Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Win32/Small.CA Virus [Solved]

Started by silviab , Nov 25 2012 03:58 PM

This topic is locked

#16
silviab

Posted 03 December 2012 - 04:24 PM

Member

Topic Starter
Member
54 posts

OK! I restarted my computer & couldn't get to where I could click load in safe mode using F8. Only time I can get into in the past,it is if I turn off my computer manually instead of restarting it i.e. it freezes. If I do it that way, I can use safe mode but when I run that program you want, if it restarts, it won't be in safe mode to get the log to send you. Did that makes sense? Maybe, I'm not using F8 correctly, I read the article & waited until it said starting windows, I tried holding it down or just clicking it but it just starts normally.

#17
gringo_pr

Posted 03 December 2012 - 10:55 PM

Trusted Helper

Malware Removal
7,268 posts

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

#18
silviab

Posted 05 December 2012 - 04:21 PM

Member

Topic Starter
Member
54 posts

Hi,

I'm posting this reply from my husband's computer. Right now, it doesn't want to use internet explorer, my computer. It justs keeps going around in a circle. As soon as I can get on, I'll download the programs & post the results. Thank you so much for your patience. You asked me before how my computer is working now. It's very slow. It will eventually get there. I finally got my computer to get to the website but we are on page 2 so will take awhile to load that page <sigh>

Silvia

#19
gringo_pr

Posted 05 December 2012 - 04:47 PM

Trusted Helper

Malware Removal
7,268 posts

when did that start - try using system restore to before that happened

#20
silviab

Posted 05 December 2012 - 05:11 PM

Member

Topic Starter
Member
54 posts

OK Here is the results of TDSSKiller. Right now on my computer it's still downloading all those definitions for the other scan. TDSSKiller scan said it looked good.

14:55:14.0377 4696 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:55:15.0219 4696
============================================================
14:55:15.0219 4696 Current date / time: 2012/12/05 14:55:15.0219
14:55:15.0219 4696 SystemInfo:
14:55:15.0219 4696
14:55:15.0219 4696 OS Version: 6.1.7601 ServicePack: 1.0
14:55:15.0219 4696 Product type: Workstation
14:55:15.0219 4696 ComputerName: SILVIA-VAIO
14:55:15.0219 4696 UserName: Silvia
14:55:15.0219 4696 Windows directory: C:\Windows
14:55:15.0219 4696 System windows directory: C:\Windows
14:55:15.0219 4696 Running under WOW64
14:55:15.0219 4696 Processor architecture: Intel x64
14:55:15.0219 4696 Number of processors: 8
14:55:15.0219 4696 Page size: 0x1000
14:55:15.0219 4696 Boot type: Normal boot
14:55:15.0219 4696
============================================================
14:55:15.0765 4696 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000
(1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F,
TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:55:15.0781 4696
============================================================
14:55:15.0781 4696 \Device\Harddisk0\DR0:
14:55:15.0781 4696 MBR partitions:
14:55:15.0781 4696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7,
StartLBA 0x22D4800, BlocksNum 0x32000
14:55:15.0781 4696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7,
StartLBA 0x2306800, BlocksNum 0xE6B018B0
14:55:15.0781 4696
============================================================
14:55:15.0796 4696 C: <-> \Device\Harddisk0\DR0\Partition2
14:55:15.0796 4696
============================================================
14:55:15.0796 4696 Initialize success
14:55:15.0796 4696
============================================================
14:55:30.0024 5136
============================================================
14:55:30.0024 5136 Scan started
14:55:30.0024 5136 Mode: Manual;
14:55:30.0024 5136
============================================================
14:55:30.0289 5136 ================ Scan system memory
========================
14:55:30.0289 5136 System memory - ok
14:55:30.0289 5136 ================ Scan services
=============================
14:55:30.0538 5136 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci
C:\Windows\system32\DRIVERS\1394ohci.sys
14:55:30.0538 5136 1394ohci - ok
14:55:30.0648 5136 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon
C:\Program Files (x86)\Common Files\ArcSoft\Connection
Service\Bin\ACService.exe
14:55:30.0663 5136 ACDaemon - ok
14:55:30.0694 5136 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI
C:\Windows\system32\drivers\ACPI.sys
14:55:30.0710 5136 ACPI - ok
14:55:30.0726 5136 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi
C:\Windows\system32\drivers\acpipmi.sys
14:55:30.0741 5136 AcpiPmi - ok
14:55:30.0819 5136 [ 1474F121C3DF1232D3E7239C03691EE6 ]
AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9
Organizer\PhotoshopElementsFileAgent.exe
14:55:30.0819 5136 AdobeActiveFileMonitor9.0 - ok
14:55:30.0928 5136 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:55:30.0928 5136 AdobeARMservice - ok
14:55:31.0100 5136 [ 0CB0AA071C7B86A64F361DCFDF357329 ]
AdobeFlashPlayerUpdateSvc
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:55:31.0116 5136 AdobeFlashPlayerUpdateSvc - ok
14:55:31.0303 5136 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx
C:\Windows\system32\drivers\adp94xx.sys
14:55:31.0303 5136 adp94xx - ok
14:55:31.0334 5136 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci
C:\Windows\system32\drivers\adpahci.sys
14:55:31.0350 5136 adpahci - ok
14:55:31.0381 5136 [ E109549C90F62FB570B9540C4B148E54 ] adpu320
C:\Windows\system32\drivers\adpu320.sys
14:55:31.0396 5136 adpu320 - ok
14:55:31.0443 5136 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc
C:\Windows\System32\aelupsvc.dll
14:55:31.0443 5136 AeLookupSvc - ok
14:55:31.0474 5136 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD
C:\Windows\system32\drivers\afd.sys
14:55:31.0490 5136 AFD - ok
14:55:31.0506 5136 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440
C:\Windows\system32\drivers\agp440.sys
14:55:31.0521 5136 agp440 - ok
14:55:31.0552 5136 [ 3290D6946B5E30E70414990574883DDB ] ALG
C:\Windows\System32\alg.exe
14:55:31.0552 5136 ALG - ok
14:55:31.0568 5136 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide
C:\Windows\system32\drivers\aliide.sys
14:55:31.0584 5136 aliide - ok
14:55:31.0584 5136 [ 1FF8B4431C353CE385C875F194924C0C ] amdide
C:\Windows\system32\drivers\amdide.sys
14:55:31.0584 5136 amdide - ok
14:55:31.0615 5136 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8
C:\Windows\system32\drivers\amdk8.sys
14:55:31.0615 5136 AmdK8 - ok
14:55:31.0630 5136 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM
C:\Windows\system32\drivers\amdppm.sys
14:55:31.0630 5136 AmdPPM - ok
14:55:31.0662 5136 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata
C:\Windows\system32\drivers\amdsata.sys
14:55:31.0662 5136 amdsata - ok
14:55:31.0677 5136 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs
C:\Windows\system32\drivers\amdsbs.sys
14:55:31.0677 5136 amdsbs - ok
14:55:31.0693 5136 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata
C:\Windows\system32\drivers\amdxata.sys
14:55:31.0693 5136 amdxata - ok
14:55:31.0708 5136 [ 89A69C3F2F319B43379399547526D952 ] AppID
C:\Windows\system32\drivers\appid.sys
14:55:31.0708 5136 AppID - ok
14:55:31.0724 5136 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc
C:\Windows\System32\appidsvc.dll
14:55:31.0740 5136 AppIDSvc - ok
14:55:31.0755 5136 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo
C:\Windows\System32\appinfo.dll
14:55:31.0755 5136 Appinfo - ok
14:55:31.0818 5136 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt
C:\Windows\System32\appmgmts.dll
14:55:31.0818 5136 AppMgmt - ok
14:55:31.0833 5136 [ C484F8CEB1717C540242531DB7845C4E ] arc
C:\Windows\system32\drivers\arc.sys
14:55:31.0833 5136 arc - ok
14:55:31.0864 5136 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas
C:\Windows\system32\drivers\arcsas.sys
14:55:31.0864 5136 arcsas - ok
14:55:31.0911 5136 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter
C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:55:31.0911 5136 ArcSoftKsUFilter - ok
14:55:32.0005 5136 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:55:32.0036 5136 aspnet_state - ok
14:55:32.0067 5136 ASTSRV - ok
14:55:32.0098 5136 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac
C:\Windows\system32\DRIVERS\asyncmac.sys
14:55:32.0130 5136 AsyncMac - ok
14:55:32.0161 5136 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi
C:\Windows\system32\drivers\atapi.sys
14:55:32.0161 5136 atapi - ok
14:55:32.0192 5136 [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort
C:\Windows\system32\DRIVERS\btath_flt.sys
14:55:32.0192 5136 AthBTPort - ok
14:55:32.0286 5136 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan
Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:55:32.0286 5136 Atheros Bt&Wlan Coex Agent - ok
14:55:32.0332 5136 [ EBC3119394C9074A9CD87578A435050D ] AtherosSvc
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:55:32.0332 5136 AtherosSvc - ok
14:55:32.0426 5136 [ A5E770426D18F8EF332A593F3289DA91 ] athr
C:\Windows\system32\DRIVERS\athrx.sys
14:55:32.0488 5136 athr - ok
14:55:32.0551 5136 [ F23FEF6D569FCE88671949894A8BECF1 ]
AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:55:32.0566 5136 AudioEndpointBuilder - ok
14:55:32.0566 5136 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv
C:\Windows\System32\Audiosrv.dll
14:55:32.0582 5136 AudioSrv - ok
14:55:32.0629 5136 [ 4E18E76C393D29339DD081E5939C1E35 ] AVerAVF2
C:\Windows\system32\DRIVERS\AVerAVF2.sys
14:55:32.0644 5136 AVerAVF2 - ok
14:55:32.0691 5136 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV
C:\Windows\System32\AxInstSV.dll
14:55:32.0707 5136 AxInstSV - ok
14:55:32.0722 5136 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv
C:\Windows\system32\drivers\bxvbda.sys
14:55:32.0738 5136 b06bdrv - ok
14:55:32.0754 5136 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a
C:\Windows\system32\DRIVERS\b57nd60a.sys
14:55:32.0754 5136 b57nd60a - ok
14:55:32.0769 5136 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC
C:\Windows\System32\bdesvc.dll
14:55:32.0769 5136 BDESVC - ok
14:55:32.0785 5136 [ 16A47CE2DECC9B099349A5F840654746 ] Beep
C:\Windows\system32\drivers\Beep.sys
14:55:32.0785 5136 Beep - ok
14:55:32.0816 5136 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE
C:\Windows\System32\bfe.dll
14:55:32.0832 5136 BFE - ok
14:55:32.0988 5136 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
14:55:33.0019 5136 BHDrvx64 - ok
14:55:33.0081 5136 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS
C:\Windows\system32\qmgr.dll
14:55:33.0112 5136 BITS - ok
14:55:33.0144 5136 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive
C:\Windows\system32\DRIVERS\blbdrive.sys
14:55:33.0144 5136 blbdrive - ok
14:55:33.0144 5136 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser
C:\Windows\system32\DRIVERS\bowser.sys
14:55:33.0159 5136 bowser - ok
14:55:33.0175 5136 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo
C:\Windows\system32\drivers\BrFiltLo.sys
14:55:33.0175 5136 BrFiltLo - ok
14:55:33.0190 5136 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp
C:\Windows\system32\drivers\BrFiltUp.sys
14:55:33.0206 5136 BrFiltUp - ok
14:55:33.0284 5136 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP
C:\Windows\system32\DRIVERS\bridge.sys
14:55:33.0284 5136 BridgeMP - ok
14:55:33.0331 5136 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser
C:\Windows\System32\browser.dll
14:55:33.0331 5136 Browser - ok
14:55:33.0346 5136 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid
C:\Windows\System32\Drivers\Brserid.sys
14:55:33.0346 5136 Brserid - ok
14:55:33.0362 5136 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm
C:\Windows\System32\Drivers\BrSerWdm.sys
14:55:33.0378 5136 BrSerWdm - ok
14:55:33.0393 5136 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm
C:\Windows\System32\Drivers\BrUsbMdm.sys
14:55:33.0393 5136 BrUsbMdm - ok
14:55:33.0409 5136 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer
C:\Windows\System32\Drivers\BrUsbSer.sys
14:55:33.0409 5136 BrUsbSer - ok
14:55:33.0440 5136 [ B3BCD755FA9A359D10208CC9F09847CC ] BTATH_A2DP
C:\Windows\system32\drivers\btath_a2dp.sys
14:55:33.0440 5136 BTATH_A2DP - ok
14:55:33.0471 5136 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710 ] btath_avdt
C:\Windows\system32\drivers\btath_avdt.sys
14:55:33.0471 5136 btath_avdt - ok
14:55:33.0502 5136 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD ] BTATH_BUS
C:\Windows\system32\DRIVERS\btath_bus.sys
14:55:33.0502 5136 BTATH_BUS - ok
14:55:33.0518 5136 [ A441B800E04CF8443FAF519207563ABB ] BTATH_HCRP
C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:55:33.0534 5136 BTATH_HCRP - ok
14:55:33.0596 5136 [ B16F8429A35BBA2A8EF9DB2E08675B97 ] BTATH_LWFLT
C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:55:33.0596 5136 BTATH_LWFLT - ok
14:55:33.0627 5136 [ C24231C6BDFE21735930084A22089AAB ] BTATH_RCP
C:\Windows\system32\DRIVERS\btath_rcp.sys
14:55:33.0627 5136 BTATH_RCP - ok
14:55:33.0690 5136 [ 3632FA4C6B3CE9EC827690DEAC266D8C ] BtFilter
C:\Windows\system32\DRIVERS\btfilter.sys
14:55:33.0690 5136 BtFilter - ok
14:55:33.0705 5136 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum
C:\Windows\system32\drivers\BthEnum.sys
14:55:33.0721 5136 BthEnum - ok
14:55:33.0736 5136 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM
C:\Windows\system32\drivers\bthmodem.sys
14:55:33.0736 5136 BTHMODEM - ok
14:55:33.0752 5136 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan
C:\Windows\system32\DRIVERS\bthpan.sys
14:55:33.0752 5136 BthPan - ok
14:55:33.0768 5136 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT
C:\Windows\System32\Drivers\BTHport.sys
14:55:33.0799 5136 BTHPORT - ok
14:55:33.0861 5136 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv
C:\Windows\system32\bthserv.dll
14:55:33.0861 5136 bthserv - ok
14:55:33.0892 5136 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB
C:\Windows\System32\Drivers\BTHUSB.sys
14:55:33.0908 5136 BTHUSB - ok
14:55:33.0955 5136 catchme - ok
14:55:34.0017 5136 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360
C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
14:55:34.0017 5136 ccSet_N360 - ok
14:55:34.0048 5136 [ B8BD2BB284668C84865658C77574381A ] cdfs
C:\Windows\system32\DRIVERS\cdfs.sys
14:55:34.0048 5136 cdfs - ok
14:55:34.0080 5136 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom
C:\Windows\system32\DRIVERS\cdrom.sys
14:55:34.0080 5136 cdrom - ok
14:55:34.0126 5136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc
C:\Windows\System32\certprop.dll
14:55:34.0126 5136 CertPropSvc - ok
14:55:34.0142 5136 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass
C:\Windows\system32\drivers\circlass.sys
14:55:34.0142 5136 circlass - ok
14:55:34.0173 5136 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS
C:\Windows\system32\CLFS.sys
14:55:34.0173 5136 CLFS - ok
14:55:34.0251 5136 [ D88040F816FDA31C3B466F0FA0918F29 ]
clr_optimization_v2.0.50727_32
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:55:34.0251 5136 clr_optimization_v2.0.50727_32 - ok
14:55:34.0298 5136 [ D1CEEA2B47CB998321C579651CE3E4F8 ]
clr_optimization_v2.0.50727_64
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:55:34.0314 5136 clr_optimization_v2.0.50727_64 - ok
14:55:34.0376 5136 [ C5A75EB48E2344ABDC162BDA79E16841 ]
clr_optimization_v4.0.30319_32
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:55:34.0392 5136 clr_optimization_v4.0.30319_32 - ok
14:55:34.0438 5136 [ C6F9AF94DCD58122A4D7E89DB6BED29D ]
clr_optimization_v4.0.30319_64
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:55:34.0454 5136 clr_optimization_v4.0.30319_64 - ok
14:55:34.0501 5136 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt
C:\Windows\system32\drivers\CmBatt.sys
14:55:34.0516 5136 CmBatt - ok
14:55:34.0548 5136 [ E19D3F095812725D88F9001985B94EDD ] cmdide
C:\Windows\system32\drivers\cmdide.sys
14:55:34.0563 5136 cmdide - ok
14:55:34.0594 5136 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG
C:\Windows\system32\Drivers\cng.sys
14:55:34.0626 5136 CNG - ok
14:55:34.0641 5136 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt
C:\Windows\system32\drivers\compbatt.sys
14:55:34.0641 5136 Compbatt - ok
14:55:34.0672 5136 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus
C:\Windows\system32\DRIVERS\CompositeBus.sys
14:55:34.0672 5136 CompositeBus - ok
14:55:34.0672 5136 COMSysApp - ok
14:55:34.0688 5136 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk
C:\Windows\system32\drivers\crcdisk.sys
14:55:34.0688 5136 crcdisk - ok
14:55:34.0719 5136 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc
C:\Windows\system32\cryptsvc.dll
14:55:34.0719 5136 CryptSvc - ok
14:55:34.0750 5136 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC
C:\Windows\system32\drivers\csc.sys
14:55:34.0750 5136 CSC - ok
14:55:34.0828 5136 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService
C:\Windows\System32\cscsvc.dll
14:55:34.0828 5136 CscService - ok
14:55:34.0984 5136 [ 75E3C4BB1ED032310EDCF5691A452B4B ] DCDhcpService
C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
14:55:35.0000 5136 DCDhcpService - ok
14:55:35.0047 5136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch
C:\Windows\system32\rpcss.dll
14:55:35.0062 5136 DcomLaunch - ok
14:55:35.0109 5136 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc
C:\Windows\System32\defragsvc.dll
14:55:35.0109 5136 defragsvc - ok
14:55:35.0140 5136 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC
C:\Windows\system32\Drivers\dfsc.sys
14:55:35.0140 5136 DfsC - ok
14:55:35.0203 5136 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp
C:\Windows\system32\dhcpcore.dll
14:55:35.0203 5136 Dhcp - ok
14:55:35.0234 5136 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache
C:\Windows\system32\drivers\discache.sys
14:55:35.0234 5136 discache - ok
14:55:35.0250 5136 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk
C:\Windows\system32\drivers\disk.sys
14:55:35.0250 5136 Disk - ok
14:55:35.0281 5136 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc
C:\Windows\system32\drivers\dmvsc.sys
14:55:35.0281 5136 dmvsc - ok
14:55:35.0296 5136 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache
C:\Windows\System32\dnsrslvr.dll
14:55:35.0312 5136 Dnscache - ok
14:55:35.0328 5136 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc
C:\Windows\System32\dot3svc.dll
14:55:35.0328 5136 dot3svc - ok
14:55:35.0343 5136 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS
C:\Windows\system32\dps.dll
14:55:35.0343 5136 DPS - ok
14:55:35.0374 5136 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud
C:\Windows\system32\drivers\drmkaud.sys
14:55:35.0374 5136 drmkaud - ok
14:55:35.0406 5136 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl
C:\Windows\System32\drivers\dxgkrnl.sys
14:55:35.0421 5136 DXGKrnl - ok
14:55:35.0452 5136 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress
C:\Windows\system32\DRIVERS\e1y60x64.sys
14:55:35.0468 5136 e1yexpress - ok
14:55:35.0515 5136 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost
C:\Windows\System32\eapsvc.dll
14:55:35.0515 5136 EapHost - ok
14:55:35.0655 5136 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv
C:\Windows\system32\drivers\evbda.sys
14:55:35.0764 5136 ebdrv - ok
14:55:35.0811 5136 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:55:35.0827 5136 eeCtrl - ok
14:55:35.0858 5136 [ C118A82CD78818C29AB228366EBF81C3 ] EFS
C:\Windows\System32\lsass.exe
14:55:35.0858 5136 EFS - ok
14:55:35.0936 5136 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr
C:\Windows\ehome\ehRecvr.exe
14:55:35.0952 5136 ehRecvr - ok
14:55:35.0952 5136 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched
C:\Windows\ehome\ehsched.exe
14:55:35.0967 5136 ehSched - ok
14:55:35.0983 5136 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor
C:\Windows\system32\drivers\elxstor.sys
14:55:35.0983 5136 elxstor - ok
14:55:36.0045 5136 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv
C:\Program Files (x86)\Common Files\Symantec
Shared\EENGINE\EraserUtilRebootDrv.sys
14:55:36.0061 5136 EraserUtilRebootDrv - ok
14:55:36.0092 5136 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev
C:\Windows\system32\drivers\errdev.sys
14:55:36.0092 5136 ErrDev - ok
14:55:36.0139 5136 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem
C:\Windows\system32\es.dll
14:55:36.0154 5136 EventSystem - ok
14:55:36.0170 5136 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat
C:\Windows\system32\drivers\exfat.sys
14:55:36.0170 5136 exfat - ok
14:55:36.0186 5136 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat
C:\Windows\system32\drivers\fastfat.sys
14:55:36.0201 5136 fastfat - ok
14:55:36.0232 5136 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax
C:\Windows\system32\fxssvc.exe
14:55:36.0248 5136 Fax - ok
14:55:36.0295 5136 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc
C:\Windows\system32\drivers\fdc.sys
14:55:36.0295 5136 fdc - ok
14:55:36.0310 5136 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost
C:\Windows\system32\fdPHost.dll
14:55:36.0310 5136 fdPHost - ok
14:55:36.0326 5136 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub
C:\Windows\system32\fdrespub.dll
14:55:36.0326 5136 FDResPub - ok
14:55:36.0357 5136 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo
C:\Windows\system32\drivers\fileinfo.sys
14:55:36.0373 5136 FileInfo - ok
14:55:36.0388 5136 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace
C:\Windows\system32\drivers\filetrace.sys
14:55:36.0388 5136 Filetrace - ok
14:55:36.0466 5136 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing
Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
14:55:36.0498 5136 FLEXnet Licensing Service - ok
14:55:36.0513 5136 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk
C:\Windows\system32\drivers\flpydisk.sys
14:55:36.0513 5136 flpydisk - ok
14:55:36.0529 5136 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr
C:\Windows\system32\drivers\fltmgr.sys
14:55:36.0544 5136 FltMgr - ok
14:55:36.0591 5136 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache
C:\Windows\system32\FntCache.dll
14:55:36.0591 5136 FontCache - ok
14:55:36.0669 5136 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:55:36.0669 5136 FontCache3.0.0.0 - ok
14:55:36.0685 5136 [ D43703496149971890703B4B1B723EAC ] FsDepends
C:\Windows\system32\drivers\FsDepends.sys
14:55:36.0685 5136 FsDepends - ok
14:55:36.0716 5136 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec
C:\Windows\system32\drivers\Fs_Rec.sys
14:55:36.0732 5136 Fs_Rec - ok
14:55:36.0763 5136 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol
C:\Windows\system32\DRIVERS\fvevol.sys
14:55:36.0763 5136 fvevol - ok
14:55:36.0794 5136 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx
C:\Windows\system32\drivers\gagp30kx.sys
14:55:36.0794 5136 gagp30kx - ok
14:55:36.0825 5136 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc
C:\Windows\System32\gpsvc.dll
14:55:36.0856 5136 gpsvc - ok
14:55:36.0872 5136 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir
C:\Windows\system32\drivers\hcw85cir.sys
14:55:36.0872 5136 hcw85cir - ok
14:55:36.0903 5136 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService
C:\Windows\system32\drivers\HdAudio.sys
14:55:36.0903 5136 HdAudAddService - ok
14:55:36.0934 5136 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus
C:\Windows\system32\DRIVERS\HDAudBus.sys
14:55:36.0934 5136 HDAudBus - ok
14:55:36.0934 5136 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt
C:\Windows\system32\drivers\HidBatt.sys
14:55:36.0966 5136 HidBatt - ok
14:55:36.0966 5136 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth
C:\Windows\system32\drivers\hidbth.sys
14:55:36.0981 5136 HidBth - ok
14:55:36.0981 5136 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr
C:\Windows\system32\drivers\hidir.sys
14:55:36.0997 5136 HidIr - ok
14:55:37.0012 5136 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv
C:\Windows\System32\hidserv.dll
14:55:37.0012 5136 hidserv - ok
14:55:37.0028 5136 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb
C:\Windows\system32\DRIVERS\hidusb.sys
14:55:37.0028 5136 HidUsb - ok
14:55:37.0059 5136 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc
C:\Windows\system32\kmsvc.dll
14:55:37.0059 5136 hkmsvc - ok
14:55:37.0075 5136 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener
C:\Windows\system32\ListSvc.dll
14:55:37.0090 5136 HomeGroupListener - ok
14:55:37.0122 5136 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider
C:\Windows\system32\provsvc.dll
14:55:37.0122 5136 HomeGroupProvider - ok
14:55:37.0153 5136 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD
C:\Windows\system32\drivers\HpSAMD.sys
14:55:37.0153 5136 HpSAMD - ok
14:55:37.0184 5136 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP
C:\Windows\system32\drivers\HTTP.sys
14:55:37.0200 5136 HTTP - ok
14:55:37.0215 5136 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy
C:\Windows\system32\drivers\hwpolicy.sys
14:55:37.0215 5136 hwpolicy - ok
14:55:37.0231 5136 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt
C:\Windows\system32\DRIVERS\i8042prt.sys
14:55:37.0231 5136 i8042prt - ok
14:55:37.0246 5136 [ D469B77687E12FE43E344806740B624D ] iaStor
C:\Windows\system32\drivers\iaStor.sys
14:55:37.0246 5136 iaStor - ok
14:55:37.0324 5136 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc
C:\Program Files (x86)\Intel\Intel® Rapid Storage
Technology\IAStorDataMgrSvc.exe
14:55:37.0324 5136 IAStorDataMgrSvc - ok
14:55:37.0356 5136 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV
C:\Windows\system32\drivers\iaStorV.sys
14:55:37.0371 5136 iaStorV - ok
14:55:37.0434 5136 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication
Foundation\infocard.exe
14:55:37.0465 5136 idsvc - ok
14:55:37.0605 5136 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121204.001\IDSvia64.sys
14:55:37.0621 5136 IDSVia64 - ok
14:55:37.0652 5136 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp
C:\Windows\system32\drivers\iirsp.sys
14:55:37.0652 5136 iirsp - ok
14:55:37.0683 5136 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT
C:\Windows\System32\ikeext.dll
14:55:37.0699 5136 IKEEXT - ok
14:55:37.0792 5136 [ 3E3926F4FA7C9162C5C3EC6BF1E4F349 ] IntcAzAudAddService
C:\Windows\system32\drivers\RTKVHD64.sys
14:55:37.0824 5136 IntcAzAudAddService - ok
14:55:37.0839 5136 [ F00F20E70C6EC3AA366910083A0518AA ] intelide
C:\Windows\system32\drivers\intelide.sys
14:55:37.0839 5136 intelide - ok
14:55:37.0855 5136 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm
C:\Windows\system32\DRIVERS\intelppm.sys
14:55:37.0855 5136 intelppm - ok
14:55:37.0870 5136 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum
C:\Windows\system32\ipbusenum.dll
14:55:37.0886 5136 IPBusEnum - ok
14:55:37.0917 5136 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver
C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:55:37.0917 5136 IpFilterDriver - ok
14:55:37.0964 5136 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc
C:\Windows\System32\iphlpsvc.dll
14:55:37.0964 5136 iphlpsvc - ok
14:55:37.0980 5136 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV
C:\Windows\system32\drivers\IPMIDrv.sys
14:55:37.0980 5136 IPMIDRV - ok
14:55:37.0995 5136 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT
C:\Windows\system32\drivers\ipnat.sys
14:55:37.0995 5136 IPNAT - ok
14:55:38.0011 5136 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM
C:\Windows\system32\drivers\irenum.sys
14:55:38.0011 5136 IRENUM - ok
14:55:38.0026 5136 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp
C:\Windows\system32\drivers\isapnp.sys
14:55:38.0026 5136 isapnp - ok
14:55:38.0042 5136 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt
C:\Windows\system32\drivers\msiscsi.sys
14:55:38.0073 5136 iScsiPrt - ok
14:55:38.0151 5136 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:55:38.0167 5136 IviRegMgr - ok
14:55:38.0182 5136 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass
C:\Windows\system32\DRIVERS\kbdclass.sys
14:55:38.0198 5136 kbdclass - ok
14:55:38.0214 5136 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid
C:\Windows\system32\DRIVERS\kbdhid.sys
14:55:38.0214 5136 kbdhid - ok
14:55:38.0260 5136 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso
C:\Windows\system32\lsass.exe
14:55:38.0260 5136 KeyIso - ok
14:55:38.0292 5136 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD
C:\Windows\system32\Drivers\ksecdd.sys
14:55:38.0307 5136 KSecDD - ok
14:55:38.0323 5136 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg
C:\Windows\system32\Drivers\ksecpkg.sys
14:55:38.0338 5136 KSecPkg - ok
14:55:38.0354 5136 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk
C:\Windows\system32\drivers\ksthunk.sys
14:55:38.0354 5136 ksthunk - ok
14:55:38.0401 5136 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm
C:\Windows\system32\msdtckrm.dll
14:55:38.0416 5136 KtmRm - ok
14:55:38.0463 5136 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer
C:\Windows\System32\srvsvc.dll
14:55:38.0479 5136 LanmanServer - ok
14:55:38.0494 5136 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation
C:\Windows\System32\wkssvc.dll
14:55:38.0510 5136 LanmanWorkstation - ok
14:55:38.0541 5136 [ 1538831CF8AD2979A04C423779465827 ] lltdio
C:\Windows\system32\DRIVERS\lltdio.sys
14:55:38.0541 5136 lltdio - ok
14:55:38.0588 5136 [ C1185803384AB3FEED115F79F109427F ] lltdsvc
C:\Windows\System32\lltdsvc.dll
14:55:38.0588 5136 lltdsvc - ok
14:55:38.0604 5136 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts
C:\Windows\System32\lmhsvc.dll
14:55:38.0604 5136 lmhosts - ok
14:55:38.0697 5136 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS
C:\Program Files (x86)\Intel\Intel® Management Engine
Components\LMS\LMS.exe
14:55:38.0697 5136 LMS - ok
14:55:38.0744 5136 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC
C:\Windows\system32\drivers\lsi_fc.sys
14:55:38.0744 5136 LSI_FC - ok
14:55:38.0760 5136 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS
C:\Windows\system32\drivers\lsi_sas.sys
14:55:38.0775 5136 LSI_SAS - ok
14:55:38.0791 5136 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2
C:\Windows\system32\drivers\lsi_sas2.sys
14:55:38.0806 5136 LSI_SAS2 - ok
14:55:38.0838 5136 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI
C:\Windows\system32\drivers\lsi_scsi.sys
14:55:38.0838 5136 LSI_SCSI - ok
14:55:38.0869 5136 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv
C:\Windows\system32\drivers\luafv.sys
14:55:38.0869 5136 luafv - ok
14:55:38.0884 5136 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc
C:\Windows\system32\Mcx2Svc.dll
14:55:38.0900 5136 Mcx2Svc - ok
14:55:38.0916 5136 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas
C:\Windows\system32\drivers\megasas.sys
14:55:38.0916 5136 megasas - ok
14:55:38.0931 5136 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR
C:\Windows\system32\drivers\MegaSR.sys
14:55:38.0947 5136 MegaSR - ok
14:55:38.0962 5136 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64
C:\Windows\system32\DRIVERS\HECIx64.sys
14:55:38.0962 5136 MEIx64 - ok
14:55:39.0009 5136 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS
C:\Windows\system32\mmcss.dll
14:55:39.0009 5136 MMCSS - ok
14:55:39.0025 5136 [ 800BA92F7010378B09F9ED9270F07137 ] Modem
C:\Windows\system32\drivers\modem.sys
14:55:39.0025 5136 Modem - ok
14:55:39.0056 5136 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor
C:\Windows\system32\DRIVERS\monitor.sys
14:55:39.0056 5136 monitor - ok
14:55:39.0072 5136 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass
C:\Windows\system32\DRIVERS\mouclass.sys
14:55:39.0087 5136 mouclass - ok
14:55:39.0103 5136 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid
C:\Windows\system32\DRIVERS\mouhid.sys
14:55:39.0103 5136 mouhid - ok
14:55:39.0134 5136 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr
C:\Windows\system32\drivers\mountmgr.sys
14:55:39.0134 5136 mountmgr - ok
14:55:39.0150 5136 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio
C:\Windows\system32\drivers\mpio.sys
14:55:39.0150 5136 mpio - ok
14:55:39.0181 5136 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv
C:\Windows\system32\drivers\mpsdrv.sys
14:55:39.0181 5136 mpsdrv - ok
14:55:39.0196 5136 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc
C:\Windows\system32\mpssvc.dll
14:55:39.0212 5136 MpsSvc - ok
14:55:39.0228 5136 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV
C:\Windows\system32\drivers\mrxdav.sys
14:55:39.0228 5136 MRxDAV - ok
14:55:39.0243 5136 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb
C:\Windows\system32\DRIVERS\mrxsmb.sys
14:55:39.0259 5136 mrxsmb - ok
14:55:39.0274 5136 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10
C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:55:39.0274 5136 mrxsmb10 - ok
14:55:39.0306 5136 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20
C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:55:39.0306 5136 mrxsmb20 - ok
14:55:39.0321 5136 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci
C:\Windows\system32\drivers\msahci.sys
14:55:39.0321 5136 msahci - ok
14:55:39.0321 5136 [ DB801A638D011B9633829EB6F663C900 ] msdsm
C:\Windows\system32\drivers\msdsm.sys
14:55:39.0321 5136 msdsm - ok
14:55:39.0337 5136 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC
C:\Windows\System32\msdtc.exe
14:55:39.0352 5136 MSDTC - ok
14:55:39.0368 5136 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs
C:\Windows\system32\drivers\Msfs.sys
14:55:39.0368 5136 Msfs - ok
14:55:39.0384 5136 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf
C:\Windows\System32\drivers\mshidkmdf.sys
14:55:39.0384 5136 mshidkmdf - ok
14:55:39.0399 5136 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv
C:\Windows\system32\drivers\msisadrv.sys
14:55:39.0399 5136 msisadrv - ok
14:55:39.0430 5136 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI
C:\Windows\system32\iscsiexe.dll
14:55:39.0446 5136 MSiSCSI - ok
14:55:39.0462 5136 msiserver - ok
14:55:39.0493 5136 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV
C:\Windows\system32\drivers\MSKSSRV.sys
14:55:39.0493 5136 MSKSSRV - ok
14:55:39.0524 5136 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK
C:\Windows\system32\drivers\MSPCLOCK.sys
14:55:39.0524 5136 MSPCLOCK - ok
14:55:39.0555 5136 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM
C:\Windows\system32\drivers\MSPQM.sys
14:55:39.0555 5136 MSPQM - ok
14:55:39.0586 5136 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC
C:\Windows\system32\drivers\MsRPC.sys
14:55:39.0586 5136 MsRPC - ok
14:55:39.0602 5136 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios
C:\Windows\system32\DRIVERS\mssmbios.sys
14:55:39.0602 5136 mssmbios - ok
14:55:39.0618 5136 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE
C:\Windows\system32\drivers\MSTEE.sys
14:55:39.0618 5136 MSTEE - ok
14:55:39.0633 5136 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig
C:\Windows\system32\DRIVERS\MTConfig.sys
14:55:39.0633 5136 MTConfig - ok
14:55:39.0649 5136 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup
C:\Windows\system32\Drivers\mup.sys
14:55:39.0649 5136 Mup - ok
14:55:39.0711 5136 [ F2840DBFE9322F35557219AE82CC4597 ] N360
C:\Program Files (x86)\Norton 360 Premier
Edition\Engine\6.4.0.9\ccSvcHst.exe
14:55:39.0711 5136 N360 - ok
14:55:39.0758 5136 [ 582AC6D9873E31DFA28A4547270862DD ] napagent
C:\Windows\system32\qagentRT.dll
14:55:39.0774 5136 napagent - ok
14:55:39.0805 5136 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP
C:\Windows\system32\DRIVERS\nwifi.sys
14:55:39.0820 5136 NativeWifiP - ok
14:55:39.0883 5136 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121205.002\ENG64.SYS
14:55:39.0883 5136 NAVENG - ok
14:55:39.0945 5136 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121205.002\EX64.SYS
14:55:39.0976 5136 NAVEX15 - ok
14:55:40.0008 5136 [ 760E38053BF56E501D562B70AD796B88 ] NDIS
C:\Windows\system32\drivers\ndis.sys
14:55:40.0023 5136 NDIS - ok
14:55:40.0039 5136 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap
C:\Windows\system32\DRIVERS\ndiscap.sys
14:55:40.0039 5136 NdisCap - ok
14:55:40.0070 5136 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi
C:\Windows\system32\DRIVERS\ndistapi.sys
14:55:40.0070 5136 NdisTapi - ok
14:55:40.0086 5136 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio
C:\Windows\system32\DRIVERS\ndisuio.sys
14:55:40.0086 5136 Ndisuio - ok
14:55:40.0117 5136 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan
C:\Windows\system32\DRIVERS\ndiswan.sys
14:55:40.0117 5136 NdisWan - ok
14:55:40.0132 5136 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy
C:\Windows\system32\drivers\NDProxy.sys
14:55:40.0132 5136 NDProxy - ok
14:55:40.0148 5136 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS
C:\Windows\system32\DRIVERS\netbios.sys
14:55:40.0148 5136 NetBIOS - ok
14:55:40.0164 5136 [ 09594D1089C523423B32A4229263F068 ] NetBT
C:\Windows\system32\DRIVERS\netbt.sys
14:55:40.0179 5136 NetBT - ok
14:55:40.0179 5136 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon
C:\Windows\system32\lsass.exe
14:55:40.0179 5136 Netlogon - ok
14:55:40.0226 5136 [ 847D3AE376C0817161A14A82C8922A9E ] Netman
C:\Windows\System32\netman.dll
14:55:40.0242 5136 Netman - ok
14:55:40.0304 5136 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:55:40.0335 5136 NetMsmqActivator - ok
14:55:40.0351 5136 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:55:40.0351 5136 NetPipeActivator - ok
14:55:40.0429 5136 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm
C:\Windows\System32\netprofm.dll
14:55:40.0444 5136 netprofm - ok
14:55:40.0444 5136 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:55:40.0444 5136 NetTcpActivator - ok
14:55:40.0460 5136 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:55:40.0460 5136 NetTcpPortSharing - ok
14:55:40.0476 5136 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960
C:\Windows\system32\drivers\nfrd960.sys
14:55:40.0476 5136 nfrd960 - ok
14:55:40.0522 5136 [ 8AD77806D336673F270DB31645267293 ] NlaSvc
C:\Windows\System32\nlasvc.dll
14:55:40.0538 5136 NlaSvc - ok
14:55:40.0554 5136 [ 40777BD92D73A8FF3B252E4F4881E672 ] nlsInterface
C:\Windows\system32\nlsInterface.exe
14:55:40.0554 5136 nlsInterface - ok
14:55:40.0585 5136 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs
C:\Windows\system32\drivers\Npfs.sys
14:55:40.0585 5136 Npfs - ok
14:55:40.0600 5136 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi
C:\Windows\system32\nsisvc.dll
14:55:40.0600 5136 nsi - ok
14:55:40.0616 5136 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy
C:\Windows\system32\drivers\nsiproxy.sys
14:55:40.0616 5136 nsiproxy - ok
14:55:40.0678 5136 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs
C:\Windows\system32\drivers\Ntfs.sys
14:55:40.0741 5136 Ntfs - ok
14:55:40.0756 5136 [ 9899284589F75FA8724FF3D16AED75C1 ] Null
C:\Windows\system32\drivers\Null.sys
14:55:40.0756 5136 Null - ok
14:55:40.0788 5136 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub
C:\Windows\system32\DRIVERS\nusb3hub.sys
14:55:40.0788 5136 nusb3hub - ok
14:55:40.0803 5136 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc
C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:55:40.0819 5136 nusb3xhc - ok
14:55:40.0850 5136 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA
C:\Windows\system32\drivers\nvhda64v.sys
14:55:40.0850 5136 NVHDA - ok
14:55:41.0100 5136 [ 6A6C8CADDA53AD779C8C85AA4A0DC486 ] nvlddmkm
C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:55:41.0162 5136 nvlddmkm - ok
14:55:41.0193 5136 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid
C:\Windows\system32\drivers\nvraid.sys
14:55:41.0193 5136 nvraid - ok
14:55:41.0224 5136 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor
C:\Windows\system32\drivers\nvstor.sys
14:55:41.0224 5136 nvstor - ok
14:55:41.0287 5136 [ 9021696BC27ADC435037C4CA8589CD1B ] NVSvc
C:\Windows\system32\nvvsvc.exe
14:55:41.0318 5136 NVSvc - ok
14:55:41.0334 5136 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp
C:\Windows\system32\drivers\nv_agp.sys
14:55:41.0349 5136 nv_agp - ok
14:55:41.0365 5136 [ 062682C906DBB3E653994105C359A273 ] NWLowRider
C:\Windows\system32\DRIVERS\NWLowRider.sys
14:55:41.0365 5136 NWLowRider - ok
14:55:41.0380 5136 [ DAAFEACB4F13A301988E390D25C2C7A7 ] NWWakeFilterLR
C:\Windows\system32\DRIVERS\NWWakeFilterLR.sys
14:55:41.0380 5136 NWWakeFilterLR - ok
14:55:41.0443 5136 [ 1D2DB985CB27A4B238E418BD5B25E7F2 ] Oasis2Service
C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
14:55:41.0443 5136 Oasis2Service - ok
14:55:41.0458 5136 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394
C:\Windows\system32\drivers\ohci1394.sys
14:55:41.0474 5136 ohci1394 - ok
14:55:41.0552 5136 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:55:41.0568 5136 ose - ok
14:55:41.0724 5136 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc
C:\Program Files\Common Files\Microsoft
Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:55:41.0802 5136 osppsvc - ok
14:55:41.0848 5136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc
C:\Windows\system32\pnrpsvc.dll
14:55:41.0864 5136 p2pimsvc - ok
14:55:41.0864 5136 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc
C:\Windows\system32\p2psvc.dll
14:55:41.0895 5136 p2psvc - ok
14:55:41.0926 5136 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport
C:\Windows\system32\drivers\parport.sys
14:55:41.0942 5136 Parport - ok
14:55:41.0958 5136 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr
C:\Windows\system32\drivers\partmgr.sys
14:55:41.0989 5136 partmgr - ok
14:55:42.0020 5136 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc
C:\Windows\System32\pcasvc.dll
14:55:42.0020 5136 PcaSvc - ok
14:55:42.0036 5136 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci
C:\Windows\system32\drivers\pci.sys
14:55:42.0036 5136 pci - ok
14:55:42.0051 5136 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide
C:\Windows\system32\drivers\pciide.sys
14:55:42.0051 5136 pciide - ok
14:55:42.0067 5136 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia
C:\Windows\system32\drivers\pcmcia.sys
14:55:42.0067 5136 pcmcia - ok
14:55:42.0082 5136 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw
C:\Windows\system32\drivers\pcw.sys
14:55:42.0082 5136 pcw - ok
14:55:42.0114 5136 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH
C:\Windows\system32\drivers\peauth.sys
14:55:42.0114 5136 PEAUTH - ok
14:55:42.0176 5136 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc
C:\Windows\system32\peerdistsvc.dll
14:55:42.0223 5136 PeerDistSvc - ok
14:55:42.0363 5136 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost
C:\Windows\SysWow64\perfhost.exe
14:55:42.0379 5136 PerfHost - ok
14:55:42.0519 5136 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla
C:\Windows\system32\pla.dll
14:55:42.0566 5136 pla - ok
14:55:42.0613 5136 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay
C:\Windows\system32\umpnpmgr.dll
14:55:42.0628 5136 PlugPlay - ok
14:55:42.0753 5136 [ 63694C307273062A2167AE4CE80730EF ]
PMBDeviceInfoProvider C:\Program Files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:55:42.0753 5136 PMBDeviceInfoProvider - ok
14:55:42.0769 5136 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg
C:\Windows\system32\pnrpauto.dll
14:55:42.0784 5136 PNRPAutoReg - ok
14:55:42.0800 5136 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc
C:\Windows\system32\pnrpsvc.dll
14:55:42.0816 5136 PNRPsvc - ok
14:55:42.0862 5136 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent
C:\Windows\System32\ipsecsvc.dll
14:55:42.0862 5136 PolicyAgent - ok
14:55:42.0878 5136 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power
C:\Windows\system32\umpo.dll
14:55:42.0894 5136 Power - ok
14:55:42.0940 5136 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport
C:\Windows\system32\DRIVERS\raspptp.sys
14:55:42.0940 5136 PptpMiniport - ok
14:55:42.0956 5136 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor
C:\Windows\system32\drivers\processr.sys
14:55:42.0956 5136 Processor - ok
14:55:42.0987 5136 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc
C:\Windows\system32\profsvc.dll
14:55:42.0987 5136 ProfSvc - ok
14:55:43.0018 5136 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage
C:\Windows\system32\lsass.exe
14:55:43.0018 5136 ProtectedStorage - ok
14:55:43.0112 5136 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing
C:\Windows\SysWOW64\PSIService.exe
14:55:43.0128 5136 ProtexisLicensing - ok
14:55:43.0237 5136 [ 0557CF5A2556BD58E26384169D72438D ] Psched
C:\Windows\system32\DRIVERS\pacer.sys
14:55:43.0237 5136 Psched - ok
14:55:43.0330 5136 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2
C:\Program Files (x86)\Common Files\Protexis\License
Service\PsiService_2.exe
14:55:43.0330 5136 PSI_SVC_2 - ok
14:55:43.0346 5136 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64
C:\Windows\system32\Drivers\PxHlpa64.sys
14:55:43.0346 5136 PxHlpa64 - ok
14:55:43.0408 5136 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300
C:\Windows\system32\drivers\ql2300.sys
14:55:43.0440 5136 ql2300 - ok
14:55:43.0455 5136 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx
C:\Windows\system32\drivers\ql40xx.sys
14:55:43.0471 5136 ql40xx - ok
14:55:43.0502 5136 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE
C:\Windows\system32\qwave.dll
14:55:43.0502 5136 QWAVE - ok
14:55:43.0533 5136 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv
C:\Windows\system32\drivers\qwavedrv.sys
14:55:43.0533 5136 QWAVEdrv - ok
14:55:43.0549 5136 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd
C:\Windows\system32\DRIVERS\rasacd.sys
14:55:43.0549 5136 RasAcd - ok
14:55:43.0596 5136 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn
C:\Windows\system32\DRIVERS\AgileVpn.sys
14:55:43.0596 5136 RasAgileVpn - ok
14:55:43.0611 5136 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto
C:\Windows\System32\rasauto.dll
14:55:43.0611 5136 RasAuto - ok
14:55:43.0611 5136 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp
C:\Windows\system32\DRIVERS\rasl2tp.sys
14:55:43.0627 5136 Rasl2tp - ok
14:55:43.0642 5136 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan
C:\Windows\System32\rasmans.dll
14:55:43.0642 5136 RasMan - ok
14:55:43.0658 5136 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe
C:\Windows\system32\DRIVERS\raspppoe.sys
14:55:43.0658 5136 RasPppoe - ok
14:55:43.0674 5136 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp
C:\Windows\system32\DRIVERS\rassstp.sys
14:55:43.0674 5136 RasSstp - ok
14:55:43.0705 5136 [ 77F665941019A1594D887A74F301FA2F ] rdbss
C:\Windows\system32\DRIVERS\rdbss.sys
14:55:43.0705 5136 rdbss - ok
14:55:43.0720 5136 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus
C:\Windows\system32\DRIVERS\rdpbus.sys
14:55:43.0720 5136 rdpbus - ok
14:55:43.0736 5136 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD
C:\Windows\system32\DRIVERS\RDPCDD.sys
14:55:43.0736 5136 RDPCDD - ok
14:55:43.0752 5136 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR
C:\Windows\system32\drivers\rdpdr.sys
14:55:43.0767 5136 RDPDR - ok
14:55:43.0783 5136 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD
C:\Windows\system32\drivers\rdpencdd.sys
14:55:43.0783 5136 RDPENCDD - ok
14:55:43.0798 5136 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP
C:\Windows\system32\drivers\rdprefmp.sys
14:55:43.0798 5136 RDPREFMP - ok
14:55:43.0845 5136 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD
C:\Windows\system32\drivers\RDPWD.sys
14:55:43.0861 5136 RDPWD - ok
14:55:43.0892 5136 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost
C:\Windows\system32\drivers\rdyboost.sys
14:55:43.0908 5136 rdyboost - ok
14:55:43.0939 5136 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi
C:\Windows\system32\drivers\regi.sys
14:55:43.0939 5136 regi - ok
14:55:43.0954 5136 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess
C:\Windows\System32\mprdim.dll
14:55:43.0970 5136 RemoteAccess - ok
14:55:43.0986 5136 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry
C:\Windows\system32\regsvc.dll
14:55:44.0001 5136 RemoteRegistry - ok
14:55:44.0032 5136 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM
C:\Windows\system32\DRIVERS\rfcomm.sys
14:55:44.0032 5136 RFCOMM - ok
14:55:44.0048 5136 [ FF71ECB1B121C6273EC4C45EDDBC4FE4 ] rimspci
C:\Windows\system32\DRIVERS\rimssne64.sys
14:55:44.0048 5136 rimspci - ok
14:55:44.0064 5136 [ E33075C22C14C57095F037253F936BB8 ] risdsnpe
C:\Windows\system32\DRIVERS\risdsnxc64.sys
14:55:44.0064 5136 risdsnpe - ok
14:55:44.0126 5136 [ 65226131770B22EF24FB869AD821DE47 ] Roxio UPnP Renderer
10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
14:55:44.0142 5136 Roxio UPnP Renderer 10 - ok
14:55:44.0173 5136 [ 2A3D24E83E5F63BF4A0220FDD23457CB ] Roxio Upnp Server
10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
14:55:44.0173 5136 Roxio Upnp Server 10 - ok
14:55:44.0188 5136 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper
C:\Windows\System32\RpcEpMap.dll
14:55:44.0188 5136 RpcEptMapper - ok
14:55:44.0220 5136 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator
C:\Windows\system32\locator.exe
14:55:44.0220 5136 RpcLocator - ok
14:55:44.0251 5136 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs
C:\Windows\System32\rpcss.dll
14:55:44.0251 5136 RpcSs - ok
14:55:44.0266 5136 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr
C:\Windows\system32\DRIVERS\rspndr.sys
14:55:44.0266 5136 rspndr - ok
14:55:44.0298 5136 [ 4FE1CEF69D36E913738234303986FBB3 ] RTL8167
C:\Windows\system32\DRIVERS\Rt64win7.sys
14:55:44.0313 5136 RTL8167 - ok
14:55:44.0329 5136 [ E60C0A09F997826C7627B244195AB581 ] s3cap
C:\Windows\system32\drivers\vms3cap.sys
14:55:44.0329 5136 s3cap - ok
14:55:44.0376 5136 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs
C:\Windows\system32\lsass.exe
14:55:44.0376 5136 SamSs - ok
14:55:44.0391 5136 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port
C:\Windows\system32\drivers\sbp2port.sys
14:55:44.0391 5136 sbp2port - ok
14:55:44.0438 5136 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr
C:\Windows\System32\SCardSvr.dll
14:55:44.0438 5136 SCardSvr - ok
14:55:44.0469 5136 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter
C:\Windows\system32\DRIVERS\scfilter.sys
14:55:44.0469 5136 scfilter - ok
14:55:44.0500 5136 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule
C:\Windows\system32\schedsvc.dll
14:55:44.0516 5136 Schedule - ok
14:55:44.0547 5136 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc
C:\Windows\System32\certprop.dll
14:55:44.0547 5136 SCPolicySvc - ok
14:55:44.0563 5136 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus
C:\Windows\system32\DRIVERS\sdbus.sys
14:55:44.0578 5136 sdbus - ok
14:55:44.0594 5136 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC
C:\Windows\System32\SDRSVC.dll
14:55:44.0594 5136 SDRSVC - ok
14:55:44.0610 5136 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv
C:\Windows\system32\drivers\secdrv.sys
14:55:44.0625 5136 secdrv - ok
14:55:44.0656 5136 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon
C:\Windows\system32\seclogon.dll
14:55:44.0656 5136 seclogon - ok
14:55:44.0672 5136 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS
C:\Windows\system32\sens.dll
14:55:44.0672 5136 SENS - ok
14:55:44.0703 5136 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc
C:\Windows\system32\sensrsvc.dll
14:55:44.0703 5136 SensrSvc - ok
14:55:44.0734 5136 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum
C:\Windows\system32\drivers\serenum.sys
14:55:44.0734 5136 Serenum - ok
14:55:44.0766 5136 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial
C:\Windows\system32\drivers\serial.sys
14:55:44.0766 5136 Serial - ok
14:55:44.0797 5136 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse
C:\Windows\system32\drivers\sermouse.sys
14:55:44.0797 5136 sermouse - ok
14:55:44.0828 5136 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv
C:\Windows\system32\sessenv.dll
14:55:44.0828 5136 SessionEnv - ok
14:55:44.0844 5136 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP
C:\Windows\system32\DRIVERS\SFEP.sys
14:55:44.0844 5136 SFEP - ok
14:55:44.0859 5136 [ A554811BCD09279536440C964AE35BBF ] sffdisk
C:\Windows\system32\drivers\sffdisk.sys
14:55:44.0875 5136 sffdisk - ok
14:55:44.0890 5136 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc
C:\Windows\system32\drivers\sffp_mmc.sys
14:55:44.0890 5136 sffp_mmc - ok
14:55:44.0906 5136 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd
C:\Windows\system32\drivers\sffp_sd.sys
14:55:44.0906 5136 sffp_sd - ok
14:55:44.0922 5136 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy
C:\Windows\system32\drivers\sfloppy.sys
14:55:44.0922 5136 sfloppy - ok
14:55:44.0953 5136 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess
C:\Windows\System32\ipnathlp.dll
14:55:44.0953 5136 SharedAccess - ok
14:55:44.0984 5136 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection
C:\Windows\System32\shsvcs.dll
14:55:44.0984 5136 ShellHWDetection - ok
14:55:45.0000 5136 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2
C:\Windows\system32\drivers\SiSRaid2.sys
14:55:45.0000 5136 SiSRaid2 - ok
14:55:45.0015 5136 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4
C:\Windows\system32\drivers\sisraid4.sys
14:55:45.0015 5136 SiSRaid4 - ok
14:55:45.0046 5136 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb
C:\Windows\system32\DRIVERS\smb.sys
14:55:45.0046 5136 Smb - ok
14:55:45.0078 5136 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP
C:\Windows\System32\snmptrap.exe
14:55:45.0093 5136 SNMPTRAP - ok
14:55:45.0156 5136 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:55:45.0156 5136 SOHCImp - ok
14:55:45.0187 5136 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:55:45.0187 5136 SOHDs - ok
14:55:45.0296 5136 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment
Platform\SPF\SpfService64.exe
14:55:45.0312 5136 SpfService - ok
14:55:45.0327 5136 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr
C:\Windows\system32\drivers\spldr.sys
14:55:45.0327 5136 spldr - ok
14:55:45.0358 5136 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler
C:\Windows\System32\spoolsv.exe
14:55:45.0374 5136 Spooler - ok
14:55:45.0468 5136 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc
C:\Windows\system32\sppsvc.exe
14:55:45.0592 5136 sppsvc - ok
14:55:45.0608 5136 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify
C:\Windows\system32\sppuinotify.dll
14:55:45.0608 5136 sppuinotify - ok
14:55:45.0686 5136 [ 891793E00432FA055CF040605C260E49 ] SRTSP
C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
14:55:45.0702 5136 SRTSP - ok
14:55:45.0733 5136 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX
C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
14:55:45.0748 5136 SRTSPX - ok
14:55:45.0780 5136 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv
C:\Windows\system32\DRIVERS\srv.sys
14:55:45.0795 5136 srv - ok
14:55:45.0826 5136 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2
C:\Windows\system32\DRIVERS\srv2.sys
14:55:45.0842 5136 srv2 - ok
14:55:45.0873 5136 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet
C:\Windows\system32\DRIVERS\srvnet.sys
14:55:45.0873 5136 srvnet - ok
14:55:45.0904 5136 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV
C:\Windows\System32\ssdpsrv.dll
14:55:45.0904 5136 SSDPSRV - ok
14:55:45.0920 5136 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc
C:\Windows\system32\sstpsvc.dll
14:55:45.0920 5136 SstpSvc - ok
14:55:46.0029 5136 [ 59DC3CE2716F423BD075238C6A5260BE ] Stereo Service
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:55:46.0045 5136 Stereo Service - ok
14:55:46.0060 5136 [ F3817967ED533D08327DC73BC4D5542A ] stexstor
C:\Windows\system32\drivers\stexstor.sys
14:55:46.0060 5136 stexstor - ok
14:55:46.0107 5136 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc
C:\Windows\System32\wiaservc.dll
14:55:46.0123 5136 stisvc - ok
14:55:46.0185 5136 [ 7785DC213270D2FC066538DAF94087E7 ] storflt
C:\Windows\system32\drivers\vmstorfl.sys
14:55:46.0201 5136 storflt - ok
14:55:46.0201 5136 [ C40841817EF57D491F22EB103DA587CC ] StorSvc
C:\Windows\system32\storsvc.dll
14:55:46.0216 5136 StorSvc - ok
14:55:46.0232 5136 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc
C:\Windows\system32\drivers\storvsc.sys
14:55:46.0232 5136 storvsc - ok
14:55:46.0248 5136 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum
C:\Windows\system32\DRIVERS\swenum.sys
14:55:46.0248 5136 swenum - ok
14:55:46.0279 5136 [ E08E46FDD841B7184194011CA1955A0B ] swprv
C:\Windows\System32\swprv.dll
14:55:46.0294 5136 swprv - ok
14:55:46.0326 5136 [ 8B2430762099598DA40686F754632EFD ] SymDS
C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
14:55:46.0357 5136 SymDS - ok
14:55:46.0388 5136 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA
C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
14:55:46.0435 5136 SymEFA - ok
14:55:46.0450 5136 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:55:46.0482 5136 SymEvent - ok
14:55:46.0497 5136 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON
C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
14:55:46.0497 5136 SymIRON - ok
14:55:46.0528 5136 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS
C:\Windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS
14:55:46.0528 5136 SymNetS - ok
14:55:46.0606 5136 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain
C:\Windows\system32\sysmain.dll
14:55:46.0638 5136 SysMain - ok
14:55:46.0653 5136 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService
C:\Windows\System32\TabSvc.dll
14:55:46.0653 5136 TabletInputService - ok
14:55:46.0669 5136 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv
C:\Windows\System32\tapisrv.dll
14:55:46.0684 5136 TapiSrv - ok
14:55:46.0684 5136 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS
C:\Windows\System32\tbssvc.dll
14:55:46.0684 5136 TBS - ok
14:55:46.0747 5136 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip
C:\Windows\system32\drivers\tcpip.sys
14:55:46.0809 5136 Tcpip - ok
14:55:46.0872 5136 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6
C:\Windows\system32\DRIVERS\tcpip.sys
14:55:46.0887 5136 TCPIP6 - ok
14:55:46.0903 5136 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg
C:\Windows\system32\drivers\tcpipreg.sys
14:55:46.0918 5136 tcpipreg - ok
14:55:46.0934 5136 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE
C:\Windows\system32\drivers\tdpipe.sys
14:55:46.0934 5136 TDPIPE - ok
14:55:46.0965 5136 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP
C:\Windows\system32\drivers\tdtcp.sys
14:55:46.0981 5136 TDTCP - ok
14:55:47.0012 5136 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx
C:\Windows\system32\DRIVERS\tdx.sys
14:55:47.0028 5136 tdx - ok
14:55:47.0059 5136 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD
C:\Windows\system32\DRIVERS\termdd.sys
14:55:47.0059 5136 TermDD - ok
14:55:47.0090 5136 [ 2E648163254233755035B46DD7B89123 ] TermService
C:\Windows\System32\termsrv.dll
14:55:47.0106 5136 TermService - ok
14:55:47.0121 5136 [ F0344071948D1A1FA732231785A0664C ] Themes
C:\Windows\system32\themeservice.dll
14:55:47.0121 5136 Themes - ok
14:55:47.0152 5136 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER
C:\Windows\system32\mmcss.dll
14:55:47.0152 5136 THREADORDER - ok
14:55:47.0168 5136 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks
C:\Windows\System32\trkwks.dll
14:55:47.0184 5136 TrkWks - ok
14:55:47.0230 5136 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller
C:\Windows\servicing\TrustedInstaller.exe
14:55:47.0230 5136 TrustedInstaller - ok
14:55:47.0262 5136 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv
C:\Windows\system32\DRIVERS\tssecsrv.sys
14:55:47.0262 5136 tssecsrv - ok
14:55:47.0277 5136 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt
C:\Windows\system32\drivers\tsusbflt.sys
14:55:47.0293 5136 TsUsbFlt - ok
14:55:47.0293 5136 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD
C:\Windows\system32\drivers\TsUsbGD.sys
14:55:47.0308 5136 TsUsbGD - ok
14:55:47.0324 5136 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel
C:\Windows\system32\DRIVERS\tunnel.sys
14:55:47.0324 5136 tunnel - ok
14:55:47.0340 5136 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35
C:\Windows\system32\drivers\uagp35.sys
14:55:47.0340 5136 uagp35 - ok
14:55:47.0418 5136 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
14:55:47.0418 5136 uCamMonitor - ok
14:55:47.0449 5136 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs
C:\Windows\system32\DRIVERS\udfs.sys
14:55:47.0464 5136 udfs - ok
14:55:47.0496 5136 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect
C:\Windows\system32\UI0Detect.exe
14:55:47.0496 5136 UI0Detect - ok
14:55:47.0511 5136 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx
C:\Windows\system32\drivers\uliagpkx.sys
14:55:47.0527 5136 uliagpkx - ok
14:55:47.0558 5136 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus
C:\Windows\system32\DRIVERS\umbus.sys
14:55:47.0558 5136 umbus - ok
14:55:47.0574 5136 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass
C:\Windows\system32\drivers\umpass.sys
14:55:47.0574 5136 UmPass - ok
14:55:47.0589 5136 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService
C:\Windows\System32\umrdp.dll
14:55:47.0605 5136 UmRdpService - ok
14:55:47.0745 5136 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS
C:\Program Files (x86)\Intel\Intel® Management Engine
Components\UNS\UNS.exe
14:55:47.0808 5136 UNS - ok
14:55:47.0823 5136 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost
C:\Windows\System32\upnphost.dll
14:55:47.0823 5136 upnphost - ok
14:55:47.0823 5136 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp
C:\Windows\system32\DRIVERS\usbccgp.sys
14:55:47.0839 5136 usbccgp - ok
14:55:47.0854 5136 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir
C:\Windows\system32\drivers\usbcir.sys
14:55:47.0854 5136 usbcir - ok
14:55:47.0870 5136 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci
C:\Windows\system32\DRIVERS\usbehci.sys
14:55:47.0886 5136 usbehci - ok
14:55:47.0901 5136 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub
C:\Windows\system32\DRIVERS\usbhub.sys
14:55:47.0901 5136 usbhub - ok
14:55:47.0917 5136 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci
C:\Windows\system32\drivers\usbohci.sys
14:55:47.0917 5136 usbohci - ok
14:55:47.0932 5136 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint
C:\Windows\system32\DRIVERS\usbprint.sys
14:55:47.0932 5136 usbprint - ok
14:55:47.0948 5136 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan
C:\Windows\system32\DRIVERS\usbscan.sys
14:55:47.0948 5136 usbscan - ok
14:55:47.0964 5136 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR
C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:55:47.0964 5136 USBSTOR - ok
14:55:47.0979 5136 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci
C:\Windows\system32\drivers\usbuhci.sys
14:55:47.0979 5136 usbuhci - ok
14:55:48.0010 5136 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo
C:\Windows\system32\Drivers\usbvideo.sys
14:55:48.0010 5136 usbvideo - ok
14:55:48.0010 5136 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms
C:\Windows\System32\uxsms.dll
14:55:48.0010 5136 UxSms - ok
14:55:48.0073 5136 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:55:48.0073 5136 VAIO Event Service - ok
14:55:48.0182 5136 [ EF7CF87F940F9104A3079F839BDC60C5 ] VAIO Power
Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:55:48.0182 5136 VAIO Power Management - ok
14:55:48.0213 5136 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc
C:\Windows\system32\lsass.exe
14:55:48.0229 5136 VaultSvc - ok
14:55:48.0291 5136 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder
Watcher\VCFw.exe
14:55:48.0338 5136 VCFw - ok
14:55:48.0385 5136 [ BFFDE5AF83DBEF61F8AFE1781482521D ] VcmIAlzMgr
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:55:48.0400 5136 VcmIAlzMgr - ok
14:55:48.0463 5136 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:55:48.0494 5136 VcmINSMgr - ok
14:55:48.0541 5136 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper
C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:55:48.0556 5136 VcmXmlIfHelper - ok
14:55:48.0603 5136 [ D347D3ABE070AA09C22FC37121555D52 ] VCService
C:\Program Files\Sony\VAIO Care\VCService.exe
14:55:48.0603 5136 VCService - ok
14:55:48.0619 5136 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot
C:\Windows\system32\drivers\vdrvroot.sys
14:55:48.0634 5136 vdrvroot - ok
14:55:48.0681 5136 [ 8D6B481601D01A456E75C3210F1830BE ] vds
C:\Windows\System32\vds.exe
14:55:48.0681 5136 vds - ok
14:55:48.0712 5136 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga
C:\Windows\system32\DRIVERS\vgapnp.sys
14:55:48.0712 5136 vga - ok
14:55:48.0728 5136 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave
C:\Windows\System32\drivers\vga.sys
14:55:48.0728 5136 VgaSave - ok
14:55:48.0759 5136 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp
C:\Windows\system32\drivers\vhdmp.sys
14:55:48.0759 5136 vhdmp - ok
14:55:48.0775 5136 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide
C:\Windows\system32\drivers\viaide.sys
14:55:48.0775 5136 viaide - ok
14:55:48.0790 5136 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus
C:\Windows\system32\drivers\vmbus.sys
14:55:48.0806 5136 vmbus - ok
14:55:48.0822 5136 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID
C:\Windows\system32\drivers\VMBusHID.sys
14:55:48.0822 5136 VMBusHID - ok
14:55:48.0837 5136 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr
C:\Windows\system32\drivers\volmgr.sys
14:55:48.0853 5136 volmgr - ok
14:55:48.0868 5136 [ A255814907C89BE58B79EF2F189B843B ] volmgrx
C:\Windows\system32\drivers\volmgrx.sys
14:55:48.0884 5136 volmgrx - ok
14:55:48.0900 5136 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap
C:\Windows\system32\drivers\volsnap.sys
14:55:48.0900 5136 volsnap - ok
14:55:48.0915 5136 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus
C:\Windows\system32\DRIVERS\vpchbus.sys
14:55:48.0931 5136 vpcbus - ok
14:55:48.0931 5136 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr
C:\Windows\system32\DRIVERS\vpcnfltr.sys
14:55:48.0931 5136 vpcnfltr - ok
14:55:48.0962 5136 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb
C:\Windows\system32\DRIVERS\vpcusb.sys
14:55:48.0962 5136 vpcusb - ok
14:55:48.0993 5136 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm
C:\Windows\system32\drivers\vpcvmm.sys
14:55:48.0993 5136 vpcvmm - ok
14:55:49.0024 5136 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid
C:\Windows\system32\drivers\vsmraid.sys
14:55:49.0040 5136 vsmraid - ok
14:55:49.0087 5136 [ 03F6F618367CB16A2176B8DB4215D1F9 ] VSNService
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:55:49.0102 5136 VSNService - ok
14:55:49.0149 5136 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS
C:\Windows\system32\vssvc.exe
14:55:49.0180 5136 VSS - ok
14:55:49.0258 5136 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
14:55:49.0274 5136 VUAgent - ok
14:55:49.0305 5136 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus
C:\Windows\system32\DRIVERS\vwifibus.sys
14:55:49.0305 5136 vwifibus - ok
14:55:49.0321 5136 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt
C:\Windows\system32\DRIVERS\vwififlt.sys
14:55:49.0321 5136 vwififlt - ok
14:55:49.0352 5136 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time
C:\Windows\system32\w32time.dll
14:55:49.0352 5136 W32Time - ok
14:55:49.0368 5136 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen
C:\Windows\system32\drivers\wacompen.sys
14:55:49.0368 5136 WacomPen - ok
14:55:49.0399 5136 [ 356AFD78A6ED4457169241AC3965230C ] WANARP
C:\Windows\system32\DRIVERS\wanarp.sys
14:55:49.0399 5136 WANARP - ok
14:55:49.0399 5136 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6
C:\Windows\system32\DRIVERS\wanarp.sys
14:55:49.0399 5136 Wanarpv6 - ok
14:55:49.0477 5136 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc
C:\Windows\system32\Wat\WatAdminSvc.exe
14:55:49.0508 5136 WatAdminSvc - ok
14:55:49.0586 5136 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine
C:\Windows\system32\wbengine.exe
14:55:49.0602 5136 wbengine - ok
14:55:49.0633 5136 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc
C:\Windows\System32\wbiosrvc.dll
14:55:49.0633 5136 WbioSrvc - ok
14:55:49.0648 5136 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc
C:\Windows\System32\wcncsvc.dll
14:55:49.0664 5136 wcncsvc - ok
14:55:49.0664 5136 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService
C:\Windows\System32\WcsPlugInService.dll
14:55:49.0680 5136 WcsPlugInService - ok
14:55:49.0680 5136 [ 72889E16FF12BA0F235467D6091B17DC ] Wd
C:\Windows\system32\drivers\wd.sys
14:55:49.0680 5136 Wd - ok
14:55:49.0726 5136 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000
C:\Windows\system32\drivers\Wdf01000.sys
14:55:49.0742 5136 Wdf01000 - ok
14:55:49.0758 5136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost
C:\Windows\system32\wdi.dll
14:55:49.0758 5136 WdiServiceHost - ok
14:55:49.0758 5136 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost
C:\Windows\system32\wdi.dll
14:55:49.0773 5136 WdiSystemHost - ok
14:55:49.0789 5136 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient
C:\Windows\System32\webclnt.dll
14:55:49.0804 5136 WebClient - ok
14:55:49.0820 5136 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc
C:\Windows\system32\wecsvc.dll
14:55:49.0836 5136 Wecsvc - ok
14:55:49.0851 5136 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport
C:\Windows\System32\wercplsupport.dll
14:55:49.0851 5136 wercplsupport - ok
14:55:49.0882 5136 [ 6D137963730144698CBD10F202E9F251 ] WerSvc
C:\Windows\System32\WerSvc.dll
14:55:49.0882 5136 WerSvc - ok
14:55:49.0898 5136 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf
C:\Windows\system32\DRIVERS\wfplwf.sys
14:55:49.0898 5136 WfpLwf - ok
14:55:49.0898 5136 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount
C:\Windows\system32\drivers\wimmount.sys
14:55:49.0898 5136 WIMMount - ok
14:55:49.0929 5136 WinDefend - ok
14:55:49.0929 5136 WinHttpAutoProxySvc - ok
14:55:50.0007 5136 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt
C:\Windows\system32\wbem\WMIsvc.dll
14:55:50.0007 5136 Winmgmt - ok
14:55:50.0101 5136 [ BCB1310604AA415C4508708975B3931E ] WinRM
C:\Windows\system32\WsmSvc.dll
14:55:50.0179 5136 WinRM - ok
14:55:50.0226 5136 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb
C:\Windows\system32\DRIVERS\WinUsb.sys
14:55:50.0241 5136 WinUsb - ok
14:55:50.0304 5136 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc
C:\Windows\System32\wlansvc.dll
14:55:50.0335 5136 Wlansvc - ok
14:55:50.0366 5136 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc
C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:55:50.0382 5136 wlcrasvc - ok
14:55:50.0506 5136 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:55:50.0569 5136 wlidsvc - ok
14:55:50.0584 5136 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi
C:\Windows\system32\drivers\wmiacpi.sys
14:55:50.0584 5136 WmiAcpi - ok
14:55:50.0616 5136 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv
C:\Windows\system32\wbem\WmiApSrv.exe
14:55:50.0616 5136 wmiApSrv - ok
14:55:50.0631 5136 WMPNetworkSvc - ok
14:55:50.0647 5136 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc
C:\Windows\System32\wpcsvc.dll
14:55:50.0662 5136 WPCSvc - ok
14:55:50.0678 5136 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum
C:\Windows\system32\wpdbusenum.dll
14:55:50.0694 5136 WPDBusEnum - ok
14:55:50.0709 5136 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl
C:\Windows\system32\drivers\ws2ifsl.sys
14:55:50.0709 5136 ws2ifsl - ok
14:55:50.0740 5136 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc
C:\Windows\system32\wscsvc.dll
14:55:50.0740 5136 wscsvc - ok
14:55:50.0740 5136 WSearch - ok
14:55:50.0818 5136 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv
C:\Windows\system32\wuaueng.dll
14:55:50.0865 5136 wuauserv - ok
14:55:50.0881 5136 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf
C:\Windows\system32\drivers\WudfPf.sys
14:55:50.0896 5136 WudfPf - ok
14:55:50.0928 5136 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd
C:\Windows\system32\DRIVERS\WUDFRd.sys
14:55:50.0943 5136 WUDFRd - ok
14:55:50.0974 5136 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc
C:\Windows\System32\WUDFSvc.dll
14:55:50.0974 5136 wudfsvc - ok
14:55:50.0990 5136 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc
C:\Windows\System32\wwansvc.dll
14:55:50.0990 5136 WwanSvc - ok
14:55:51.0006 5136 ================ Scan global
===============================
14:55:51.0037 5136 [ BA0CD8C393E8C9F83354106093832C7B ]
C:\Windows\system32\basesrv.dll
14:55:51.0084 5136 [ F46BBAAC1C4980F4D0DD463F190A42D3 ]
C:\Windows\system32\winsrv.dll
14:55:51.0115 5136 [ F46BBAAC1C4980F4D0DD463F190A42D3 ]
C:\Windows\system32\winsrv.dll
14:55:51.0146 5136 [ D6160F9D869BA3AF0B787F971DB56368 ]
C:\Windows\system32\sxssrv.dll
14:55:51.0193 5136 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ]
C:\Windows\system32\services.exe
14:55:51.0193 5136 [Global] - ok
14:55:51.0193 5136 ================ Scan MBR
==================================
14:55:51.0208 5136 [ A36C5E4F47E84449FF07ED3517B43A31 ]
\Device\Harddisk0\DR0
14:55:51.0520 5136 \Device\Harddisk0\DR0 - ok
14:55:51.0520 5136 ================ Scan VBR
==================================
14:55:51.0520 5136 [ 8373CB9ECFECA8B0195C285547DB94C4 ]
\Device\Harddisk0\DR0\Partition1
14:55:51.0536 5136 \Device\Harddisk0\DR0\Partition1 - ok
14:55:51.0536 5136 [ 3EC1969E7BDE713DCE976D850423C696 ]
\Device\Harddisk0\DR0\Partition2
14:55:51.0536 5136 \Device\Harddisk0\DR0\Partition2 - ok
14:55:51.0536 5136
============================================================
14:55:51.0536 5136 Scan finished
14:55:51.0536 5136
============================================================
14:55:51.0567 1260 Detected object count: 0
14:55:51.0567 1260 Actual detected object count: 0

#21
silviab

Posted 05 December 2012 - 05:29 PM

Member

Topic Starter
Member
54 posts

Here is my results from the aswMBR. I'm not sure exactly when this all started but the alert about Win32/Small.CA Virus was the day after, I think, was the window updates on Nov.14th. They automatically update. Maybe I should defrag my computer?

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-05 15:00:24
-----------------------------
15:00:24.895 OS Version: Windows x64 6.1.7601 Service Pack 1
15:00:24.895 Number of processors: 8 586 0x2A07
15:00:24.895 ComputerName: SILVIA-VAIO UserName: Silvia
15:00:27.375 Initialize success
15:14:59.506 AVAST engine defs: 12120501
15:16:39.299 Disk 0 (boot) \Device\Harddisk0\DR0 ->
\Device\Ide\IAAStorageDevice-1
15:16:39.314 Disk 0 Vendor: WDC_WD20 51.0 Size: 1907729MB BusType: 3
15:16:39.330 Disk 0 MBR read successfully
15:16:39.330 Disk 0 MBR scan
15:16:39.346 Disk 0 Windows 7 default MBR code
15:16:39.346 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS
17832 MB offset 2048
15:16:39.377 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100
MB offset 36521984
15:16:39.392 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1889795
MB offset 36726784
15:16:39.424 Disk 0 scanning C:\Windows\system32\drivers
15:16:47.832 Service scanning
15:17:08.237 Modules scanning
15:17:08.237 Disk 0 trace - called modules:
15:17:08.253 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
hal.dll
15:17:08.253 1 nt!IofCallDriver ->
\Device\Harddisk0\DR0[0xfffffa8009310790]
15:17:08.253 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver ->
[0xfffffa8007861400]
15:17:08.268 5 ACPI.sys[fffff88000fa37a1] -> nt!IofCallDriver ->
\Device\Ide\IAAStorageDevice-1[0xfffffa8007864050]
15:17:11.716 AVAST engine scan C:\Windows
15:17:17.207 AVAST engine scan C:\Windows\system32
15:20:28.401 AVAST engine scan C:\Windows\system32\drivers
15:20:42.503 AVAST engine scan C:\Users\Silvia
15:21:22.611 Disk 0 MBR has been saved successfully to
"C:\Users\Silvia\Desktop\MBR.dat"
15:21:22.627 The log file has been saved successfully to
"C:\Users\Silvia\Desktop\aswMBR.txt"

#22
gringo_pr

Posted 05 December 2012 - 05:37 PM

Trusted Helper

Malware Removal
7,268 posts

Are you still getting the alerts and in what location does it give

gringo

#23
silviab

Posted 06 December 2012 - 06:15 PM

Member

Topic Starter
Member
54 posts

Description
A problem with your video hardware caused Windows to stop working correctly.

Problem signature
Problem Event Name: LiveKernelEvent
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Files that help describe the problem
WD-20120702-1311.dmp
sysdata.xml
WERInternalMetadata.xml

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a
copy of the files could harm your computer.

Extra information about the problem
BCCode: 117
BCP1: FFFFFA80112D8360
BCP2: FFFFF8800F584AF0
BCP3: 0000000000000000
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

The above was on 11/25/12 same date for the below message

Problem signature
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Files that help describe the problem
112512-24616-01.dmp
sysdata.xml
WERInternalMetadata.xml

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a
copy of the files could harm your computer.

Extra information about the problem
BCCode: a
BCP1: 0000000000000000
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF80003294F74
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

The alert about the Win32/Small CA Virus was reported Nov 15th. I was sent
to Microsoft to scan the computer but they didn't find it. Never saw the
alert again. So Strange.

#24
gringo_pr

Posted 06 December 2012 - 06:43 PM

Trusted Helper

Malware Removal
7,268 posts

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image

This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following

report from Combofix
let me know of any problems you may have had
How is the computer doing now after running the script?

Gringo

#25
silviab

Posted 09 December 2012 - 11:33 AM

Member

Topic Starter
Member
54 posts

Hi, I made the txt file but will be gone today and most of tomorrow so havent done the combofix yet. Just wanted to check in & let you know I saw this. Biggest think about my computer now is how slow it is when I am in internet explorer, I noticed you have to be very patient, it will get there but if you get frustrated & click while it's going around and around, you can freeze it.

Thanks for all your time & help!

Silvia

#26
gringo_pr

Posted 09 December 2012 - 11:46 AM

Trusted Helper

Malware Removal
7,268 posts

OK I will be waiting for you

gringo

#27
silviab

Posted 11 December 2012 - 06:14 PM

Member

Topic Starter
Member
54 posts

I'm runnimg it now. Took me forever to figure out how to turn off norton antispyware. I'll let you know how it goes.

Thanks, Silvia

#28
silviab

Posted 11 December 2012 - 06:40 PM

Member

Topic Starter
Member
54 posts

Here is the log.....

ComboFix 12-12-10.01 - Silvia 12/11/2012 16:14:16.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8173.6353
[GMT -8:00]
Running from: c:\users\Silvia\Desktop\ComboFix.exe
Command switches used :: c:\users\Silvia\Desktop\CFScript.txt
AV: Norton 360 Premier Edition *Disabled/Updated*
{63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Disabled*
{5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Premier Edition *Disabled/Updated*
{D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated*
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other
letions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
---- Previous Run -------
.
c:\program files (x86)\DS.exe
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow
Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\Toolbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarBroker.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\program files (x86)\StartNow Toolbar\XBrowser.dll
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\Lagoon.resources.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to
012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 00:19 . 2012-12-12 00:19 -------- d-----w-
c:\users\Default\AppData\Local\temp
2012-11-24 20:39 . 2012-11-24 20:39 -------- d-----w-
c:\users\Silvia\AppData\Roaming\funkitron
2012-11-24 02:00 . 2012-11-24 02:00 -------- d-----w-
c:\users\Silvia\AppData\Roaming\Brabl
2012-11-24 02:00 . 2012-11-24 02:00 -------- d-----w-
c:\users\Silvia\.gstreamer-0.10
2012-11-24 02:00 . 2012-11-24 02:00 -------- d-----w-
c:\users\Silvia\.gnome2
2012-11-24 00:10 . 2012-11-24 00:10 -------- d-----w-
c:\users\Silvia\AppData\Roaming\MagicIndie
2012-11-15 22:02 . 2012-11-15 22:02 -------- d-----w-
c:\windows\system32\%LOCALAPPDATA%
2012-11-15 04:12 . 2012-07-26 04:55 785512 ----a-w-
c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 04:12 . 2012-07-26 04:55 54376 ----a-w-
c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 04:12 . 2012-07-26 04:47 2560 ----a-w-
c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 04:12 . 2012-07-26 02:36 9728 ----a-w-
c:\windows\system32\Wdfres.dll
2012-11-15 04:05 . 2012-07-26 03:08 229888 ----a-w-
c:\windows\system32\WUDFHost.exe
2012-11-15 04:05 . 2012-07-26 03:08 84992 ----a-w-
c:\windows\system32\WUDFSvc.dll
2012-11-15 04:05 . 2012-07-26 03:08 744448 ----a-w-
c:\windows\system32\WUDFx.dll
2012-11-15 04:05 . 2012-07-26 03:08 45056 ----a-w-
c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 04:05 . 2012-07-26 03:08 194048 ----a-w-
c:\windows\system32\WUDFPlatform.dll
2012-11-15 04:05 . 2012-07-26 02:26 87040 ----a-w-
c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 04:05 . 2012-07-26 02:26 198656 ----a-w-
c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 16:33 . 2012-09-25 22:47 78336 ----a-w-
c:\windows\SysWow64\synceng.dll
2012-11-14 16:33 . 2012-09-25 22:46 95744 ----a-w-
c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M
port ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-08 18:49 . 2011-08-07 22:29 2828 --sha-w-
c:\programdata\KGyGaAvL.sys
2012-11-20 17:27 . 2012-05-22 20:40 697272 ----a-w-
c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-20 17:27 . 2011-08-14 14:40 73656 ----a-w-
c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-15 04:06 . 2011-08-04 01:32 66395536 ----a-w-
c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 01:32 135168 ----a-w-
c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 01:32 350208 ----a-w-
c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 01:32 561664 ----a-w-
c:\windows\apppatch\AcLayers.dll
2012-10-09 22:51 . 2012-10-09 22:51 10220472 ----a-w-
c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-14 19:19 . 2012-10-10 02:01 2048 ----a-w-
c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 02:01 2048 ----a-w-
c:\windows\SysWow64\tzres.dll
2002-02-27 02:34 . 2002-09-03 22:19 2000896 ----a-w- c:\program
files (x86)\DS_PlugIn.8bf
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading
ints ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_Backedup]
@="{6BEDF914-4178-42DE-8D48-B11A9B8DC7AB}"
[HKEY_CLASSES_ROOT\CLSID\{6BEDF914-4178-42DE-8D48-B11A9B8DC7AB}]
2010-06-10 23:12 638728 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_Failed]
@="{20FA8895-5630-473A-A86A-54166558605F}"
[HKEY_CLASSES_ROOT\CLSID\{20FA8895-5630-473A-A86A-54166558605F}]
2010-06-10 23:12 638728 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_NotBackedup]
@="{D432C173-DFAD-491A-A01A-4E7AE1670A6F}"
[HKEY_CLASSES_ROOT\CLSID\{D432C173-DFAD-491A-A01A-4E7AE1670A6F}]
2010-06-10 23:12 638728 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage
Technology\IAStorIcon.exe" [2011-01-13 283160]
"Spare Backup"="c:\program files (x86)\Spare Backup\SpareTray.exe"
[2010-06-10 1141000]
"Standby"="c:\program files (x86)\Common Files\Corel\Standby\Standby.exe"
[2009-12-29 105632]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06
413696]
.
c:\users\Silvia\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files
(x86)\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files
(x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30
169408]
R2 ASTSRV;Nalpeiron Licensing Service;c:\windows\system32\ASTSRV.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[2010-03-18 138576]
R2 nlsInterface;Nalpeiron Licensing Service
64-bit;c:\windows\system32\nlsInterface.exe [2009-04-03 72192]
R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service
1.0\Oasis2Service.exe [2011-02-15 47104]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2010-02-24 362992]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart
Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 e1yexpress;Intel® Gigabit Network Connections
Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2010-02-24 313840]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common
Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
[2011-01-20 286936]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21
59392]
R3 TsUsbGD;Remote Desktop Generic USB
Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony
Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program
files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24
652016]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service
Manager;c:\program files\Sony\VCM Intelligent Network Service
Manager\VcmINSMgr.exe [2011-02-19 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program
files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19
99104]
R3 WatAdminSvc;Windows Activation Technologies
Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program
files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19
55856]
S0 SymDS;Symantec Data
Store;c:\windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
[2011-08-16 451192]
S0 SymEFA;Symantec Extended File
Attributes;c:\windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
[2012-05-22 1129120]
S1
BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121130.005\BHDrvx64.sys

[2012-10-23 1384608]
S1 ccSet_N360;Norton 360 Settings
Manager;c:\windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
[2012-06-07 167072]
S1
IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121208.001\IDSvia64.sys

[2012-09-01 513184]
S1 SymIRON;Symantec Iron
Driver;c:\windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
[2011-11-17 190072]
S1 SymNetS;Symantec Network Security WFP
Driver;c:\windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS
[2011-11-17 405624]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files
(x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-30 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth
Suite\adminservice.exe [2011-04-30 91296]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files
(x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
[2011-01-13 13336]
S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier
Edition\Engine\6.4.0.9\ccSvcHst.exe [2012-06-16 138272]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys [2011-02-10
102400]
S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsnxc64.sys [2011-02-10
98816]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO
Care\VCPerfService.exe [2011-01-29 259192]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files
(x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-09 380224]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual
Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel® Management and Security Application User Notification
Service;c:\program files (x86)\Intel\Intel® Management Engine
Components\UNS\UNS.exe [2011-02-14 2656280]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO
Power Management\SPMService.exe [2011-02-15 550080]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart
Network\VSNService.exe [2011-08-12 971704]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual
Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 AthBTPort;Atheros Virtual Bluetooth
Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-30 36000]
S3 AVerAVF2;AVerAVF2;c:\windows\system32\DRIVERS\AVerAVF2.sys [2009-09-28
1106688]
S3 BTATH_A2DP;Bluetooth A2DP Audio
Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-30 259232]
S3 btath_avdt;Atheros Bluetooth AVDT
Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-30 109216]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys
[2011-04-30 29344]
S3 BTATH_HCRP;Bluetooth HCRP Server
driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-04-30 166048]
S3 BTATH_LWFLT;Bluetooth LWFLT
Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-30 59040]
S3 BTATH_RCP;Bluetooth AVRCP
Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-04-30 283296]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-30
288416]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common
Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-25 138912]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub
Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller
Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 NWLowRider;NextWindow LowRider Touch
Screen;c:\windows\system32\DRIVERS\NWLowRider.sys [2011-02-12 26176]
S3 NWWakeFilterLR;NextWindow Remote Wake
Blocker;c:\windows\system32\DRIVERS\NWWakeFilterLR.sys [2011-02-12 14400]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys
[2011-02-13 413800]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys
[2010-04-26 12032]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe
[2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe
[2012-01-13 1256040]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[2012-05-22 17:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_Backedup]
@="{6BEDF914-4178-42DE-8D48-B11A9B8DC7AB}"
[HKEY_CLASSES_ROOT\CLSID\{6BEDF914-4178-42DE-8D48-B11A9B8DC7AB}]
2010-06-10 23:12 784136 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_Failed]
@="{20FA8895-5630-473A-A86A-54166558605F}"
[HKEY_CLASSES_ROOT\CLSID\{20FA8895-5630-473A-A86A-54166558605F}]
2010-06-10 23:12 784136 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SpareBackup_NotBackedup]
@="{D432C173-DFAD-491A-A01A-4E7AE1670A6F}"
[HKEY_CLASSES_ROOT\CLSID\{D432C173-DFAD-491A-A01A-4E7AE1670A6F}]
2010-06-10 23:12 784136 ----a-w- c:\program files (x86)\Spare
Backup\SpareShellExtension_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-03
11775592]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-03
2188904]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe"
[2011-04-30 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe"
[2011-04-30 657568]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6E13D095-45C3-4271-9475-F3B48227DD9F} - c:\program files (x86)\StartNow
Toolbar\Toolbar32.dll
Toolbar-{5911488E-9D1E-40ec-8CBB-06B231CC153F} - c:\program files
(x86)\StartNow Toolbar\Toolbar32.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Corel File Shell Monitor - c:\program files
(x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files
(x86)\Corel\Corel Painter Photo Essentials 4\MSILauncher
{707EB912-C597-49D8-9460-46CC9AB03EBE}
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360 Premier
Edition\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files
(x86)\Norton 360 Premier Edition\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\"
\"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\"
\"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor
Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network
Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor
Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle
Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\"
\"/expandcounter=\Processor(*)\% C2 Time:1\"
\"/expandcounter=\Processor(*)\% C3 Time:1\"
\"/expandcounter=\Processor(*)\% Processor Time:1\"
\"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4160218815-860618064-1345430041-1005\Software\Microsoft\Windows\CurrentVersion\Shell

Extensions\Approved\{EE22B48E-CB50-EDF7-D8A1-EEC464A3C94A}*]
"haabkbcmilafjppc"=hex:6a,61,67,6b,6e,6e,69,64,6d,6e,68,6a,63,68,65,6d,6a,6c,
63,6c,00,00
"iakbelbecimbidnneh"=hex:6a,61,67,6b,6e,6e,69,64,6d,6e,68,6a,63,68,65,6d,6a,6c,
63,6c,00,00
"hajiaipaeelcnfcf"=hex:64,63,6e,6d,6d,64,68,69,6f,6c,63,6d,65,6b,63,6b,6e,6b,
63,69,6c,6c,6a,65,69,6d,64,64,6c,65,62,62,65,68,65,62,6e,67,63,6a,6d,64,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EE22B48E-CB50-EDF7-D8A1-EEC464A3C94A}\InProcServer32*]
"jaebjncognmmjhdcgbfg"=hex:6a,61,67,6b,6e,6e,69,64,6d,6e,68,6a,63,68,65,6d,6a,
6c,63,6c,00,00
"iaebdokbaoelihoipf"=hex:6a,61,67,6b,6e,6e,69,64,6d,6e,68,6a,63,68,65,6d,6a,6c,
63,6c,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart
Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-11 16:20:35
ComboFix-quarantined-files.txt 2012-12-12 00:20
.
Pre-Run: 1,886,494,773,248 bytes free
Post-Run: 1,886,304,079,872 bytes free
.
- - End Of File - - EECDE83D7356F031ACB22641EDCF6847

#29
gringo_pr

Posted 11 December 2012 - 08:32 PM

Trusted Helper

Malware Removal
7,268 posts

Hello

I would like to see a report that combofix makes.

extra combofix report

push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
please copy and past the following into the box

C:\Qoobox\Add-Remove Programs.txt

click ok

copy and paste the report into this topic for me to review

Gringo

#30
silviab

Posted 12 December 2012 - 09:58 AM

Member

Topic Starter
Member
54 posts

Hi,

I thought this was the report. I just renamed it when I saved it to my desktop. It was the log they showed when it was finished.

Thanks,

Silvia