Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PLEASE HELP WITH OLMARIK REMOVAL WIN 7 64 BITS [Closed]


  • This topic is locked This topic is locked

#1
temporalpux

temporalpux

    New Member

  • Member
  • Pip
  • 6 posts
Hello guys

My pc was running fine until one week ago I was looking at a anime site which name I cant remember and got this pop up window saying something like "you are infected" and thats when I know im screwed cause it already happened to me years ago.

So I attempted to clean my self but it got worse as days passed, i kept my pc off while not attempting to clean but it got worse and worse to the point I couldnt even get it to read any of my usb devices and sd/memory cards and external drives, always gettin the "you need to format this drive" and the hi cpu usage, restoring windows didnt help either... I tried some of them on my dads macbook and that confirmed it because there were no problems with my drives in OSX.

Installed ESET and MBAM, alas learning that i have the olmarik virus (found but not removed) and thats when I found you guys. I tried some of the solutions in several threads because I did not want to bother anybody but clearly its a personalized solution,, i already got my card readers back and somehow my laptop is running better now but I can tell its still infected, my usbs are still down, also mbrcheck says i got a "fake mbr" that could not be fixed and the cpu usage is still high.

BTW i could not get TSSKILLER to run, tried all the links, safe mode, admin mode, didnt work.

I have already run the quickscan with OTL as instructed and heres the log, thanks in advance :)

OTL logfile created on: 15/09/2012 01:51:10 p.m. - Run 1
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\pux lavoix\Desktop\Nueva carpeta
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000080a | Country: Estados Unidos | Language: EST | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 67.25% Memory free
7.86 Gb Paging File | 6.31 Gb Available in Paging File | 80.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.86 Gb Total Space | 26.29 Gb Free Space | 43.19% Space Free | Partition Type: NTFS
Drive D: | 392.93 Gb Total Space | 107.12 Gb Free Space | 27.26% Space Free | Partition Type: NTFS
Drive W: | 3.79 Gb Total Space | 2.21 Gb Free Space | 58.36% Space Free | Partition Type: FAT32

Computer Name: PUXLAVOIX-VAIO | User Name: pux lavoix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/15 01:14:57 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\pux lavoix\Desktop\Nueva carpeta\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/04 17:20:11 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
PRC - [2012/01/29 10:55:53 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/08/26 17:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/08/26 17:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/08/26 17:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/07/01 20:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/01 11:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/01 11:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/05/26 09:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2009/05/14 15:05:59 | 000,345,336 | ---- | M] (QUALCOMM, Inc.) -- C:\QUALCOMM\QDLService\QDLService.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008/01/16 09:56:40 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/11 22:15:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\85d2da5c3b0c9917d4e40cdea289769d\WindowsBase.ni.dll
MOD - [2012/09/11 22:14:32 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ccf457be3f66f84e23d4caafc4cc7e37\System.Windows.Forms.ni.dll
MOD - [2012/09/11 22:13:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fbdb63c3744c6c867e0f8bc2c14d7be3\System.Drawing.ni.dll
MOD - [2012/09/11 22:13:53 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\94b3013039efd2f5ae062838a27f3d91\System.Web.ni.dll
MOD - [2012/09/11 22:13:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4d4d69098a3740689576376a9b9cefb5\System.Runtime.Remoting.ni.dll
MOD - [2012/09/11 22:13:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\1053f680799506720951330abcb1c9f5\System.Xml.ni.dll
MOD - [2012/09/11 22:13:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0736f9e65b39dc283e1d1a9a27707cdc\System.Configuration.ni.dll
MOD - [2012/09/11 22:13:28 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e38f14b5daaf1315843187c06bac98c1\System.ni.dll
MOD - [2012/09/11 22:13:13 | 011,491,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d135207962cef7cd09852071530b2219\mscorlib.ni.dll
MOD - [2012/08/04 17:20:11 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012/08/01 13:58:45 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012/08/01 13:58:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012/01/29 10:55:53 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/11/04 20:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 20:58:13 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2010/11/04 20:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/11/04 20:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010/11/04 20:58:08 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010/11/04 20:58:07 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2009/08/26 17:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2009/08/26 17:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
MOD - [2009/08/26 17:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
MOD - [2009/08/26 17:11:50 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MOD - [2009/08/26 17:11:50 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MOD - [2009/08/26 17:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
MOD - [2009/08/26 17:11:50 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MOD - [2009/08/26 17:11:50 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MOD - [2009/08/26 17:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
MOD - [2009/08/26 17:11:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MOD - [2009/08/26 17:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MOD - [2009/08/26 17:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MOD - [2009/08/26 17:11:50 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MOD - [2009/08/26 17:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MOD - [2009/08/26 17:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2009/08/26 17:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
MOD - [2009/08/26 17:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/09/29 16:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/01 14:09:52 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/01/13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Archivos de programa\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2010/12/10 17:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2009/10/01 21:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2009/09/21 20:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service)
SRV - [2009/09/21 20:19:22 | 002,963,960 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe -- (SymSnapService)
SRV - [2009/08/22 14:19:06 | 000,411,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Archivos de programa\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2009/08/03 15:16:50 | 000,177,696 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Archivos de programa\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2009/07/27 16:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/27 16:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/27 16:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/27 16:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/27 16:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/23 10:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 10:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/07/23 10:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/07/22 15:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/01 20:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/01 11:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/30 15:04:49 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/06/26 14:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2009/06/26 14:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009/06/17 18:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009/05/14 15:05:59 | 000,345,336 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\QUALCOMM\QDLService\QDLService.exe -- (QDLService)
SRV - [2009/02/06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/01/16 09:56:40 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/10/01 22:03:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009/09/30 15:08:44 | 007,376,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/21 20:40:14 | 000,020,528 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV:64bit: - [2009/09/21 20:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:64bit: - [2009/09/21 20:20:42 | 000,170,032 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\symsnap.sys -- (symsnap)
DRV:64bit: - [2009/07/27 15:14:07 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/22 15:04:04 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2009/07/22 15:04:01 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2009/07/21 15:12:07 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/07/21 15:12:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/21 15:12:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/21 15:11:39 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/30 15:11:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/30 15:04:49 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/06/30 15:04:45 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/06/30 15:04:45 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/06/30 15:04:43 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/06/30 15:04:43 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/06/24 15:04:12 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/22 15:02:50 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/11 15:19:22 | 000,017,536 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SonyPI.sys -- (SPI)
DRV:64bit: - [2009/06/11 15:19:16 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 15:03:08 | 000,025,120 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\shpf.sys -- (shpf)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/14 15:05:59 | 000,120,704 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbsersny.sys -- (qcusbsersny)
DRV:64bit: - [2009/05/14 15:05:58 | 000,006,528 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcfiltersny.sys -- (QCFiltersny)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=SNNT&bmod=SNNT
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7SNNT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaio.sony-latin.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7SNNT
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...NT_esMX495MX495
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/04 20:03:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2012/08/04 20:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pux lavoix\AppData\Roaming\mozilla\Extensions
[2012/08/04 20:03:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/01/29 10:55:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/29 08:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/29 08:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/09/15 02:46:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Archivos de programa\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Archivos de programa\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Enviar pßgina al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Enviar pßgina al dispositivo &Bluetooth... - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EAC6A7A-8227-4314-95BA-BF24050C2CD7}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\Protector Suite\psqlpwd.dll) - C:\Archivos de programa\Protector Suite\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/15 13:32:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/15 02:46:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/15 01:49:49 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/15 00:58:15 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\Desktop\Nueva carpeta
[2012/09/14 23:10:52 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\AppData\Roaming\Malwarebytes
[2012/09/14 23:10:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/14 23:10:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/14 23:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/13 21:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/09/13 21:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/13 21:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USBScan
[2012/09/13 21:17:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USBScan
[2012/09/12 00:05:39 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\AppData\Roaming\SUPERAntiSpyware.com
[2012/09/12 00:02:20 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\Desktop\rkill
[2012/09/12 00:01:17 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\pux lavoix\Desktop\rkill.scr
[2012/09/11 23:56:21 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\AppData\Local\Diagnostics
[2012/09/11 23:50:32 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\pux lavoix\Desktop\dfkad.scr
[2012/09/11 23:44:04 | 000,000,000 | ---D | C] -- C:\Users\pux lavoix\AppData\Local\ESET
[2012/09/11 21:06:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/09/11 21:05:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/09/11 20:52:08 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012/09/11 20:51:31 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012/09/11 20:07:38 | 000,000,000 | ---D | C] -- C:\Update

========== Files - Modified Within 30 Days ==========

[2012/09/15 13:47:59 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 13:47:59 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/15 13:40:21 | 3166,875,648 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/15 02:46:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/14 23:10:39 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/13 21:23:47 | 000,017,552 | ---- | M] () -- C:\Users\pux lavoix\Desktop\xMn1m.png
[2012/09/13 21:20:54 | 000,749,284 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012/09/13 21:20:54 | 000,653,898 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/13 21:20:54 | 000,157,854 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012/09/13 21:20:54 | 000,121,090 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/13 21:20:44 | 001,675,490 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/13 21:17:06 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\USBScan.lnk
[2012/09/12 00:01:18 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\pux lavoix\Desktop\rkill.scr
[2012/09/11 23:48:29 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\pux lavoix\Desktop\dfkad.scr
[2012/09/11 22:02:27 | 000,450,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/11 21:22:59 | 001,559,018 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/11 21:13:28 | 000,000,953 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2012/09/11 21:01:36 | 000,022,733 | ---- | M] () -- C:\test.xml
[2012/09/11 20:08:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf

========== Files Created - No Company Name ==========

[2012/09/14 23:10:39 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/13 21:23:32 | 000,017,552 | ---- | C] () -- C:\Users\pux lavoix\Desktop\xMn1m.png
[2012/09/13 21:17:06 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\USBScan.lnk
[2012/09/11 21:01:33 | 000,022,733 | ---- | C] () -- C:\test.xml
[2012/09/11 20:53:34 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012/09/11 20:51:02 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012/09/11 20:50:42 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012/09/11 20:50:42 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012/09/11 20:50:01 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012/09/11 20:50:01 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012/09/11 20:18:03 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012/09/11 20:08:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ssadadb_01005.Wdf
[2012/08/04 13:46:28 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/08/01 14:58:15 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012/08/01 14:02:29 | 001,559,018 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/08/04 17:43:44 | 000,000,000 | ---D | M] -- C:\Users\pux lavoix\AppData\Roaming\Auslogics
[2012/08/04 11:06:26 | 000,000,000 | ---D | M] -- C:\Users\pux lavoix\AppData\Roaming\Protector Suite
[2009/07/14 00:08:49 | 000,011,232 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#3
temporalpux

temporalpux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hello and thanks for the quick reply.

I downloaded tdsskiller from the provided link and saved it to the desktop but it wont open. I tried it as administrator, with compatibilty options enabled and in safe mode... none of them worked it just wont run :confused:
  • 0

#4
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

For x64 bit systems please download Listparts64
Run the tool, click Scan and post the log (Result.txt) it makes.


NEXT

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

  • 0

#5
temporalpux

temporalpux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, here are both logs:

For listparts64:

ListParts by Farbar Version: 15-09-2012
Ran by pux lavoix (administrator) on 16-09-2012 at 15:01:07
Windows 7 (X64)
Running From: C:\Users\pux lavoix\Desktop
Language: 0C0A
************************************************************

========================= Memory info ======================

Percentage of memory in use: 30%
Total physical RAM: 4026.89 MB
Available physical RAM: 2801.97 MB
Total Pagefile: 8051.98 MB
Available Pagefile: 6583.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:60.86 GB) (Free:26.18 GB) NTFS
2 Drive d: () (Fixed) (Total:392.93 GB) (Free:107.12 GB) NTFS
5 Drive w: () (Removable) (Total:3.79 GB) (Free:2.21 GB) FAT32

Núm Disco Estado TamaĄo Disp Din Gpt
---------- ---------- ------- ------- --- ---
Disco 0 En línea 465 GB 11 MB
Disco 1 No hay med 0 B 0 B
Disco 2 En línea 3883 MB 0 B

Partitions of Disk 0:
===============

Núm Partición Tipo TamaĄo Desplazamiento
------------- ---------------- ------- ---------------
Partición 1 Recuperación 11 GB 1024 KB
Partición 2 Principal 100 MB 11 GB
Partición 3 Principal 60 GB 11 GB
Partición 0 Extendido 392 GB 72 GB
Partición 4 Lógico 392 GB 72 GB

======================================================================================================

Disk: 0
Partición 1
Tipo : 27
Oculta : Sí
Activa : No

Núm Volumen Ltr Etiqueta Fs Tipo TamaĄo Estado Info
----------- --- ----------- ----- ---------- ------- --------- --------
* Volumen 4 Recovery NTFS Partición 11 GB Correcto Oculto

======================================================================================================

Disk: 0
Partición 2
Tipo : 07
Oculta : No
Activa : Sí

Núm Volumen Ltr Etiqueta Fs Tipo TamaĄo Estado Info
----------- --- ----------- ----- ---------- ------- --------- --------
* Volumen 1 System Res NTFS Partición 100 MB Correcto Sistema

======================================================================================================

Disk: 0
Partición 3
Tipo : 07
Oculta : No
Activa : No

Núm Volumen Ltr Etiqueta Fs Tipo TamaĄo Estado Info
----------- --- ----------- ----- ---------- ------- --------- --------
* Volumen 2 C NTFS Partición 60 GB Correcto Arranque

======================================================================================================

Disk: 0
Partición 4
Tipo : 07
Oculta : No
Activa : No

Núm Volumen Ltr Etiqueta Fs Tipo TamaĄo Estado Info
----------- --- ----------- ----- ---------- ------- --------- --------
* Volumen 3 D NTFS Partición 392 GB Correcto

======================================================================================================

Partitions of Disk 2:
===============

Núm Partición Tipo TamaĄo Desplazamiento
------------- ---------------- ------- ---------------
* Partición 1 Principal 3883 MB 0 B

======================================================================================================

Disk: 2
No hay ninguna partición seleccionada.

No hay ninguna partición seleccionada.
Seleccione una partición e inténtelo de nuevo.

======================================================================================================
==========================================================
TDL4: custom:26000022


****** End Of Log ******











And the log for combofix here, It did not ask for a reboot :confused:

ComboFix 12-09-15.02 - pux lavoix 09/16/2012 15:17:39.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.3082.18.4027.2752 [GMT -5:00]
Running from: c:\users\pux lavoix\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-08-16 to 2012-09-16 )))))))))))))))))))))))))))))))
.
.
2012-09-16 20:46 . 2012-09-16 20:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-16 16:04 . 2012-09-16 16:04 -------- d-----w- c:\users\pux lavoix\AppData\Local\ElevatedDiagnostics
2012-09-15 04:10 . 2012-09-15 04:10 -------- d-----w- c:\users\pux lavoix\AppData\Roaming\Malwarebytes
2012-09-15 04:10 . 2012-09-15 04:10 -------- d-----w- c:\programdata\Malwarebytes
2012-09-15 04:10 . 2012-09-15 04:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-14 02:22 . 2012-09-14 02:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-14 02:22 . 2012-09-14 02:20 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-14 02:22 . 2012-09-14 02:20 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-14 02:22 . 2012-09-14 02:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-14 02:17 . 2012-09-14 02:17 -------- d-----w- c:\program files (x86)\USBScan
2012-09-12 05:05 . 2012-09-12 05:05 -------- d-----w- c:\users\pux lavoix\AppData\Roaming\SUPERAntiSpyware.com
2012-09-12 04:56 . 2012-09-14 02:16 -------- d-----w- c:\users\pux lavoix\AppData\Local\Diagnostics
2012-09-12 04:44 . 2012-09-12 04:44 -------- d-----w- c:\users\pux lavoix\AppData\Local\ESET
2012-09-12 02:27 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-09-12 02:06 . 2012-09-12 02:06 -------- d-----w- c:\windows\system32\SPReview
2012-09-12 02:05 . 2012-09-12 02:05 -------- d-----w- c:\windows\system32\EventProviders
2012-09-12 02:03 . 2012-06-29 03:49 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-09-12 01:54 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2012-09-12 01:54 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-09-12 01:54 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-09-12 01:54 . 2010-11-20 13:27 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-09-12 01:54 . 2010-11-20 13:27 3715584 ----a-w- c:\windows\system32\mstscax.dll
2012-09-12 01:54 . 2010-11-20 13:26 1838080 ----a-w- c:\windows\system32\d3d10warp.dll
2012-09-12 01:54 . 2010-11-20 11:07 59392 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-09-12 01:54 . 2010-11-20 13:27 14967808 ----a-w- c:\program files\DVD Maker\OmdBase.dll
2012-09-12 01:54 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-09-12 01:54 . 2010-11-20 13:27 1743360 ----a-w- c:\windows\system32\sysmain.dll
2012-09-12 01:54 . 2010-11-20 12:19 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2012-09-12 01:54 . 2010-11-20 12:19 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2012-09-12 01:54 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-09-12 01:52 . 2010-11-20 13:27 312832 ----a-w- c:\windows\system32\Wldap32.dll
2012-09-12 01:51 . 2010-11-20 12:19 192512 ----a-w- c:\program files (x86)\Common Files\System\msadc\msdarem.dll
2012-09-12 01:50 . 2010-11-20 13:27 47104 ----a-w- c:\windows\system32\wshbth.dll
2012-09-12 01:49 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2012-09-12 01:49 . 2010-11-20 12:21 189952 ----a-w- c:\program files (x86)\Windows Portable Devices\sqmapi.dll
2012-09-12 01:49 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2012-09-12 01:47 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-09-12 01:47 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-09-12 01:47 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-09-12 01:11 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 01:11 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 01:11 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-09-12 01:11 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2012-09-12 01:11 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-09-12 01:11 . 2010-11-20 13:25 296960 ----a-w- c:\windows\system32\rstrui.exe
2012-09-12 01:11 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-09-12 01:11 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-09-12 01:08 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-09-12 01:08 . 2010-11-20 13:27 39424 ----a-w- c:\windows\system32\Spool\prtprocs\x64\winprint.dll
2012-09-12 01:07 . 2012-09-12 03:05 -------- d-----w- C:\Update
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-12 02:44 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-09-12 02:44 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-08-31 05:43 . 2012-08-04 17:14 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-04 22:20 . 2012-08-04 22:20 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-04 22:20 . 2012-08-04 22:20 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-04 17:21 . 2012-08-04 17:21 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-08-04 17:21 . 2012-08-04 17:21 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-08-04 17:21 . 2012-08-04 17:21 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-08-04 17:21 . 2012-08-04 17:21 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-08-04 17:21 . 2012-08-04 17:21 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-08-04 17:21 . 2012-08-04 17:21 82432 ----a-w- c:\windows\system32\icardie.dll
2012-08-04 17:21 . 2012-08-04 17:21 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-08-04 17:21 . 2012-08-04 17:21 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-08-04 17:21 . 2012-08-04 17:21 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-08-04 17:21 . 2012-08-04 17:21 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-08-04 17:21 . 2012-08-04 17:21 697344 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-04 17:21 . 2012-08-04 17:21 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-08-04 17:21 . 2012-08-04 17:21 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-08-04 17:21 . 2012-08-04 17:21 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-08-04 17:21 . 2012-08-04 17:21 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-08-04 17:21 . 2012-08-04 17:21 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-08-04 17:21 . 2012-08-04 17:21 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-08-04 17:21 . 2012-08-04 17:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-08-04 17:21 . 2012-08-04 17:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-08-04 17:21 . 2012-08-04 17:21 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-08-04 17:21 . 2012-08-04 17:21 448512 ----a-w- c:\windows\system32\html.iec
2012-08-04 17:21 . 2012-08-04 17:21 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-04 17:21 . 2012-08-04 17:21 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-08-04 17:21 . 2012-08-04 17:21 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-08-04 17:21 . 2012-08-04 17:21 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-08-04 17:21 . 2012-08-04 17:21 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-08-04 17:21 . 2012-08-04 17:21 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-08-04 17:21 . 2012-08-04 17:21 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-04 17:21 . 2012-08-04 17:21 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-08-04 17:21 . 2012-08-04 17:21 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-08-04 17:21 . 2012-08-04 17:21 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-08-04 17:21 . 2012-08-04 17:21 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-08-04 17:21 . 2012-08-04 17:21 222208 ----a-w- c:\windows\system32\msls31.dll
2012-08-04 17:21 . 2012-08-04 17:21 197120 ----a-w- c:\windows\system32\msrating.dll
2012-08-04 17:21 . 2012-08-04 17:21 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-08-04 17:21 . 2012-08-04 17:21 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-08-04 17:21 . 2012-08-04 17:21 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-08-04 17:21 . 2012-08-04 17:21 160256 ----a-w- c:\windows\system32\wextract.exe
2012-08-04 17:21 . 2012-08-04 17:21 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-08-04 17:21 . 2012-08-04 17:21 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-08-04 17:21 . 2012-08-04 17:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-08-04 17:21 . 2012-08-04 17:21 149504 ----a-w- c:\windows\system32\occache.dll
2012-08-04 17:21 . 2012-08-04 17:21 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-08-04 17:21 . 2012-08-04 17:21 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-08-04 17:21 . 2012-08-04 17:21 12288 ----a-w- c:\windows\system32\mshta.exe
2012-08-04 17:21 . 2012-08-04 17:21 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-08-04 17:21 . 2012-08-04 17:21 114176 ----a-w- c:\windows\system32\admparse.dll
2012-08-04 17:21 . 2012-08-04 17:21 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-08-04 17:21 . 2012-08-04 17:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-08-04 17:21 . 2012-08-04 17:21 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-08-04 17:21 . 2012-08-04 17:21 103936 ----a-w- c:\windows\system32\inseng.dll
2012-08-04 17:21 . 2012-08-04 17:21 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-08-01 18:59 . 2012-08-01 18:59 2560 ----a-w- c:\windows\SysWow64\drivers\es-ES\qwavedrv.sys.mui
2012-08-01 18:59 . 2012-08-01 18:59 31232 ----a-w- c:\windows\SysWow64\drivers\es-ES\bfe.dll.mui
2012-08-01 18:59 . 2012-08-01 18:59 16384 ----a-w- c:\windows\SysWow64\drivers\es-ES\pacer.sys.mui
2012-08-01 18:58 . 2012-08-01 18:58 2560 ----a-w- c:\windows\SysWow64\drivers\es-ES\scfilter.sys.mui
2012-08-01 18:58 . 2012-08-01 18:58 6144 ----a-w- c:\windows\SysWow64\drivers\es-ES\ndiscap.sys.mui
2012-08-01 18:58 . 2012-08-01 18:58 48640 ----a-w- c:\windows\SysWow64\drivers\es-ES\tcpip.sys.mui
2012-08-01 18:50 . 2012-08-01 18:50 411368 ------w- c:\windows\SysWow64\deploytk.dll
2012-08-01 18:49 . 2012-08-01 18:50 455680 ----a-w- c:\windows\system32\deploytk.dll
2012-08-01 18:49 . 2012-08-01 18:50 181760 ----a-w- c:\windows\system32\javaws.exe
2012-08-01 18:49 . 2012-08-01 18:50 165888 ----a-w- c:\windows\system32\javaw.exe
2012-08-01 18:49 . 2012-08-01 18:50 165888 ----a-w- c:\windows\system32\java.exe
2012-07-16 07:40 . 2012-08-04 16:23 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E48414C3-AC93-4F7E-B617-B95E241CEFBE}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-08-26 79872]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 16:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
.
R2 gupdate;Servicio de actualizaciˇn de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 135664]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-21 35104]
R3 GenericMount Helper Service;GenericMount Helper Service;c:\program files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [2009-09-22 1571336]
R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 135664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 QCFiltersny;Sony USB Composite Device Filter Driver;c:\windows\system32\DRIVERS\qcfiltersny.sys [2009-05-14 6528]
R3 qcusbsersny;Sony USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbsersny.sys [2009-05-14 120704]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2008-09-29 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 9728]
R3 SymSnapService;SymSnapService;c:\program files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2009-09-22 2963960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2009-05-28 25120]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 QDLService;Qualcomm Gobi Download Service;c:\qualcomm\QDLService\QDLService.exe [2009-05-14 345336]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-08-03 177696]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-06-30 292864]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2009-06-30 287960]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [2009-09-22 54320]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-22 5435904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [2009-06-11 17536]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-07-20 19:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-07-20 19:18 5943048 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-03 7833120]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-08-03 1833504]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-30 165992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-30 387688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-30 365672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-17 16336488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Enviar pßgina al dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\pux lavoix\AppData\Roaming\Mozilla\Firefox\Profiles\8ohqy4n7.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-16 16:05:03
ComboFix-quarantined-files.txt 2012-09-16 21:04
.
Pre-Run: 28,072,165,376 bytes libres
Post-Run: 27,872,581,632 bytes libres
.
- - End Of File - - CE24FF5129064C904694BF3FE7FB705F
  • 0

#6
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

sorry for the delay

download again a fresh copy of TDSSKiller and see if it runs
  • 0

#7
temporalpux

temporalpux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, no problem

Finally i got it to run after... 30 times :happy: it has two more options though: system memory and loaded modules... Should i click them too and run as advised?

edit:

It doesnt run anymore, just that one time. I guess im gonna keep trying this bleeping computer to run it, if I ever get to it, ill let you know. Thanks for your help.

Edited by temporalpux, 19 September 2012 - 10:13 PM.

  • 0

#8
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
we can go with another approach, are you being assisted other than here?
  • 0

#9
temporalpux

temporalpux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Oh no i wouldnt trust this to anyone else...

We can go with a different approach if theres one, you tell me the next step. thanks


EDIT:
Finally got TDSSKILLER to run again, selected the full scan and it found 1 threat on MBR.0 and selected to clean it

After reboot, installed and updated MBAM and found nothing after a full system scan

Currently running ESET and so far so good, Ill post both log files when it has finished.

Edited by temporalpux, 22 September 2012 - 07:52 PM.

  • 0

#10
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
please post the TDSSKiller log.
  • 0

#11
temporalpux

temporalpux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, sure here it is. It only shows 3 threats which i know well to be part of my laptop:

23:02:45.0339 0684 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:02:45.0791 0684 ============================================================
23:02:45.0791 0684 Current date / time: 2012/09/25 23:02:45.0791
23:02:45.0791 0684 SystemInfo:
23:02:45.0791 0684
23:02:45.0791 0684 OS Version: 6.1.7600 ServicePack: 0.0
23:02:45.0791 0684 Product type: Workstation
23:02:45.0791 0684 ComputerName: PUXLAVOIX-VAIO
23:02:45.0791 0684 UserName: pux lavoix
23:02:45.0791 0684 Windows directory: C:\Windows
23:02:45.0791 0684 System windows directory: C:\Windows
23:02:45.0791 0684 Running under WOW64
23:02:45.0791 0684 Processor architecture: Intel x64
23:02:45.0791 0684 Number of processors: 2
23:02:45.0791 0684 Page size: 0x1000
23:02:45.0791 0684 Boot type: Normal boot
23:02:45.0791 0684 ============================================================
23:02:46.0399 0684 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:46.0399 0684 Drive \Device\Harddisk1\DR1 - Size: 0xF2BFC000 (3.79 Gb), SectorSize: 0x200, Cylinders: 0x3CAF, SectorsPerTrack: 0x20, TracksPerCylinder: 0x10, Type 'W'
23:02:46.0399 0684 ============================================================
23:02:46.0399 0684 \Device\Harddisk0\DR0:
23:02:46.0399 0684 MBR partitions:
23:02:46.0399 0684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17B8800, BlocksNum 0x32000
23:02:46.0399 0684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17EA800, BlocksNum 0x79B92A2
23:02:46.0446 0684 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x91A3AE1, BlocksNum 0x311DAD4F
23:02:46.0446 0684 \Device\Harddisk1\DR1:
23:02:46.0446 0684 MBR partitions:
23:02:46.0446 0684 ============================================================
23:02:46.0477 0684 C: <-> \Device\Harddisk0\DR0\Partition2
23:02:46.0493 0684 D: <-> \Device\Harddisk0\DR0\Partition3
23:02:46.0493 0684 ============================================================
23:02:46.0493 0684 Initialize success
23:02:46.0493 0684 ============================================================
23:03:07.0569 4456 ============================================================
23:03:07.0569 4456 Scan started
23:03:07.0569 4456 Mode: Manual; SigCheck; TDLFS;
23:03:07.0569 4456 ============================================================
23:03:08.0177 4456 ================ Scan system memory ========================
23:03:08.0177 4456 System memory - ok
23:03:08.0177 4456 ================ Scan services =============================
23:03:08.0349 4456 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:03:08.0473 4456 1394ohci - ok
23:03:08.0489 4456 65942083 - ok
23:03:08.0583 4456 [ 769DB4F484957CC98153B3C1B5D1162F ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
23:03:08.0661 4456 ACDaemon - ok
23:03:08.0692 4456 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:03:08.0739 4456 ACPI - ok
23:03:08.0848 4456 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:03:08.0910 4456 AcpiPmi - ok
23:03:09.0051 4456 [ 6D9FC1E7EA3C548F4D3455F0C3FEEF8C ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
23:03:09.0082 4456 AdobeActiveFileMonitor7.0 - ok
23:03:09.0113 4456 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:03:09.0175 4456 adp94xx - ok
23:03:09.0300 4456 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:03:09.0347 4456 adpahci - ok
23:03:09.0363 4456 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:03:09.0394 4456 adpu320 - ok
23:03:09.0441 4456 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:03:09.0737 4456 AeLookupSvc - ok
23:03:09.0784 4456 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
23:03:09.0862 4456 AFD - ok
23:03:09.0893 4456 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:03:09.0924 4456 agp440 - ok
23:03:09.0955 4456 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:03:10.0002 4456 ALG - ok
23:03:10.0002 4456 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:03:10.0033 4456 aliide - ok
23:03:10.0049 4456 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:03:10.0080 4456 amdide - ok
23:03:10.0096 4456 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:03:10.0143 4456 AmdK8 - ok
23:03:10.0158 4456 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:03:10.0189 4456 AmdPPM - ok
23:03:10.0221 4456 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
23:03:10.0252 4456 amdsata - ok
23:03:10.0283 4456 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:03:10.0314 4456 amdsbs - ok
23:03:10.0361 4456 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
23:03:10.0392 4456 amdxata - ok
23:03:10.0533 4456 [ 56BD886820C4AEDF493CFCDF1CCFB004 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
23:03:10.0564 4456 ApfiltrService - ok
23:03:10.0579 4456 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
23:03:10.0751 4456 AppID - ok
23:03:10.0782 4456 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:03:10.0891 4456 AppIDSvc - ok
23:03:10.0907 4456 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
23:03:10.0954 4456 Appinfo - ok
23:03:10.0985 4456 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:03:11.0032 4456 AppMgmt - ok
23:03:11.0063 4456 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:03:11.0094 4456 arc - ok
23:03:11.0110 4456 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:03:11.0141 4456 arcsas - ok
23:03:11.0188 4456 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
23:03:11.0203 4456 ArcSoftKsUFilter - ok
23:03:11.0203 4456 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:11.0297 4456 AsyncMac - ok
23:03:11.0328 4456 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:03:11.0359 4456 atapi - ok
23:03:11.0406 4456 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:11.0531 4456 AudioEndpointBuilder - ok
23:03:11.0547 4456 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:03:11.0656 4456 AudioSrv - ok
23:03:11.0687 4456 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:03:11.0765 4456 AxInstSV - ok
23:03:11.0812 4456 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:03:11.0874 4456 b06bdrv - ok
23:03:11.0890 4456 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:11.0952 4456 b57nd60a - ok
23:03:11.0999 4456 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
23:03:12.0030 4456 BcmSqlStartupSvc - ok
23:03:12.0061 4456 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:03:12.0108 4456 BDESVC - ok
23:03:12.0139 4456 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:03:12.0249 4456 Beep - ok
23:03:12.0295 4456 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
23:03:12.0420 4456 BFE - ok
23:03:12.0483 4456 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
23:03:12.0607 4456 BITS - ok
23:03:12.0639 4456 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:12.0670 4456 blbdrive - ok
23:03:12.0701 4456 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:03:12.0748 4456 bowser - ok
23:03:12.0779 4456 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:03:12.0826 4456 BrFiltLo - ok
23:03:12.0826 4456 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:03:12.0873 4456 BrFiltUp - ok
23:03:12.0904 4456 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
23:03:13.0013 4456 Browser - ok
23:03:13.0044 4456 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:03:13.0107 4456 Brserid - ok
23:03:13.0107 4456 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:13.0153 4456 BrSerWdm - ok
23:03:13.0169 4456 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:13.0216 4456 BrUsbMdm - ok
23:03:13.0216 4456 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:13.0263 4456 BrUsbSer - ok
23:03:13.0278 4456 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:03:13.0325 4456 BthEnum - ok
23:03:13.0341 4456 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:03:13.0403 4456 BTHMODEM - ok
23:03:13.0434 4456 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:03:13.0481 4456 BthPan - ok
23:03:13.0512 4456 [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:03:13.0575 4456 BTHPORT - ok
23:03:13.0606 4456 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:03:13.0715 4456 bthserv - ok
23:03:13.0731 4456 [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:03:13.0777 4456 BTHUSB - ok
23:03:13.0809 4456 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:03:13.0840 4456 btwaudio - ok
23:03:13.0855 4456 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:03:13.0887 4456 btwavdt - ok
23:03:13.0965 4456 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:03:14.0011 4456 btwdins - ok
23:03:14.0043 4456 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:03:14.0058 4456 btwl2cap - ok
23:03:14.0074 4456 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:03:14.0105 4456 btwrchid - ok
23:03:14.0152 4456 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
23:03:14.0214 4456 CAXHWAZL - ok
23:03:14.0230 4456 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:03:14.0339 4456 cdfs - ok
23:03:14.0370 4456 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:03:14.0448 4456 cdrom - ok
23:03:14.0479 4456 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
23:03:14.0589 4456 CertPropSvc - ok
23:03:14.0620 4456 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:03:14.0667 4456 circlass - ok
23:03:14.0698 4456 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:03:14.0745 4456 CLFS - ok
23:03:14.0807 4456 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:14.0838 4456 clr_optimization_v2.0.50727_32 - ok
23:03:14.0869 4456 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:03:14.0885 4456 clr_optimization_v2.0.50727_64 - ok
23:03:14.0916 4456 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:14.0947 4456 CmBatt - ok
23:03:14.0963 4456 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:03:14.0994 4456 cmdide - ok
23:03:15.0041 4456 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
23:03:15.0119 4456 CNG - ok
23:03:15.0150 4456 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:03:15.0166 4456 Compbatt - ok
23:03:15.0181 4456 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:15.0275 4456 CompositeBus - ok
23:03:15.0275 4456 COMSysApp - ok
23:03:15.0306 4456 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:03:15.0337 4456 crcdisk - ok
23:03:15.0384 4456 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:03:15.0447 4456 CryptSvc - ok
23:03:15.0478 4456 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
23:03:15.0556 4456 CSC - ok
23:03:15.0587 4456 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
23:03:15.0649 4456 CscService - ok
23:03:15.0681 4456 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:03:15.0805 4456 DcomLaunch - ok
23:03:15.0852 4456 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:03:16.0164 4456 defragsvc - ok
23:03:16.0195 4456 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:03:16.0242 4456 DfsC - ok
23:03:16.0273 4456 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
23:03:16.0383 4456 Dhcp - ok
23:03:16.0414 4456 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:03:16.0523 4456 discache - ok
23:03:16.0523 4456 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:03:16.0570 4456 Disk - ok
23:03:16.0601 4456 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:03:16.0648 4456 Dnscache - ok
23:03:16.0695 4456 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
23:03:16.0788 4456 dot3svc - ok
23:03:16.0804 4456 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
23:03:16.0913 4456 DPS - ok
23:03:16.0944 4456 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:03:17.0007 4456 drmkaud - ok
23:03:17.0053 4456 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:03:17.0131 4456 DXGKrnl - ok
23:03:17.0163 4456 [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
23:03:17.0194 4456 e1yexpress - ok
23:03:17.0225 4456 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:03:17.0334 4456 EapHost - ok
23:03:17.0459 4456 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:03:17.0615 4456 ebdrv - ok
23:03:17.0646 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
23:03:17.0693 4456 EFS - ok
23:03:17.0771 4456 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:03:17.0833 4456 ehRecvr - ok
23:03:17.0865 4456 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:03:17.0911 4456 ehSched - ok
23:03:17.0958 4456 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:03:18.0005 4456 elxstor - ok
23:03:18.0021 4456 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:03:18.0052 4456 ErrDev - ok
23:03:18.0099 4456 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:03:18.0223 4456 EventSystem - ok
23:03:18.0239 4456 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:03:18.0348 4456 exfat - ok
23:03:18.0364 4456 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:03:18.0489 4456 fastfat - ok
23:03:18.0535 4456 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
23:03:18.0613 4456 Fax - ok
23:03:18.0645 4456 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:03:18.0676 4456 fdc - ok
23:03:18.0707 4456 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:03:18.0801 4456 fdPHost - ok
23:03:18.0832 4456 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:03:18.0925 4456 FDResPub - ok
23:03:18.0941 4456 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:03:18.0972 4456 FileInfo - ok
23:03:19.0003 4456 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:03:19.0097 4456 Filetrace - ok
23:03:19.0144 4456 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:03:19.0206 4456 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:03:19.0206 4456 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:03:19.0237 4456 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:19.0269 4456 flpydisk - ok
23:03:19.0315 4456 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:03:19.0347 4456 FltMgr - ok
23:03:19.0456 4456 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
23:03:19.0581 4456 FontCache - ok
23:03:19.0627 4456 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:03:19.0659 4456 FontCache3.0.0.0 - ok
23:03:19.0690 4456 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:03:19.0721 4456 FsDepends - ok
23:03:19.0737 4456 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:19.0768 4456 Fs_Rec - ok
23:03:19.0815 4456 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:03:19.0861 4456 fvevol - ok
23:03:19.0893 4456 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:03:19.0924 4456 gagp30kx - ok
23:03:19.0939 4456 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:19.0971 4456 GEARAspiWDM - ok
23:03:19.0971 4456 [ 022807B149127B8FAA3DBEB13A7D9B41 ] GenericMount C:\Windows\system32\DRIVERS\GenericMount.sys
23:03:20.0002 4456 GenericMount - ok
23:03:20.0095 4456 [ 33F0619AFBA455581916B1E3DC84B109 ] GenericMount Helper Service C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
23:03:20.0189 4456 GenericMount Helper Service - ok
23:03:20.0251 4456 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:20.0314 4456 gpsvc - ok
23:03:20.0407 4456 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:20.0439 4456 gupdate - ok
23:03:20.0439 4456 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:20.0470 4456 gupdatem - ok
23:03:20.0501 4456 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:03:20.0532 4456 gusvc - ok
23:03:20.0563 4456 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:03:20.0626 4456 hcw85cir - ok
23:03:20.0657 4456 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:20.0719 4456 HdAudAddService - ok
23:03:20.0751 4456 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:20.0797 4456 HDAudBus - ok
23:03:20.0829 4456 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:03:20.0860 4456 HidBatt - ok
23:03:20.0891 4456 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:03:20.0938 4456 HidBth - ok
23:03:20.0953 4456 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:03:20.0985 4456 HidIr - ok
23:03:21.0016 4456 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:03:21.0109 4456 hidserv - ok
23:03:21.0141 4456 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:21.0172 4456 HidUsb - ok
23:03:21.0187 4456 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:21.0297 4456 hkmsvc - ok
23:03:21.0312 4456 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:21.0375 4456 HomeGroupListener - ok
23:03:21.0437 4456 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:21.0484 4456 HomeGroupProvider - ok
23:03:21.0515 4456 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:03:21.0546 4456 HpSAMD - ok
23:03:21.0640 4456 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
23:03:21.0702 4456 HsfXAudioService - ok
23:03:21.0765 4456 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
23:03:21.0827 4456 HSF_DPV - ok
23:03:21.0874 4456 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:21.0983 4456 HTTP - ok
23:03:22.0030 4456 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:03:22.0045 4456 hwpolicy - ok
23:03:22.0061 4456 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:22.0108 4456 i8042prt - ok
23:03:22.0170 4456 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:03:22.0201 4456 IAANTMON - ok
23:03:22.0233 4456 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:03:22.0264 4456 iaStor - ok
23:03:22.0295 4456 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
23:03:22.0342 4456 iaStorV - ok
23:03:22.0435 4456 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:03:22.0498 4456 idsvc - ok
23:03:22.0747 4456 [ FF1513124E2ACD4FAFB88335396AEB3E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:03:23.0215 4456 igfx - ok
23:03:23.0293 4456 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:03:23.0325 4456 iirsp - ok
23:03:23.0371 4456 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:23.0481 4456 IKEEXT - ok
23:03:23.0574 4456 [ D42D651676883181400E22957A7E0B1E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:03:23.0668 4456 IntcAzAudAddService - ok
23:03:23.0699 4456 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:03:23.0730 4456 intelide - ok
23:03:23.0746 4456 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:23.0793 4456 intelppm - ok
23:03:23.0824 4456 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:23.0917 4456 IPBusEnum - ok
23:03:23.0933 4456 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:24.0027 4456 IpFilterDriver - ok
23:03:24.0058 4456 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:24.0167 4456 iphlpsvc - ok
23:03:24.0198 4456 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:03:24.0245 4456 IPMIDRV - ok
23:03:24.0245 4456 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:03:24.0339 4456 IPNAT - ok
23:03:24.0385 4456 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:24.0417 4456 IRENUM - ok
23:03:24.0432 4456 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:03:24.0463 4456 isapnp - ok
23:03:24.0510 4456 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:03:24.0557 4456 iScsiPrt - ok
23:03:24.0573 4456 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:24.0604 4456 kbdclass - ok
23:03:24.0604 4456 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:24.0635 4456 kbdhid - ok
23:03:24.0651 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
23:03:24.0697 4456 KeyIso - ok
23:03:24.0729 4456 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:24.0760 4456 KSecDD - ok
23:03:24.0775 4456 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:03:24.0822 4456 KSecPkg - ok
23:03:24.0853 4456 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:03:24.0947 4456 ksthunk - ok
23:03:24.0978 4456 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:25.0103 4456 KtmRm - ok
23:03:25.0134 4456 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:03:25.0212 4456 LanmanServer - ok
23:03:25.0243 4456 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:25.0368 4456 LanmanWorkstation - ok
23:03:25.0399 4456 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:25.0493 4456 lltdio - ok
23:03:25.0524 4456 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:25.0633 4456 lltdsvc - ok
23:03:25.0665 4456 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:25.0758 4456 lmhosts - ok
23:03:25.0789 4456 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:03:25.0821 4456 LSI_FC - ok
23:03:25.0836 4456 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:03:25.0867 4456 LSI_SAS - ok
23:03:25.0883 4456 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:03:25.0914 4456 LSI_SAS2 - ok
23:03:25.0930 4456 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:03:25.0961 4456 LSI_SCSI - ok
23:03:25.0992 4456 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:26.0101 4456 luafv - ok
23:03:26.0133 4456 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:26.0179 4456 Mcx2Svc - ok
23:03:26.0211 4456 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:03:26.0257 4456 mdmxsdk - ok
23:03:26.0289 4456 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:03:26.0320 4456 megasas - ok
23:03:26.0335 4456 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:03:26.0382 4456 MegaSR - ok
23:03:26.0398 4456 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:03:26.0491 4456 MMCSS - ok
23:03:26.0507 4456 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:03:26.0601 4456 Modem - ok
23:03:26.0632 4456 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:26.0663 4456 monitor - ok
23:03:26.0679 4456 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:26.0710 4456 mouclass - ok
23:03:26.0725 4456 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:26.0757 4456 mouhid - ok
23:03:26.0772 4456 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:03:26.0803 4456 mountmgr - ok
23:03:26.0835 4456 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:03:26.0866 4456 mpio - ok
23:03:26.0897 4456 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:26.0991 4456 mpsdrv - ok
23:03:27.0037 4456 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:27.0147 4456 MpsSvc - ok
23:03:27.0162 4456 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:27.0225 4456 MRxDAV - ok
23:03:27.0271 4456 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:27.0303 4456 mrxsmb - ok
23:03:27.0334 4456 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:27.0381 4456 mrxsmb10 - ok
23:03:27.0412 4456 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:27.0459 4456 mrxsmb20 - ok
23:03:27.0474 4456 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:03:27.0505 4456 msahci - ok
23:03:27.0521 4456 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:03:27.0552 4456 msdsm - ok
23:03:27.0583 4456 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:27.0615 4456 MSDTC - ok
23:03:27.0646 4456 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:27.0755 4456 Msfs - ok
23:03:27.0771 4456 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:27.0880 4456 mshidkmdf - ok
23:03:27.0880 4456 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:03:27.0911 4456 msisadrv - ok
23:03:27.0958 4456 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:28.0051 4456 MSiSCSI - ok
23:03:28.0067 4456 msiserver - ok
23:03:28.0083 4456 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:28.0176 4456 MSKSSRV - ok
23:03:28.0207 4456 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:28.0317 4456 MSPCLOCK - ok
23:03:28.0332 4456 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:28.0426 4456 MSPQM - ok
23:03:28.0457 4456 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:28.0504 4456 MsRPC - ok
23:03:28.0535 4456 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:28.0551 4456 mssmbios - ok
23:03:28.0629 4456 MSSQL$MSSMLBIZ - ok
23:03:28.0660 4456 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:03:28.0675 4456 MSSQLServerADHelper - ok
23:03:28.0722 4456 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:28.0816 4456 MSTEE - ok
23:03:28.0831 4456 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:03:28.0894 4456 MTConfig - ok
23:03:28.0909 4456 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:28.0941 4456 Mup - ok
23:03:28.0972 4456 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
23:03:29.0097 4456 napagent - ok
23:03:29.0128 4456 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:29.0206 4456 NativeWifiP - ok
23:03:29.0237 4456 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:29.0315 4456 NDIS - ok
23:03:29.0331 4456 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:29.0440 4456 NdisCap - ok
23:03:29.0487 4456 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:29.0580 4456 NdisTapi - ok
23:03:29.0596 4456 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:29.0689 4456 Ndisuio - ok
23:03:29.0721 4456 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:29.0814 4456 NdisWan - ok
23:03:29.0830 4456 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:29.0939 4456 NDProxy - ok
23:03:29.0939 4456 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:30.0033 4456 NetBIOS - ok
23:03:30.0048 4456 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:30.0157 4456 NetBT - ok
23:03:30.0173 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
23:03:30.0220 4456 Netlogon - ok
23:03:30.0251 4456 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:03:30.0376 4456 Netman - ok
23:03:30.0391 4456 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:03:30.0501 4456 netprofm - ok
23:03:30.0532 4456 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:30.0563 4456 NetTcpPortSharing - ok
23:03:30.0750 4456 [ 705283C02177809CA9FA7CC58A4F1E77 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
23:03:31.0062 4456 netw5v64 - ok
23:03:31.0093 4456 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:03:31.0125 4456 nfrd960 - ok
23:03:31.0156 4456 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:31.0265 4456 NlaSvc - ok
23:03:31.0437 4456 [ 4AD196A3CFA4D546068E24477A720948 ] Norton Ghost C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
23:03:31.0686 4456 Norton Ghost - ok
23:03:31.0717 4456 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:31.0811 4456 Npfs - ok
23:03:31.0842 4456 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:03:31.0951 4456 nsi - ok
23:03:31.0998 4456 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:32.0092 4456 nsiproxy - ok
23:03:32.0170 4456 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:32.0279 4456 Ntfs - ok
23:03:32.0310 4456 nTuneService - ok
23:03:32.0341 4456 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:03:32.0435 4456 Null - ok
23:03:32.0809 4456 [ 4F344AA1F36D09EFD2EC68DD6609CD9C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:33.0496 4456 nvlddmkm - ok
23:03:33.0558 4456 [ CCEB3A7E3BD0203C807168B393A65A74 ] NVR0Dev C:\Windows\nvoclk64.sys
23:03:33.0589 4456 NVR0Dev - ok
23:03:33.0621 4456 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
23:03:33.0652 4456 nvraid - ok
23:03:33.0667 4456 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
23:03:33.0699 4456 nvstor - ok
23:03:33.0745 4456 [ AB04B506DFAAC79CBB29DB0422F2799D ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:33.0777 4456 nvsvc - ok
23:03:33.0792 4456 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:03:33.0839 4456 nv_agp - ok
23:03:33.0870 4456 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:03:33.0901 4456 ohci1394 - ok
23:03:33.0948 4456 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:33.0979 4456 ose - ok
23:03:34.0026 4456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:34.0089 4456 p2pimsvc - ok
23:03:34.0120 4456 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:34.0167 4456 p2psvc - ok
23:03:34.0198 4456 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:03:34.0245 4456 Parport - ok
23:03:34.0276 4456 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:34.0307 4456 partmgr - ok
23:03:34.0323 4456 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:34.0401 4456 PcaSvc - ok
23:03:34.0447 4456 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
23:03:34.0479 4456 pci - ok
23:03:34.0525 4456 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:03:34.0557 4456 pciide - ok
23:03:34.0603 4456 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:34.0650 4456 pcmcia - ok
23:03:34.0666 4456 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:34.0697 4456 pcw - ok
23:03:34.0744 4456 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:34.0853 4456 PEAUTH - ok
23:03:34.0915 4456 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:03:35.0009 4456 PeerDistSvc - ok
23:03:35.0056 4456 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:03:35.0087 4456 PerfHost - ok
23:03:35.0196 4456 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
23:03:35.0352 4456 pla - ok
23:03:35.0430 4456 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:35.0493 4456 PlugPlay - ok
23:03:35.0524 4456 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:35.0539 4456 PNRPAutoReg - ok
23:03:35.0649 4456 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:35.0680 4456 PNRPsvc - ok
23:03:35.0742 4456 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:35.0898 4456 PolicyAgent - ok
23:03:35.0945 4456 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:03:36.0070 4456 Power - ok
23:03:36.0132 4456 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:36.0241 4456 PptpMiniport - ok
23:03:36.0304 4456 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:03:36.0397 4456 Processor - ok
23:03:36.0460 4456 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:36.0538 4456 ProfSvc - ok
23:03:36.0553 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:36.0585 4456 ProtectedStorage - ok
23:03:36.0616 4456 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:36.0709 4456 Psched - ok
23:03:36.0756 4456 [ AED797CCA02783296C68AA10D0CFF8A9 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:03:36.0772 4456 PxHlpa64 - ok
23:03:36.0803 4456 [ 932EBE6AD34B7F670C56EDBC7E19BD71 ] QCFiltersny C:\Windows\system32\DRIVERS\qcfiltersny.sys
23:03:36.0850 4456 QCFiltersny - ok
23:03:36.0881 4456 [ 9123FEED169028D03CD63DD7CE66CBC6 ] qcusbsersny C:\Windows\system32\DRIVERS\qcusbsersny.sys
23:03:36.0943 4456 qcusbsersny - ok
23:03:36.0975 4456 [ 7FEE5E7FE5E5871AF287C3F10785277C ] QDLService C:\QUALCOMM\QDLService\QDLService.exe
23:03:37.0006 4456 QDLService - ok
23:03:37.0084 4456 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:03:37.0193 4456 ql2300 - ok
23:03:37.0209 4456 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:03:37.0240 4456 ql40xx - ok
23:03:37.0287 4456 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:03:37.0365 4456 QWAVE - ok
23:03:37.0458 4456 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:37.0505 4456 QWAVEdrv - ok
23:03:37.0521 4456 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:37.0630 4456 RasAcd - ok
23:03:37.0661 4456 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:37.0755 4456 RasAgileVpn - ok
23:03:37.0786 4456 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:37.0911 4456 RasAuto - ok
23:03:37.0942 4456 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:38.0035 4456 Rasl2tp - ok
23:03:38.0067 4456 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
23:03:38.0191 4456 RasMan - ok
23:03:38.0207 4456 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:38.0316 4456 RasPppoe - ok
23:03:38.0347 4456 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:38.0457 4456 RasSstp - ok
23:03:38.0488 4456 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:38.0613 4456 rdbss - ok
23:03:38.0659 4456 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:03:38.0706 4456 rdpbus - ok
23:03:38.0722 4456 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:38.0831 4456 RDPCDD - ok
23:03:38.0893 4456 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:03:38.0940 4456 RDPDR - ok
23:03:38.0971 4456 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:39.0081 4456 RDPENCDD - ok
23:03:39.0127 4456 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:39.0221 4456 RDPREFMP - ok
23:03:39.0252 4456 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:39.0315 4456 RDPWD - ok
23:03:39.0346 4456 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:39.0377 4456 rdyboost - ok
23:03:39.0502 4456 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:39.0595 4456 RemoteAccess - ok
23:03:39.0627 4456 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:39.0736 4456 RemoteRegistry - ok
23:03:39.0767 4456 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:39.0829 4456 RFCOMM - ok
23:03:39.0876 4456 [ 258AADB43E3F3468B5CF8CB0F84872C2 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
23:03:39.0907 4456 rimsptsk - ok
23:03:39.0923 4456 [ 71E182A0DE1CECB3F912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
23:03:39.0954 4456 risdptsk - ok
23:03:39.0985 4456 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:40.0095 4456 RpcEptMapper - ok
23:03:40.0141 4456 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:03:40.0188 4456 RpcLocator - ok
23:03:40.0235 4456 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:40.0344 4456 RpcSs - ok
23:03:40.0375 4456 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:40.0485 4456 rspndr - ok
23:03:40.0547 4456 [ 35EBFDC2FB36A05173FF53DA4FA12214 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
23:03:40.0578 4456 RtkAudioService - ok
23:03:40.0609 4456 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
23:03:40.0672 4456 s3cap - ok
23:03:40.0687 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
23:03:40.0719 4456 SamSs - ok
23:03:40.0765 4456 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:03:40.0812 4456 sbp2port - ok
23:03:40.0875 4456 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:40.0968 4456 SCardSvr - ok
23:03:40.0999 4456 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:41.0109 4456 scfilter - ok
23:03:41.0155 4456 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
23:03:41.0249 4456 Schedule - ok
23:03:41.0311 4456 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:41.0405 4456 SCPolicySvc - ok
23:03:41.0436 4456 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:03:41.0483 4456 sdbus - ok
23:03:41.0514 4456 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:41.0561 4456 SDRSVC - ok
23:03:41.0592 4456 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:41.0686 4456 secdrv - ok
23:03:41.0701 4456 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
23:03:41.0811 4456 seclogon - ok
23:03:41.0842 4456 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:03:42.0029 4456 SENS - ok
23:03:42.0060 4456 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:42.0123 4456 SensrSvc - ok
23:03:42.0154 4456 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:03:42.0185 4456 Serenum - ok
23:03:42.0216 4456 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:03:42.0247 4456 Serial - ok
23:03:42.0263 4456 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:03:42.0310 4456 sermouse - ok
23:03:42.0388 4456 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:42.0481 4456 SessionEnv - ok
23:03:42.0513 4456 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
23:03:42.0559 4456 SFEP - ok
23:03:42.0575 4456 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:03:42.0653 4456 sffdisk - ok
23:03:42.0669 4456 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:03:42.0715 4456 sffp_mmc - ok
23:03:42.0715 4456 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:03:42.0762 4456 sffp_sd - ok
23:03:42.0778 4456 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:03:42.0809 4456 sfloppy - ok
23:03:42.0856 4456 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:42.0981 4456 SharedAccess - ok
23:03:43.0027 4456 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:43.0090 4456 ShellHWDetection - ok
23:03:43.0121 4456 [ C06CCD29F5C15B610237E86F82085E77 ] shpf C:\Windows\system32\DRIVERS\shpf.sys
23:03:43.0152 4456 shpf - ok
23:03:43.0183 4456 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:03:43.0215 4456 SiSRaid2 - ok
23:03:43.0230 4456 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:03:43.0261 4456 SiSRaid4 - ok
23:03:43.0277 4456 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:43.0386 4456 Smb - ok
23:03:43.0433 4456 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:43.0464 4456 SNMPTRAP - ok
23:03:43.0527 4456 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
23:03:43.0558 4456 SOHCImp - ok
23:03:43.0573 4456 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
23:03:43.0605 4456 SOHDBSvr - ok
23:03:43.0636 4456 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
23:03:43.0667 4456 SOHDms - ok
23:03:43.0683 4456 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
23:03:43.0714 4456 SOHDs - ok
23:03:43.0729 4456 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
23:03:43.0745 4456 SOHPlMgr - ok
23:03:43.0792 4456 [ 5D54FEC2EA86813F036821652A07C222 ] SPI C:\Windows\system32\DRIVERS\SonyPI.sys
23:03:43.0839 4456 SPI - ok
23:03:43.0870 4456 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:43.0901 4456 spldr - ok
23:03:43.0948 4456 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
23:03:44.0026 4456 Spooler - ok
23:03:44.0151 4456 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:44.0291 4456 sppsvc - ok
23:03:44.0322 4456 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:44.0416 4456 sppuinotify - ok
23:03:44.0509 4456 [ B2EC3E1DEAC5F0A764BD3486D213A0AF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:03:44.0541 4456 SQLBrowser - ok
23:03:44.0603 4456 [ D63FC56C7C3F9B576BC25F617E3F7963 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:03:44.0634 4456 SQLWriter - ok
23:03:44.0665 4456 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:44.0743 4456 srv - ok
23:03:44.0790 4456 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:44.0837 4456 srv2 - ok
23:03:44.0915 4456 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
23:03:44.0946 4456 SrvHsfHDA - ok
23:03:45.0009 4456 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
23:03:45.0087 4456 SrvHsfV92 - ok
23:03:45.0165 4456 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
23:03:45.0212 4456 SrvHsfWinac - ok
23:03:45.0243 4456 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:45.0290 4456 srvnet - ok
23:03:45.0336 4456 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:45.0446 4456 SSDPSRV - ok
23:03:45.0461 4456 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:45.0555 4456 SstpSvc - ok
23:03:45.0602 4456 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:03:45.0617 4456 stexstor - ok
23:03:45.0664 4456 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
23:03:45.0742 4456 stisvc - ok
23:03:45.0773 4456 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
23:03:45.0804 4456 storflt - ok
23:03:45.0836 4456 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:03:45.0882 4456 StorSvc - ok
23:03:45.0914 4456 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
23:03:45.0945 4456 storvsc - ok
23:03:45.0976 4456 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:46.0007 4456 swenum - ok
23:03:46.0038 4456 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:03:46.0163 4456 swprv - ok
23:03:46.0179 4456 Symantec SymSnap VSS Provider - ok
23:03:46.0241 4456 [ 2D9B2746F7DEA46D1572B84A06311566 ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
23:03:46.0272 4456 symsnap - ok
23:03:46.0428 4456 [ EA1A479651CA2E0409C29D586C91901D ] SymSnapService C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
23:03:46.0569 4456 SymSnapService - ok
23:03:46.0647 4456 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
23:03:46.0756 4456 SysMain - ok
23:03:46.0787 4456 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:46.0850 4456 TabletInputService - ok
23:03:46.0896 4456 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:47.0006 4456 TapiSrv - ok
23:03:47.0068 4456 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:03:47.0162 4456 TBS - ok
23:03:47.0240 4456 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:47.0349 4456 Tcpip - ok
23:03:47.0427 4456 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:47.0489 4456 TCPIP6 - ok
23:03:47.0536 4456 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:47.0583 4456 tcpipreg - ok
23:03:47.0598 4456 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:47.0630 4456 TDPIPE - ok
23:03:47.0661 4456 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:47.0708 4456 TDTCP - ok
23:03:47.0739 4456 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:47.0801 4456 tdx - ok
23:03:47.0801 4456 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:47.0817 4456 TermDD - ok
23:03:47.0879 4456 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
23:03:48.0004 4456 TermService - ok
23:03:48.0020 4456 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:03:48.0066 4456 Themes - ok
23:03:48.0113 4456 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:48.0207 4456 THREADORDER - ok
23:03:48.0222 4456 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
23:03:48.0285 4456 TPM - ok
23:03:48.0316 4456 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:03:48.0410 4456 TrkWks - ok
23:03:48.0488 4456 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:48.0534 4456 TrustedInstaller - ok
23:03:48.0566 4456 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:48.0675 4456 tssecsrv - ok
23:03:48.0690 4456 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:48.0800 4456 tunnel - ok
23:03:48.0831 4456 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:03:48.0862 4456 uagp35 - ok
23:03:48.0909 4456 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
23:03:48.0940 4456 uCamMonitor - ok
23:03:48.0971 4456 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:49.0080 4456 udfs - ok
23:03:49.0143 4456 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:49.0174 4456 UI0Detect - ok
23:03:49.0190 4456 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:03:49.0221 4456 uliagpkx - ok
23:03:49.0252 4456 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:49.0283 4456 umbus - ok
23:03:49.0314 4456 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:03:49.0346 4456 UmPass - ok
23:03:49.0377 4456 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
23:03:49.0408 4456 UmRdpService - ok
23:03:49.0455 4456 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:03:49.0548 4456 upnphost - ok
23:03:49.0580 4456 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:49.0611 4456 usbccgp - ok
23:03:49.0626 4456 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:03:49.0658 4456 usbcir - ok
23:03:49.0673 4456 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:49.0689 4456 usbehci - ok
23:03:49.0704 4456 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:49.0736 4456 usbhub - ok
23:03:49.0751 4456 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:03:49.0767 4456 usbohci - ok
23:03:49.0782 4456 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:49.0798 4456 usbprint - ok
23:03:49.0829 4456 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:49.0845 4456 USBSTOR - ok
23:03:49.0860 4456 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:03:49.0892 4456 usbuhci - ok
23:03:49.0938 4456 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:03:49.0985 4456 usbvideo - ok
23:03:50.0016 4456 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:03:50.0126 4456 UxSms - ok
23:03:50.0188 4456 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
23:03:50.0204 4456 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
23:03:50.0204 4456 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
23:03:50.0250 4456 [ D4197CF0C8567046FD4AF28FF47AF528 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
23:03:50.0282 4456 VAIO Event Service - ok
23:03:50.0344 4456 [ 2D6605C1F0BBD0F71A4CB3A5B1E07240 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
23:03:50.0375 4456 VAIO Power Management - ok
23:03:50.0406 4456 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
23:03:50.0438 4456 VaultSvc - ok
23:03:50.0500 4456 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
23:03:50.0547 4456 VCFw - ok
23:03:50.0609 4456 [ 34063C0B842E73662067F9B03947C55C ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
23:03:50.0640 4456 VcmIAlzMgr - ok
23:03:50.0687 4456 [ A8F5D1651A324ABC6C308891A1252EE3 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
23:03:50.0734 4456 VcmINSMgr - ok
23:03:50.0796 4456 [ DB544B487F360128DC1C383E0A6FCC2F ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
23:03:50.0828 4456 VcmXmlIfHelper - ok
23:03:50.0859 4456 Vcsw - ok
23:03:50.0906 4456 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:03:50.0937 4456 vdrvroot - ok
23:03:50.0984 4456 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
23:03:51.0030 4456 vds - ok
23:03:51.0077 4456 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:51.0108 4456 vga - ok
23:03:51.0124 4456 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:51.0233 4456 VgaSave - ok
23:03:51.0249 4456 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:03:51.0296 4456 vhdmp - ok
23:03:51.0311 4456 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:03:51.0342 4456 viaide - ok
23:03:51.0374 4456 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
23:03:51.0405 4456 vmbus - ok
23:03:51.0420 4456 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
23:03:51.0467 4456 VMBusHID - ok
23:03:51.0498 4456 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:03:51.0530 4456 volmgr - ok
23:03:51.0561 4456 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:51.0608 4456 volmgrx - ok
23:03:51.0639 4456 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:03:51.0670 4456 volsnap - ok
23:03:51.0717 4456 [ 8B7454930230DB4BC4BA35A467BE09AA ] VProEventMonitor C:\Windows\system32\DRIVERS\vproeventmonitor.sys
23:03:51.0748 4456 VProEventMonitor - ok
23:03:51.0764 4456 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:03:51.0810 4456 vsmraid - ok
23:03:51.0888 4456 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
23:03:51.0982 4456 VSS - ok
23:03:52.0044 4456 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
23:03:52.0122 4456 VUAgent - ok
23:03:52.0154 4456 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:03:52.0200 4456 vwifibus - ok
23:03:52.0232 4456 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
23:03:52.0247 4456 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
23:03:52.0247 4456 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
23:03:52.0310 4456 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:03:52.0419 4456 W32Time - ok
23:03:52.0481 4456 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:03:52.0528 4456 WacomPen - ok
23:03:52.0575 4456 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:52.0668 4456 WANARP - ok
23:03:52.0700 4456 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:52.0793 4456 Wanarpv6 - ok
23:03:52.0871 4456 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
23:03:52.0949 4456 wbengine - ok
23:03:52.0996 4456 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:53.0043 4456 WbioSrvc - ok
23:03:53.0105 4456 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:53.0152 4456 wcncsvc - ok
23:03:53.0183 4456 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:53.0246 4456 WcsPlugInService - ok
23:03:53.0277 4456 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:03:53.0308 4456 Wd - ok
23:03:53.0355 4456 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:53.0402 4456 Wdf01000 - ok
23:03:53.0464 4456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:53.0526 4456 WdiServiceHost - ok
23:03:53.0542 4456 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:53.0589 4456 WdiSystemHost - ok
23:03:53.0636 4456 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
23:03:53.0698 4456 WebClient - ok
23:03:53.0729 4456 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:53.0823 4456 Wecsvc - ok
23:03:53.0870 4456 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:53.0963 4456 wercplsupport - ok
23:03:53.0994 4456 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:54.0088 4456 WerSvc - ok
23:03:54.0119 4456 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:54.0213 4456 WfpLwf - ok
23:03:54.0260 4456 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:03:54.0291 4456 WimFltr - ok
23:03:54.0322 4456 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:54.0353 4456 WIMMount - ok
23:03:54.0416 4456 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
23:03:54.0494 4456 winachsf - ok
23:03:54.0556 4456 WinDefend - ok
23:03:54.0587 4456 WinHttpAutoProxySvc - ok
23:03:54.0650 4456 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:03:54.0759 4456 Winmgmt - ok
23:03:54.0837 4456 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:03:55.0008 4456 WinRM - ok
23:03:55.0071 4456 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
23:03:55.0118 4456 WinUsb - ok
23:03:55.0180 4456 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:03:55.0274 4456 Wlansvc - ok
23:03:55.0289 4456 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:55.0336 4456 WmiAcpi - ok
23:03:55.0383 4456 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:03:55.0430 4456 wmiApSrv - ok
23:03:55.0476 4456 WMPNetworkSvc - ok
23:03:55.0523 4456 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:03:55.0570 4456 WPCSvc - ok
23:03:55.0601 4456 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:03:55.0664 4456 WPDBusEnum - ok
23:03:55.0695 4456 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:03:55.0804 4456 ws2ifsl - ok
23:03:55.0835 4456 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
23:03:55.0882 4456 wscsvc - ok
23:03:55.0898 4456 WSearch - ok
23:03:56.0022 4456 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:03:56.0147 4456 wuauserv - ok
23:03:56.0178 4456 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:03:56.0288 4456 WudfPf - ok
23:03:56.0303 4456 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:56.0412 4456 WUDFRd - ok
23:03:56.0459 4456 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:03:56.0568 4456 wudfsvc - ok
23:03:56.0600 4456 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:03:56.0646 4456 WwanSvc - ok
23:03:56.0693 4456 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
23:03:56.0724 4456 XAudio - ok
23:03:56.0787 4456 ================ Scan global ===============================
23:03:56.0834 4456 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:56.0880 4456 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:03:56.0896 4456 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:03:56.0943 4456 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:56.0974 4456 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:56.0990 4456 [Global] - ok
23:03:56.0990 4456 ================ Scan MBR ==================================
23:03:57.0005 4456 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:03:58.0113 4456 \Device\Harddisk0\DR0 - ok
23:03:58.0128 4456 [ C0C2301049D7A922402F1BE58FD5CADF ] \Device\Harddisk1\DR1
23:03:58.0425 4456 \Device\Harddisk1\DR1 - ok
23:03:58.0440 4456 ================ Scan VBR ==================================
23:03:58.0472 4456 [ AEA58B0AEC5212C01E71479901234C24 ] \Device\Harddisk0\DR0\Partition1
23:03:58.0472 4456 \Device\Harddisk0\DR0\Partition1 - ok
23:03:58.0487 4456 [ B0D896DCD6FCD7BDBF29FB7DB4E0D8F5 ] \Device\Harddisk0\DR0\Partition2
23:03:58.0487 4456 \Device\Harddisk0\DR0\Partition2 - ok
23:03:58.0503 4456 [ 0BF9A793C71B1634ADE31D6218893D37 ] \Device\Harddisk0\DR0\Partition3
23:03:58.0503 4456 \Device\Harddisk0\DR0\Partition3 - ok
23:03:58.0503 4456 ============================================================
23:03:58.0503 4456 Scan finished
23:03:58.0503 4456 ============================================================
23:03:58.0534 1056 Detected object count: 3
23:03:58.0534 1056 Actual detected object count: 3
23:04:10.0374 1056 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:04:10.0374 1056 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:04:10.0374 1056 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:04:10.0374 1056 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:04:10.0374 1056 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:04:10.0374 1056 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#12
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

For x64 bit systems please download Listparts64
Run the tool, click Scan and post the log (Result.txt) it makes.

THEN

Update MalwareBytes AntiMalware and Run a Quick Scan.
Post the log it produces
  • 0

#13
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP