Ir ao conteúdo
  • Cadastre-se
acmez

Como remover o malware brasil-pesquisa?

Recommended Posts

Olá pessoal,

Alguém poderia me ajudar a remover o malware mencionado no título? Ele não está interferindo na minha página inicial, mas interfere quando faço pesquisas na barra de endereços do Google Chrome.

Notei que algumas coisas mencionadas em outros posts deste malware tem acontecido comigo também, como atalhos no lugar de arquivos quando utilizo meu hd externo e demora para iniciar e desligar o meu notebook.

Lendo as instruções desta seção, não consegui rodar o GMER (ele faz que vai abrir, mas fecha em seguida).

Abaixo o log do meu DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.15.2

Run by ACMEZ13 at 13:27:07 on 2013-07-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3998.2417 [GMT -3:00]

.

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\dlcxcoms.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Skype\Updater\Updater.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\userinit.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe

C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe

C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe

C:\Windows\System32\WScript.exe

C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Users\ACMEZ13\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://brasil-pesquisa.pw/r.asp#

uDefault_Page_URL = hxxp://sony.msn.com

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: GbIehObj Class: {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "BR35HFD1C105Y8:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1

uRun: [0345] C:\Users\ACMEZ13\AppData\Roaming\15531\0345.js

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot

mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

StartupFolder: C:\Users\ACMEZ13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\550.js

StartupFolder: C:\Users\ACMEZ13\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\ACMEZ13\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:189

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:189

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

TCP: NameServer = 201.17.0.85 201.17.0.55 201.6.4.116

TCP: Interfaces\{639E1F2D-43E1-4C08-9486-BE1F5EEEE98C} : DHCPNameServer = 10.100.1.6

TCP: Interfaces\{BAC0D688-24B2-47D8-A099-D07BFCC13115} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{DB6D6C3B-77E6-45EF-8DB2-28014B1985B0} : DHCPNameServer = 201.17.0.85 201.17.0.55 201.6.4.116

TCP: Interfaces\{DB6D6C3B-77E6-45EF-8DB2-28014B1985B0}\07F6C6F6D26727 : DHCPNameServer = 10.8.1.1 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll

SSODL: WebCheck - <orphaned>

SEH: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe"

x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe"

x64-Run: [DLCXCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-5-15 45856]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-1-19 106144]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]

R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]

R2 dlcx_device;dlcx_device;C:\Windows\System32\dlcxcoms.exe -service --> C:\Windows\System32\dlcxcoms.exe -service [?]

R2 GbpSv;Gbp Service;C:\PROGRA~2\GbPlugin\GbpSv.exe [2013-7-1 409144]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-8-6 121344]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-6 161560]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-7-12 3289472]

R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]

R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-1-19 158880]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-8-6 19968]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-1-19 36000]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-1-19 339616]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-1-19 110752]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-1-19 30368]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-1-19 167584]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-1-19 68256]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-1-19 280992]

R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-1-19 421664]

R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-1-19 550560]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-19 331264]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 787736]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-17 565352]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-16 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-6 13592]

S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-8-6 2429544]

S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]

S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2012-8-6 105024]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-6 363800]

S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-8-6 535688]

S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-8-6 978056]

S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-8-6 112256]

S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-8-6 340072]

S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]

S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]

S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]

S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-20 54432]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-9 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-07-27 16:12:07 -------- d-----w- C:\Users\ACMEZ13\AppData\Local\Bundled software uninstaller

2013-07-24 19:40:19 -------- d-----w- C:\Windows\System32\MRT

2013-07-22 22:46:16 -------- d-sh--w- C:\Users\ACMEZ13\AppData\Roaming\15531

2013-07-22 22:46:16 -------- d-sh--w- C:\14d6

2013-07-15 16:51:22 -------- d-----w- C:\Users\ACMEZ13\AppData\Local\{573F9530-CE37-4403-95D6-7AE6DF884297}

2013-07-11 17:18:40 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-07-11 17:18:39 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-07-04 15:31:22 -------- dc-h--w- C:\ProgramData\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}

2013-07-03 20:39:41 -------- d-----w- C:\ProgramData\GAS Tecnologia

2013-07-01 20:11:15 31088 ----a-w- C:\Windows\SysWow64\drivers\gbpndisrd.sys

.

==================== Find3M ====================

.

2013-06-26 19:55:26 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-06-14 22:27:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-14 22:27:59 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-05-28 03:20:11 795197 ----a-w- C:\ProgramData\SPLBF87.tmp

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-05-02 05:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 13:27:26,40 ===============

Agora o DDS attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 07/09/2012 13:47:26

System Uptime: 27/07/2013 13:25:41 (0 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core i5-3317U CPU @ 1.70GHz | N/A | 1701/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 393,159 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP216: 17/07/2013 21:10:51 - Software Distribution Service 3.0

RP217: 19/07/2013 00:37:21 - Software Distribution Service 3.0

RP218: 19/07/2013 08:13:56 - Software Distribution Service 3.0

RP219: 19/07/2013 10:38:34 - Software Distribution Service 3.0

RP220: 20/07/2013 11:58:59 - Software Distribution Service 3.0

RP221: 21/07/2013 17:28:45 - Software Distribution Service 3.0

RP222: 23/07/2013 13:53:42 - Software Distribution Service 3.0

RP223: 23/07/2013 15:04:00 - Software Distribution Service 3.0

RP224: 23/07/2013 17:18:14 - Software Distribution Service 3.0

RP225: 23/07/2013 23:37:21 - Software Distribution Service 3.0

RP226: 24/07/2013 16:40:06 - Software Distribution Service 3.0

RP227: 24/07/2013 21:14:09 - Software Distribution Service 3.0

RP228: 25/07/2013 16:00:43 - Software Distribution Service 3.0

RP229: 25/07/2013 22:16:27 - Software Distribution Service 3.0

RP230: 26/07/2013 11:19:15 - Software Distribution Service 3.0

RP231: 26/07/2013 20:02:42 - Software Distribution Service 3.0

RP232: 27/07/2013 11:45:40 - Removed Oasis2Service

RP233: 27/07/2013 13:21:22 - Removed VIP Access.

RP234: 27/07/2013 13:23:33 - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6) MUI

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Application Manager for VAIO

ArcSoft Magic-i Visual Effects 2

ArcSoft WebCam Companion 4

Atheros Bluetooth Suite (64)

AVG 2013

Bonjour

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Photo AIO Printer 926

Dropbox

Evernote v. 4.5.2

FDUx86

Google Chrome

Google Update Helper

HP Deskjet 3510 series Basic Device Software

HP Deskjet 3510 series Help

HP Deskjet 3510 series Product Improvement Study

HP FWUpdateEDO2

HP Photo Creations

HP Update

HPDiagnosticAlert

Intel® Control Center

Intel® Management Engine Components

Intel® OpenCL CPU Runtime

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® AT Service signup

Intel® Trusted Connect Service Client

Java 7 Update 15

Java 7 Update 1 (64-bit)

Junk Mail filter update

K-Lite Codec Pack 3.2.0 Full

Keyboard_Shortcuts

McAfee Security Scan Plus

Media Gallery

Media Go

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Portuguese (Brazil)) 2010

Microsoft Office Excel MUI (Portuguese (Brazil)) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (Portuguese (Brazil)) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (Portuguese (Brazil)) 2010

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010

Microsoft Office Shared MUI (Portuguese (Brazil)) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (Portuguese (Brazil)) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

PlayMemories Home

PlayReady PC Runtime amd64

PlayStation®Network Downloader

PlayStation®Store

Populus

Qualcomm Atheros Direct Connect

Qualcomm Atheros WiFi Driver Installation

Reader for PC

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

Remote Keyboard

Remote Play with PlayStation®3

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype Click to Call

Skype™ 6.1

SSLx64

SSLx86

Synaptics Pointing Device Driver

TrackID with BRAVIA

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325

VAIO - PlayMemories Home Plug-in

VAIO - Remote Keyboard

VAIO - Remote Keyboard with PlayStation®3

VAIO - Remote Play with PlayStation®3

VAIO - TrackID™ with BRAVIA

VAIO Care

VAIO Control Center

VAIO CPU Fan Diagnostic

VAIO Data Restore Tool

VAIO Easy Connect

VAIO Gate

VAIO Gate Default

VAIO Gesture Control

VAIO Help and Support

VAIO Improvement

VAIO Manual

VAIO Messenger

VAIO OOBE

VAIO Sample Contents

VAIO Satisfaction Survey.

VAIO Smart Network

VAIO Transfer Support

VAIO Update

VAIO Update Merge Module x64

VCCx64

VCCx86

VHD

Video Downloader

Video Downloader version 2.0

Visual Studio 2010 x64 Redistributables

VIx64

VIx86

VMLx86

VPMx64

VSNx64

VSNx86

VSSTx64

VSSTx86

VU5x64

VU5x86

VWSTx86

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

27/07/2013 13:24:15, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

27/07/2013 13:24:15, Error: Microsoft-Windows-WindowsUpdateClient [20] -

22/07/2013 17:33:56, Error: Service Control Manager [7043] - The wuauserv service did not shut down properly after receiving a preshutdown control.

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia as instruções contidas neste link:

Nas instruções contidas no link acima, poderá verificar quais os fóruns onde os Analistas estão devidamente habilitados a utilizar corretamente a ferramenta:"Fóruns para receber ajuda com logs do ComboFix"

  1. Faça o download do ComboFix de um dos links oficiais listados abaixo e salve no seu desktop:

[*]Temporariamente e durante a execução destas instruções, é muito importante que mantenha desabilitados os seus programas de proteção (Antivirus, Antispyware e Firewall). Reative as proteções após a execução do(s) procedimento(s) abaixo mencionado(s).[*]Duplo clique no icone desktopicon.png que está no desktop.[*]Leia e aceite as condições, digitando 1 e enter.[*]Computadores com Windows XP deverão instalar o Console de Recuperação:

  • Se o seu computador tem instalado o Windows XP e ainda não tem instalado o Console de Recuperação, por favor certifique-se que está conectado à Internet, e clique em "Sim".
  • Clique em "OK" ao EULA.
  • Quando o Console de Recuperação estiver já instalado, clique em "SIM" para continuar.

[*]O ComboFix será executado, por favor seja paciente e aguarde. [*]Atenção: Não utilize o mouse nem o teclado enquanto a ferramenta estiver sendo executada, isso pode fazer com que o computador pare.[*]Poderá surgir o aviso que é necessário reiniciar o computador.

NÃO REINICIE!!! O ComboFix reiniciará o computador automaticamente.[*]Quando a ferramenta terminar de rodar, gerará um log (o arquivo C:\ComboFix.txt). Copie e cole o conteúdo desse arquivo na sua proxima resposta.

NÃO utilize a ferramenta por conta própria. É uma ferramenta poderosa criada pra lidar com infecções sofisticadas e caso não a utilize corretamente poderá danificar o seu computador.

  • Existem vários malwares que impedem a execução correta da ferramenta e com isso danificar gravemente o computador. Analistas habilitados a utilizar o ComboFix conhecem esses casos e sabem lidar com estas situações.
  • Muitos dos Analistas não respondem a topicos em que vejam que o ComboFix foi utilizado sem supervisão.
  • Existem varias ferramentas anti-malware generalistas em que os autores ao elaborarem a programação das mesmas, estão pensando nos usuários finais e para serem usadas sem supervisão. O Combofix não é uma ferramenta desse tipo, e assim sendo e até por respeito ao autor da ferramenta, não utilize sem supervisão.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigada pela resposta Renato, mas não estou conseguindo executar o ComboFix, ele abre e fecha em seguida, tentei os dois links, mas não deu certo. Eu desabilitei o antivírus (AVG Free), não sei se estava interferindo na execução do ComboFix e GMER, tentei desinstalar mas não consegui. O malware interfere nisso também?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Reinicie em Modo de Segurança (Pressione intermitentemente F8 durante a inicialização, no menu que aparecer escolha através da seta de navegação, Modo Seguro). Tente novamente executar o ComboFix.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Renato,

No modo segurança funcionou perfeitamente, obrigada pela dica.

Envio o log do ComboFix e por via das dúvidas rodei novamente os arquivos do DDS. Seguem abaixo.

LOG ComboFix:

ComboFix 13-07-27.01 - ACMEZ13 28/07/2013 21:07:15.1.4 - x64 MINIMAL

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3998.2791 [GMT -3:00]

Running from: c:\users\ACMEZ13\Downloads\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ntuser.dat

c:\programdata\SPLBF87.tmp

c:\users\ACMEZ13\01¤ž¦««’¥©*¤¢*¨¥01.txt

c:\users\ACMEZ13\02¤ž¦««’¥©*¤¢*¨¥02.txt

c:\users\ACMEZ13\03¤ž¦««’¥©*¤¢*¨¥03.txt

c:\users\ACMEZ13\04¤ž¦««’¥©*¤¢*¨¥04.txt

c:\users\ACMEZ13\05¤ž¦««’¥©*¤¢*¨¥05.txt

c:\users\ACMEZ13\06¤ž¦««’¥©*¤¢*¨¥06.txt

c:\users\ACMEZ13\07¤ž¦««’¥©*¤¢*¨¥07.txt

c:\users\ACMEZ13\08¤ž¦««’¥© ¤¢*¨¥08.txt

c:\users\ACMEZ13\09¤ž¦««’¥©*¤¢*¨¥09.txt

c:\users\ACMEZ13\10¤ž¦««’¥©*¤¢*¨¥10.txt

c:\users\ACMEZ13\11¤ž¦««’¥©*¤¢*¨¥11.txt

c:\users\ACMEZ13\12¤ž¦««’¥© ¤¢*¨¥12.txt

c:\users\ACMEZ13\13¤ž¦««’¥© ¤¢*¨¥13.txt

c:\users\ACMEZ13\14¤ž¦««’¥© ¤¢*¨¥14.txt

c:\users\ACMEZ13\15¤ž¦««’¥© ¤¢*¨¥15.txt

c:\users\ACMEZ13\16¤ž¦««’¥© ¤¢*¨¥16.txt

c:\users\ACMEZ13\9fitrsdgwss.txt

c:\users\ACMEZ13\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DACD4D23-A1F5-4F77-92E6-5265E4AB811B}.xps

c:\users\ACMEZ13\Ask.txt

c:\users\ACMEZ13\NETZXZJXODPOSDOSOEUDS.txt

c:\users\ACMEZ13\™¨“˜›*™š™¦*™¦*big.txt

.

.

((((((((((((((((((((((((( Files Created from 2013-06-28 to 2013-07-29 )))))))))))))))))))))))))))))))

.

.

2013-07-29 00:11 . 2013-07-29 00:11 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-29 00:00 . 2013-07-29 00:04 47023 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\570.js

2013-07-27 16:12 . 2013-07-27 16:25 -------- d-----w- c:\users\ACMEZ13\AppData\Local\Bundled software uninstaller

2013-07-24 19:40 . 2013-07-24 19:41 -------- d-----w- c:\windows\system32\MRT

2013-07-22 22:46 . 2013-07-22 22:46 -------- d-----w- C:\14d6

2013-07-22 22:46 . 2013-07-22 22:46 -------- d-sh--w- c:\users\ACMEZ13\AppData\Roaming\15531

2013-07-11 17:18 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-07-11 17:18 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-07-04 15:31 . 2013-07-04 15:31 -------- dc-h--w- c:\programdata\{AA28280A-C4CA-4B4F-9DF1-593032D2F3EC}

2013-07-03 20:39 . 2013-07-03 20:39 -------- d-----w- c:\programdata\GAS Tecnologia

2013-07-01 20:11 . 2013-07-29 00:03 31088 ----a-w- c:\windows\SysWow64\drivers\gbpndisrd.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-06-24 03:57 . 2012-09-30 23:26 78277128 ----a-w- c:\windows\system32\MRT.exe

2013-06-14 22:27 . 2012-08-07 01:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-14 22:27 . 2012-08-07 01:17 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-15 16:37 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-13 06:37 . 2013-05-14 18:06 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B894C7F-9549-4840-A764-2DC4AD96BB31}\mpengine.dll

2013-05-13 05:51 . 2013-06-14 20:58 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-05-13 05:51 . 2013-06-14 20:58 1464320 ----a-w- c:\windows\system32\crypt32.dll

2013-05-13 05:51 . 2013-06-14 20:58 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-05-13 05:50 . 2013-06-14 20:58 52224 ----a-w- c:\windows\system32\certenc.dll

2013-05-13 04:45 . 2013-06-14 20:58 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-05-13 04:45 . 2013-06-14 20:58 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-05-13 04:45 . 2013-06-14 20:58 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-05-13 03:43 . 2013-06-14 20:58 1192448 ----a-w- c:\windows\system32\certutil.exe

2013-05-13 03:08 . 2013-06-14 20:58 903168 ----a-w- c:\windows\SysWow64\certutil.exe

2013-05-13 03:08 . 2013-06-14 20:58 43008 ----a-w- c:\windows\SysWow64\certenc.dll

2013-05-10 05:49 . 2013-06-14 20:59 30720 ----a-w- c:\windows\system32\cryptdlg.dll

2013-05-10 03:20 . 2013-06-14 20:59 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll

2013-05-08 06:39 . 2013-06-14 21:08 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-02 05:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-04-30 21:20 . 2013-04-30 21:20 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 648192 ----a-w- c:\windows\system32\d3d10level9.dll

2013-04-30 21:20 . 2013-04-30 21:20 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2013-04-30 21:20 . 2013-04-30 21:20 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2013-04-30 21:20 . 2013-04-30 21:20 465920 ----a-w- c:\windows\system32\WMPhoto.dll

2013-04-30 21:20 . 2013-04-30 21:20 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-04-30 21:20 . 2013-04-30 21:20 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3928064 ----a-w- c:\windows\system32\d2d1.dll

2013-04-30 21:20 . 2013-04-30 21:20 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2013-04-30 21:20 . 2013-04-30 21:20 363008 ----a-w- c:\windows\system32\dxgi.dll

2013-04-30 21:20 . 2013-04-30 21:20 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll

2013-04-30 21:20 . 2013-04-30 21:20 333312 ----a-w- c:\windows\system32\d3d10_1core.dll

2013-04-30 21:20 . 2013-04-30 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 296960 ----a-w- c:\windows\system32\d3d10core.dll

2013-04-30 21:20 . 2013-04-30 21:20 293376 ----a-w- c:\windows\SysWow64\dxgi.dll

2013-04-30 21:20 . 2013-04-30 21:20 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll

2013-04-30 21:20 . 2013-04-30 21:20 2565120 ----a-w- c:\windows\system32\d3d10warp.dll

2013-04-30 21:20 . 2013-04-30 21:20 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2013-04-30 21:20 . 2013-04-30 21:20 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2013-04-30 21:20 . 2013-04-30 21:20 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll

2013-04-30 21:20 . 2013-04-30 21:20 221184 ----a-w- c:\windows\system32\UIAnimation.dll

2013-04-30 21:20 . 2013-04-30 21:20 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll

2013-04-30 21:20 . 2013-04-30 21:20 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll

2013-04-30 21:20 . 2013-04-30 21:20 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll

2013-04-30 21:20 . 2013-04-30 21:20 194560 ----a-w- c:\windows\system32\d3d10_1.dll

2013-04-30 21:20 . 2013-04-30 21:20 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll

2013-04-30 21:20 . 2013-04-30 21:20 1682432 ----a-w- c:\windows\system32\XpsPrint.dll

2013-04-30 21:20 . 2013-04-30 21:20 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2013-04-30 21:20 . 2013-04-30 21:20 1238528 ----a-w- c:\windows\system32\d3d10.dll

2013-04-30 21:20 . 2013-04-30 21:20 1175552 ----a-w- c:\windows\system32\FntCache.dll

2013-04-30 21:20 . 2013-04-30 21:20 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2013-04-30 21:20 . 2013-04-30 21:20 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll

2013-04-30 21:20 . 2013-04-30 21:20 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-04-30 21:20 . 2013-04-30 21:20 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3510 series (NET)"="c:\program files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-24 291608]

"Intel AT Service signup"="c:\program files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe" [2012-02-15 382976]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-29 4408368]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]

.

c:\users\ACMEZ13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

570.js [2013-7-28 47023]

Dropbox.lnk - c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399008}"= "c:\program files (x86)\GbPlugin\gbiehuni.dll" [2013-06-10 1396792]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginUni]

2013-06-10 17:36 1396792 ----a-w- c:\program files (x86)\GbPlugin\gbiehuni.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys;c:\windows\SYSNATIVE\drivers\gbpkm.sys [x]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]

R2 avgwd;Watchdog do AVG;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe;c:\windows\SYSNATIVE\dlcxcoms.exe [x]

R2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe;c:\progra~2\GbPlugin\GbpSv.exe [x]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

R2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]

R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]

R2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]

R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]

R3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [x]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]

R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]

R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]

R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-07-15 16:32 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 22:27]

.

2013-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 22:27]

.

2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-15 22:27]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\ACMEZ13\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-24 1158248]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-01-19 1016992]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-01-19 800416]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-15 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-15 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-15 440600]

"dlcxmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]

"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]

"DLCXCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCXtime.dll" [2006-10-16 31744]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://brasil-pesquisa.pw/r.asp#

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 201.17.0.85 201.17.0.55 201.6.4.116

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4248028723-3899830426-3982291988-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]

@Denied: (Full) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]

"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]

"0"="Microsoft Actions Pane 3"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-07-28 21:13:25

ComboFix-quarantined-files.txt 2013-07-29 00:13

.

Pre-Run: 421.180.383.232 bytes free

Post-Run: 420.559.106.048 bytes free

.

- - End Of File - - 5EA0CAB1670B17C6111578F3C9FF7CF4

D41D8CD98F00B204E9800998ECF8427E

----------------------------------------------------------------------------------------------------------------------

[removido]

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Faça download do TDSSKiller e salve no seu desktop (área de trabalho).
  • Extraia o conteúdo no próprio desktop e tenha certeza de que o arquivo TDSSKiller.exe (o conteúdo do arquivo zipado) esteja no desktop e não dentro de uma pasta.
  • Botão direito no arquivo TDSSKiller.exe e em Executar como administrador
  • Clique em Start scan e aguarde.
  • Caso seja encontrada alguma infecção, o programa poderá reiniciar o computador. Permita que o faça.
  • Quando voltar, terá sido gerado um arquivo de texto contendo o log em C:\ começando com TDSSKiller, sendo o resto do nome informações como a versão, a data e o horário do computador.
  • Copie e cole o conteúdo deste arquivo em sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Renato,

Segui suas instruções e não sei se fiz algo de errado, pois o scan não apontou para nenhuma ameaça.

De qualquer forma, segue o log.

Obrigada mais uma vez.

Abs,

22:41:41.0852 6332 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

22:41:42.0429 6332 ============================================================

22:41:42.0429 6332 Current date / time: 2013/08/01 22:41:42.0429

22:41:42.0429 6332 SystemInfo:

22:41:42.0429 6332

22:41:42.0429 6332 OS Version: 6.1.7601 ServicePack: 1.0

22:41:42.0429 6332 Product type: Workstation

22:41:42.0429 6332 ComputerName: ACMEZ

22:41:42.0429 6332 UserName: ACMEZ13

22:41:42.0429 6332 Windows directory: C:\Windows

22:41:42.0429 6332 System windows directory: C:\Windows

22:41:42.0429 6332 Running under WOW64

22:41:42.0429 6332 Processor architecture: Intel x64

22:41:42.0429 6332 Number of processors: 4

22:41:42.0429 6332 Page size: 0x1000

22:41:42.0429 6332 Boot type: Normal boot

22:41:42.0429 6332 ============================================================

22:41:42.0616 6332 Drive \Device\Harddisk0\DR0 - Size: 0x7470B00000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

22:41:42.0616 6332 Drive \Device\Harddisk1\DR1 - Size: 0x2CDD00000 (11.22 Gb), SectorSize: 0x200, Cylinders: 0x5B8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

22:41:42.0616 6332 ============================================================

22:41:42.0616 6332 \Device\Harddisk0\DR0:

22:41:42.0616 6332 MBR partitions:

22:41:42.0616 6332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1AA4000, BlocksNum 0xAF000

22:41:42.0616 6332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B53000, BlocksNum 0x38832000

22:41:42.0616 6332 \Device\Harddisk1\DR1:

22:41:42.0616 6332 MBR partitions:

22:41:42.0616 6332 ============================================================

22:41:42.0616 6332 C: <-> \Device\Harddisk0\DR0\Partition2

22:41:42.0616 6332 ============================================================

22:41:42.0616 6332 Initialize success

22:41:42.0616 6332 ============================================================

22:41:51.0477 6540 ============================================================

22:41:51.0477 6540 Scan started

22:41:51.0477 6540 Mode: Manual;

22:41:51.0477 6540 ============================================================

22:41:52.0179 6540 ================ Scan system memory ========================

22:41:52.0179 6540 System memory - ok

22:41:52.0179 6540 ================ Scan services =============================

22:41:52.0226 6540 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

22:41:52.0226 6540 1394ohci - ok

22:41:52.0241 6540 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

22:41:52.0241 6540 ACDaemon - ok

22:41:52.0241 6540 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

22:41:52.0241 6540 ACPI - ok

22:41:52.0257 6540 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

22:41:52.0257 6540 AcpiPmi - ok

22:41:52.0257 6540 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

22:41:52.0257 6540 AdobeARMservice - ok

22:41:52.0288 6540 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

22:41:52.0288 6540 AdobeFlashPlayerUpdateSvc - ok

22:41:52.0288 6540 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

22:41:52.0304 6540 adp94xx - ok

22:41:52.0304 6540 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

22:41:52.0304 6540 adpahci - ok

22:41:52.0319 6540 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

22:41:52.0319 6540 adpu320 - ok

22:41:52.0319 6540 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

22:41:52.0319 6540 AeLookupSvc - ok

22:41:52.0335 6540 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

22:41:52.0335 6540 AFD - ok

22:41:52.0335 6540 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

22:41:52.0335 6540 agp440 - ok

22:41:52.0335 6540 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

22:41:52.0335 6540 ALG - ok

22:41:52.0350 6540 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

22:41:52.0350 6540 aliide - ok

22:41:52.0350 6540 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

22:41:52.0350 6540 amdide - ok

22:41:52.0350 6540 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

22:41:52.0350 6540 AmdK8 - ok

22:41:52.0366 6540 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

22:41:52.0366 6540 AmdPPM - ok

22:41:52.0366 6540 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

22:41:52.0366 6540 amdsata - ok

22:41:52.0366 6540 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

22:41:52.0366 6540 amdsbs - ok

22:41:52.0382 6540 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

22:41:52.0382 6540 amdxata - ok

22:41:52.0382 6540 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

22:41:52.0382 6540 AppID - ok

22:41:52.0382 6540 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

22:41:52.0382 6540 AppIDSvc - ok

22:41:52.0397 6540 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll

22:41:52.0397 6540 Appinfo - ok

22:41:52.0397 6540 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

22:41:52.0397 6540 Apple Mobile Device - ok

22:41:52.0413 6540 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

22:41:52.0413 6540 arc - ok

22:41:52.0413 6540 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

22:41:52.0413 6540 arcsas - ok

22:41:52.0413 6540 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

22:41:52.0413 6540 ArcSoftKsUFilter - ok

22:41:52.0428 6540 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

22:41:52.0428 6540 aspnet_state - ok

22:41:52.0444 6540 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

22:41:52.0444 6540 AsyncMac - ok

22:41:52.0444 6540 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

22:41:52.0444 6540 atapi - ok

22:41:52.0444 6540 [ D0B119D6F52BDCA8D204F79D27690209 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys

22:41:52.0444 6540 AthBTPort - ok

22:41:52.0460 6540 [ 86F8A0A8D59D0AE2B1096F3103F0E0AD ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

22:41:52.0460 6540 AtherosSvc - ok

22:41:52.0491 6540 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys

22:41:52.0506 6540 athr - ok

22:41:52.0522 6540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

22:41:52.0522 6540 AudioEndpointBuilder - ok

22:41:52.0538 6540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

22:41:52.0538 6540 AudioSrv - ok

22:41:52.0600 6540 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

22:41:52.0631 6540 AVGIDSAgent - ok

22:41:52.0631 6540 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

22:41:52.0631 6540 AVGIDSDriver - ok

22:41:52.0647 6540 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

22:41:52.0647 6540 AVGIDSHA - ok

22:41:52.0647 6540 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

22:41:52.0647 6540 Avgldx64 - ok

22:41:52.0662 6540 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

22:41:52.0662 6540 Avgloga - ok

22:41:52.0662 6540 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

22:41:52.0662 6540 Avgmfx64 - ok

22:41:52.0662 6540 [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

22:41:52.0662 6540 Avgrkx64 - ok

22:41:52.0678 6540 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

22:41:52.0678 6540 Avgtdia - ok

22:41:52.0678 6540 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

22:41:52.0678 6540 avgwd - ok

22:41:52.0694 6540 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

22:41:52.0694 6540 AxInstSV - ok

22:41:52.0694 6540 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

22:41:52.0694 6540 b06bdrv - ok

22:41:52.0709 6540 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

22:41:52.0709 6540 b57nd60a - ok

22:41:52.0709 6540 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

22:41:52.0709 6540 BDESVC - ok

22:41:52.0725 6540 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

22:41:52.0725 6540 Beep - ok

22:41:52.0725 6540 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

22:41:52.0740 6540 BFE - ok

22:41:52.0756 6540 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

22:41:52.0756 6540 BITS - ok

22:41:52.0756 6540 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

22:41:52.0756 6540 blbdrive - ok

22:41:52.0772 6540 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

22:41:52.0772 6540 Bonjour Service - ok

22:41:52.0772 6540 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

22:41:52.0787 6540 bowser - ok

22:41:52.0787 6540 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

22:41:52.0787 6540 BrFiltLo - ok

22:41:52.0787 6540 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

22:41:52.0787 6540 BrFiltUp - ok

22:41:52.0787 6540 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

22:41:52.0787 6540 BridgeMP - ok

22:41:52.0803 6540 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

22:41:52.0803 6540 Browser - ok

22:41:52.0803 6540 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

22:41:52.0803 6540 Brserid - ok

22:41:52.0818 6540 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

22:41:52.0818 6540 BrSerWdm - ok

22:41:52.0818 6540 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

22:41:52.0818 6540 BrUsbMdm - ok

22:41:52.0818 6540 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

22:41:52.0818 6540 BrUsbSer - ok

22:41:52.0834 6540 [ C05ED3246C06EC56F10D85B0304CD09E ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys

22:41:52.0834 6540 BTATH_A2DP - ok

22:41:52.0834 6540 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys

22:41:52.0834 6540 btath_avdt - ok

22:41:52.0834 6540 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys

22:41:52.0834 6540 BTATH_BUS - ok

22:41:52.0850 6540 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys

22:41:52.0850 6540 BTATH_HCRP - ok

22:41:52.0850 6540 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys

22:41:52.0850 6540 BTATH_LWFLT - ok

22:41:52.0850 6540 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys

22:41:52.0865 6540 BTATH_RCP - ok

22:41:52.0865 6540 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys

22:41:52.0865 6540 BTATH_VDP - ok

22:41:52.0881 6540 [ 4FBDD8AF372ED5CB2EA63C0890C62435 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys

22:41:52.0881 6540 BtFilter - ok

22:41:52.0881 6540 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

22:41:52.0896 6540 BthEnum - ok

22:41:52.0896 6540 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

22:41:52.0896 6540 BTHMODEM - ok

22:41:52.0896 6540 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

22:41:52.0896 6540 BthPan - ok

22:41:52.0912 6540 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

22:41:52.0912 6540 BTHPORT - ok

22:41:52.0912 6540 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

22:41:52.0912 6540 bthserv - ok

22:41:52.0928 6540 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

22:41:52.0928 6540 BTHUSB - ok

22:41:52.0928 6540 catchme - ok

22:41:52.0928 6540 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

22:41:52.0928 6540 cdfs - ok

22:41:52.0943 6540 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

22:41:52.0943 6540 cdrom - ok

22:41:52.0943 6540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

22:41:52.0943 6540 CertPropSvc - ok

22:41:52.0943 6540 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

22:41:52.0943 6540 circlass - ok

22:41:52.0959 6540 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

22:41:52.0959 6540 CLFS - ok

22:41:52.0959 6540 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:41:52.0959 6540 clr_optimization_v2.0.50727_32 - ok

22:41:52.0974 6540 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

22:41:52.0974 6540 clr_optimization_v2.0.50727_64 - ok

22:41:52.0990 6540 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:41:52.0990 6540 clr_optimization_v4.0.30319_32 - ok

22:41:53.0006 6540 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

22:41:53.0006 6540 clr_optimization_v4.0.30319_64 - ok

22:41:53.0006 6540 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

22:41:53.0006 6540 CmBatt - ok

22:41:53.0006 6540 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

22:41:53.0021 6540 cmdide - ok

22:41:53.0021 6540 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

22:41:53.0021 6540 CNG - ok

22:41:53.0037 6540 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

22:41:53.0037 6540 Compbatt - ok

22:41:53.0037 6540 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

22:41:53.0037 6540 CompositeBus - ok

22:41:53.0037 6540 COMSysApp - ok

22:41:53.0068 6540 [ B045E4A252442D6223994AA5765438B8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

22:41:53.0068 6540 cphs - ok

22:41:53.0068 6540 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

22:41:53.0068 6540 crcdisk - ok

22:41:53.0084 6540 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll

22:41:53.0084 6540 CryptSvc - ok

22:41:53.0084 6540 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe

22:41:53.0084 6540 DCDhcpService - ok

22:41:53.0099 6540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

22:41:53.0099 6540 DcomLaunch - ok

22:41:53.0115 6540 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

22:41:53.0115 6540 defragsvc - ok

22:41:53.0115 6540 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

22:41:53.0115 6540 DfsC - ok

22:41:53.0130 6540 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

22:41:53.0130 6540 Dhcp - ok

22:41:53.0130 6540 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

22:41:53.0130 6540 discache - ok

22:41:53.0146 6540 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

22:41:53.0146 6540 Disk - ok

22:41:53.0146 6540 dlcx_device - ok

22:41:53.0146 6540 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

22:41:53.0146 6540 Dnscache - ok

22:41:53.0162 6540 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

22:41:53.0162 6540 dot3svc - ok

22:41:53.0162 6540 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

22:41:53.0162 6540 DPS - ok

22:41:53.0162 6540 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

22:41:53.0177 6540 drmkaud - ok

22:41:53.0193 6540 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

22:41:53.0193 6540 DXGKrnl - ok

22:41:53.0193 6540 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys

22:41:53.0193 6540 e1yexpress - ok

22:41:53.0208 6540 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

22:41:53.0208 6540 EapHost - ok

22:41:53.0240 6540 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

22:41:53.0255 6540 ebdrv - ok

22:41:53.0271 6540 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

22:41:53.0271 6540 EFS - ok

22:41:53.0286 6540 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

22:41:53.0286 6540 ehRecvr - ok

22:41:53.0286 6540 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

22:41:53.0286 6540 ehSched - ok

22:41:53.0302 6540 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

22:41:53.0302 6540 elxstor - ok

22:41:53.0302 6540 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

22:41:53.0302 6540 ErrDev - ok

22:41:53.0318 6540 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

22:41:53.0318 6540 EventSystem - ok

22:41:53.0333 6540 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

22:41:53.0333 6540 exfat - ok

22:41:53.0333 6540 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

22:41:53.0333 6540 fastfat - ok

22:41:53.0349 6540 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

22:41:53.0364 6540 Fax - ok

22:41:53.0364 6540 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

22:41:53.0364 6540 fdc - ok

22:41:53.0364 6540 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

22:41:53.0364 6540 fdPHost - ok

22:41:53.0364 6540 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

22:41:53.0380 6540 FDResPub - ok

22:41:53.0380 6540 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

22:41:53.0380 6540 FileInfo - ok

22:41:53.0380 6540 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

22:41:53.0380 6540 Filetrace - ok

22:41:53.0380 6540 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

22:41:53.0380 6540 flpydisk - ok

22:41:53.0396 6540 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

22:41:53.0396 6540 FltMgr - ok

22:41:53.0411 6540 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

22:41:53.0427 6540 FontCache - ok

22:41:53.0427 6540 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

22:41:53.0427 6540 FontCache3.0.0.0 - ok

22:41:53.0427 6540 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

22:41:53.0427 6540 FsDepends - ok

22:41:53.0442 6540 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

22:41:53.0442 6540 Fs_Rec - ok

22:41:53.0442 6540 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

22:41:53.0442 6540 fvevol - ok

22:41:53.0442 6540 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

22:41:53.0442 6540 gagp30kx - ok

22:41:53.0458 6540 GbpKm - ok

22:41:53.0458 6540 [ 55844A7CCE15332C64997375CDCE6CD0 ] GbpSv C:\PROGRA~2\GbPlugin\GbpSv.exe

22:41:53.0458 6540 GbpSv - ok

22:41:53.0474 6540 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

22:41:53.0474 6540 gpsvc - ok

22:41:53.0489 6540 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:41:53.0489 6540 gupdate - ok

22:41:53.0489 6540 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

22:41:53.0489 6540 gupdatem - ok

22:41:53.0489 6540 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

22:41:53.0489 6540 hcw85cir - ok

22:41:53.0505 6540 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

22:41:53.0505 6540 HdAudAddService - ok

22:41:53.0505 6540 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

22:41:53.0505 6540 HDAudBus - ok

22:41:53.0520 6540 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

22:41:53.0520 6540 HidBatt - ok

22:41:53.0520 6540 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

22:41:53.0520 6540 HidBth - ok

22:41:53.0520 6540 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

22:41:53.0520 6540 HidIr - ok

22:41:53.0520 6540 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

22:41:53.0536 6540 hidserv - ok

22:41:53.0536 6540 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

22:41:53.0536 6540 HidUsb - ok

22:41:53.0536 6540 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

22:41:53.0536 6540 hkmsvc - ok

22:41:53.0552 6540 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

22:41:53.0552 6540 HomeGroupListener - ok

22:41:53.0552 6540 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

22:41:53.0552 6540 HomeGroupProvider - ok

22:41:53.0567 6540 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

22:41:53.0567 6540 HpSAMD - ok

22:41:53.0567 6540 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

22:41:53.0583 6540 HTTP - ok

22:41:53.0583 6540 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

22:41:53.0583 6540 hwpolicy - ok

22:41:53.0583 6540 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

22:41:53.0583 6540 i8042prt - ok

22:41:53.0598 6540 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys

22:41:53.0598 6540 iaStor - ok

22:41:53.0598 6540 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

22:41:53.0614 6540 IAStorDataMgrSvc - ok

22:41:53.0614 6540 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

22:41:53.0614 6540 iaStorV - ok

22:41:53.0645 6540 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

22:41:53.0676 6540 IconMan_R - ok

22:41:53.0692 6540 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

22:41:53.0692 6540 idsvc - ok

22:41:53.0864 6540 [ 11BA677667432A99CA261A472A2C29B8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

22:41:53.0926 6540 igfx - ok

22:41:53.0926 6540 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

22:41:53.0942 6540 iirsp - ok

22:41:53.0942 6540 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

22:41:53.0957 6540 IKEEXT - ok

22:41:54.0004 6540 [ E83BB47C3446F0497019DE7FD6C6A86F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

22:41:54.0035 6540 IntcAzAudAddService - ok

22:41:54.0035 6540 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

22:41:54.0035 6540 IntcDAud - ok

22:41:54.0051 6540 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

22:41:54.0051 6540 Intel® Capability Licensing Service Interface - ok

22:41:54.0051 6540 [ 709C8623721A1F1EF388EA75A07EC33B ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

22:41:54.0051 6540 Intel® ME Service - ok

22:41:54.0066 6540 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

22:41:54.0066 6540 intelide - ok

22:41:54.0066 6540 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

22:41:54.0066 6540 intelppm - ok

22:41:54.0066 6540 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

22:41:54.0082 6540 IPBusEnum - ok

22:41:54.0082 6540 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

22:41:54.0082 6540 IpFilterDriver - ok

22:41:54.0098 6540 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

22:41:54.0098 6540 iphlpsvc - ok

22:41:54.0098 6540 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

22:41:54.0098 6540 IPMIDRV - ok

22:41:54.0113 6540 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

22:41:54.0113 6540 IPNAT - ok

22:41:54.0113 6540 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

22:41:54.0113 6540 IRENUM - ok

22:41:54.0129 6540 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

22:41:54.0129 6540 isapnp - ok

22:41:54.0129 6540 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

22:41:54.0129 6540 iScsiPrt - ok

22:41:54.0144 6540 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys

22:41:54.0144 6540 iusb3hcs - ok

22:41:54.0144 6540 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys

22:41:54.0144 6540 iusb3hub - ok

22:41:54.0160 6540 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys

22:41:54.0176 6540 iusb3xhc - ok

22:41:54.0176 6540 [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

22:41:54.0176 6540 jhi_service - ok

22:41:54.0176 6540 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

22:41:54.0176 6540 kbdclass - ok

22:41:54.0191 6540 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

22:41:54.0191 6540 kbdhid - ok

22:41:54.0191 6540 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

22:41:54.0191 6540 KeyIso - ok

22:41:54.0191 6540 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

22:41:54.0191 6540 KSecDD - ok

22:41:54.0207 6540 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

22:41:54.0207 6540 KSecPkg - ok

22:41:54.0207 6540 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

22:41:54.0207 6540 ksthunk - ok

22:41:54.0222 6540 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

22:41:54.0222 6540 KtmRm - ok

22:41:54.0222 6540 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

22:41:54.0238 6540 LanmanServer - ok

22:41:54.0238 6540 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

22:41:54.0238 6540 LanmanWorkstation - ok

22:41:54.0238 6540 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

22:41:54.0254 6540 lltdio - ok

22:41:54.0254 6540 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

22:41:54.0254 6540 lltdsvc - ok

22:41:54.0254 6540 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

22:41:54.0269 6540 lmhosts - ok

22:41:54.0269 6540 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

22:41:54.0269 6540 LMS - ok

22:41:54.0285 6540 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

22:41:54.0285 6540 LSI_FC - ok

22:41:54.0285 6540 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

22:41:54.0285 6540 LSI_SAS - ok

22:41:54.0285 6540 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

22:41:54.0285 6540 LSI_SAS2 - ok

22:41:54.0300 6540 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

22:41:54.0300 6540 LSI_SCSI - ok

22:41:54.0300 6540 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

22:41:54.0300 6540 luafv - ok

22:41:54.0316 6540 [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe

22:41:54.0316 6540 McComponentHostService - ok

22:41:54.0316 6540 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

22:41:54.0316 6540 Mcx2Svc - ok

22:41:54.0332 6540 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

22:41:54.0332 6540 megasas - ok

22:41:54.0332 6540 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

22:41:54.0332 6540 MegaSR - ok

22:41:54.0347 6540 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

22:41:54.0347 6540 MEIx64 - ok

22:41:54.0347 6540 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

22:41:54.0347 6540 MMCSS - ok

22:41:54.0347 6540 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

22:41:54.0347 6540 Modem - ok

22:41:54.0363 6540 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

22:41:54.0363 6540 monitor - ok

22:41:54.0363 6540 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

22:41:54.0363 6540 mouclass - ok

22:41:54.0363 6540 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

22:41:54.0363 6540 mouhid - ok

22:41:54.0378 6540 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

22:41:54.0378 6540 mountmgr - ok

22:41:54.0378 6540 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

22:41:54.0378 6540 mpio - ok

22:41:54.0394 6540 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

22:41:54.0394 6540 mpsdrv - ok

22:41:54.0410 6540 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

22:41:54.0410 6540 MpsSvc - ok

22:41:54.0410 6540 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

22:41:54.0410 6540 MRxDAV - ok

22:41:54.0425 6540 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

22:41:54.0425 6540 mrxsmb - ok

22:41:54.0425 6540 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

22:41:54.0425 6540 mrxsmb10 - ok

22:41:54.0441 6540 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

22:41:54.0441 6540 mrxsmb20 - ok

22:41:54.0441 6540 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

22:41:54.0441 6540 msahci - ok

22:41:54.0456 6540 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

22:41:54.0456 6540 msdsm - ok

22:41:54.0456 6540 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

22:41:54.0456 6540 MSDTC - ok

22:41:54.0472 6540 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

22:41:54.0472 6540 Msfs - ok

22:41:54.0472 6540 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

22:41:54.0472 6540 mshidkmdf - ok

22:41:54.0472 6540 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

22:41:54.0472 6540 msisadrv - ok

22:41:54.0488 6540 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

22:41:54.0488 6540 MSiSCSI - ok

22:41:54.0488 6540 msiserver - ok

22:41:54.0488 6540 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

22:41:54.0488 6540 MSKSSRV - ok

22:41:54.0488 6540 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

22:41:54.0503 6540 MSPCLOCK - ok

22:41:54.0503 6540 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

22:41:54.0503 6540 MSPQM - ok

22:41:54.0503 6540 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

22:41:54.0503 6540 MsRPC - ok

22:41:54.0519 6540 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

22:41:54.0519 6540 mssmbios - ok

22:41:54.0519 6540 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

22:41:54.0519 6540 MSTEE - ok

22:41:54.0519 6540 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

22:41:54.0519 6540 MTConfig - ok

22:41:54.0534 6540 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

22:41:54.0534 6540 Mup - ok

22:41:54.0534 6540 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

22:41:54.0550 6540 napagent - ok

22:41:54.0550 6540 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

22:41:54.0550 6540 NativeWifiP - ok

22:41:54.0566 6540 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

22:41:54.0566 6540 NDIS - ok

22:41:54.0581 6540 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

22:41:54.0581 6540 NdisCap - ok

22:41:54.0581 6540 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

22:41:54.0581 6540 NdisTapi - ok

22:41:54.0581 6540 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

22:41:54.0581 6540 Ndisuio - ok

22:41:54.0597 6540 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

22:41:54.0597 6540 NdisWan - ok

22:41:54.0597 6540 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

22:41:54.0597 6540 NDProxy - ok

22:41:54.0597 6540 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

22:41:54.0597 6540 NetBIOS - ok

22:41:54.0612 6540 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

22:41:54.0612 6540 NetBT - ok

22:41:54.0612 6540 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

22:41:54.0612 6540 Netlogon - ok

22:41:54.0628 6540 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

22:41:54.0628 6540 Netman - ok

22:41:54.0628 6540 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:41:54.0628 6540 NetMsmqActivator - ok

22:41:54.0644 6540 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:41:54.0644 6540 NetPipeActivator - ok

22:41:54.0644 6540 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

22:41:54.0644 6540 netprofm - ok

22:41:54.0659 6540 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:41:54.0659 6540 NetTcpActivator - ok

22:41:54.0659 6540 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

22:41:54.0659 6540 NetTcpPortSharing - ok

22:41:54.0659 6540 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

22:41:54.0659 6540 nfrd960 - ok

22:41:54.0675 6540 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

22:41:54.0675 6540 NlaSvc - ok

22:41:54.0675 6540 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

22:41:54.0675 6540 Npfs - ok

22:41:54.0690 6540 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

22:41:54.0690 6540 nsi - ok

22:41:54.0690 6540 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

22:41:54.0690 6540 nsiproxy - ok

22:41:54.0706 6540 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

22:41:54.0722 6540 Ntfs - ok

22:41:54.0722 6540 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

22:41:54.0722 6540 Null - ok

22:41:54.0846 6540 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

22:41:54.0909 6540 nvlddmkm - ok

22:41:54.0924 6540 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

22:41:54.0924 6540 nvraid - ok

22:41:54.0924 6540 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

22:41:54.0924 6540 nvstor - ok

22:41:54.0924 6540 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

22:41:54.0940 6540 nv_agp - ok

22:41:54.0940 6540 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

22:41:54.0940 6540 ohci1394 - ok

22:41:54.0940 6540 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:41:54.0956 6540 ose - ok

22:41:55.0034 6540 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

22:41:55.0065 6540 osppsvc - ok

22:41:55.0080 6540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

22:41:55.0080 6540 p2pimsvc - ok

22:41:55.0096 6540 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

22:41:55.0096 6540 p2psvc - ok

22:41:55.0096 6540 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

22:41:55.0096 6540 Parport - ok

22:41:55.0112 6540 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

22:41:55.0112 6540 partmgr - ok

22:41:55.0112 6540 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

22:41:55.0112 6540 PcaSvc - ok

22:41:55.0112 6540 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

22:41:55.0112 6540 pci - ok

22:41:55.0127 6540 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

22:41:55.0127 6540 pciide - ok

22:41:55.0127 6540 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

22:41:55.0127 6540 pcmcia - ok

22:41:55.0127 6540 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

22:41:55.0127 6540 pcw - ok

22:41:55.0143 6540 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

22:41:55.0143 6540 PEAUTH - ok

22:41:55.0174 6540 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

22:41:55.0174 6540 PerfHost - ok

22:41:55.0205 6540 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

22:41:55.0221 6540 pla - ok

22:41:55.0236 6540 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

22:41:55.0236 6540 PlugPlay - ok

22:41:55.0252 6540 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

22:41:55.0252 6540 PMBDeviceInfoProvider - ok

22:41:55.0252 6540 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

22:41:55.0268 6540 PNRPAutoReg - ok

22:41:55.0268 6540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

22:41:55.0268 6540 PNRPsvc - ok

22:41:55.0283 6540 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

22:41:55.0283 6540 PolicyAgent - ok

22:41:55.0283 6540 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

22:41:55.0299 6540 Power - ok

22:41:55.0299 6540 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

22:41:55.0299 6540 PptpMiniport - ok

22:41:55.0299 6540 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

22:41:55.0299 6540 Processor - ok

22:41:55.0314 6540 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

22:41:55.0314 6540 ProfSvc - ok

22:41:55.0314 6540 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

22:41:55.0314 6540 ProtectedStorage - ok

22:41:55.0314 6540 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

22:41:55.0314 6540 Psched - ok

22:41:55.0346 6540 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

22:41:55.0346 6540 ql2300 - ok

22:41:55.0361 6540 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

22:41:55.0361 6540 ql40xx - ok

22:41:55.0361 6540 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

22:41:55.0361 6540 QWAVE - ok

22:41:55.0377 6540 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

22:41:55.0377 6540 QWAVEdrv - ok

22:41:55.0377 6540 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

22:41:55.0377 6540 RasAcd - ok

22:41:55.0377 6540 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

22:41:55.0377 6540 RasAgileVpn - ok

22:41:55.0392 6540 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

22:41:55.0392 6540 RasAuto - ok

22:41:55.0392 6540 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

22:41:55.0392 6540 Rasl2tp - ok

22:41:55.0392 6540 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

22:41:55.0408 6540 RasMan - ok

22:41:55.0408 6540 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

22:41:55.0408 6540 RasPppoe - ok

22:41:55.0408 6540 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

22:41:55.0408 6540 RasSstp - ok

22:41:55.0424 6540 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

22:41:55.0424 6540 rdbss - ok

22:41:55.0424 6540 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

22:41:55.0424 6540 rdpbus - ok

22:41:55.0439 6540 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

22:41:55.0439 6540 RDPCDD - ok

22:41:55.0439 6540 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

22:41:55.0439 6540 RDPENCDD - ok

22:41:55.0439 6540 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

22:41:55.0439 6540 RDPREFMP - ok

22:41:55.0455 6540 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

22:41:55.0455 6540 RDPWD - ok

22:41:55.0455 6540 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

22:41:55.0455 6540 rdyboost - ok

22:41:55.0470 6540 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

22:41:55.0470 6540 RemoteAccess - ok

22:41:55.0470 6540 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

22:41:55.0470 6540 RemoteRegistry - ok

22:41:55.0486 6540 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

22:41:55.0486 6540 RFCOMM - ok

22:41:55.0486 6540 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

22:41:55.0486 6540 RpcEptMapper - ok

22:41:55.0486 6540 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

22:41:55.0486 6540 RpcLocator - ok

22:41:55.0502 6540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

22:41:55.0502 6540 RpcSs - ok

22:41:55.0517 6540 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys

22:41:55.0517 6540 RSPCIESTOR - ok

22:41:55.0517 6540 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

22:41:55.0517 6540 rspndr - ok

22:41:55.0533 6540 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

22:41:55.0533 6540 RTL8167 - ok

22:41:55.0533 6540 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

22:41:55.0533 6540 SamSs - ok

22:41:55.0548 6540 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

22:41:55.0548 6540 sbp2port - ok

22:41:55.0548 6540 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

22:41:55.0548 6540 SCardSvr - ok

22:41:55.0564 6540 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

22:41:55.0564 6540 scfilter - ok

22:41:55.0580 6540 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

22:41:55.0580 6540 Schedule - ok

22:41:55.0580 6540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

22:41:55.0580 6540 SCPolicySvc - ok

22:41:55.0595 6540 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

22:41:55.0595 6540 sdbus - ok

22:41:55.0595 6540 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

22:41:55.0595 6540 SDRSVC - ok

22:41:55.0595 6540 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

22:41:55.0611 6540 secdrv - ok

22:41:55.0611 6540 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

22:41:55.0611 6540 seclogon - ok

22:41:55.0611 6540 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

22:41:55.0611 6540 SENS - ok

22:41:55.0626 6540 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

22:41:55.0626 6540 SensrSvc - ok

22:41:55.0626 6540 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

22:41:55.0626 6540 Serenum - ok

22:41:55.0626 6540 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

22:41:55.0626 6540 Serial - ok

22:41:55.0626 6540 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

22:41:55.0642 6540 sermouse - ok

22:41:55.0642 6540 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

22:41:55.0642 6540 SessionEnv - ok

22:41:55.0658 6540 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys

22:41:55.0658 6540 SFEP - ok

22:41:55.0658 6540 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

22:41:55.0658 6540 sffdisk - ok

22:41:55.0658 6540 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

22:41:55.0658 6540 sffp_mmc - ok

22:41:55.0658 6540 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

22:41:55.0658 6540 sffp_sd - ok

22:41:55.0673 6540 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

22:41:55.0673 6540 sfloppy - ok

22:41:55.0673 6540 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

22:41:55.0673 6540 SharedAccess - ok

22:41:55.0689 6540 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

22:41:55.0689 6540 ShellHWDetection - ok

22:41:55.0689 6540 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

22:41:55.0689 6540 SiSRaid2 - ok

22:41:55.0704 6540 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

22:41:55.0704 6540 SiSRaid4 - ok

22:41:55.0767 6540 [ AE40D1BC6FB02A5625516AD74CA9A309 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

22:41:55.0798 6540 Skype C2C Service - ok

22:41:55.0798 6540 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

22:41:55.0798 6540 SkypeUpdate - ok

22:41:55.0814 6540 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

22:41:55.0814 6540 Smb - ok

22:41:55.0829 6540 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

22:41:55.0829 6540 SNMPTRAP - ok

22:41:55.0829 6540 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

22:41:55.0845 6540 SOHCImp - ok

22:41:55.0845 6540 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

22:41:55.0845 6540 SOHDs - ok

22:41:55.0845 6540 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

22:41:55.0845 6540 Sony SCSI Helper Service - ok

22:41:55.0860 6540 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

22:41:55.0860 6540 SpfService - ok

22:41:55.0860 6540 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

22:41:55.0860 6540 spldr - ok

22:41:55.0876 6540 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

22:41:55.0876 6540 Spooler - ok

22:41:55.0923 6540 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

22:41:55.0954 6540 sppsvc - ok

22:41:55.0954 6540 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

22:41:55.0954 6540 sppuinotify - ok

22:41:55.0970 6540 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

22:41:55.0970 6540 srv - ok

22:41:55.0985 6540 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

22:41:55.0985 6540 srv2 - ok

22:41:55.0985 6540 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

22:41:55.0985 6540 srvnet - ok

22:41:56.0001 6540 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

22:41:56.0001 6540 SSDPSRV - ok

22:41:56.0001 6540 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

22:41:56.0016 6540 SstpSvc - ok

22:41:56.0016 6540 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

22:41:56.0016 6540 stexstor - ok

22:41:56.0016 6540 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

22:41:56.0016 6540 StillCam - ok

22:41:56.0032 6540 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

22:41:56.0032 6540 stisvc - ok

22:41:56.0048 6540 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

22:41:56.0048 6540 swenum - ok

22:41:56.0048 6540 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

22:41:56.0063 6540 swprv - ok

22:41:56.0063 6540 [ BD4F51AEF67AB7D57698BC4AAD983D1F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

22:41:56.0063 6540 SynTP - ok

22:41:56.0094 6540 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

22:41:56.0110 6540 SysMain - ok

22:41:56.0110 6540 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

22:41:56.0110 6540 TabletInputService - ok

22:41:56.0126 6540 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

22:41:56.0126 6540 TapiSrv - ok

22:41:56.0126 6540 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

22:41:56.0126 6540 TBS - ok

22:41:56.0157 6540 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys

22:41:56.0172 6540 Tcpip - ok

22:41:56.0188 6540 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

22:41:56.0204 6540 TCPIP6 - ok

22:41:56.0204 6540 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

22:41:56.0204 6540 tcpipreg - ok

22:41:56.0219 6540 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

22:41:56.0219 6540 TDPIPE - ok

22:41:56.0219 6540 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

22:41:56.0219 6540 TDTCP - ok

22:41:56.0219 6540 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

22:41:56.0219 6540 tdx - ok

22:41:56.0235 6540 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

22:41:56.0235 6540 TermDD - ok

22:41:56.0250 6540 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

22:41:56.0250 6540 TermService - ok

22:41:56.0250 6540 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

22:41:56.0250 6540 Themes - ok

22:41:56.0266 6540 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

22:41:56.0266 6540 THREADORDER - ok

22:41:56.0266 6540 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

22:41:56.0266 6540 TrkWks - ok

22:41:56.0282 6540 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

22:41:56.0282 6540 TrustedInstaller - ok

22:41:56.0282 6540 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

22:41:56.0282 6540 tssecsrv - ok

22:41:56.0282 6540 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

22:41:56.0282 6540 TsUsbFlt - ok

22:41:56.0297 6540 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

22:41:56.0297 6540 TsUsbGD - ok

22:41:56.0297 6540 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

22:41:56.0297 6540 tunnel - ok

22:41:56.0297 6540 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

22:41:56.0297 6540 uagp35 - ok

22:41:56.0313 6540 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

22:41:56.0313 6540 uCamMonitor - ok

22:41:56.0313 6540 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

22:41:56.0328 6540 udfs - ok

22:41:56.0328 6540 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

22:41:56.0328 6540 UI0Detect - ok

22:41:56.0328 6540 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

22:41:56.0328 6540 uliagpkx - ok

22:41:56.0344 6540 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

22:41:56.0344 6540 umbus - ok

22:41:56.0344 6540 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

22:41:56.0344 6540 UmPass - ok

22:41:56.0360 6540 [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

22:41:56.0360 6540 UNS - ok

22:41:56.0360 6540 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

22:41:56.0375 6540 upnphost - ok

22:41:56.0375 6540 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

22:41:56.0375 6540 USBAAPL64 - ok

22:41:56.0375 6540 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

22:41:56.0375 6540 usbccgp - ok

22:41:56.0391 6540 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

22:41:56.0391 6540 usbcir - ok

22:41:56.0391 6540 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

22:41:56.0391 6540 usbehci - ok

22:41:56.0391 6540 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

22:41:56.0406 6540 usbhub - ok

22:41:56.0406 6540 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

22:41:56.0406 6540 usbohci - ok

22:41:56.0406 6540 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

22:41:56.0406 6540 usbprint - ok

22:41:56.0406 6540 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

22:41:56.0406 6540 usbscan - ok

22:41:56.0422 6540 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

22:41:56.0422 6540 USBSTOR - ok

22:41:56.0422 6540 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

22:41:56.0422 6540 usbuhci - ok

22:41:56.0422 6540 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

22:41:56.0438 6540 usbvideo - ok

22:41:56.0438 6540 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys

22:41:56.0438 6540 usb_rndisx - ok

22:41:56.0438 6540 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

22:41:56.0438 6540 UxSms - ok

22:41:56.0453 6540 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

22:41:56.0453 6540 VAIO Event Service - ok

22:41:56.0453 6540 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

22:41:56.0469 6540 VAIO Power Management - ok

22:41:56.0469 6540 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

22:41:56.0469 6540 VaultSvc - ok

22:41:56.0484 6540 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

22:41:56.0500 6540 VCFw - ok

22:41:56.0500 6540 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

22:41:56.0516 6540 VcmIAlzMgr - ok

22:41:56.0516 6540 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

22:41:56.0516 6540 VcmINSMgr - ok

22:41:56.0531 6540 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

22:41:56.0531 6540 VcmXmlIfHelper - ok

22:41:56.0531 6540 [ D076011ECD0D1310E879F32EBF3B4886 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe

22:41:56.0531 6540 VCService - ok

22:41:56.0531 6540 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

22:41:56.0547 6540 vdrvroot - ok

22:41:56.0547 6540 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

22:41:56.0562 6540 vds - ok

22:41:56.0562 6540 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

22:41:56.0562 6540 vga - ok

22:41:56.0562 6540 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

22:41:56.0562 6540 VgaSave - ok

22:41:56.0562 6540 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

22:41:56.0578 6540 vhdmp - ok

22:41:56.0578 6540 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

22:41:56.0578 6540 viaide - ok

22:41:56.0578 6540 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

22:41:56.0578 6540 volmgr - ok

22:41:56.0594 6540 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

22:41:56.0594 6540 volmgrx - ok

22:41:56.0594 6540 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

22:41:56.0594 6540 volsnap - ok

22:41:56.0609 6540 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

22:41:56.0609 6540 vsmraid - ok

22:41:56.0625 6540 [ 596E65BDEE804CC6658A39756CC61849 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

22:41:56.0625 6540 VSNService - ok

22:41:56.0672 6540 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

22:41:56.0687 6540 VSS - ok

22:41:56.0703 6540 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

22:41:56.0718 6540 VUAgent - ok

22:41:56.0718 6540 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

22:41:56.0718 6540 vwifibus - ok

22:41:56.0734 6540 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

22:41:56.0734 6540 vwififlt - ok

22:41:56.0734 6540 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

22:41:56.0750 6540 W32Time - ok

22:41:56.0750 6540 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

22:41:56.0750 6540 WacomPen - ok

22:41:56.0750 6540 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

22:41:56.0750 6540 WANARP - ok

22:41:56.0750 6540 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

22:41:56.0765 6540 Wanarpv6 - ok

22:41:56.0781 6540 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

22:41:56.0796 6540 WatAdminSvc - ok

22:41:56.0812 6540 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

22:41:56.0828 6540 wbengine - ok

22:41:56.0843 6540 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

22:41:56.0843 6540 WbioSrvc - ok

22:41:56.0843 6540 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

22:41:56.0859 6540 wcncsvc - ok

22:41:56.0859 6540 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

22:41:56.0859 6540 WcsPlugInService - ok

22:41:56.0859 6540 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

22:41:56.0859 6540 Wd - ok

22:41:56.0874 6540 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

22:41:56.0890 6540 Wdf01000 - ok

22:41:56.0890 6540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

22:41:56.0890 6540 WdiServiceHost - ok

22:41:56.0890 6540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

22:41:56.0890 6540 WdiSystemHost - ok

22:41:56.0906 6540 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

22:41:56.0906 6540 WebClient - ok

22:41:56.0906 6540 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

22:41:56.0906 6540 Wecsvc - ok

22:41:56.0921 6540 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

22:41:56.0921 6540 wercplsupport - ok

22:41:56.0921 6540 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

22:41:56.0921 6540 WerSvc - ok

22:41:56.0937 6540 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

22:41:56.0937 6540 WfpLwf - ok

22:41:56.0937 6540 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

22:41:56.0937 6540 WIMMount - ok

22:41:56.0937 6540 WinDefend - ok

22:41:56.0937 6540 WinHttpAutoProxySvc - ok

22:41:56.0952 6540 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

22:41:56.0952 6540 Winmgmt - ok

22:41:56.0999 6540 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

22:41:57.0015 6540 WinRM - ok

22:41:57.0030 6540 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

22:41:57.0030 6540 WinUsb - ok

22:41:57.0030 6540 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

22:41:57.0046 6540 Wlansvc - ok

22:41:57.0046 6540 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

22:41:57.0046 6540 wlcrasvc - ok

22:41:57.0077 6540 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

22:41:57.0093 6540 wlidsvc - ok

22:41:57.0093 6540 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

22:41:57.0093 6540 WmiAcpi - ok

22:41:57.0108 6540 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

22:41:57.0108 6540 wmiApSrv - ok

22:41:57.0108 6540 WMPNetworkSvc - ok

22:41:57.0124 6540 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

22:41:57.0124 6540 WPCSvc - ok

22:41:57.0124 6540 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

22:41:57.0124 6540 WPDBusEnum - ok

22:41:57.0140 6540 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

22:41:57.0140 6540 ws2ifsl - ok

22:41:57.0140 6540 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

22:41:57.0140 6540 wscsvc - ok

22:41:57.0155 6540 WSearch - ok

22:41:57.0186 6540 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

22:41:57.0202 6540 wuauserv - ok

22:41:57.0202 6540 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

22:41:57.0202 6540 WudfPf - ok

22:41:57.0218 6540 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

22:41:57.0218 6540 WUDFRd - ok

22:41:57.0218 6540 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

22:41:57.0218 6540 wudfsvc - ok

22:41:57.0233 6540 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll

22:41:57.0233 6540 WwanSvc - ok

22:41:57.0233 6540 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

22:41:57.0249 6540 ZAtheros Bt&Wlan Coex Agent - ok

22:41:57.0249 6540 ================ Scan global ===============================

22:41:57.0264 6540 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

22:41:57.0264 6540 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

22:41:57.0264 6540 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

22:41:57.0280 6540 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

22:41:57.0280 6540 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

22:41:57.0280 6540 [Global] - ok

22:41:57.0280 6540 ================ Scan MBR ==================================

22:41:57.0280 6540 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

22:41:57.0420 6540 \Device\Harddisk0\DR0 - ok

22:41:57.0420 6540 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

22:41:57.0420 6540 \Device\Harddisk1\DR1 - ok

22:41:57.0420 6540 ================ Scan VBR ==================================

22:41:57.0420 6540 [ 6A7A13262EE83AC10A26D3C0E1DF7948 ] \Device\Harddisk0\DR0\Partition1

22:41:57.0420 6540 \Device\Harddisk0\DR0\Partition1 - ok

22:41:57.0420 6540 [ F52BD4ABFB72154127C60AD4D019DD83 ] \Device\Harddisk0\DR0\Partition2

22:41:57.0420 6540 \Device\Harddisk0\DR0\Partition2 - ok

22:41:57.0420 6540 ============================================================

22:41:57.0420 6540 Scan finished

22:41:57.0420 6540 ============================================================

22:41:57.0436 6532 Detected object count: 0

22:41:57.0436 6532 Actual detected object count: 0

22:42:01.0617 6328 Deinitialize success

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool de um desses 2 links:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://dnl-us6.kaspersky-labs.com/devbuilds/AVPTool/

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua área de trabalho.

Execute o arquivo e aguarde a instalação.

** Usuários do Windows Vista e Windows 7:

Clique com o direito sobre o arquivo, depois clique em Executar como administrador

Na tela do contrato de licença, marque a opção I accept the license agreement e depois clique no botão Start. Aparentemente o programa congela e nada acontece. É normal, apenas aguarde até aparecer a tela inicial do programa, e então clique no ícone Settings:

KRT_settings.png

Nesta tela, marque a caixa ao lado de:

  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houverem. Depois clique na aba Automatic Scan

KRT_install2_.png

De volta à tela inicial do programa, clique no botão Start scanning

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Marque o quadradinho ao lado de Apply to all objects e depois clique em Skip (queremos apenas o log).

KRT_detection_.png

Enquanto durar o exame, a tela inicial exibirá uma barra de progresso. Quando terminar, o programa exibirá o status concluído e um botão que ficará na cor laranja, caso nada tenha sido detectado, e na cor vermelha, caso tenha encontrado algo.

Caso tenha detectado algo, o programa também exibirá uma tela de alerta, avisando que o seu sistema está desprotegido e sugerindo um produto da Kaspersky. Clique no botão No, thanks.

De volta à tela principal, caso tenha sido detectado algo, então salve o log. Se você fechar o programa e esquecer de salvar o log, terá que repetir todo o scan novamente.

Para salvar o log, clique no ícone Reports (ao lado do ícone "Settings"). Na próxima janela, clique em Detected Threats, depois clique no ícone de disquete para salvar o log.

Escolha um local de fácil acesso e salve como log.txt

Copie todo o conteúdo desse bloco de notas e cole na sua próxima resposta.

Se nada for detectado, então não precisa salvar o log. Apenas poste aqui avisando.

Para sair do programa, basta clicar no X no canto superior direito.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Renato, desculpe a demora em responder o seu último tutorial. Fiz os procedimentos que você passou e Kapersky Virus Removal detectou 4 ameaças.

Mais uma vez obrigada pela ajuda.

Abs!

--------------------------------------------------------------------------Segue log:

Status: Detected (events: 4)

14/08/2013 01:33:56 Detected Trojan program Trojan.Win32.Agent.xrka C:\Qoobox\Quarantine\C\Users\ACMEZ13\04¤ž¦««’¥©*¤¢*¨¥04.txt.vir High

14/08/2013 01:33:56 Detected Trojan program Trojan-Banker.Win32.Banker.syxg C:\Qoobox\Quarantine\C\Users\ACMEZ13\08¤ž¦««’¥© ¤¢*¨¥08.txt.vir High

14/08/2013 01:33:56 Detected Trojan program Trojan-Banker.Win32.VB.re C:\Qoobox\Quarantine\C\Users\ACMEZ13\01¤ž¦««’¥©*¤¢*¨¥01.txt.vir//UPX High

14/08/2013 02:16:41 Detected Trojan program Trojan.Win32.VBKrypt.rwgm C:\Qoobox\Quarantine\C\Users\ACMEZ13\™¨“˜›*™š™¦*™¦*big.txt.vir//UPX High

Compartilhar este post


Link para o post
Compartilhar em outros sites

Estão na quarentena do ComboFix.

Como está o computador?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Continua com os mesmos sintomas, a página da brasil pesquisa continua aparecendo e os arquivos como ícones de atalho. :(

Compartilhar este post


Link para o post
Compartilhar em outros sites

Preciso de novo log do DDS.

Você tem feito uso de mídias removíveis recentemente?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Renato. Eu uso mídias removíveis sim, seria esse o problema? Estou pensando em formatar o computador de uma vez, isso resolveria esse problema do malware?

Obrigada mais uma vez.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Sim, pendrive é um grande vilão para levar virus.

Me avise de suas decisões, assim sei se devemos continuar ou não.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×