528 Brserid - ok 11:23:37.0021 2528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:23:37.0021 2528 BrSerWdm - ok 11:23:37.0052 2528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:23:37.0052 2528 BrUsbMdm - ok 11:23:37.0067 2528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:23:37.0083 2528 BrUsbSer - ok 11:23:37.0145 2528 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 11:23:37.0145 2528 BthEnum - ok 11:23:37.0208 2528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:23:37.0208 2528 BTHMODEM - ok 11:23:37.0239 2528 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 11:23:37.0239 2528 BthPan - ok 11:23:37.0317 2528 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 11:23:37.0333 2528 BTHPORT - ok 11:23:37.0379 2528 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:23:37.0379 2528 bthserv - ok 11:23:37.0395 2528 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 11:23:37.0395 2528 BTHUSB - ok 11:23:37.0442 2528 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 11:23:37.0442 2528 btusbflt - ok 11:23:37.0489 2528 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 11:23:37.0489 2528 btwaudio - ok 11:23:37.0551 2528 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys 11:23:37.0551 2528 btwavdt - ok 11:23:37.0738 2528 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 11:23:37.0754 2528 btwdins - ok 11:23:37.0785 2528 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 11:23:37.0785 2528 btwl2cap - ok 11:23:37.0816 2528 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys 11:23:37.0816 2528 btwrchid - ok 11:23:37.0847 2528 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:23:37.0847 2528 cdfs - ok 11:23:37.0894 2528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 11:23:37.0894 2528 cdrom - ok 11:23:37.0941 2528 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:23:37.0957 2528 CertPropSvc - ok 11:23:38.0019 2528 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys 11:23:38.0019 2528 cfwids - ok 11:23:38.0050 2528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:23:38.0050 2528 circlass - ok 11:23:38.0097 2528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:23:38.0113 2528 CLFS - ok 11:23:38.0175 2528 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:23:38.0175 2528 clr_optimization_v2.0.50727_32 - ok 11:23:38.0237 2528 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:23:38.0237 2528 clr_optimization_v2.0.50727_64 - ok 11:23:38.0331 2528 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:23:38.0331 2528 clr_optimization_v4.0.30319_32 - ok 11:23:38.0409 2528 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:23:38.0409 2528 clr_optimization_v4.0.30319_64 - ok 11:23:38.0440 2528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:23:38.0440 2528 CmBatt - ok 11:23:38.0471 2528 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:23:38.0471 2528 cmdide - ok 11:23:38.0518 2528 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 11:23:38.0518 2528 CNG - ok 11:23:38.0581 2528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:23:38.0581 2528 Compbatt - ok 11:23:38.0612 2528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:23:38.0612 2528 CompositeBus - ok 11:23:38.0627 2528 COMSysApp - ok 11:23:38.0659 2528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:23:38.0659 2528 crcdisk - ok 11:23:38.0705 2528 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 11:23:38.0705 2528 CryptSvc - ok 11:23:38.0768 2528 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:23:38.0768 2528 DcomLaunch - ok 11:23:38.0815 2528 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:23:38.0830 2528 defragsvc - ok 11:23:38.0861 2528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:23:38.0861 2528 DfsC - ok 11:23:38.0924 2528 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:23:38.0924 2528 Dhcp - ok 11:23:38.0955 2528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:23:38.0955 2528 discache - ok 11:23:38.0986 2528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:23:38.0986 2528 Disk - ok 11:23:39.0017 2528 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:23:39.0033 2528 Dnscache - ok 11:23:39.0080 2528 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:23:39.0080 2528 dot3svc - ok 11:23:39.0111 2528 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:23:39.0111 2528 DPS - ok 11:23:39.0158 2528 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:23:39.0158 2528 drmkaud - ok 11:23:39.0251 2528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:23:39.0267 2528 DXGKrnl - ok 11:23:39.0298 2528 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:23:39.0298 2528 EapHost - ok 11:23:39.0501 2528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:23:39.0579 2528 ebdrv - ok 11:23:39.0688 2528 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:23:39.0688 2528 EFS - ok 11:23:39.0782 2528 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:23:39.0797 2528 ehRecvr - ok 11:23:39.0829 2528 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:23:39.0829 2528 ehSched - ok 11:23:39.0907 2528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:23:39.0922 2528 elxstor - ok 11:23:39.0953 2528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:23:39.0953 2528 ErrDev - ok 11:23:40.0031 2528 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:23:40.0031 2528 EventSystem - ok 11:23:40.0094 2528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:23:40.0094 2528 exfat - ok 11:23:40.0125 2528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:23:40.0141 2528 fastfat - ok 11:23:40.0203 2528 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:23:40.0219 2528 Fax - ok 11:23:40.0250 2528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:23:40.0250 2528 fdc - ok 11:23:40.0281 2528 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:23:40.0281 2528 fdPHost - ok 11:23:40.0297 2528 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:23:40.0297 2528 FDResPub - ok 11:23:40.0328 2528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:23:40.0328 2528 FileInfo - ok 11:23:40.0328 2528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:23:40.0328 2528 Filetrace - ok 11:23:40.0359 2528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:23:40.0359 2528 flpydisk - ok 11:23:40.0421 2528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:23:40.0437 2528 FltMgr - ok 11:23:40.0531 2528 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:23:40.0546 2528 FontCache - ok 11:23:40.0655 2528 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:23:40.0655 2528 FontCache3.0.0.0 - ok 11:23:40.0702 2528 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:23:40.0702 2528 FsDepends - ok 11:23:40.0733 2528 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 11:23:40.0733 2528 fssfltr - ok 11:23:40.0936 2528 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 11:23:40.0999 2528 fsssvc - ok 11:23:41.0123 2528 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:23:41.0139 2528 Fs_Rec - ok 11:23:41.0186 2528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:23:41.0186 2528 fvevol - ok 11:23:41.0248 2528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:23:41.0248 2528 gagp30kx - ok 11:23:41.0326 2528 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:23:41.0342 2528 gpsvc - ok 11:23:41.0420 2528 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:23:41.0435 2528 gupdate - ok 11:23:41.0482 2528 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:23:41.0482 2528 gupdatem - ok 11:23:41.0498 2528 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:23:41.0498 2528 gusvc - ok 11:23:41.0529 2528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:23:41.0529 2528 hcw85cir - ok 11:23:41.0607 2528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:23:41.0623 2528 HdAudAddService - ok 11:23:41.0654 2528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:23:41.0654 2528 HDAudBus - ok 11:23:41.0701 2528 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys 11:23:41.0701 2528 HECIx64 - ok 11:23:41.0732 2528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:23:41.0732 2528 HidBatt - ok 11:23:41.0779 2528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:23:41.0779 2528 HidBth - ok 11:23:41.0794 2528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:23:41.0810 2528 HidIr - ok 11:23:41.0825 2528 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 11:23:41.0825 2528 hidserv - ok 11:23:41.0872 2528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:23:41.0872 2528 HidUsb - ok 11:23:41.0919 2528 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:23:41.0919 2528 hkmsvc - ok 11:23:41.0966 2528 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:23:41.0981 2528 HomeGroupListener - ok 11:23:42.0028 2528 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:23:42.0044 2528 HomeGroupProvider - ok 11:23:42.0091 2528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:23:42.0091 2528 HpSAMD - ok 11:23:42.0169 2528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:23:42.0169 2528 HTTP - ok 11:23:42.0200 2528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:23:42.0200 2528 hwpolicy - ok 11:23:42.0262 2528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:23:42.0262 2528 i8042prt - ok 11:23:42.0340 2528 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys 11:23:42.0340 2528 iaStor - ok 11:23:42.0418 2528 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 11:23:42.0418 2528 IAStorDataMgrSvc - ok 11:23:42.0496 2528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:23:42.0496 2528 iaStorV - ok 11:23:42.0637 2528 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:23:42.0668 2528 idsvc - ok 11:23:43.0089 2528 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:23:43.0261 2528 igfx - ok 11:23:43.0401 2528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:23:43.0401 2528 iirsp - ok 11:23:43.0479 2528 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:23:43.0510 2528 IKEEXT - ok 11:23:43.0604 2528 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 11:23:43.0604 2528 Impcd - ok 11:23:43.0791 2528 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys 11:23:43.0822 2528 IntcAzAudAddService - ok 11:23:43.0978 2528 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:23:43.0978 2528 IntcDAud - ok 11:23:44.0025 2528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:23:44.0025 2528 intelide - ok 11:23:44.0072 2528 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 11:23:44.0072 2528 intelppm - ok 11:23:44.0103 2528 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:23:44.0103 2528 IPBusEnum - ok 11:23:44.0150 2528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:23:44.0150 2528 IpFilterDriver - ok 11:23:44.0212 2528 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 11:23:44.0228 2528 iphlpsvc - ok 11:23:44.0275 2528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:23:44.0275 2528 IPMIDRV - ok 11:23:44.0321 2528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:23:44.0321 2528 IPNAT - ok 11:23:44.0337 2528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:23:44.0337 2528 IRENUM - ok 11:23:44.0368 2528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:23:44.0368 2528 isapnp - ok 11:23:44.0431 2528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:23:44.0431 2528 iScsiPrt - ok 11:23:44.0477 2528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:23:44.0477 2528 kbdclass - ok 11:23:44.0509 2528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:23:44.0509 2528 kbdhid - ok 11:23:44.0555 2528 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:44.0555 2528 KeyIso - ok 11:23:44.0587 2528 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 11:23:44.0587 2528 KSecDD - ok 11:23:44.0633 2528 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 11:23:44.0633 2528 KSecPkg - ok 11:23:44.0680 2528 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:23:44.0680 2528 ksthunk - ok 11:23:44.0743 2528 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:23:44.0758 2528 KtmRm - ok 11:23:44.0821 2528 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 11:23:44.0836 2528 LanmanServer - ok 11:23:44.0867 2528 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:23:44.0867 2528 LanmanWorkstation - ok 11:23:44.0914 2528 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:23:44.0914 2528 lltdio - ok 11:23:44.0977 2528 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:23:44.0992 2528 lltdsvc - ok 11:23:45.0023 2528 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:23:45.0023 2528 lmhosts - ok 11:23:45.0117 2528 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 11:23:45.0148 2528 LMS - ok 11:23:45.0195 2528 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:23:45.0195 2528 LSI_FC - ok 11:23:45.0226 2528 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:23:45.0226 2528 LSI_SAS - ok 11:23:45.0273 2528 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:23:45.0273 2528 LSI_SAS2 - ok 11:23:45.0320 2528 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:23:45.0320 2528 LSI_SCSI - ok 11:23:45.0367 2528 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:23:45.0367 2528 luafv - ok 11:23:45.0445 2528 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 11:23:45.0445 2528 MBAMProtector - ok 11:23:45.0523 2528 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:23:45.0554 2528 MBAMService - ok 11:23:45.0694 2528 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0694 2528 McAfee SiteAdvisor Service - ok 11:23:45.0710 2528 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0710 2528 McMPFSvc - ok 11:23:45.0741 2528 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0741 2528 mcmscsvc - ok 11:23:45.0741 2528 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0741 2528 McNaiAnn - ok 11:23:45.0741 2528 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0757 2528 McNASvc - ok 11:23:45.0835 2528 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe 11:23:45.0850 2528 McODS - ok 11:23:45.0866 2528 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0866 2528 McProxy - ok 11:23:45.0944 2528 McShield (597c77235621e7ddd32a68574fde6464) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 11:23:45.0944 2528 McShield - ok 11:23:46.0069 2528 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:23:46.0069 2528 Mcx2Svc - ok 11:23:46.0100 2528 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:23:46.0100 2528 megasas - ok 11:23:46.0162 2528 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:23:46.0162 2528 MegaSR - ok 11:23:46.0225 2528 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys 11:23:46.0225 2528 mfeapfk - ok 11:23:46.0287 2528 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys 11:23:46.0287 2528 mfeavfk - ok 11:23:46.0318 2528 mfefire (134bb16f93a07c2c89b0b9c399382bdb) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 11:23:46.0334 2528 mfefire - ok 11:23:46.0381 2528 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys 11:23:46.0396 2528 mfefirek - ok 11:23:46.0474 2528 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys 11:23:46.0474 2528 mfehidk - ok 11:23:46.0521 2528 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys 11:23:46.0521 2528 mfenlfk - ok 11:23:46.0568 2528 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys 11:23:46.0583 2528 mferkdet - ok 11:23:46.0630 2528 mfevtp (4d0ecd05abb518ea323f651f4ab8458f) C:\Windows\system32\mfevtps.exe 11:23:46.0630 2528 mfevtp - ok 11:23:46.0724 2528 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys 11:23:46.0724 2528 mfewfpk - ok 11:23:46.0771 2528 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:23:46.0771 2528 MMCSS - ok 11:23:46.0817 2528 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:23:46.0817 2528 Modem - ok 11:23:46.0833 2528 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:23:46.0833 2528 monitor - ok 11:23:46.0864 2528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:23:46.0880 2528 mouclass - ok 11:23:46.0911 2528 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:23:46.0911 2528 mouhid - ok 11:23:46.0958 2528 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:23:46.0958 2528 mountmgr - ok 11:23:46.0989 2528 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:23:46.0989 2528 mpio - ok 11:23:47.0020 2528 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:23:47.0020 2528 mpsdrv - ok 11:23:47.0098 2528 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 11:23:47.0114 2528 MpsSvc - ok 11:23:47.0145 2528 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:23:47.0145 2528 MRxDAV - ok 11:23:47.0192 2528 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:23:47.0192 2528 mrxsmb - ok 11:23:47.0239 2528 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:23:47.0239 2528 mrxsmb10 - ok 11:23:47.0270 2528 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:23:47.0270 2528 mrxsmb20 - ok 11:23:47.0301 2528 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:23:47.0317 2528 msahci - ok 11:23:47.0332 2528 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:23:47.0332 2528 msdsm - ok 11:23:47.0379 2528 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:23:47.0379 2528 MSDTC - ok 11:23:47.0426 2528 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:23:47.0426 2528 Msfs - ok 11:23:47.0441 2528 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:23:47.0441 2528 mshidkmdf - ok 11:23:47.0473 2528 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:23:47.0473 2528 msisadrv - ok 11:23:47.0535 2528 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:23:47.0535 2528 MSiSCSI - ok 11:23:47.0551 2528 msiserver - ok 11:23:47.0660 2528 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:47.0660 2528 MSK80Service - ok 11:23:47.0707 2528 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:23:47.0707 2528 MSKSSRV - ok 11:23:47.0738 2528 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:23:47.0738 2528 MSPCLOCK - ok 11:23:47.0753 2528 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:23:47.0753 2528 MSPQM - ok 11:23:47.0800 2528 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:23:47.0816 2528 MsRPC - ok 11:23:47.0831 2528 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:23:47.0831 2528 mssmbios - ok 11:23:47.0847 2528 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:23:47.0847 2528 MSTEE - ok 11:23:47.0878 2528 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:23:47.0878 2528 MTConfig - ok 11:23:47.0909 2528 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:23:47.0909 2528 Mup - ok 11:23:47.0972 2528 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:23:47.0972 2528 napagent - ok 11:23:48.0019 2528 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:23:48.0034 2528 NativeWifiP - ok 11:23:48.0128 2528 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:23:48.0143 2528 NDIS - ok 11:23:48.0175 2528 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:23:48.0175 2528 NdisCap - ok 11:23:48.0221 2528 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:23:48.0221 2528 NdisTapi - ok 11:23:48.0284 2528 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:23:48.0284 2528 Ndisuio - ok 11:23:48.0331 2528 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:23:48.0331 2528 NdisWan - ok 11:23:48.0362 2528 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:23:48.0362 2528 NDProxy - ok 11:23:48.0393 2528 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:23:48.0393 2528 NetBIOS - ok 11:23:48.0440 2528 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:23:48.0455 2528 NetBT - ok 11:23:48.0471 2528 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:48.0471 2528 Netlogon - ok 11:23:48.0549 2528 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:23:48.0565 2528 Netman - ok 11:23:48.0596 2528 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:23:48.0596 2528 netprofm - ok 11:23:48.0689 2528 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:23:48.0705 2528 NetTcpPortSharing - ok 11:23:48.0736 2528 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:23:48.0736 2528 nfrd960 - ok 11:23:48.0783 2528 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:23:48.0814 2528 NlaSvc - ok 11:23:48.0845 2528 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:23:48.0845 2528 Npfs - ok 11:23:48.0877 2528 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:23:48.0877 2528 nsi - ok 11:23:48.0892 2528 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:23:48.0892 2528 nsiproxy - ok 11:23:49.0064 2528 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:23:49.0095 2528 Ntfs - ok 11:23:49.0220 2528 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:23:49.0220 2528 Null - ok 11:23:49.0282 2528 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:23:49.0282 2528 nvraid - ok 11:23:49.0313 2528 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:23:49.0313 2528 nvstor - ok 11:23:49.0345 2528 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:23:49.0345 2528 nv_agp - ok 11:23:49.0469 2528 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 11:23:49.0469 2528 odserv - ok 11:23:49.0516 2528 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:23:49.0516 2528 ohci1394 - ok 11:23:49.0563 2528 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:23:49.0579 2528 ose - ok 11:23:49.0610 2528 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:23:49.0610 2528 p2pimsvc - ok 11:23:49.0657 2528 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:23:49.0657 2528 p2psvc - ok 11:23:49.0703 2528 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:23:49.0703 2528 Parport - ok 11:23:49.0750 2528 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 11:23:49.0766 2528 partmgr - ok 11:23:49.0781 2528 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:23:49.0797 2528 PcaSvc - ok 11:23:49.0828 2528 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:23:49.0828 2528 pci - ok 11:23:49.0859 2528 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:23:49.0859 2528 pciide - ok 11:23:49.0906 2528 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:23:49.0922 2528 pcmcia - ok 11:23:49.0937 2528 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:23:49.0953 2528 pcw - ok 11:23:50.0000 2528 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:23:50.0015 2528 PEAUTH - ok 11:23:50.0093 2528 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:23:50.0109 2528 PerfHost - ok 11:23:50.0218 2528 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:23:50.0249 2528 pla - ok 11:23:50.0327 2528 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:23:50.0327 2528 PlugPlay - ok 11:23:50.0515 2528 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 11:23:50.0577 2528 PMBDeviceInfoProvider - ok 11:23:50.0608 2528 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:23:50.0608 2528 PNRPAutoReg - ok 11:23:50.0655 2528 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:23:50.0655 2528 PNRPsvc - ok 11:23:50.0717 2528 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:23:50.0733 2528 PolicyAgent - ok 11:23:50.0764 2528 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 11:23:50.0764 2528 Power - ok 11:23:50.0842 2528 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:23:50.0842 2528 PptpMiniport - ok 11:23:50.0873 2528 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:23:50.0873 2528 Processor - ok 11:23:50.0936 2528 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 11:23:50.0951 2528 ProfSvc - ok 11:23:50.0983 2528 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:50.0998 2528 ProtectedStorage - ok 11:23:51.0045 2528 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:23:51.0045 2528 Psched - ok 11:23:51.0076 2528 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys 11:23:51.0076 2528 PxHlpa64 - ok 11:23:51.0217 2528 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:23:51.0232 2528 ql2300 - ok 11:23:51.0373 2528 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:23:51.0388 2528 ql40xx - ok 11:23:51.0419 2528 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:23:51.0435 2528 QWAVE - ok 11:23:51.0451 2528 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:23:51.0451 2528 QWAVEdrv - ok 11:23:51.0466 2528 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:23:51.0482 2528 RasAcd - ok 11:23:51.0529 2528 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:23:51.0529 2528 RasAgileVpn - ok 11:23:51.0560 2528 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:23:51.0560 2528 RasAuto - ok 11:23:51.0607 2528 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:23:51.0607 2528 Rasl2tp - ok 11:23:51.0638 2528 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:23:51.0653 2528 RasMan - ok 11:23:51.0685 2528 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:23:51.0685 2528 RasPppoe - ok 11:23:51.0716 2528 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:23:51.0716 2528 RasSstp - ok 11:23:51.0778 2528 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:23:51.0794 2528 rdbss - ok 11:23:51.0809 2528 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:23:51.0809 2528 rdpbus - ok 11:23:51.0841 2528 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:23:51.0841 2528 RDPCDD - ok 11:23:51.0872 2528 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:23:51.0872 2528 RDPENCDD - ok 11:23:51.0872 2528 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:23:51.0872 2528 RDPREFMP - ok 11:23:51.0903 2528 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 11:23:51.0919 2528 RDPWD - ok 11:23:51.0965 2528 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:23:51.0981 2528 rdyboost - ok 11:23:52.0012 2528 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:23:52.0012 2528 RemoteAccess - ok 11:23:52.0059 2528 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:23:52.0059 2528 RemoteRegistry - ok 11:23:52.0121 2528 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 11:23:52.0121 2528 RFCOMM - ok 11:23:52.0184 2528 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys 11:23:52.0184 2528 rimspci - ok 11:23:52.0215 2528 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys 11:23:52.0215 2528 risdsnpe - ok 11:23:52.0340 2528 Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe 11:23:52.0355 2528 Roxio UPnP Renderer 10 - ok 11:23:52.0387 2528 Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe 11:23:52.0402 2528 Roxio Upnp Server 10 - ok 11:23:52.0433 2528 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:23:52.0449 2528 RpcEptMapper - ok 11:23:52.0496 2528 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:23:52.0496 2528 RpcLocator - ok 11:23:52.0543 2528 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:23:52.0558 2528 RpcSs - ok 11:23:52.0636 2528 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:23:52.0636 2528 rspndr - ok 11:23:52.0699 2528 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys 11:23:52.0714 2528 RTHDMIAzAudService - ok 11:23:52.0808 2528 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:52.0808 2528 SamSs - ok 11:23:52.0839 2528 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:23:52.0839 2528 sbp2port - ok 11:23:52.0886 2528 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:23:52.0901 2528 SCardSvr - ok 11:23:52.0933 2528 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:23:52.0933 2528 scfilter - ok 11:23:53.0026 2528 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:23:53.0042 2528 Schedule - ok 11:23:53.0073 2528 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:23:53.0089 2528 SCPolicySvc - ok 11:23:53.0135 2528 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 11:23:53.0151 2528 sdbus - ok 11:23:53.0198 2528 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:23:53.0198 2528 SDRSVC - ok 11:23:53.0229 2528 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:23:53.0229 2528 secdrv - ok 11:23:53.0260 2528 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:23:53.0260 2528 seclogon - ok 11:23:53.0291 2528 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:23:53.0307 2528 SENS - ok 11:23:53.0338 2528 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:23:53.0338 2528 SensrSvc - ok 11:23:53.0385 2528 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:23:53.0385 2528 Serenum - ok 11:23:53.0401 2528 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:23:53.0401 2528 Serial - ok 11:23:53.0432 2528 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:23:53.0432 2528 sermouse - ok 11:23:53.0479 2528 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:23:53.0479 2528 SessionEnv - ok 11:23:53.0510 2528 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys 11:23:53.0510 2528 SFEP - ok 11:23:53.0541 2528 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:23:53.0541 2528 sffdisk - ok 11:23:53.0572 2528 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:23:53.0572 2528 sffp_mmc - ok 11:23:53.0588 2528 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:23:53.0588 2528 sffp_sd - ok 11:23:53.0635 2528 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:23:53.0635 2528 sfloppy - ok 11:23:53.0697 2528 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 11:23:53.0713 2528 SharedAccess - ok 11:23:53.0775 2528 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:23:53.0791 2528 ShellHWDetection - ok 11:23:53.0822 2528 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:23:53.0822 2528 SiSRaid2 - ok 11:23:53.0853 2528 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:23:53.0853 2528 SiSRaid4 - ok 11:23:53.0900 2528 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:23:53.0900 2528 Smb - ok 11:23:53.0962 2528 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:23:53.0962 2528 SNMPTRAP - ok 11:23:54.0056 2528 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 11:23:54.0071 2528 SOHCImp - ok 11:23:54.0087 2528 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe 11:23:54.0087 2528 SOHDBSvr - ok 11:23:54.0134 2528 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 11:23:54.0149 2528 SOHDms - ok 11:23:54.0181 2528 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 11:23:54.0181 2528 SOHDs - ok 11:23:54.0196 2528 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe 11:23:54.0212 2528 SOHPlMgr - ok 11:23:54.0243 2528 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:23:54.0243 2528 spldr - ok 11:23:54.0321 2528 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:23:54.0337 2528 Spooler - ok 11:23:54.0602 2528 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:23:54.0680 2528 sppsvc - ok 11:23:54.0789 2528 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:23:54.0805 2528 sppuinotify - ok 11:23:54.0867 2528 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:23:54.0914 2528 srv - ok 11:23:54.0992 2528 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:23:55.0039 2528 srv2 - ok 11:23:55.0054 2528 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:23:55.0070 2528 srvnet - ok 11:23:55.0117 2528 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:23:55.0132 2528 SSDPSRV - ok 11:23:55.0148 2528 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:23:55.0148 2528 SstpSvc - ok 11:23:55.0179 2528 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:23:55.0179 2528 stexstor - ok 11:23:55.0241 2528 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:23:55.0257 2528 stisvc - ok 11:23:55.0288 2528 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:23:55.0288 2528 swenum - ok 11:23:55.0522 2528 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 11:23:55.0522 2528 SwitchBoard - ok 11:23:55.0600 2528 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:23:55.0616 2528 swprv - ok 11:23:55.0756 2528 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:23:55.0787 2528 SysMain - ok 11:23:55.0897 2528 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:23:55.0897 2528 TabletInputService - ok 11:23:56.0053 2528 TabletService (fda7fb3830cc7cf5c809f976a57cef6d) C:\Windows\system32\Tablet.exe 11:23:56.0084 2528 TabletService - ok 11:23:56.0209 2528 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:23:56.0224 2528 TapiSrv - ok 11:23:56.0255 2528 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:23:56.0255 2528 TBS - ok 11:23:56.0443 2528 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 11:23:56.0474 2528 Tcpip - ok 11:23:56.0755 2528 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 11:23:56.0755 2528 TCPIP6 - ok 11:23:56.0957 2528 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:23:56.0957 2528 tcpipreg - ok 11:23:56.0989 2528 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:23:56.0989 2528 TDPIPE - ok 11:23:57.0020 2528 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:23:57.0020 2528 TDTCP - ok 11:23:57.0067 2528 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:23:57.0067 2528 tdx - ok 11:23:57.0098 2528 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:23:57.0098 2528 TermDD - ok 11:23:57.0160 2528 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:23:57.0176 2528 TermService - ok 11:23:57.0191 2528 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:23:57.0191 2528 Themes - ok 11:23:57.0223 2528 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:23:57.0223 2528 THREADORDER - ok 11:23:57.0254 2528 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:23:57.0254 2528 TrkWks - ok 11:23:57.0301 2528 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:23:57.0316 2528 TrustedInstaller - ok 11:23:57.0347 2528 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:23:57.0347 2528 tssecsrv - ok 11:23:57.0394 2528 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:23:57.0394 2528 TsUsbFlt - ok 11:23:57.0441 2528 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:23:57.0441 2528 tunnel - ok 11:23:57.0488 2528 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:23:57.0488 2528 uagp35 - ok 11:23:57.0550 2528 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 11:23:57.0550 2528 uCamMonitor - ok 11:23:57.0613 2528 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:23:57.0628 2528 udfs - ok 11:23:57.0675 2528 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:23:57.0675 2528 UI0Detect - ok 11:23:57.0706 2528 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:23:57.0706 2528 uliagpkx - ok 11:23:57.0753 2528 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 11:23:57.0753 2528 umbus - ok 11:23:57.0784 2528 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:23:57.0784 2528 UmPass - ok 11:23:57.0987 2528 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 11:23:58.0018 2528 UNS - ok 11:23:58.0159 2528 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:23:58.0174 2528 upnphost - ok 11:23:58.0237 2528 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:23:58.0237 2528 usbccgp - ok 11:23:58.0268 2528 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:23:58.0283 2528 usbcir - ok 11:23:58.0283 2528 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:23:58.0299 2528 usbehci - ok 11:23:58.0330 2528 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:23:58.0346 2528 usbhub - ok 11:23:58.0377 2528 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:23:58.0393 2528 usbohci - ok 11:23:58.0439 2528 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:23:58.0439 2528 usbprint - ok 11:23:58.0471 2528 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:23:58.0471 2528 usbscan - ok 11:23:58.0517 2528 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:23:58.0517 2528 USBSTOR - ok 11:23:58.0564 2528 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:23:58.0564 2528 usbuhci - ok 11:23:58.0611 2528 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 11:23:58.0627 2528 usbvideo - ok 11:23:58.0642 2528 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:23:58.0642 2528 UxSms - ok 11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service - ok 11:23:58.0861 2528 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe 11:23:58.0876 2528 VAIO Event Service - ok 11:23:59.0032 2528 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 11:23:59.0048 2528 VAIO Power Management - ok 11:23:59.0095 2528 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:59.0095 2528 VaultSvc - ok 11:23:59.0204 2528 VCFw (6a740f5ff3246c3be3dd317299efc88e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 11:23:59.0219 2528 VCFw - ok 11:23:59.0313 2528 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 11:23:59.0329 2528 VcmIAlzMgr - ok 11:23:59.0391 2528 VcmINSMgr (9d9b34b430b4dc683112f59c80d20ab8) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 11:23:59.0407 2528 VcmINSMgr - ok 11:23:59.0500 2528 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 11:23:59.0500 2528 VcmXmlIfHelper - ok 11:23:59.0578 2528 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe 11:23:59.0578 2528 VCService - ok 11:23:59.0703 2528 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:23:59.0703 2528 vdrvroot - ok 11:23:59.0765 2528 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:23:59.0781 2528 vds - ok 11:23:59.0828 2528 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:23:59.0828 2528 vga - ok 11:23:59.0843 2528 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:23:59.0843 2528 VgaSave - ok 11:23:59.0906 2528 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:23:59.0906 2528 vhdmp - ok 11:23:59.0937 2528 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:23:59.0937 2528 viaide - ok 11:23:59.0984 2528 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:23:59.0984 2528 volmgr - ok 11:24:00.0031 2528 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:24:00.0031 2528 volmgrx - ok 11:24:00.0093 2528 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:24:00.0109 2528 volsnap - ok 11:24:00.0155 2528 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:24:00.0155 2528 vsmraid - ok 11:24:00.0358 2528 VSNService (33655f6b36aa8702960ab1568ed82a01) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 11:24:00.0374 2528 VSNService - ok 11:24:00.0514 2528 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:24:00.0577 2528 VSS - ok 11:24:00.0811 2528 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 11:24:00.0826 2528 VUAgent - ok 11:24:00.0951 2528 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:24:00.0951 2528 vwifibus - ok 11:24:00.0998 2528 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:24:00.0998 2528 vwififlt - ok 11:24:01.0091 2528 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 11:24:01.0091 2528 VzCdbSvc - ok 11:24:01.0138 2528 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:24:01.0154 2528 W32Time - ok 11:24:01.0201 2528 wacommousefilter (b91a4688b5ac49328f1159a97e914d58) C:\Windows\system32\DRIVERS\wacommousefilter.sys 11:24:01.0201 2528 wacommousefilter - ok 11:24:01.0247 2528 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:24:01.0247 2528 WacomPen - ok 11:24:01.0279 2528 wacomvhid (79ff5ff4a64c8e9f6e0929aa53d9920b) C:\Windows\system32\DRIVERS\wacomvhid.sys 11:24:01.0279 2528 wacomvhid - ok 11:24:01.0325 2528 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:24:01.0325 2528 WANARP - ok 11:24:01.0341 2528 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:24:01.0341 2528 Wanarpv6 - ok 11:24:01.0466 2528 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 11:24:01.0481 2528 WatAdminSvc - ok 11:24:01.0606 2528 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:24:01.0637 2528 wbengine - ok 11:24:01.0778 2528 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:24:01.0793 2528 WbioSrvc - ok 11:24:01.0840 2528 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:24:01.0856 2528 wcncsvc - ok 11:24:01.0871 2528 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:24:01.0871 2528 WcsPlugInService - ok 11:24:01.0918 2528 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:24:01.0918 2528 Wd - ok 11:24:01.0981 2528 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:24:01.0996 2528 Wdf01000 - ok 11:24:02.0012 2528 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:24:02.0027 2528 WdiServiceHost - ok 11:24:02.0027 2528 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:24:02.0027 2528 WdiSystemHost - ok 11:24:02.0074 2528 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:24:02.0074 2528 WebClient - ok 11:24:02.0105 2528 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:24:02.0121 2528 Wecsvc - ok 11:24:02.0137 2528 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:24:02.0137 2528 wercplsupport - ok 11:24:02.0168 2528 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:24:02.0168 2528 WerSvc - ok 11:24:02.0230 2528 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:24:02.0230 2528 WfpLwf - ok 11:24:02.0246 2528 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:24:02.0246 2528 WIMMount - ok 11:24:02.0308 2528 WinDefend - ok 11:24:02.0308 2528 WinHttpAutoProxySvc - ok 11:24:02.0355 2528 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:24:02.0371 2528 Winmgmt - ok 11:24:02.0542 2528 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:24:02.0605 2528 WinRM - ok 11:24:02.0745 2528 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:24:02.0745 2528 WinUsb - ok 11:24:02.0823 2528 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:24:02.0839 2528 Wlansvc - ok 11:24:03.0073 2528 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:24:03.0104 2528 wlidsvc - ok 11:24:03.0244 2528 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:24:03.0244 2528 WmiAcpi - ok 11:24:03.0322 2528 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:24:03.0322 2528 wmiApSrv - ok 11:24:03.0400 2528 WMPNetworkSvc - ok 11:24:03.0431 2528 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:24:03.0431 2528 WPCSvc - ok 11:24:03.0478 2528 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:24:03.0478 2528 WPDBusEnum - ok 11:24:03.0509 2528 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:24:03.0509 2528 ws2ifsl - ok 11:24:03.0525 2528 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 11:24:03.0525 2528 wscsvc - ok 11:24:03.0541 2528 WSearch - ok 11:24:03.0728 2528 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 11:24:03.0743 2528 wuauserv - ok 11:24:03.0899 2528 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:24:03.0899 2528 WudfPf - ok 11:24:03.0931 2528 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:24:03.0931 2528 WUDFRd - ok 11:24:03.0977 2528 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:24:03.0977 2528 wudfsvc - ok 11:24:04.0009 2528 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:24:04.0024 2528 WwanSvc - ok 11:24:04.0102 2528 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 11:24:04.0102 2528 yukonw7 - ok 11:24:04.0133 2528 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:24:04.0367 2528 \Device\Harddisk0\DR0 - ok 11:24:04.0383 2528 Boot (0x1200) (583885de7a3d8b8bc47410dd489b64fa) \Device\Harddisk0\DR0\Partition0 11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition0 - ok 11:24:04.0383 2528 Boot (0x1200) (613de3d6af3ec8dd7d3da0e98d4ca9e0) \Device\Harddisk0\DR0\Partition1 11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition1 - ok 11:24:04.0383 2528 ============================================================ 11:24:04.0383 2528 Scan finished 11:24:04.0383 2528 ============================================================ 11:24:04.0399 2752 Detected object count: 0 11:24:04.0399 2752 Actual detected object count: 0 11:24:41.0199 3092 Deinitialize success
-
Detta var vad jag fick fram från DDS. Körde den i felsäkert läge, vet inte om det spelar någon roll.
-
. DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK Internet Explorer: 9.0.8112.16421 Run by Emma at 9:50:28 on 2012-08-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.3237 [GMT 2:00] . AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\mfevtps.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 mStart Page = hxxp://search.myheritage.com uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - C:\Program Files (x86)\Celebrity Toolbar\tbhelper.dll uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: CMySite Class: {d62ec836-bf1e-4cac-81be-fb9179835d8e} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll TB: Celebrity Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [sansaDispatch] C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [AdobeBridge] mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll {0C37B053-FD68-456a-82E1-D788EE342E6F} {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {7DB2D5A0-7241-4E79-B68D-6309F01C5231} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {AA58ED58-01DD-4d91-8333-CF10577473F7} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} {DBC80044-A445-435b-BC74-9C25C1C588A9} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} {2318C2B1-4965-11d4-9B18-009027A5CD4F} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 78.46.61.26 www.google-analytics.com. Hosts: 78.46.61.26 ad-emea.doubleclick.net. Hosts: 78.46.61.26 www.statcounter.com. Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192] S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960] S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920] S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776] S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568] S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736] S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] . =============== Created Last 30 ================ . 2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe 2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe 2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe 2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe 2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix 2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes 2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-02 15:26:44 454656 ----a-w- C:\Users\Emma\AppData\Local\eodpmun.exe 2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM 2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll . ==================== Find3M ==================== . 2012-07-28 11:43:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-28 11:43:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe . ============= FINISH: 9:51:52,28 =============== Attach.zip
-
Hej! Fick precis också Security Shield på dator, och har panik - får inte bort det. Har redan försökt med den här guiden, http://www.bleepingcomputer.com/virus-removal/remove-security-shield, men det funkade inte :/ Någon snäll och kunnig människa som kan hjälpa mig?
