Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan:DOS/Alureon.A [Solved]


  • This topic is locked This topic is locked

#1
Westie99

Westie99

    Member

  • Member
  • PipPip
  • 19 posts
I use a Sony i7 laptop with Windows 7 and for virus etc I use MS Security Essentials (MSSE). MSSE turned up with the Trojan:DOS/Alureon.A so I chose the "Fix" choice which after running it reported that it could not finish the fix and required the offline version to be run, which I downloaded, put on a CD and ran from a power-off reboot. It could not fix the problem either apparently. For investigative purposes I downloaded OTL and have two files from this: OTL.txt and Extras.txt and can provide these if they are useful. I need some assistance in eradicating this trojan, please.
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

  • 0

#3
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
The results from doing defogger and running Security Check by screen317 are:

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 20
Java version out of Date!
Adobe Flash Player 11.4.402.287 Flash Player out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#4
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Results of DDS.TXT ::

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by Robert at 12:19:13 on 2012-12-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.850 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\IBUpdaterService\ibsvc.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\spool\DRIVERS\x64\3\OPHGLDCS.EXE
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\RunDll32.exe
C:\Users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\HP\HP Officejet Pro 8600\bin\HPNetworkCommunicator.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Hewlett-Packard\SmartPrint\bootstrap.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Users\Robert\Downloads\Defogger.exe
C:\Users\Robert\Desktop\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=toolbar-instant&hl=en&ion=1&qscrl=1&nord=1&rlz=1T4SNNT_en___US430
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyBtCyE0CyCyB0CyEyBzy0BtN0D0Tzu0StByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1035714687
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Road Runner Toolbar: {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files (x86)\Road_Runner\prxtbRoad.dll
mURLSearchHooks: Road Runner Toolbar: {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files (x86)\Road_Runner\prxtbRoad.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: HP Smart Print BHO: {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Road Runner Toolbar: {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files (x86)\Road_Runner\prxtbRoad.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Road Runner Toolbar: {E4878B45-E2C0-4307-B6E8-734922F92F5B} - C:\Program Files (x86)\Road_Runner\prxtbRoad.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Road Runner Toolbar: {e4878b45-e2c0-4307-b6e8-734922f92f5b} - C:\Program Files (x86)\Road_Runner\prxtbRoad.dll
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Facebook Update] "C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN228AT0TT05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
mRun: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EPSONS~1.LNK - E:\COMMON\EPSONREG\EREG.EXE
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VIRTUA~1.LNK - C:\Users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SONYMS~1.LNK - C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7E677023-7BBD-4AAD-A03D-2FF40B611264}\34963736F62363538393 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7E677023-7BBD-4AAD-A03D-2FF40B611264}\861677B696E676 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{E712C8E6-2828-42E4-9A77-A5EF7821BD3C} : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Google\GOOGLE~4\GoogleDesktopNetwork3.dll
x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyBtCyE0CyCyB0CyEyBzy0BtN0D0Tzu0StByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1035714687
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-23 55856]
R1 MpKsl87fd0c14;MpKsl87fd0c14;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKsl87fd0c14.sys [2012-12-1 35664]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-13 249648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-11 13336]
R2 IBUpdaterService;Updater Service;C:\ProgramData\IBUpdaterService\ibsvc.exe [2012-9-9 397848]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-4-1 67400]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]
R2 OKI OPHG DCS Loader;OKI OPHG DCS Loader;C:\Windows\System32\spool\drivers\x64\3\OPHGLDCS.EXE [2011-6-9 20480]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2011-1-21 14112]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2011-1-11 94208]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2011-1-11 78848]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-1-21 104960]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-1-21 575856]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2011-1-21 19968]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-11-26 1286784]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2011-1-11 402720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2011-12-1 1847296]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-9-29 195320]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-1-21 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-1-21 39464]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-9-23 30192]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-1-11 158720]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-3-30 237328]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-21 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-21 67952]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-7 304496]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-7 59392]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-9-27 864000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-10-25 655088]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-25 101152]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-2 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 RsFx0151;RsFx0151 Driver;C:\Windows\System32\drivers\RsFx0151.sys [2011-6-17 313696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-6-17 431456]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown MpKsl58ab2e2c;MpKsl58ab2e2c; [x]
.
=============== Created Last 30 ================
.
2012-12-02 16:46:53 -------- d-----w- C:\Users\Robert\AppData\Local\{84AE5D23-392E-4727-9F74-C9B83D6632B3}
2012-12-02 03:18:52 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\offreg.dll
2012-12-02 03:18:42 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKsl87fd0c14.sys
2012-12-02 01:56:09 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\mpengine.dll
2012-12-01 09:01:32 -------- d-----w- C:\Users\Robert\AppData\Local\{32344514-3480-42F6-AA08-12BF292529F0}
2012-11-30 23:50:45 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-30 09:00:32 -------- d-----w- C:\Users\Robert\AppData\Local\{B183D18B-17D5-4B18-B5AB-6EE25F94E1E5}
2012-11-29 20:59:55 -------- d-----w- C:\Users\Robert\AppData\Local\{6DC1D643-6BF3-4028-A6B1-11AFFD499935}
2012-11-29 16:20:17 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-11-29 02:13:41 -------- d-----w- C:\Users\Robert\AppData\Local\{61E77D77-6713-46C6-952F-CA3277DE570A}
2012-11-28 21:29:07 972264 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E2E98DB-2997-4C39-97C9-6A4CD0CD0688}\gapaengine.dll
2012-11-28 14:13:17 -------- d-----w- C:\Users\Robert\AppData\Local\{B7D8340C-4DFF-4457-A3E6-0C5D68021CB3}
2012-11-28 03:08:25 20480 ----a-w- C:\Windows\svchost.exe
2012-11-28 03:03:19 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AE55.tmp
2012-11-28 03:03:19 5632 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\AE35.tmp
2012-11-27 15:56:33 -------- d-----w- C:\Users\Robert\AppData\Local\{59EB088E-F42E-453C-A899-C8011A223EE7}
2012-11-26 18:57:11 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll
2012-11-26 18:57:11 69000 ----a-w- C:\Windows\System32\offreg.dll
2012-11-26 18:57:11 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe
2012-11-26 18:57:11 -------- d-----w- C:\Users\Robert\AppData\Roaming\iolo
2012-11-26 18:57:11 -------- d-----w- C:\ProgramData\iolo
2012-11-26 17:53:17 -------- d-----w- C:\Users\Robert\AppData\Local\{DE32E847-38CD-4ACC-BFC4-AAEE40EB6E49}
2012-11-25 15:41:33 -------- d-----w- C:\Users\Robert\AppData\Local\{590E22FD-BC4E-438C-BFA0-26805083C5D0}
2012-11-24 18:47:16 -------- d-----w- C:\Users\Robert\AppData\Local\{1EB8AD93-B8B9-429D-9A6C-7E171D3926F7}
2012-11-23 15:01:18 -------- d-----w- C:\Users\Robert\AppData\Local\{9902508F-DD18-46F0-9F9D-ED32FAAE6889}
2012-11-22 15:05:20 -------- d-----w- C:\Users\Robert\AppData\Local\{D39F0EE0-665B-41AE-8E0A-83C70FEB1545}
2012-11-21 13:34:54 -------- d-----w- C:\Users\Robert\AppData\Local\{E98C6CB7-FD01-4192-A72B-BC1F9BA2C003}
2012-11-20 12:23:52 -------- d-----w- C:\Users\Robert\AppData\Local\{9A33969E-278D-4FCD-9389-08E7BD67AA3A}
2012-11-19 15:13:39 -------- d-----w- C:\Users\Robert\AppData\Local\{FEDC3F65-D2A6-4662-9FC1-F018A9D7BC07}
2012-11-18 16:09:41 -------- d-----w- C:\Users\Robert\AppData\Local\{CCDF1BC7-F4F7-4614-98A9-35FE6BA7BC91}
2012-11-17 18:58:23 -------- dc-h--w- C:\ProgramData\{54907AB1-7CB5-448D-8FED-78973B1D2830}
2012-11-17 15:29:10 -------- d-----w- C:\Users\Robert\AppData\Local\{5F9AFEDC-08CC-4DE5-9B9B-53793F1619E8}
2012-11-16 18:11:13 542112 ----a-w- C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Hewlett-Packard\SmartPrint\SmartPrintUpdate.exe
2012-11-16 18:11:13 139264 ----a-w- C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Hewlett-Packard\SmartPrint\unzip32.dll
2012-11-16 17:39:23 -------- d-----w- C:\Users\Robert\AppData\Local\{1F470FFB-AFB3-4FA5-A54B-ECEF3D8C467A}
2012-11-16 03:09:13 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-16 03:09:13 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-16 03:09:13 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-16 03:09:13 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-16 03:02:59 754848 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2012-11-16 03:00:01 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-16 03:00:01 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-16 03:00:01 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-16 03:00:01 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-16 03:00:00 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 03:00:00 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-16 02:59:59 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 15:51:46 -------- d-----w- C:\Users\Robert\AppData\Local\{3166F5EF-CB37-459F-967C-47FAAF102457}
2012-11-14 13:14:38 -------- d-----w- C:\Users\Robert\AppData\Local\{374D96FA-1937-4EC4-896B-D786A1792405}
2012-11-13 15:56:46 -------- d-----w- C:\Users\Robert\AppData\Local\{727F5C71-3D9B-4259-9827-E6A53F6BAFF8}
2012-11-13 01:45:54 -------- d-----w- C:\Users\Robert\AppData\Local\{AE190C58-C7B4-4C96-9E6E-67CC31B9415C}
2012-11-12 13:45:32 -------- d-----w- C:\Users\Robert\AppData\Local\{9A9924D3-5423-4E49-950C-31BB6B688225}
2012-11-11 13:44:47 -------- d-----w- C:\Users\Robert\AppData\Local\{38C6BBC6-917D-4C56-8567-B3067DF44D21}
2012-11-10 14:20:55 -------- d-----w- C:\Users\Robert\AppData\Local\{2C2887FC-C68F-45D8-8FD5-CC814871143F}
2012-11-10 02:10:31 -------- d-----w- C:\Users\Robert\AppData\Local\{56F44BC8-2476-4CED-89A8-5922E13F9CE0}
2012-11-09 14:10:09 -------- d-----w- C:\Users\Robert\AppData\Local\{B6AE8E31-EB94-42CD-91DA-79F79F6620D8}
2012-11-08 14:09:13 -------- d-----w- C:\Users\Robert\AppData\Local\{B221EBBB-C826-4CCF-9061-D75E4D2CFF19}
2012-11-07 16:52:34 -------- d-----w- C:\Users\Robert\AppData\Local\{463911AB-2F34-4194-98F3-80848F1BBB4F}
2012-11-06 22:01:30 -------- d-----w- C:\Users\Robert\AppData\Local\{7A2807CD-063C-4A5D-A979-F43E932F2E6C}
2012-11-05 13:43:40 -------- d-----w- C:\Users\Robert\AppData\Local\{BB35BF88-9BEA-45D6-BBD0-8EE98202435B}
2012-11-04 20:05:48 -------- d-----w- C:\Users\Robert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-11-04 14:52:18 -------- d-----w- C:\Users\Robert\AppData\Local\{A3A19835-9C09-4FB2-A7D5-22E8917156AD}
2012-11-04 02:35:25 -------- d-----w- C:\Program Files (x86)\Aidfile recovery Professional
2012-11-03 13:28:02 -------- d-----w- C:\Users\Robert\AppData\Local\{D15777AA-CF22-4E60-9769-8A2FF714AE01}
2012-11-02 22:41:41 -------- d-----w- C:\Program Files (x86)\Audio Catalog
.
==================== Find3M ====================
.
2012-11-13 15:58:53 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-13 15:58:53 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-20 17:25:00 208256 ----a-w- C:\Windows\SysWow64\drivers\PDisk.sys
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 12:21:52.66 ===============
  • 0

#5
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Results of Attach.txt :

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 5/2/2011 11:26:45 AM
System Uptime: 12/1/2012 10:17:50 PM (14 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™ i7 CPU Q 740 @ 1.73GHz | N/A | 1734/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 456 GiB total, 329.914 GiB free.
D: is FIXED (NTFS) - 931 GiB total, 631.819 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: A2 Direct Disk Access Support Driver
Device ID: ROOT\LEGACY_A2DDA\0000
Manufacturer:
Name: A2 Direct Disk Access Support Driver
PNP Device ID: ROOT\LEGACY_A2DDA\0000
Service: A2DDA
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl58ab2e2c
Device ID: ROOT\LEGACY_MPKSL58AB2E2C\0000
Manufacturer:
Name: MpKsl58ab2e2c
PNP Device ID: ROOT\LEGACY_MPKSL58AB2E2C\0000
Service: MpKsl58ab2e2c
.
==== System Restore Points ===================
.
RP314: 11/26/2012 1:59:47 PM - Removed VAIO Update 5
RP315: 11/26/2012 2:00:04 PM - Installed VAIO Update
RP316: 11/27/2012 10:18:41 PM - Windows Update
RP317: 11/28/2012 1:13:15 PM - Windows Update
RP318: 11/29/2012 3:00:17 AM - Windows Update
RP319: 11/30/2012 9:29:41 PM - OTL Restore Point - 11/30/2012 9:29:33 PM
RP320: 12/1/2012 7:16:37 PM - Windows Backup
.
==== Installed Programs ======================
.
50 FREE MP3s +1 Free Audiobook!
7-Zip 9.20
ABBYY FineReader 6.0 Sprint
AccuWeather.com Cirrus
Adobe Acrobat 9 Pro
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 10
Adobe Photoshop Elements 7.0
Adobe Photoshop.com Inspiration Browser
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Advertising Center
Aidfile recovery software professional version 3.5.0.0
Alps Pointing-device for VAIO
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
Audio Catalog 4.4
Auslogics Disk Defrag Professional
Batch Picture Resizer 4.0
Bing Bar
C3400 Series GDI Driver from OKI® Printing Solutions for Windows
C3400n from OKI® Printing Solutions GDI Driver Version 2.0.0 for Windows Vista
C3400n series Status Monitor from OKI® Printing Solutions for Windows Vista x64 Edition - Windows Vista
Collection Master 1.3
Corel Paint Shop Pro X
Corel WinDVD
CutePDF Writer 2.8
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DesignPro 5
DolbyFiles
Elements 10 Organizer
eMailTrackerPro
Epson Copy Utility 3.5
Epson Event Manager
EPSON Perfection V600 Photo Scanner Driver Update
EPSON Scan
Evernote
Facebook Video Calling 1.2.0.287
File Uploader
FileZilla Client 3.5.1
Free YouTube Downloader 3.5.126
Glary Utilities 2.43.0.1419
Google Chrome
Google Desktop
Google Drive
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
Hewlett-Packard ACLM.NET v1.1.0.0
HP FWUpdateEDO2
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Product Detection
HP Smart Print 1.1.5.1
HP Update
I.R.I.S. OCR
IIS 7.5 Express
ImagXpress
Intel® Control Center
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
IrfanView (remove only)
iSEEK AnswerWorks English Runtime
iSpring Converter 6
Jasc Paint Shop Pro 8
Java Auto Updater
Java™ 6 Update 20
Java™ 6 Update 20 (64-bit)
Junk Mail filter update
KeePass Password Safe 2.15
Macromedia Dreamweaver MX
Macromedia Extension Manager
Magic DVD Copier V7.1.1
Media Gallery
Menu Templates - Starter Kit
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET Web Pages
Microsoft Download Manager
Microsoft Help Viewer 1.1
Microsoft IntelliPoint 8.2
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server 2012 Data-Tier App Framework RC0
Microsoft SQL Server 2012 Express LocalDB RC0
Microsoft SQL Server 2012 Management Objects RC0
Microsoft SQL Server 2012 Management Objects RC0 (x64)
Microsoft SQL Server 2012 T-SQL Language Service RC0
Microsoft SQL Server 2012 Transact-SQL Compiler Service RC0
Microsoft SQL Server 2012 Transact-SQL ScriptDom RC0
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 4.0 Web Tools ENU
Microsoft SQL Server Compact 4.0 x64 ENU
Microsoft SQL Server Data Tools
Microsoft SQL Server Data Tools - Database Projects
Microsoft SQL Server Data Tools – Build Utilities
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework 2.0 Core Components (x86) ENU
Microsoft Sync Framework 2.0 Provider Services (x86) ENU
Microsoft System CLR Types for SQL Server 2012 RC0
Microsoft System CLR Types for SQL Server 2012 RC0 (x64)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Shell (Integrated) - ENU
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Web Deploy 2.0
Microsoft Web Platform Installer 3.0
Microsoft WebMatrix
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.4.0
Movie Templates - Starter Kit
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MyPublisher BookMaker
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero Vision Help
NeroExpress
neroxml
Nikon Message Center
Nikon Message Center 2
Nikon Transfer
NVIDIA Control Panel 266.72
NVIDIA Graphics Driver 266.72
NVIDIA HD Audio Driver 1.1.13.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
Oasis2Service
OKI C3400n Status Monitor
OOBE
OverDrive Media Console
PatchBeam
Photodex Presenter
Picasa 3
Picture Control Utility
PlayReady PC Runtime amd64
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
PowerArchiver 2012
Prerequisites for SSDT RC0
PSE10 STI Installer
PVSonyDll
Quicken 2012
Realtek High Definition Audio Driver
Remote Keyboard
Remote Play with PlayStation 3
Renesas Electronics USB 3.0 Host Controller Driver
Road Runner Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2597171) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit)
Skype Click to Call
Skype™ 5.10
SmartWi Connection Utility
SQL Server 2008 R2 SP1 Common Files
SQL Server 2008 R2 SP1 Database Engine Services
SQL Server 2008 R2 SP1 Database Engine Shared
Sql Server Customer Experience Improvement Program
StartNow Toolbar
swMSM
SyncToy 2.1 (x86)
TP-LINK Wireless Client Utility
TrueCrypt
TwistedBrush Pro Studio
Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514)
Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Updater Service
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote Keyboard
VAIO - Remote Play with PlayStation®3
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Manual
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Messenger
VAIO Sample Contents
VAIO Survey
VAIO Transfer Support
VAIO Update
ViewNX 2
VU5x64
VU5x86
WIDCOMM Bluetooth Software
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinX DVD Ripper Platinum 6.9.2
Wondershare Video Converter Ultimate(Build 5.7.1.1)
Wondershare Vivideo(Build 2.0.0.10)
XnView 1.99.1
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
12/1/2012 9:03:08 AM, Error: Service Control Manager [7034] - The Oasis2Service service terminated unexpectedly. It has done this 1 time(s).
12/1/2012 10:19:40 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/1/2012 10:18:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SUHDCrypt
12/1/2012 10:18:32 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
12/1/2012 10:18:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a013bbc000, 0x0000000000000000, 0xfffff8000332c6ce, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 120112-31621-01.
12/1/2012 10:18:12 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\Drivers\PDisk.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/30/2012 8:43:45 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.
11/30/2012 8:43:45 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000007fefe4a4, 0x0000000000000002, 0x0000000000000001, 0xfffff800032c10c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .
11/30/2012 8:39:03 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff880400c001c, 0x0000000000000002, 0x0000000000000000, 0xfffff8000329c715). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 113012-34351-01.
11/30/2012 8:34:40 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.
11/30/2012 8:34:37 PM, Error: Service Control Manager [7023] - The Remote Access Connection Manager service terminated with the following error: Incorrect function.
11/30/2012 8:34:37 PM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: Incorrect function.
11/30/2012 8:34:36 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
11/30/2012 8:31:56 PM, Error: Service Control Manager [7043] - The Microsoft Network Inspection service did not shut down properly after receiving a preshutdown control.
11/30/2012 8:31:26 PM, Error: Service Control Manager [7043] - The Microsoft Antimalware Service service did not shut down properly after receiving a preshutdown control.
11/29/2012 7:53:48 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000000000501b, 0x0000000000000002, 0x0000000000000001, 0xfffff800035000c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112912-34881-01.
11/29/2012 6:41:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
11/29/2012 6:41:16 PM, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/29/2012 6:40:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Deployment Agent Service service to connect.
11/29/2012 6:40:42 PM, Error: Service Control Manager [7000] - The Web Deployment Agent Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/28/2012 4:20:18 PM, Error: volmgr [46] - Crash dump initialization failed!
11/26/2012 1:54:11 PM, Error: Service Control Manager [7034] - The VAIO Care Performance Service service terminated unexpectedly. It has done this 1 time(s).
11/25/2012 10:37:50 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847
.
==== End Of File ===========================
  • 0

#6
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Other problems I had along the way:

1) while doing a Backup there was an abnormal ending which resulted in an automatic reboot. Did a recovery of the system and proceeded with your instructions to execute Defogger, Security Check and DDS. No further problems.
  • 0

#7
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#8
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
The file for ADWCleaner(S1).txt is:

# AdwCleaner v2.010 - Logfile created 12/02/2012 at 14:01:15
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Robert - ROBERT-VAIO7
# Boot Mode : Normal
# Running from : C:\Users\Robert\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : IBUpdaterService

***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Robert\AppData\Local\funmoods.crx
File Deleted : C:\Users\Robert\AppData\Local\funmoods-speeddial.crx
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Road_Runner
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Robert\AppData\Local\Babylon
Folder Deleted : C:\Users\Robert\AppData\Local\Conduit
Folder Deleted : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Deleted : C:\Users\Robert\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Robert\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Robert\AppData\LocalLow\Road_Runner
Folder Deleted : C:\Users\Robert\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Robert\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Road_Runner
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E4878B45-E2C0-4307-B6E8-734922F92F5B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5653826A-F781-43FF-8EC6-172FFB1DE065}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E4878B45-E2C0-4307-B6E8-734922F92F5B}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2187784
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5653826A-F781-43FF-8EC6-172FFB1DE065}
Key Deleted : HKLM\Software\Road_Runner
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5653826A-F781-43FF-8EC6-172FFB1DE065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E4878B45-E2C0-4307-B6E8-734922F92F5B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95F23CA7-6C84-451F-BFB4-8BEA53EC3E86}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5ADC0C8-9382-4D82-B9AE-2987CFD781E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4878B45-E2C0-4307-B6E8-734922F92F5B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Road_Runner Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E4878B45-E2C0-4307-B6E8-734922F92F5B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E4878B45-E2C0-4307-B6E8-734922F92F5B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E4878B45-E2C0-4307-B6E8-734922F92F5B}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{E4878B45-E2C0-4307-B6E8-734922F92F5B}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyBtCyE0CyCyB0CyEyBzy0BtN0D0Tzu0StByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1035714687 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyBtCyE0CyCyB0CyEyBzy0BtN0D0Tzu0StByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1035714687 --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12874 octets] - [02/12/2012 14:01:15]

########## EOF - C:\AdwCleaner[S1].txt - [12935 octets] ##########
  • 0

#9
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Report from RogueKiller...

RogueKiller V8.3.1 [Dec 2 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Robert [Admin rights]
Mode : Remove -- Date : 12/02/2012 14:34:24

¤¤¤ Bad processes : 2 ¤¤¤
[SVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]
[SUSP PATH] VirtualExpander.exe -- C:\Users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 4 ¤¤¤
[STARTUP][SUSP PATH] VirtualExpander.lnk @Robert : C:\Users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5056GSY +++++
--- User ---
[MBR] 3279058ef337af6faebc47f5ad20076b
[BSP] 6eb8f306b9e39ee85fbf8b5652d33750 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 466598 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] 32d412074222de5c88f3ee236442a535
[BSP] 6eb8f306b9e39ee85fbf8b5652d33750 : Windows 7/8 MBR Code
Partition table:
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 466598 Mo
User != LL2 ... KO!
--- LL2 ---
[MBR] 32d412074222de5c88f3ee236442a535
[BSP] 6eb8f306b9e39ee85fbf8b5652d33750 : Windows 7/8 MBR Code
Partition table:
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 100 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21178368 | Size: 466598 Mo

Finished : << RKreport[2]_D_12022012_02d1434.txt >>
RKreport[1]_S_12022012_02d1432.txt ; RKreport[2]_D_12022012_02d1434.txt
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

Advertisements


#11
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
And the response to ComboFix is:

ComboFix 12-12-01.02 - Robert 12/02/2012 15:15:24.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.2014 [GMT -5:00]
Running from: c:\users\Robert\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\15a05a1824a8793fae296ac6f79b78023a0c9d3c
c:\programdata\Amazon.ico
c:\programdata\Microsoft\Windows\DRM\AE35.tmp
c:\programdata\Microsoft\Windows\DRM\AE55.tmp
c:\users\Robert\AppData\Roaming\15a05a1824a8793fae296ac6f79b78023a0c9d3c
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
.
.
2012-12-02 20:31 . 2012-12-02 20:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-02 20:31 . 2012-12-02 20:31 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2012-12-02 20:31 . 2012-12-02 20:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-02 20:31 . 2012-12-02 20:31 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2012-12-02 20:31 . 2012-12-02 20:31 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2012-12-02 19:10 . 2012-12-02 19:10 35664 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKsl864b0d57.sys
2012-12-02 19:07 . 2012-12-02 19:07 35664 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslb2675209.sys
2012-12-02 19:03 . 2012-12-02 19:10 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\offreg.dll
2012-12-02 19:03 . 2012-12-02 19:03 35664 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslf5e3d27a.sys
2012-12-02 01:56 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\mpengine.dll
2012-11-30 23:50 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-29 16:20 . 2012-11-29 16:20 -------- d-----w- c:\windows\Microsoft Antimalware
2012-11-28 21:29 . 2012-11-28 21:28 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E2E98DB-2997-4C39-97C9-6A4CD0CD0688}\gapaengine.dll
2012-11-26 18:57 . 2012-11-26 18:57 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2012-11-26 18:57 . 2012-11-26 18:57 -------- d-----w- c:\users\Robert\AppData\Roaming\iolo
2012-11-26 18:57 . 2012-11-26 18:57 -------- d-----w- c:\programdata\iolo
2012-11-26 18:57 . 2012-08-17 22:25 69000 ----a-w- c:\windows\system32\offreg.dll
2012-11-26 18:57 . 2012-08-17 22:25 21176 ----a-w- c:\windows\system32\iolorgdf64.exe
2012-11-26 18:56 . 2012-11-26 18:56 -------- d-----w- c:\programdata\McAfee
2012-11-17 18:58 . 2012-11-17 18:58 -------- dc-h--w- c:\programdata\{54907AB1-7CB5-448D-8FED-78973B1D2830}
2012-11-16 18:11 . 2012-11-16 18:11 -------- d-----w- c:\users\Robert\AppData\Roaming\Hewlett-Packard
2012-11-16 18:11 . 2012-07-26 21:20 542112 ----a-w- c:\users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Hewlett-Packard\SmartPrint\SmartPrintUpdate.exe
2012-11-16 18:11 . 2012-03-02 22:07 139264 ----a-w- c:\users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Hewlett-Packard\SmartPrint\unzip32.dll
2012-11-16 03:09 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-16 03:09 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-16 03:09 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-16 03:09 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-16 03:02 . 2012-10-08 12:29 754848 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-11-16 03:00 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-16 03:00 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-16 03:00 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-16 03:00 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-16 03:00 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 03:00 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 02:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-04 20:05 . 2012-11-04 20:05 -------- d-----w- c:\users\Robert\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-11-04 02:35 . 2012-11-04 03:14 -------- d-----w- c:\program files (x86)\Aidfile recovery Professional
2012-11-02 22:41 . 2012-11-02 22:41 -------- d-----w- c:\program files (x86)\Audio Catalog
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 03:00 . 2011-05-02 18:52 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-13 15:58 . 2012-04-26 17:35 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 15:58 . 2011-05-20 19:12 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-20 17:25 . 2012-10-20 17:24 208256 ----a-w- c:\windows\SysWow64\drivers\PDisk.sys
2012-10-16 08:38 . 2012-11-28 21:27 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 21:27 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 21:27 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-05 00:40 . 2012-06-12 15:33 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-14 19:19 . 2012-10-10 04:06 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 04:06 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2011-05-15 19:27 87552 ----a-w- c:\users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VEShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-11-24 6497592]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-21 39408]
"Facebook Update"="c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672]
"PhotoshopElements8SyncAgent"="c:\program files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe" [2011-09-15 1954456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-07-15 89080]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-06-01 673136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-07-31 41944]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-07-30 640480]
"EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2011-04-10 1733120]
"Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-09-15 479232]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-09-23 30192]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
c:\users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Epson scanner Registration.lnk - e:\common\EPSONREG\EREG.EXE [N/A]
Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk - c:\windows\system32\RunDll32.exe [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~4\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PMBVolumeWatcher"=c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe
.
R1 A2DDA;A2 Direct Disk Access Support Driver;e:\run\a2ddax64.sys [x]
R1 SUHDCrypt;SUHDCrypt;c:\windows\system32\Drivers\PDisk.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-11-22 3290304]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-02-23 1847296]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-09-29 195320]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6144]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-21 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-21 39464]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-09-23 30192]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-07-16 158720]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-03-30 237328]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-21 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-21 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-07 304496]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-09-27 864000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24 655088]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-10-26 101152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-02 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 RsFx0151;RsFx0151 Driver;c:\windows\system32\DRIVERS\RsFx0151.sys [2011-06-18 313696]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-06-18 431456]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]
S1 MpKsl864b0d57;MpKsl864b0d57;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKsl864b0d57.sys [2012-12-02 35664]
S1 MpKslb2675209;MpKslb2675209;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslb2675209.sys [2012-12-02 35664]
S1 MpKslf5e3d27a;MpKslf5e3d27a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslf5e3d27a.sys [2012-12-02 35664]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-15 169624]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-07-13 249648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
S2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-02 67400]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]
S2 OKI OPHG DCS Loader;OKI OPHG DCS Loader;c:\windows\system32\spool\DRIVERS\x64\3\OPHGLDCS.EXE [2007-05-29 20480]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-22 575856]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-04-27 184968]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-06-23 402720]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL864B0D57
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 15:58]
.
2012-12-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723208526-3432352150-2632324549-1006Core.job
- c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-24 22:08]
.
2012-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3723208526-3432352150-2632324549-1006UA.job
- c:\users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-24 22:08]
.
2012-12-02 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-07-07 03:31]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-21 10:03]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-21 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 21:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2011-05-15 19:27 98304 ----a-w- c:\users\Robert\AppData\Local\Sony Corporation\VirtualExpander\VEShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-21 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-06-21 2040352]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com/webhp?sourceid=toolbar-instant&hl=en&ion=1&qscrl=1&nord=1&rlz=1T4SNNT_en___US430
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}"=hex:51,66,7a,6c,4c,1d,38,12,82,71,d1,
a0,ac,a3,a0,0f,d9,e4,d6,18,c2,ac,da,e7
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{E4878B45-E2C0-4307-B6E8-734922F92F5B}"=hex:51,66,7a,6c,4c,1d,38,12,2b,88,94,
e0,f2,ac,69,06,c9,fe,30,09,27,a7,6b,4f
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{1658D3A1-9E13-4196-A82A-D70D70880F36}"=hex:51,66,7a,6c,4c,1d,38,12,cf,d0,4b,
12,21,d0,f8,04,d7,3c,94,4d,75,d6,4b,22
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}"=hex:51,66,7a,6c,4c,1d,38,12,c4,b3,f8,
71,26,0c,da,09,ef,fa,a0,a0,7b,93,40,e3
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:01,0f,70,73,0d,ce,cd,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-02 15:56:45
ComboFix-quarantined-files.txt 2012-12-02 20:56
.
Pre-Run: 355,313,385,472 bytes free
Post-Run: 360,637,771,776 bytes free
.
- - End Of File - - A882001851F93118D4A7B0A809B2842C


Problems: only one was that before turning off Microsoft Security Essentials, it flagged the problem again. I disregarded and turned it off and proceeded with combofix. At this point I'm still able to send you posts so that's good.

No way to measure how it's doing without turning MS Security Essentials back on...
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#13
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Ran TDSSKILLER, once, once after reboot and got the following files (as best as I can figure out):

FIRST RUN:

15:37:27.0959 6516 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
15:37:35.0291 6516 Perform update action was selected
15:37:35.0291 4092 Deinitialize success


Second Run:

15:38:06.0942 7272 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
15:38:07.0239 7272 ============================================================
15:38:07.0239 7272 Current date / time: 2012/03/28 15:38:07.0239
15:38:07.0239 7272 SystemInfo:
15:38:07.0239 7272
15:38:07.0239 7272 OS Version: 6.1.7601 ServicePack: 1.0
15:38:07.0239 7272 Product type: Workstation
15:38:07.0239 7272 ComputerName: ROBERT-VAIO7
15:38:07.0239 7272 UserName: Robert
15:38:07.0239 7272 Windows directory: C:\Windows
15:38:07.0239 7272 System windows directory: C:\Windows
15:38:07.0239 7272 Running under WOW64
15:38:07.0239 7272 Processor architecture: Intel x64
15:38:07.0239 7272 Number of processors: 8
15:38:07.0239 7272 Page size: 0x1000
15:38:07.0239 7272 Boot type: Normal boot
15:38:07.0239 7272 ============================================================
15:38:07.0956 7272 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:38:07.0972 7272 Drive \Device\Harddisk1\DR1 - Size: 0x7BA00000 (1.93 Gb), SectorSize: 0x200, Cylinders: 0xFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:38:07.0972 7272 \Device\Harddisk0\DR0:
15:38:07.0972 7272 MBR used
15:38:07.0972 7272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
15:38:07.0972 7272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x38F53030
15:38:07.0972 7272 \Device\Harddisk1\DR1:
15:38:07.0972 7272 MBR used
15:38:07.0972 7272 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x3F, BlocksNum 0x3DCFC1
15:38:07.0987 7272 Initialize success
15:38:07.0987 7272 ============================================================
15:38:11.0513 5484 ============================================================
15:38:11.0513 5484 Scan started
15:38:11.0513 5484 Mode: Manual;
15:38:11.0513 5484 ============================================================
15:38:13.0291 5484 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:38:13.0291 5484 1394ohci - ok
15:38:13.0369 5484 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:38:13.0401 5484 ACDaemon - ok
15:38:13.0463 5484 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:38:13.0463 5484 ACPI - ok
15:38:13.0525 5484 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:38:13.0541 5484 AcpiPmi - ok
15:38:13.0713 5484 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
15:38:13.0713 5484 AdobeActiveFileMonitor7.0 - ok
15:38:13.0822 5484 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:38:13.0853 5484 adp94xx - ok
15:38:13.0915 5484 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:38:13.0947 5484 adpahci - ok
15:38:13.0978 5484 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:38:13.0993 5484 adpu320 - ok
15:38:14.0025 5484 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:38:14.0040 5484 AeLookupSvc - ok
15:38:14.0134 5484 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:38:14.0134 5484 AFD - ok
15:38:14.0212 5484 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:38:14.0227 5484 agp440 - ok
15:38:14.0243 5484 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:38:14.0259 5484 ALG - ok
15:38:14.0337 5484 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:38:14.0352 5484 aliide - ok
15:38:14.0368 5484 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:38:14.0383 5484 amdide - ok
15:38:14.0446 5484 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:38:14.0477 5484 AmdK8 - ok
15:38:14.0493 5484 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:38:14.0508 5484 AmdPPM - ok
15:38:14.0571 5484 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:38:14.0586 5484 amdsata - ok
15:38:14.0633 5484 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:38:14.0664 5484 amdsbs - ok
15:38:14.0711 5484 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:38:14.0727 5484 amdxata - ok
15:38:14.0805 5484 Amsp (18f64623e76ff58009d6f9cb9dea5d0a) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:38:14.0805 5484 Amsp - ok
15:38:14.0867 5484 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
15:38:14.0883 5484 ApfiltrService - ok
15:38:14.0961 5484 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll
15:38:14.0961 5484 AppHostSvc - ok
15:38:15.0039 5484 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:38:15.0070 5484 AppID - ok
15:38:15.0101 5484 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:38:15.0117 5484 AppIDSvc - ok
15:38:15.0148 5484 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:38:15.0163 5484 Appinfo - ok
15:38:15.0210 5484 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:38:15.0226 5484 arc - ok
15:38:15.0257 5484 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:38:15.0273 5484 arcsas - ok
15:38:15.0304 5484 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:38:15.0319 5484 ArcSoftKsUFilter - ok
15:38:15.0429 5484 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:38:15.0444 5484 aspnet_state - ok
15:38:15.0507 5484 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:38:15.0507 5484 AsyncMac - ok
15:38:15.0569 5484 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:38:15.0585 5484 atapi - ok
15:38:15.0678 5484 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
15:38:15.0772 5484 athr - ok
15:38:15.0865 5484 athur (36322190763845975e0d001e90687bf2) C:\Windows\system32\DRIVERS\athurx.sys
15:38:15.0959 5484 athur - ok
15:38:16.0037 5484 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:38:16.0068 5484 AudioEndpointBuilder - ok
15:38:16.0099 5484 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:38:16.0099 5484 AudioSrv - ok
15:38:16.0177 5484 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:38:16.0209 5484 AxInstSV - ok
15:38:16.0287 5484 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:38:16.0302 5484 b06bdrv - ok
15:38:16.0349 5484 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:38:16.0380 5484 b57nd60a - ok
15:38:16.0474 5484 BBSvc (7f29cdc01b61fdc67b7ff6e9588080bd) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:38:16.0521 5484 BBSvc - ok
15:38:16.0583 5484 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:38:16.0599 5484 BBUpdate - ok
15:38:16.0645 5484 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:38:16.0661 5484 BDESVC - ok
15:38:16.0739 5484 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:38:16.0755 5484 Beep - ok
15:38:16.0833 5484 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:38:16.0864 5484 BFE - ok
15:38:16.0911 5484 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:38:16.0957 5484 BITS - ok
15:38:16.0989 5484 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:38:17.0004 5484 blbdrive - ok
15:38:17.0051 5484 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:38:17.0082 5484 bowser - ok
15:38:17.0145 5484 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:38:17.0160 5484 BrFiltLo - ok
15:38:17.0176 5484 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:38:17.0191 5484 BrFiltUp - ok
15:38:17.0238 5484 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:38:17.0254 5484 Browser - ok
15:38:17.0285 5484 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:38:17.0301 5484 Brserid - ok
15:38:17.0316 5484 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:38:17.0332 5484 BrSerWdm - ok
15:38:17.0347 5484 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:38:17.0363 5484 BrUsbMdm - ok
15:38:17.0394 5484 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:38:17.0410 5484 BrUsbSer - ok
15:38:17.0457 5484 BTCFilterService - ok
15:38:17.0519 5484 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:38:17.0535 5484 BthEnum - ok
15:38:17.0597 5484 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:38:17.0613 5484 BTHMODEM - ok
15:38:17.0644 5484 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:38:17.0675 5484 BthPan - ok
15:38:17.0737 5484 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:38:17.0784 5484 BTHPORT - ok
15:38:17.0815 5484 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:38:17.0847 5484 bthserv - ok
15:38:17.0925 5484 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:38:17.0940 5484 BTHUSB - ok
15:38:18.0003 5484 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
15:38:18.0034 5484 btwampfl - ok
15:38:18.0065 5484 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
15:38:18.0096 5484 btwaudio - ok
15:38:18.0143 5484 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
15:38:18.0159 5484 btwavdt - ok
15:38:18.0221 5484 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:38:18.0221 5484 btwdins - ok
15:38:18.0252 5484 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:38:18.0268 5484 btwl2cap - ok
15:38:18.0330 5484 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
15:38:18.0330 5484 btwrchid - ok
15:38:18.0377 5484 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:38:18.0393 5484 cdfs - ok
15:38:18.0471 5484 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:38:18.0486 5484 cdrom - ok
15:38:18.0549 5484 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:38:18.0564 5484 CertPropSvc - ok
15:38:18.0595 5484 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:38:18.0611 5484 circlass - ok
15:38:18.0642 5484 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:38:18.0658 5484 CLFS - ok
15:38:18.0751 5484 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:18.0783 5484 clr_optimization_v2.0.50727_32 - ok
15:38:18.0814 5484 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:38:18.0829 5484 clr_optimization_v2.0.50727_64 - ok
15:38:18.0907 5484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:38:18.0907 5484 clr_optimization_v4.0.30319_32 - ok
15:38:18.0954 5484 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:38:18.0954 5484 clr_optimization_v4.0.30319_64 - ok
15:38:19.0017 5484 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:38:19.0032 5484 CmBatt - ok
15:38:19.0095 5484 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:38:19.0110 5484 cmdide - ok
15:38:19.0157 5484 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:38:19.0188 5484 CNG - ok
15:38:19.0219 5484 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:38:19.0219 5484 Compbatt - ok
15:38:19.0282 5484 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:38:19.0297 5484 CompositeBus - ok
15:38:19.0313 5484 COMSysApp - ok
15:38:19.0344 5484 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:38:19.0344 5484 crcdisk - ok
15:38:19.0422 5484 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:38:19.0438 5484 CryptSvc - ok
15:38:19.0531 5484 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
15:38:19.0547 5484 dc3d - ok
15:38:19.0594 5484 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:38:19.0609 5484 DcomLaunch - ok
15:38:19.0672 5484 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:38:19.0687 5484 defragsvc - ok
15:38:19.0734 5484 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:38:19.0750 5484 DfsC - ok
15:38:19.0812 5484 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:38:19.0828 5484 Dhcp - ok
15:38:19.0859 5484 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:38:19.0859 5484 discache - ok
15:38:19.0968 5484 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:38:19.0984 5484 Disk - ok
15:38:20.0031 5484 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:38:20.0046 5484 Dnscache - ok
15:38:20.0124 5484 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:38:20.0140 5484 dot3svc - ok
15:38:20.0171 5484 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:38:20.0202 5484 DPS - ok
15:38:20.0233 5484 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:38:20.0249 5484 drmkaud - ok
15:38:20.0311 5484 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:38:20.0343 5484 DXGKrnl - ok
15:38:20.0389 5484 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:38:20.0405 5484 EapHost - ok
15:38:20.0545 5484 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:38:20.0608 5484 ebdrv - ok
15:38:20.0670 5484 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:38:20.0670 5484 EFS - ok
15:38:20.0748 5484 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:38:20.0779 5484 ehRecvr - ok
15:38:20.0842 5484 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:38:20.0873 5484 ehSched - ok
15:38:20.0951 5484 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:38:20.0982 5484 elxstor - ok
15:38:21.0029 5484 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:38:21.0045 5484 ErrDev - ok
15:38:21.0107 5484 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:38:21.0107 5484 EventSystem - ok
15:38:21.0138 5484 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:38:21.0169 5484 exfat - ok
15:38:21.0201 5484 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:38:21.0201 5484 fastfat - ok
15:38:21.0279 5484 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:38:21.0310 5484 Fax - ok
15:38:21.0372 5484 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:38:21.0388 5484 fdc - ok
15:38:21.0403 5484 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:38:21.0419 5484 fdPHost - ok
15:38:21.0435 5484 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:38:21.0450 5484 FDResPub - ok
15:38:21.0481 5484 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:38:21.0497 5484 FileInfo - ok
15:38:21.0513 5484 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:38:21.0528 5484 Filetrace - ok
15:38:21.0606 5484 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:38:21.0637 5484 FLEXnet Licensing Service - ok
15:38:21.0700 5484 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:38:21.0715 5484 flpydisk - ok
15:38:21.0793 5484 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:38:21.0825 5484 FltMgr - ok
15:38:21.0871 5484 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:38:21.0934 5484 FontCache - ok
15:38:22.0012 5484 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:38:22.0012 5484 FontCache3.0.0.0 - ok
15:38:22.0059 5484 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:38:22.0074 5484 FsDepends - ok
15:38:22.0137 5484 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:38:22.0152 5484 fssfltr - ok
15:38:22.0246 5484 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:38:22.0339 5484 fsssvc - ok
15:38:22.0371 5484 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:38:22.0371 5484 Fs_Rec - ok
15:38:22.0449 5484 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:38:22.0449 5484 fvevol - ok
15:38:22.0511 5484 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:38:22.0527 5484 gagp30kx - ok
15:38:22.0620 5484 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
15:38:22.0636 5484 GoogleDesktopManager-051210-111108 - ok
15:38:22.0698 5484 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
15:38:22.0729 5484 GoToAssist - ok
15:38:22.0807 5484 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:38:22.0854 5484 gpsvc - ok
15:38:22.0901 5484 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:22.0901 5484 gupdate - ok
15:38:22.0932 5484 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:22.0932 5484 gupdatem - ok
15:38:22.0995 5484 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:38:22.0995 5484 gusvc - ok
15:38:23.0057 5484 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:38:23.0073 5484 hcw85cir - ok
15:38:23.0151 5484 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:38:23.0182 5484 HdAudAddService - ok
15:38:23.0229 5484 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:38:23.0229 5484 HDAudBus - ok
15:38:23.0244 5484 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:38:23.0260 5484 HidBatt - ok
15:38:23.0275 5484 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:38:23.0291 5484 HidBth - ok
15:38:23.0322 5484 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:38:23.0338 5484 HidIr - ok
15:38:23.0369 5484 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:38:23.0369 5484 hidserv - ok
15:38:23.0431 5484 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:38:23.0447 5484 HidUsb - ok
15:38:23.0494 5484 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:38:23.0509 5484 hkmsvc - ok
15:38:23.0587 5484 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:38:23.0603 5484 HomeGroupListener - ok
15:38:23.0650 5484 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:38:23.0665 5484 HomeGroupProvider - ok
15:38:23.0728 5484 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:38:23.0743 5484 HpSAMD - ok
15:38:23.0821 5484 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:38:23.0821 5484 HTTP - ok
15:38:23.0915 5484 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:38:23.0915 5484 hwpolicy - ok
15:38:23.0962 5484 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:38:23.0993 5484 i8042prt - ok
15:38:24.0040 5484 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
15:38:24.0040 5484 iaStor - ok
15:38:24.0102 5484 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:38:24.0118 5484 IAStorDataMgrSvc - ok
15:38:24.0180 5484 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:38:24.0211 5484 iaStorV - ok
15:38:24.0305 5484 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:38:24.0367 5484 IDriverT - ok
15:38:24.0445 5484 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:38:24.0492 5484 idsvc - ok
15:38:24.0539 5484 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:38:24.0555 5484 iirsp - ok
15:38:24.0633 5484 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:38:24.0679 5484 IKEEXT - ok
15:38:24.0742 5484 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
15:38:24.0757 5484 Impcd - ok
15:38:24.0867 5484 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
15:38:24.0945 5484 IntcAzAudAddService - ok
15:38:25.0007 5484 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:38:25.0023 5484 intelide - ok
15:38:25.0069 5484 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:38:25.0069 5484 intelppm - ok
15:38:25.0101 5484 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:38:25.0116 5484 IPBusEnum - ok
15:38:25.0147 5484 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:38:25.0163 5484 IpFilterDriver - ok
15:38:25.0225 5484 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:38:25.0241 5484 iphlpsvc - ok
15:38:25.0272 5484 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:38:25.0303 5484 IPMIDRV - ok
15:38:25.0335 5484 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:38:25.0335 5484 IPNAT - ok
15:38:25.0397 5484 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:38:25.0413 5484 IRENUM - ok
15:38:25.0459 5484 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:38:25.0459 5484 isapnp - ok
15:38:25.0491 5484 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:38:25.0506 5484 iScsiPrt - ok
15:38:25.0553 5484 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:38:25.0553 5484 IviRegMgr - ok
15:38:25.0600 5484 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:38:25.0615 5484 kbdclass - ok
15:38:25.0662 5484 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:38:25.0678 5484 kbdhid - ok
15:38:25.0725 5484 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:38:25.0725 5484 KeyIso - ok
15:38:25.0787 5484 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:38:25.0803 5484 KSecDD - ok
15:38:25.0834 5484 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:38:25.0865 5484 KSecPkg - ok
15:38:25.0896 5484 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:38:25.0912 5484 ksthunk - ok
15:38:25.0959 5484 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:38:25.0974 5484 KtmRm - ok
15:38:26.0037 5484 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:38:26.0068 5484 LanmanServer - ok
15:38:26.0130 5484 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:38:26.0146 5484 LanmanWorkstation - ok
15:38:26.0239 5484 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:38:26.0255 5484 lltdio - ok
15:38:26.0286 5484 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:38:26.0302 5484 lltdsvc - ok
15:38:26.0333 5484 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:38:26.0333 5484 lmhosts - ok
15:38:26.0380 5484 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:38:26.0395 5484 LSI_FC - ok
15:38:26.0427 5484 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:38:26.0442 5484 LSI_SAS - ok
15:38:26.0458 5484 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:38:26.0473 5484 LSI_SAS2 - ok
15:38:26.0489 5484 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:38:26.0489 5484 LSI_SCSI - ok
15:38:26.0520 5484 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:38:26.0520 5484 luafv - ok
15:38:26.0583 5484 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:38:26.0598 5484 Mcx2Svc - ok
15:38:26.0645 5484 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:38:26.0661 5484 megasas - ok
15:38:26.0692 5484 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:38:26.0707 5484 MegaSR - ok
15:38:26.0739 5484 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:38:26.0754 5484 MMCSS - ok
15:38:26.0785 5484 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:38:26.0801 5484 Modem - ok
15:38:26.0848 5484 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:38:26.0848 5484 monitor - ok
15:38:26.0863 5484 motccgp - ok
15:38:26.0879 5484 motccgpfl - ok
15:38:26.0895 5484 motmodem - ok
15:38:27.0004 5484 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
15:38:27.0004 5484 MotoHelper - ok
15:38:27.0035 5484 MotoSwitchService - ok
15:38:27.0051 5484 Motousbnet - ok
15:38:27.0082 5484 motusbdevice - ok
15:38:27.0160 5484 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:38:27.0175 5484 mouclass - ok
15:38:27.0207 5484 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:38:27.0222 5484 mouhid - ok
15:38:27.0253 5484 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:38:27.0253 5484 mountmgr - ok
15:38:27.0300 5484 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:38:27.0316 5484 mpio - ok
15:38:27.0347 5484 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:38:27.0363 5484 mpsdrv - ok
15:38:27.0425 5484 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:38:27.0472 5484 MpsSvc - ok
15:38:27.0503 5484 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:38:27.0534 5484 MRxDAV - ok
15:38:27.0581 5484 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:38:27.0612 5484 mrxsmb - ok
15:38:27.0659 5484 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:38:27.0690 5484 mrxsmb10 - ok
15:38:27.0721 5484 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:38:27.0737 5484 mrxsmb20 - ok
15:38:27.0768 5484 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:38:27.0784 5484 msahci - ok
15:38:27.0846 5484 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
15:38:27.0846 5484 MsDepSvc - ok
15:38:27.0909 5484 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:38:27.0924 5484 msdsm - ok
15:38:27.0971 5484 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:38:28.0002 5484 MSDTC - ok
15:38:28.0049 5484 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:38:28.0065 5484 Msfs - ok
15:38:28.0096 5484 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:38:28.0111 5484 mshidkmdf - ok
15:38:28.0143 5484 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:38:28.0143 5484 msisadrv - ok
15:38:28.0174 5484 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:38:28.0174 5484 MSiSCSI - ok
15:38:28.0189 5484 msiserver - ok
15:38:28.0205 5484 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:38:28.0221 5484 MSKSSRV - ok
15:38:28.0236 5484 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:38:28.0236 5484 MSPCLOCK - ok
15:38:28.0267 5484 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:38:28.0267 5484 MSPQM - ok
15:38:28.0314 5484 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:38:28.0330 5484 MsRPC - ok
15:38:28.0377 5484 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:38:28.0377 5484 mssmbios - ok
15:38:28.0501 5484 MSSQL$SQLEXPRESS - ok
15:38:28.0579 5484 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:38:28.0595 5484 MSSQLServerADHelper100 - ok
15:38:28.0657 5484 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:38:28.0673 5484 MSTEE - ok
15:38:28.0704 5484 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:38:28.0720 5484 MTConfig - ok
15:38:28.0767 5484 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:38:28.0782 5484 Mup - ok
15:38:28.0829 5484 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:38:28.0845 5484 napagent - ok
15:38:28.0876 5484 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:38:28.0907 5484 NativeWifiP - ok
15:38:28.0969 5484 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:38:28.0985 5484 NDIS - ok
15:38:29.0016 5484 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:38:29.0032 5484 NdisCap - ok
15:38:29.0063 5484 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:38:29.0079 5484 NdisTapi - ok
15:38:29.0141 5484 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:38:29.0157 5484 Ndisuio - ok
15:38:29.0219 5484 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:38:29.0250 5484 NdisWan - ok
15:38:29.0297 5484 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:38:29.0313 5484 NDProxy - ok
15:38:29.0391 5484 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:38:29.0391 5484 Nero BackItUp Scheduler 4.0 - ok
15:38:29.0437 5484 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:38:29.0469 5484 NetBIOS - ok
15:38:29.0500 5484 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:38:29.0500 5484 NetBT - ok
15:38:29.0562 5484 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:38:29.0562 5484 Netlogon - ok
15:38:29.0593 5484 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:38:29.0609 5484 Netman - ok
15:38:29.0718 5484 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:29.0749 5484 NetMsmqActivator - ok
15:38:29.0765 5484 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:29.0765 5484 NetPipeActivator - ok
15:38:29.0796 5484 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:38:29.0812 5484 netprofm - ok
15:38:29.0827 5484 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:29.0827 5484 NetTcpActivator - ok
15:38:29.0827 5484 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:29.0827 5484 NetTcpPortSharing - ok
15:38:29.0874 5484 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:38:29.0890 5484 nfrd960 - ok
15:38:29.0968 5484 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:38:29.0999 5484 NlaSvc - ok
15:38:30.0015 5484 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:38:30.0046 5484 Npfs - ok
15:38:30.0077 5484 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:38:30.0093 5484 nsi - ok
15:38:30.0139 5484 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:38:30.0139 5484 nsiproxy - ok
15:38:30.0202 5484 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:38:30.0264 5484 Ntfs - ok
15:38:30.0280 5484 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:38:30.0280 5484 Null - ok
15:38:30.0327 5484 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:38:30.0342 5484 nusb3hub - ok
15:38:30.0405 5484 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\drivers\nusb3xhc.sys
15:38:30.0405 5484 nusb3xhc - ok
15:38:30.0451 5484 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
15:38:30.0483 5484 NVHDA - ok
15:38:30.0795 5484 nvlddmkm (fbe6ac1c3591cb67543fad15abd26bcb) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:38:30.0935 5484 nvlddmkm - ok
15:38:31.0029 5484 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:38:31.0060 5484 nvraid - ok
15:38:31.0091 5484 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:38:31.0107 5484 nvstor - ok
15:38:31.0153 5484 nvsvc (147b0d17255fd796f990cc6f745605c5) C:\Windows\system32\nvvsvc.exe
15:38:31.0169 5484 nvsvc - ok
15:38:31.0185 5484 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:38:31.0200 5484 nv_agp - ok
15:38:31.0294 5484 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
15:38:31.0294 5484 Oasis2Service - ok
15:38:31.0387 5484 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:38:31.0387 5484 ohci1394 - ok
15:38:31.0481 5484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:38:31.0497 5484 ose - ok
15:38:31.0606 5484 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:38:31.0621 5484 osppsvc - ok
15:38:31.0699 5484 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:38:31.0699 5484 p2pimsvc - ok
15:38:31.0762 5484 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:38:31.0793 5484 p2psvc - ok
15:38:31.0840 5484 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:38:31.0871 5484 Parport - ok
15:38:31.0902 5484 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:38:31.0933 5484 partmgr - ok
15:38:31.0949 5484 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:38:31.0965 5484 PcaSvc - ok
15:38:32.0011 5484 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:38:32.0043 5484 pci - ok
15:38:32.0058 5484 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:38:32.0074 5484 pciide - ok
15:38:32.0105 5484 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:38:32.0136 5484 pcmcia - ok
15:38:32.0199 5484 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:38:32.0214 5484 pcw - ok
15:38:32.0261 5484 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:38:32.0292 5484 PEAUTH - ok
15:38:32.0339 5484 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:38:32.0370 5484 PerfHost - ok
15:38:32.0433 5484 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:38:32.0479 5484 pla - ok
15:38:32.0526 5484 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:38:32.0557 5484 PlugPlay - ok
15:38:32.0620 5484 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:38:32.0635 5484 PMBDeviceInfoProvider - ok
15:38:32.0729 5484 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:38:32.0745 5484 PNRPAutoReg - ok
15:38:32.0776 5484 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:38:32.0776 5484 PNRPsvc - ok
15:38:32.0838 5484 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
15:38:32.0854 5484 Point64 - ok
15:38:32.0901 5484 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:38:32.0932 5484 PolicyAgent - ok
15:38:32.0979 5484 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:38:32.0979 5484 Power - ok
15:38:33.0025 5484 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:38:33.0057 5484 PptpMiniport - ok
15:38:33.0088 5484 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:38:33.0103 5484 Processor - ok
15:38:33.0197 5484 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:38:33.0213 5484 ProfSvc - ok
15:38:33.0259 5484 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:38:33.0259 5484 ProtectedStorage - ok
15:38:33.0322 5484 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:38:33.0322 5484 Psched - ok
15:38:33.0369 5484 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:38:33.0384 5484 PSI_SVC_2 - ok
15:38:33.0431 5484 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:38:33.0431 5484 PxHlpa64 - ok
15:38:33.0493 5484 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:38:33.0540 5484 ql2300 - ok
15:38:33.0618 5484 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:38:33.0649 5484 ql40xx - ok
15:38:33.0696 5484 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:38:33.0727 5484 QWAVE - ok
15:38:33.0743 5484 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:38:33.0743 5484 QWAVEdrv - ok
15:38:33.0774 5484 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:38:33.0774 5484 RasAcd - ok
15:38:33.0805 5484 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:38:33.0821 5484 RasAgileVpn - ok
15:38:33.0837 5484 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:38:33.0852 5484 RasAuto - ok
15:38:33.0883 5484 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:38:33.0899 5484 Rasl2tp - ok
15:38:33.0946 5484 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:38:33.0977 5484 RasMan - ok
15:38:34.0008 5484 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:38:34.0039 5484 RasPppoe - ok
15:38:34.0117 5484 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:38:34.0133 5484 RasSstp - ok
15:38:34.0195 5484 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:38:34.0211 5484 rdbss - ok
15:38:34.0242 5484 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:38:34.0258 5484 rdpbus - ok
15:38:34.0289 5484 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:38:34.0289 5484 RDPCDD - ok
15:38:34.0305 5484 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:38:34.0305 5484 RDPENCDD - ok
15:38:34.0398 5484 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:38:34.0398 5484 RDPREFMP - ok
15:38:34.0445 5484 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:38:34.0461 5484 RDPWD - ok
15:38:34.0523 5484 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:38:34.0539 5484 rdyboost - ok
15:38:34.0617 5484 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:38:34.0632 5484 regi - ok
15:38:34.0679 5484 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:38:34.0710 5484 RemoteAccess - ok
15:38:34.0804 5484 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:38:34.0819 5484 RemoteRegistry - ok
15:38:34.0866 5484 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:38:34.0897 5484 RFCOMM - ok
15:38:34.0929 5484 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
15:38:34.0944 5484 rimspci - ok
15:38:35.0022 5484 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
15:38:35.0038 5484 risdsnpe - ok
15:38:35.0116 5484 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:38:35.0131 5484 RpcEptMapper - ok
15:38:35.0163 5484 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:38:35.0178 5484 RpcLocator - ok
15:38:35.0209 5484 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:38:35.0225 5484 RpcSs - ok
15:38:35.0287 5484 RsFx0151 (c606c5f712a3761896ceffa4af6b1268) C:\Windows\system32\DRIVERS\RsFx0151.sys
15:38:35.0303 5484 RsFx0151 - ok
15:38:35.0350 5484 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:38:35.0365 5484 rspndr - ok
15:38:35.0475 5484 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:38:35.0475 5484 SamSs - ok
15:38:35.0521 5484 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:38:35.0521 5484 sbp2port - ok
15:38:35.0568 5484 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:38:35.0584 5484 SCardSvr - ok
15:38:35.0615 5484 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:38:35.0631 5484 scfilter - ok
15:38:35.0724 5484 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:38:35.0755 5484 Schedule - ok
15:38:35.0802 5484 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:38:35.0802 5484 SCPolicySvc - ok
15:38:35.0880 5484 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
15:38:35.0896 5484 sdbus - ok
15:38:35.0943 5484 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:38:35.0943 5484 SDRSVC - ok
15:38:35.0989 5484 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:38:35.0989 5484 secdrv - ok
15:38:36.0036 5484 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:38:36.0036 5484 seclogon - ok
15:38:36.0083 5484 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:38:36.0099 5484 SENS - ok
15:38:36.0130 5484 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:38:36.0130 5484 SensrSvc - ok
15:38:36.0177 5484 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:38:36.0192 5484 Serenum - ok
15:38:36.0255 5484 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:38:36.0270 5484 Serial - ok
15:38:36.0301 5484 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:38:36.0317 5484 sermouse - ok
15:38:36.0348 5484 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:38:36.0364 5484 SessionEnv - ok
15:38:36.0395 5484 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
15:38:36.0395 5484 SFEP - ok
15:38:36.0442 5484 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:38:36.0442 5484 sffdisk - ok
15:38:36.0473 5484 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:38:36.0473 5484 sffp_mmc - ok
15:38:36.0489 5484 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:38:36.0504 5484 sffp_sd - ok
15:38:36.0535 5484 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:38:36.0535 5484 sfloppy - ok
15:38:36.0582 5484 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:38:36.0598 5484 SharedAccess - ok
15:38:36.0707 5484 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:38:36.0738 5484 ShellHWDetection - ok
15:38:36.0801 5484 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:38:36.0816 5484 SiSRaid2 - ok
15:38:36.0847 5484 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:38:36.0863 5484 SiSRaid4 - ok
15:38:36.0894 5484 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:38:36.0910 5484 Smb - ok
15:38:36.0957 5484 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:38:36.0972 5484 SNMPTRAP - ok
15:38:37.0050 5484 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:38:37.0097 5484 SOHCImp - ok
15:38:37.0128 5484 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:38:37.0144 5484 SOHDms - ok
15:38:37.0159 5484 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:38:37.0175 5484 SOHDs - ok
15:38:37.0237 5484 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:38:37.0253 5484 SpfService - ok
15:38:37.0315 5484 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:38:37.0315 5484 spldr - ok
15:38:37.0362 5484 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:38:37.0378 5484 Spooler - ok
15:38:37.0471 5484 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:38:37.0503 5484 sppsvc - ok
15:38:37.0565 5484 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:38:37.0565 5484 sppuinotify - ok
15:38:37.0690 5484 SQLAgent$SQLEXPRESS (3420e0482ad95120b471b7328a8d7d08) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:38:37.0721 5484 SQLAgent$SQLEXPRESS - ok
15:38:37.0783 5484 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:38:37.0815 5484 SQLBrowser - ok
15:38:37.0861 5484 SQLWriter (54a531aa07a2c786040ba476122176a4) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:38:37.0861 5484 SQLWriter - ok
15:38:37.0939 5484 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:38:37.0971 5484 srv - ok
15:38:38.0033 5484 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:38:38.0064 5484 srv2 - ok
15:38:38.0095 5484 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:38:38.0111 5484 srvnet - ok
15:38:38.0173 5484 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:38:38.0205 5484 SSDPSRV - ok
15:38:38.0236 5484 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:38:38.0236 5484 SstpSvc - ok
15:38:38.0314 5484 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:38:38.0314 5484 stexstor - ok
15:38:38.0470 5484 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:38:38.0485 5484 stisvc - ok
15:38:38.0532 5484 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:38:38.0548 5484 swenum - ok
15:38:38.0595 5484 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:38:38.0595 5484 swprv - ok
15:38:38.0673 5484 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:38:38.0704 5484 SysMain - ok
15:38:38.0782 5484 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:38:38.0797 5484 TabletInputService - ok
15:38:38.0829 5484 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:38:38.0844 5484 TapiSrv - ok
15:38:38.0875 5484 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:38:38.0875 5484 TBS - ok
15:38:38.0953 5484 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:38:39.0031 5484 Tcpip - ok
15:38:39.0078 5484 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:38:39.0094 5484 TCPIP6 - ok
15:38:39.0141 5484 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:38:39.0141 5484 tcpipreg - ok
15:38:39.0172 5484 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:38:39.0187 5484 TDPIPE - ok
15:38:39.0219 5484 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:38:39.0219 5484 TDTCP - ok
15:38:39.0312 5484 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:38:39.0328 5484 tdx - ok
15:38:39.0406 5484 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:38:39.0421 5484 TermDD - ok
15:38:39.0453 5484 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:38:39.0468 5484 TermService - ok
15:38:39.0499 5484 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:38:39.0515 5484 Themes - ok
15:38:39.0531 5484 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:38:39.0546 5484 THREADORDER - ok
15:38:39.0577 5484 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
15:38:39.0593 5484 tmactmon - ok
15:38:39.0624 5484 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
15:38:39.0640 5484 tmcomm - ok
15:38:39.0733 5484 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
15:38:39.0749 5484 tmevtmgr - ok
15:38:39.0796 5484 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
15:38:39.0811 5484 tmtdi - ok
15:38:39.0843 5484 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:38:39.0858 5484 TrkWks - ok
15:38:39.0936 5484 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
15:38:39.0967 5484 truecrypt - ok
15:38:40.0014 5484 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:38:40.0014 5484 TrustedInstaller - ok
15:38:40.0077 5484 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:38:40.0092 5484 tssecsrv - ok
15:38:40.0217 5484 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:38:40.0233 5484 TsUsbFlt - ok
15:38:40.0295 5484 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:38:40.0326 5484 tunnel - ok
15:38:40.0373 5484 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:38:40.0389 5484 uagp35 - ok
15:38:40.0435 5484 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:38:40.0435 5484 uCamMonitor - ok
15:38:40.0498 5484 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:38:40.0529 5484 udfs - ok
15:38:40.0560 5484 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:38:40.0576 5484 UI0Detect - ok
15:38:40.0623 5484 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:38:40.0638 5484 uliagpkx - ok
15:38:40.0716 5484 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:38:40.0732 5484 umbus - ok
15:38:40.0763 5484 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:38:40.0763 5484 UmPass - ok
15:38:40.0857 5484 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
15:38:40.0872 5484 Updater Service for StartNow Toolbar - ok
15:38:40.0935 5484 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:38:40.0950 5484 upnphost - ok
15:38:40.0981 5484 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:38:40.0997 5484 usbccgp - ok
15:38:41.0044 5484 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:38:41.0075 5484 usbcir - ok
15:38:41.0106 5484 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:38:41.0122 5484 usbehci - ok
15:38:41.0153 5484 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:38:41.0184 5484 usbhub - ok
15:38:41.0215 5484 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:38:41.0231 5484 usbohci - ok
15:38:41.0262 5484 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:38:41.0278 5484 usbprint - ok
15:38:41.0340 5484 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:38:41.0356 5484 usbscan - ok
15:38:41.0418 5484 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:38:41.0418 5484 USBSTOR - ok
15:38:41.0465 5484 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:38:41.0481 5484 usbuhci - ok
15:38:41.0543 5484 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:38:41.0559 5484 usbvideo - ok
15:38:41.0574 5484 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:38:41.0590 5484 UxSms - ok
15:38:41.0652 5484 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:38:41.0652 5484 VAIO Event Service - ok
15:38:41.0746 5484 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:38:41.0746 5484 VAIO Power Management - ok
15:38:41.0839 5484 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:38:41.0839 5484 VaultSvc - ok
15:38:41.0917 5484 VCFw (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:38:41.0995 5484 VCFw - ok
15:38:42.0058 5484 VcmIAlzMgr (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:38:42.0073 5484 VcmIAlzMgr - ok
15:38:42.0120 5484 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:38:42.0167 5484 VcmINSMgr - ok
15:38:42.0229 5484 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:38:42.0261 5484 VcmXmlIfHelper - ok
15:38:42.0307 5484 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
15:38:42.0307 5484 VCService - ok
15:38:42.0401 5484 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:38:42.0417 5484 vdrvroot - ok
15:38:42.0510 5484 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:38:42.0526 5484 vds - ok
15:38:42.0573 5484 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:38:42.0588 5484 vga - ok
15:38:42.0604 5484 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:38:42.0604 5484 VgaSave - ok
15:38:42.0651 5484 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:38:42.0666 5484 vhdmp - ok
15:38:42.0697 5484 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:38:42.0697 5484 viaide - ok
15:38:42.0729 5484 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:38:42.0744 5484 volmgr - ok
15:38:42.0791 5484 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:38:42.0791 5484 volmgrx - ok
15:38:42.0885 5484 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:38:42.0916 5484 volsnap - ok
15:38:42.0978 5484 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:38:42.0994 5484 vsmraid - ok
15:38:43.0072 5484 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:38:43.0087 5484 VSS - ok
15:38:43.0212 5484 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
15:38:43.0228 5484 VUAgent - ok
15:38:43.0290 5484 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:38:43.0306 5484 vwifibus - ok
15:38:43.0321 5484 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:38:43.0353 5484 vwififlt - ok
15:38:43.0368 5484 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:38:43.0384 5484 vwifimp - ok
15:38:43.0415 5484 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:38:43.0431 5484 W32Time - ok
15:38:43.0509 5484 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
15:38:43.0524 5484 W3SVC - ok
15:38:43.0540 5484 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:38:43.0555 5484 WacomPen - ok
15:38:43.0602 5484 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:43.0618 5484 WANARP - ok
15:38:43.0618 5484 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:43.0618 5484 Wanarpv6 - ok
15:38:43.0665 5484 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
15:38:43.0665 5484 WAS - ok
15:38:43.0774 5484 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:38:43.0836 5484 WatAdminSvc - ok
15:38:43.0914 5484 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:38:43.0992 5484 wbengine - ok
15:38:44.0023 5484 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:38:44.0055 5484 WbioSrvc - ok
15:38:44.0164 5484 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:38:44.0164 5484 wcncsvc - ok
15:38:44.0195 5484 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:38:44.0211 5484 WcsPlugInService - ok
15:38:44.0273 5484 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:38:44.0289 5484 Wd - ok
15:38:44.0398 5484 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
15:38:44.0413 5484 WDC_SAM - ok
15:38:44.0476 5484 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:38:44.0507 5484 Wdf01000 - ok
15:38:44.0554 5484 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:38:44.0554 5484 WdiServiceHost - ok
15:38:44.0569 5484 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:38:44.0569 5484 WdiSystemHost - ok
15:38:44.0616 5484 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:38:44.0632 5484 WebClient - ok
15:38:44.0663 5484 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:38:44.0679 5484 Wecsvc - ok
15:38:44.0741 5484 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:38:44.0741 5484 wercplsupport - ok
15:38:44.0772 5484 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:38:44.0772 5484 WerSvc - ok
15:38:44.0803 5484 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:38:44.0819 5484 WfpLwf - ok
15:38:44.0835 5484 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:38:44.0850 5484 WIMMount - ok
15:38:44.0866 5484 WinDefend - ok
15:38:44.0866 5484 WinHttpAutoProxySvc - ok
15:38:44.0913 5484 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:38:44.0928 5484 Winmgmt - ok
15:38:45.0006 5484 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:38:45.0084 5484 WinRM - ok
15:38:45.0162 5484 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:38:45.0178 5484 WinUsb - ok
15:38:45.0240 5484 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:38:45.0287 5484 Wlansvc - ok
15:38:45.0349 5484 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:38:45.0381 5484 wlcrasvc - ok
15:38:45.0474 5484 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:38:45.0490 5484 wlidsvc - ok
15:38:45.0583 5484 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:38:45.0583 5484 WmiAcpi - ok
15:38:45.0630 5484 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:38:45.0630 5484 wmiApSrv - ok
15:38:45.0646 5484 WMPNetworkSvc - ok
15:38:45.0677 5484 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:38:45.0693 5484 WPCSvc - ok
15:38:45.0739 5484 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:38:45.0739 5484 WPDBusEnum - ok
15:38:45.0771 5484 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:38:45.0771 5484 ws2ifsl - ok
15:38:45.0786 5484 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:38:45.0802 5484 wscsvc - ok
15:38:45.0849 5484 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
15:38:45.0864 5484 WSDPrintDevice - ok
15:38:45.0895 5484 WSearch - ok
15:38:46.0005 5484 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:38:46.0020 5484 wuauserv - ok
15:38:46.0083 5484 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:38:46.0098 5484 WudfPf - ok
15:38:46.0161 5484 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:38:46.0161 5484 WUDFRd - ok
15:38:46.0207 5484 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:38:46.0223 5484 wudfsvc - ok
15:38:46.0254 5484 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:38:46.0285 5484 WwanSvc - ok
15:38:46.0379 5484 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:38:46.0379 5484 YahooAUService - ok
15:38:46.0457 5484 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
15:38:46.0473 5484 yukonw7 - ok
15:38:46.0519 5484 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:38:46.0566 5484 \Device\Harddisk0\DR0 - ok
15:38:46.0582 5484 MBR (0x1B8) (25dd37712c5c4c588f88f364399975d8) \Device\Harddisk1\DR1
15:38:50.0107 5484 \Device\Harddisk1\DR1 - ok
15:38:50.0123 5484 Boot (0x1200) (c7bc1e4f00811478220755bfdb9971f9) \Device\Harddisk0\DR0\Partition0
15:38:50.0123 5484 \Device\Harddisk0\DR0\Partition0 - ok
15:38:50.0139 5484 Boot (0x1200) (5f501590badc08de731632a641ef0d1c) \Device\Harddisk0\DR0\Partition1
15:38:50.0154 5484 \Device\Harddisk0\DR0\Partition1 - ok
15:38:50.0154 5484 Boot (0x1200) (1d8898820f66fcd3aef082b593296255) \Device\Harddisk1\DR1\Partition0
15:38:50.0154 5484 \Device\Harddisk1\DR1\Partition0 - ok
15:38:50.0154 5484 ============================================================
15:38:50.0154 5484 Scan finished
15:38:50.0154 5484 ============================================================
15:38:50.0170 0932 Detected object count: 0
15:38:50.0170 0932 Actual detected object count: 0
15:39:24.0708 5220 ============================================================
15:39:24.0708 5220 Scan started
15:39:24.0708 5220 Mode: Manual; TDLFS;
15:39:24.0708 5220 ============================================================
15:39:31.0307 7000 ============================================================
15:39:31.0307 7000 Scan started
15:39:31.0307 7000 Mode: Manual; TDLFS;
15:39:31.0307 7000 ============================================================
15:39:32.0508 7000 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:39:32.0524 7000 1394ohci - ok
15:39:32.0602 7000 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:39:32.0618 7000 ACDaemon - ok
15:39:32.0664 7000 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:39:32.0680 7000 ACPI - ok
15:39:32.0742 7000 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:39:32.0742 7000 AcpiPmi - ok
15:39:32.0836 7000 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
15:39:32.0852 7000 AdobeActiveFileMonitor7.0 - ok
15:39:32.0930 7000 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:39:32.0945 7000 adp94xx - ok
15:39:33.0008 7000 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:39:33.0023 7000 adpahci - ok
15:39:33.0054 7000 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:39:33.0054 7000 adpu320 - ok
15:39:33.0101 7000 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:39:33.0117 7000 AeLookupSvc - ok
15:39:33.0195 7000 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:39:33.0210 7000 AFD - ok
15:39:33.0288 7000 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:39:33.0288 7000 agp440 - ok
15:39:33.0335 7000 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:39:33.0351 7000 ALG - ok
15:39:33.0382 7000 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:39:33.0382 7000 aliide - ok
15:39:33.0398 7000 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:39:33.0398 7000 amdide - ok
15:39:33.0429 7000 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:39:33.0444 7000 AmdK8 - ok
15:39:33.0491 7000 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:39:33.0522 7000 AmdPPM - ok
15:39:33.0554 7000 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:39:33.0569 7000 amdsata - ok
15:39:33.0647 7000 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:39:33.0663 7000 amdsbs - ok
15:39:33.0710 7000 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:39:33.0710 7000 amdxata - ok
15:39:33.0772 7000 Amsp (18f64623e76ff58009d6f9cb9dea5d0a) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:39:33.0772 7000 Amsp - ok
15:39:33.0850 7000 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
15:39:33.0866 7000 ApfiltrService - ok
15:39:33.0928 7000 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll
15:39:33.0944 7000 AppHostSvc - ok
15:39:34.0006 7000 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:39:34.0006 7000 AppID - ok
15:39:34.0084 7000 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:39:34.0100 7000 AppIDSvc - ok
15:39:34.0131 7000 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:39:34.0146 7000 Appinfo - ok
15:39:34.0240 7000 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:39:34.0240 7000 arc - ok
15:39:34.0287 7000 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:39:34.0287 7000 arcsas - ok
15:39:34.0380 7000 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:39:34.0396 7000 ArcSoftKsUFilter - ok
15:39:34.0490 7000 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:39:34.0505 7000 aspnet_state - ok
15:39:34.0536 7000 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:34.0536 7000 AsyncMac - ok
15:39:34.0583 7000 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:39:34.0583 7000 atapi - ok
15:39:34.0646 7000 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
15:39:34.0661 7000 athr - ok
15:39:34.0739 7000 athur (36322190763845975e0d001e90687bf2) C:\Windows\system32\DRIVERS\athurx.sys
15:39:34.0770 7000 athur - ok
15:39:34.0833 7000 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:39:34.0848 7000 AudioEndpointBuilder - ok
15:39:34.0848 7000 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:39:34.0864 7000 AudioSrv - ok
15:39:34.0895 7000 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:39:34.0895 7000 AxInstSV - ok
15:39:34.0942 7000 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:39:34.0942 7000 b06bdrv - ok
15:39:35.0082 7000 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:39:35.0098 7000 b57nd60a - ok
15:39:35.0192 7000 BBSvc (7f29cdc01b61fdc67b7ff6e9588080bd) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:39:35.0207 7000 BBSvc - ok
15:39:35.0270 7000 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:39:35.0285 7000 BBUpdate - ok
15:39:35.0379 7000 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:39:35.0394 7000 BDESVC - ok
15:39:35.0410 7000 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:39:35.0410 7000 Beep - ok
15:39:35.0457 7000 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:39:35.0472 7000 BFE - ok
15:39:35.0504 7000 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:39:35.0519 7000 BITS - ok
15:39:35.0550 7000 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:39:35.0566 7000 blbdrive - ok
15:39:35.0582 7000 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:39:35.0597 7000 bowser - ok
15:39:35.0628 7000 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:39:35.0628 7000 BrFiltLo - ok
15:39:35.0644 7000 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:39:35.0660 7000 BrFiltUp - ok
15:39:35.0722 7000 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:39:35.0722 7000 Browser - ok
15:39:35.0753 7000 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:39:35.0769 7000 Brserid - ok
15:39:35.0784 7000 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:39:35.0784 7000 BrSerWdm - ok
15:39:35.0800 7000 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:39:35.0816 7000 BrUsbMdm - ok
15:39:35.0847 7000 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:39:35.0847 7000 BrUsbSer - ok
15:39:35.0862 7000 BTCFilterService - ok
15:39:35.0909 7000 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:39:35.0909 7000 BthEnum - ok
15:39:35.0940 7000 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:39:35.0956 7000 BTHMODEM - ok
15:39:35.0972 7000 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:39:35.0987 7000 BthPan - ok
15:39:36.0018 7000 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
15:39:36.0034 7000 BTHPORT - ok
15:39:36.0081 7000 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:39:36.0081 7000 bthserv - ok
15:39:36.0159 7000 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
15:39:36.0174 7000 BTHUSB - ok
15:39:36.0206 7000 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
15:39:36.0221 7000 btwampfl - ok
15:39:36.0252 7000 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
15:39:36.0252 7000 btwaudio - ok
15:39:36.0299 7000 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
15:39:36.0299 7000 btwavdt - ok
15:39:36.0377 7000 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:39:36.0393 7000 btwdins - ok
15:39:36.0440 7000 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:39:36.0455 7000 btwl2cap - ok
15:39:36.0486 7000 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
15:39:36.0486 7000 btwrchid - ok
15:39:36.0518 7000 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:39:36.0518 7000 cdfs - ok
15:39:36.0580 7000 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:39:36.0580 7000 cdrom - ok
15:39:36.0627 7000 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:39:36.0642 7000 CertPropSvc - ok
15:39:36.0674 7000 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:39:36.0674 7000 circlass - ok
15:39:36.0720 7000 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:39:36.0720 7000 CLFS - ok
15:39:36.0783 7000 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:36.0798 7000 clr_optimization_v2.0.50727_32 - ok
15:39:36.0845 7000 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:39:36.0845 7000 clr_optimization_v2.0.50727_64 - ok
15:39:36.0923 7000 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:36.0923 7000 clr_optimization_v4.0.30319_32 - ok
15:39:37.0017 7000 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:39:37.0017 7000 clr_optimization_v4.0.30319_64 - ok
15:39:37.0095 7000 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:39:37.0095 7000 CmBatt - ok
15:39:37.0126 7000 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:39:37.0142 7000 cmdide - ok
15:39:37.0235 7000 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:39:37.0251 7000 CNG - ok
15:39:37.0282 7000 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:39:37.0282 7000 Compbatt - ok
15:39:37.0313 7000 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:39:37.0329 7000 CompositeBus - ok
15:39:37.0329 7000 COMSysApp - ok
15:39:37.0407 7000 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:39:37.0422 7000 crcdisk - ok
15:39:37.0485 7000 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:39:37.0485 7000 CryptSvc - ok
15:39:37.0610 7000 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
15:39:37.0625 7000 dc3d - ok
15:39:37.0703 7000 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:39:37.0734 7000 DcomLaunch - ok
15:39:37.0766 7000 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:39:37.0781 7000 defragsvc - ok
15:39:37.0812 7000 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:39:37.0828 7000 DfsC - ok
15:39:37.0859 7000 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:39:37.0875 7000 Dhcp - ok
15:39:37.0906 7000 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:39:37.0922 7000 discache - ok
15:39:37.0968 7000 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:39:37.0984 7000 Disk - ok
15:39:38.0046 7000 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:39:38.0046 7000 Dnscache - ok
15:39:38.0187 7000 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:39:38.0202 7000 dot3svc - ok
15:39:38.0265 7000 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:39:38.0280 7000 DPS - ok
15:39:38.0327 7000 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:39:38.0327 7000 drmkaud - ok
15:39:38.0390 7000 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:39:38.0421 7000 DXGKrnl - ok
15:39:38.0483 7000 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:39:38.0499 7000 EapHost - ok
15:39:38.0577 7000 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:39:38.0592 7000 ebdrv - ok
15:39:38.0639 7000 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:39:38.0655 7000 EFS - ok
15:39:38.0702 7000 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:39:38.0733 7000 ehRecvr - ok
15:39:38.0748 7000 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:39:38.0764 7000 ehSched - ok
15:39:38.0842 7000 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:39:38.0858 7000 elxstor - ok
15:39:38.0889 7000 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:39:38.0904 7000 ErrDev - ok
15:39:38.0936 7000 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:39:38.0936 7000 EventSystem - ok
15:39:38.0951 7000 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:39:38.0967 7000 exfat - ok
15:39:39.0014 7000 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:39:39.0014 7000 fastfat - ok
15:39:39.0060 7000 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:39:39.0092 7000 Fax - ok
15:39:39.0107 7000 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:39:39.0123 7000 fdc - ok
15:39:39.0138 7000 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:39:39.0138 7000 fdPHost - ok
15:39:39.0154 7000 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:39:39.0154 7000 FDResPub - ok
15:39:39.0216 7000 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:39:39.0232 7000 FileInfo - ok
15:39:39.0248 7000 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:39:39.0263 7000 Filetrace - ok
15:39:39.0310 7000 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:39:39.0341 7000 FLEXnet Licensing Service - ok
15:39:39.0357 7000 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:39:39.0372 7000 flpydisk - ok
15:39:39.0419 7000 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:39:39.0435 7000 FltMgr - ok
15:39:39.0482 7000 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:39:39.0513 7000 FontCache - ok
15:39:39.0575 7000 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:39:39.0591 7000 FontCache3.0.0.0 - ok
15:39:39.0638 7000 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:39:39.0638 7000 FsDepends - ok
15:39:39.0684 7000 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:39:39.0684 7000 fssfltr - ok
15:39:39.0762 7000 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:39:39.0856 7000 fsssvc - ok
15:39:39.0887 7000 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
15:39:39.0903 7000 Fs_Rec - ok
15:39:39.0934 7000 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:39:39.0950 7000 fvevol - ok
15:39:39.0965 7000 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:39:39.0981 7000 gagp30kx - ok
15:39:40.0059 7000 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
15:39:40.0059 7000 GoogleDesktopManager-051210-111108 - ok
15:39:40.0215 7000 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
15:39:40.0230 7000 GoToAssist - ok
15:39:40.0308 7000 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:39:40.0324 7000 gpsvc - ok
15:39:40.0371 7000 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:40.0386 7000 gupdate - ok
15:39:40.0386 7000 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:40.0386 7000 gupdatem - ok
15:39:40.0464 7000 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:39:40.0480 7000 gusvc - ok
15:39:40.0527 7000 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:39:40.0542 7000 hcw85cir - ok
15:39:40.0620 7000 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:39:40.0652 7000 HdAudAddService - ok
15:39:40.0714 7000 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:39:40.0714 7000 HDAudBus - ok
15:39:40.0745 7000 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:39:40.0761 7000 HidBatt - ok
15:39:40.0776 7000 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:39:40.0792 7000 HidBth - ok
15:39:40.0823 7000 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:39:40.0839 7000 HidIr - ok
15:39:40.0870 7000 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:39:40.0870 7000 hidserv - ok
15:39:40.0901 7000 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:39:40.0917 7000 HidUsb - ok
15:39:40.0948 7000 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:39:40.0948 7000 hkmsvc - ok
15:39:41.0026 7000 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:39:41.0042 7000 HomeGroupListener - ok
15:39:41.0104 7000 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:39:41.0120 7000 HomeGroupProvider - ok
15:39:41.0213 7000 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:39:41.0229 7000 HpSAMD - ok
15:39:41.0276 7000 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:39:41.0322 7000 HTTP - ok
15:39:41.0354 7000 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:39:41.0369 7000 hwpolicy - ok
15:39:41.0416 7000 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:39:41.0416 7000 i8042prt - ok
15:39:41.0463 7000 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
15:39:41.0510 7000 iaStor - ok
15:39:41.0541 7000 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:39:41.0556 7000 IAStorDataMgrSvc - ok
15:39:41.0681 7000 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:39:41.0712 7000 iaStorV - ok
15:39:41.0790 7000 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:39:41.0853 7000 IDriverT - ok
15:39:41.0931 7000 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:39:41.0962 7000 idsvc - ok
15:39:42.0134 7000 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:39:42.0149 7000 iirsp - ok
15:39:42.0212 7000 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:39:42.0258 7000 IKEEXT - ok
15:39:42.0336 7000 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
15:39:42.0368 7000 Impcd - ok
15:39:42.0477 7000 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
15:39:42.0555 7000 IntcAzAudAddService - ok
15:39:42.0633 7000 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:39:42.0648 7000 intelide - ok
15:39:42.0758 7000 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:39:42.0773 7000 intelppm - ok
15:39:42.0804 7000 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:39:42.0820 7000 IPBusEnum - ok
15:39:42.0867 7000 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:42.0882 7000 IpFilterDriver - ok
15:39:42.0914 7000 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:39:42.0945 7000 iphlpsvc - ok
15:39:42.0976 7000 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:39:43.0007 7000 IPMIDRV - ok
15:39:43.0054 7000 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:39:43.0070 7000 IPNAT - ok
15:39:43.0101 7000 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:39:43.0116 7000 IRENUM - ok
15:39:43.0148 7000 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:39:43.0163 7000 isapnp - ok
15:39:43.0194 7000 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:39:43.0226 7000 iScsiPrt - ok
15:39:43.0272 7000 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:39:43.0304 7000 IviRegMgr - ok
15:39:43.0335 7000 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:43.0366 7000 kbdclass - ok
15:39:43.0382 7000 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:43.0397 7000 kbdhid - ok
15:39:43.0460 7000 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:39:43.0460 7000 KeyIso - ok
15:39:43.0491 7000 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:39:43.0506 7000 KSecDD - ok
15:39:43.0522 7000 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:39:43.0538 7000 KSecPkg - ok
15:39:43.0569 7000 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:39:43.0584 7000 ksthunk - ok
15:39:43.0678 7000 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:39:43.0709 7000 KtmRm - ok
15:39:43.0772 7000 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:39:43.0787 7000 LanmanServer - ok
15:39:43.0834 7000 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:39:43.0834 7000 LanmanWorkstation - ok
15:39:43.0865 7000 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:39:43.0881 7000 lltdio - ok
15:39:43.0912 7000 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:39:43.0912 7000 lltdsvc - ok
15:39:43.0943 7000 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:39:43.0943 7000 lmhosts - ok
15:39:43.0990 7000 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:39:43.0990 7000 LSI_FC - ok
15:39:44.0021 7000 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:39:44.0037 7000 LSI_SAS - ok
15:39:44.0099 7000 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:39:44.0099 7000 LSI_SAS2 - ok
15:39:44.0146 7000 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:39:44.0162 7000 LSI_SCSI - ok
15:39:44.0177 7000 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:39:44.0177 7000 luafv - ok
15:39:44.0208 7000 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:39:44.0224 7000 Mcx2Svc - ok
15:39:44.0271 7000 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:39:44.0286 7000 megasas - ok
15:39:44.0302 7000 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:39:44.0318 7000 MegaSR - ok
15:39:44.0349 7000 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:39:44.0349 7000 MMCSS - ok
15:39:44.0380 7000 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:39:44.0396 7000 Modem - ok
15:39:44.0427 7000 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:39:44.0427 7000 monitor - ok
15:39:44.0442 7000 motccgp - ok
15:39:44.0442 7000 motccgpfl - ok
15:39:44.0458 7000 motmodem - ok
15:39:44.0536 7000 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
15:39:44.0552 7000 MotoHelper - ok
15:39:44.0583 7000 MotoSwitchService - ok
15:39:44.0598 7000 Motousbnet - ok
15:39:44.0598 7000 motusbdevice - ok
15:39:44.0645 7000 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:39:44.0645 7000 mouclass - ok
15:39:44.0676 7000 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:39:44.0692 7000 mouhid - ok
15:39:44.0723 7000 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:39:44.0739 7000 mountmgr - ok
15:39:44.0770 7000 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:39:44.0786 7000 mpio - ok
15:39:44.0817 7000 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:39:44.0832 7000 mpsdrv - ok
15:39:44.0879 7000 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:39:44.0910 7000 MpsSvc - ok
15:39:44.0942 7000 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:39:44.0957 7000 MRxDAV - ok
15:39:45.0004 7000 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:45.0004 7000 mrxsmb - ok
15:39:45.0066 7000 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:45.0082 7000 mrxsmb10 - ok
15:39:45.0129 7000 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:45.0144 7000 mrxsmb20 - ok
15:39:45.0176 7000 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:39:45.0191 7000 msahci - ok
15:39:45.0238 7000 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
15:39:45.0254 7000 MsDepSvc - ok
15:39:45.0300 7000 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:39:45.0316 7000 msdsm - ok
15:39:45.0347 7000 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:39:45.0363 7000 MSDTC - ok
15:39:45.0410 7000 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:39:45.0410 7000 Msfs - ok
15:39:45.0456 7000 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:39:45.0456 7000 mshidkmdf - ok
15:39:45.0472 7000 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:39:45.0488 7000 msisadrv - ok
15:39:45.0519 7000 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:39:45.0519 7000 MSiSCSI - ok
15:39:45.0534 7000 msiserver - ok
15:39:45.0566 7000 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:39:45.0566 7000 MSKSSRV - ok
15:39:45.0597 7000 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:45.0597 7000 MSPCLOCK - ok
15:39:45.0628 7000 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:39:45.0628 7000 MSPQM - ok
15:39:45.0659 7000 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:39:45.0675 7000 MsRPC - ok
15:39:45.0706 7000 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:39:45.0722 7000 mssmbios - ok
15:39:45.0800 7000 MSSQL$SQLEXPRESS - ok
15:39:45.0862 7000 MSSQLServerADHelper100 (04ef36eaf5c4dbce424d81b76f1e9231) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:39:45.0878 7000 MSSQLServerADHelper100 - ok
15:39:45.0909 7000 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:39:45.0924 7000 MSTEE - ok
15:39:45.0971 7000 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:39:45.0987 7000 MTConfig - ok
15:39:46.0002 7000 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:39:46.0018 7000 Mup - ok
15:39:46.0065 7000 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:39:46.0080 7000 napagent - ok
15:39:46.0112 7000 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:39:46.0127 7000 NativeWifiP - ok
15:39:46.0158 7000 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:39:46.0190 7000 NDIS - ok
15:39:46.0205 7000 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:39:46.0221 7000 NdisCap - ok
15:39:46.0236 7000 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:46.0252 7000 NdisTapi - ok
15:39:46.0314 7000 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:46.0314 7000 Ndisuio - ok
15:39:46.0377 7000 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:46.0392 7000 NdisWan - ok
15:39:46.0439 7000 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:39:46.0439 7000 NDProxy - ok
15:39:46.0502 7000 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:39:46.0548 7000 Nero BackItUp Scheduler 4.0 - ok
15:39:46.0580 7000 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:39:46.0580 7000 NetBIOS - ok
15:39:46.0626 7000 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:39:46.0642 7000 NetBT - ok
15:39:46.0689 7000 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:39:46.0689 7000 Netlogon - ok
15:39:46.0720 7000 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:39:46.0736 7000 Netman - ok
15:39:46.0829 7000 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:46.0845 7000 NetMsmqActivator - ok
15:39:46.0845 7000 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:46.0845 7000 NetPipeActivator - ok
15:39:46.0876 7000 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:39:46.0892 7000 netprofm - ok
15:39:46.0907 7000 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:46.0907 7000 NetTcpActivator - ok
15:39:46.0907 7000 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:46.0907 7000 NetTcpPortSharing - ok
15:39:46.0954 7000 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:39:46.0970 7000 nfrd960 - ok
15:39:47.0001 7000 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:39:47.0001 7000 NlaSvc - ok
15:39:47.0032 7000 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:39:47.0048 7000 Npfs - ok
15:39:47.0079 7000 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:39:47.0079 7000 nsi - ok
15:39:47.0094 7000 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:39:47.0110 7000 nsiproxy - ok
15:39:47.0204 7000 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:39:47.0266 7000 Ntfs - ok
15:39:47.0313 7000 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:39:47.0328 7000 Null - ok
15:39:47.0360 7000 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:39:47.0391 7000 nusb3hub - ok
15:39:47.0438 7000 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\drivers\nusb3xhc.sys
15:39:47.0453 7000 nusb3xhc - ok
15:39:47.0500 7000 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys
15:39:47.0516 7000 NVHDA - ok
15:39:47.0874 7000 nvlddmkm (fbe6ac1c3591cb67543fad15abd26bcb) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:39:48.0202 7000 nvlddmkm - ok
15:39:48.0280 7000 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:39:48.0296 7000 nvraid - ok
15:39:48.0327 7000 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:39:48.0342 7000 nvstor - ok
15:39:48.0389 7000 nvsvc (147b0d17255fd796f990cc6f745605c5) C:\Windows\system32\nvvsvc.exe
15:39:48.0420 7000 nvsvc - ok
15:39:48.0436 7000 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:39:48.0452 7000 nv_agp - ok
15:39:48.0530 7000 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
15:39:48.0545 7000 Oasis2Service - ok
15:39:48.0576 7000 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:39:48.0592 7000 ohci1394 - ok
15:39:48.0639 7000 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:48.0654 7000 ose - ok
15:39:48.0748 7000 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:39:48.0842 7000 osppsvc - ok
15:39:48.0904 7000 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:39:48.0920 7000 p2pimsvc - ok
15:39:48.0951 7000 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:39:48.0966 7000 p2psvc - ok
15:39:48.0998 7000 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:39:49.0013 7000 Parport - ok
15:39:49.0044 7000 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:39:49.0060 7000 partmgr - ok
15:39:49.0076 7000 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:39:49.0091 7000 PcaSvc - ok
15:39:49.0138 7000 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:39:49.0154 7000 pci - ok
15:39:49.0169 7000 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:39:49.0185 7000 pciide - ok
15:39:49.0216 7000 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:39:49.0216 7000 pcmcia - ok
15:39:49.0263 7000 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:39:49.0278 7000 pcw - ok
15:39:49.0310 7000 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:39:49.0325 7000 PEAUTH - ok
15:39:49.0372 7000 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:39:49.0388 7000 PerfHost - ok
15:39:49.0434 7000 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:39:49.0466 7000 pla - ok
15:39:49.0512 7000 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:39:49.0528 7000 PlugPlay - ok
15:39:49.0590 7000 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:39:49.0606 7000 PMBDeviceInfoProvider - ok
15:39:49.0668 7000 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:39:49.0668 7000 PNRPAutoReg - ok
15:39:49.0700 7000 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:39:49.0700 7000 PNRPsvc - ok
15:39:49.0746 7000 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
15:39:49.0762 7000 Point64 - ok
15:39:49.0809 7000 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:39:49.0824 7000 PolicyAgent - ok
15:39:49.0856 7000 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:39:49.0871 7000 Power - ok
15:39:49.0902 7000 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:39:49.0918 7000 PptpMiniport - ok
15:39:49.0949 7000 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:39:49.0965 7000 Processor - ok
15:39:50.0012 7000 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:39:50.0012 7000 ProfSvc - ok
15:39:50.0074 7000 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:39:50.0090 7000 ProtectedStorage - ok
15:39:50.0168 7000 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:39:50.0183 7000 Psched - ok
15:39:50.0214 7000 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:39:50.0230 7000 PSI_SVC_2 - ok
15:39:50.0277 7000 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:39:50.0277 7000 PxHlpa64 - ok
15:39:50.0339 7000 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:39:50.0370 7000 ql2300 - ok
15:39:50.0386 7000 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:39:50.0402 7000 ql40xx - ok
15:39:50.0448 7000 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:39:50.0464 7000 QWAVE - ok
15:39:50.0542 7000 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:39:50.0542 7000 QWAVEdrv - ok
15:39:50.0558 7000 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:39:50.0573 7000 RasAcd - ok
15:39:50.0589 7000 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:50.0589 7000 RasAgileVpn - ok
15:39:50.0620 7000 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:39:50.0620 7000 RasAuto - ok
15:39:50.0667 7000 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:50.0682 7000 Rasl2tp - ok
15:39:50.0714 7000 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:39:50.0729 7000 RasMan - ok
15:39:50.0823 7000 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:50.0838 7000 RasPppoe - ok
15:39:50.0885 7000 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:39:50.0901 7000 RasSstp - ok
15:39:50.0963 7000 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:39:50.0979 7000 rdbss - ok
15:39:51.0026 7000 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:39:51.0026 7000 rdpbus - ok
15:39:51.0104 7000 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:51.0104 7000 RDPCDD - ok
15:39:51.0150 7000 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:39:51.0150 7000 RDPENCDD - ok
15:39:51.0166 7000 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:39:51.0166 7000 RDPREFMP - ok
15:39:51.0213 7000 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:39:51.0228 7000 RDPWD - ok
15:39:51.0260 7000 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:39:51.0291 7000 rdyboost - ok
15:39:51.0306 7000 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:39:51.0306 7000 regi - ok
15:39:51.0369 7000 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:39:51.0384 7000 RemoteAccess - ok
15:39:51.0447 7000 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:39:51.0462 7000 RemoteRegistry - ok
15:39:51.0509 7000 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:39:51.0525 7000 RFCOMM - ok
15:39:51.0540 7000 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
15:39:51.0556 7000 rimspci - ok
15:39:51.0603 7000 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
15:39:51.0603 7000 risdsnpe - ok
15:39:51.0650 7000 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:39:51.0650 7000 RpcEptMapper - ok
15:39:51.0696 7000 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:39:51.0712 7000 RpcLocator - ok
15:39:51.0759 7000 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:39:51.0759 7000 RpcSs - ok
15:39:51.0821 7000 RsFx0151 (c606c5f712a3761896ceffa4af6b1268) C:\Windows\system32\DRIVERS\RsFx0151.sys
15:39:51.0852 7000 RsFx0151 - ok
15:39:51.0868 7000 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:39:51.0884 7000 rspndr - ok
15:39:51.0962 7000 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:39:51.0962 7000 SamSs - ok
15:39:52.0024 7000 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:39:52.0024 7000 sbp2port - ok
15:39:52.0055 7000 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:39:52.0086 7000 SCardSvr - ok
15:39:52.0133 7000 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:39:52.0149 7000 scfilter - ok
15:39:52.0242 7000 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:39:52.0305 7000 Schedule - ok
15:39:52.0383 7000 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:39:52.0383 7000 SCPolicySvc - ok
15:39:52.0476 7000 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
15:39:52.0492 7000 sdbus - ok
15:39:52.0523 7000 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:39:52.0539 7000 SDRSVC - ok
15:39:52.0586 7000 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:39:52.0601 7000 secdrv - ok
15:39:52.0648 7000 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:39:52.0664 7000 seclogon - ok
15:39:52.0757 7000 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:39:52.0757 7000 SENS - ok
15:39:52.0820 7000 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:39:52.0835 7000 SensrSvc - ok
15:39:52.0898 7000 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:39:52.0929 7000 Serenum - ok
15:39:52.0991 7000 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:39:53.0022 7000 Serial - ok
15:39:53.0069 7000 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:39:53.0069 7000 sermouse - ok
15:39:53.0116 7000 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:39:53.0132 7000 SessionEnv - ok
15:39:53.0163 7000 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
15:39:53.0163 7000 SFEP - ok
15:39:53.0241 7000 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:39:53.0256 7000 sffdisk - ok
15:39:53.0303 7000 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:39:53.0319 7000 sffp_mmc - ok
15:39:53.0350 7000 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:39:53.0366 7000 sffp_sd - ok
15:39:53.0397 7000 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:39:53.0412 7000 sfloppy - ok
15:39:53.0475 7000 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:39:53.0506 7000 SharedAccess - ok
15:39:53.0568 7000 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:39:53.0584 7000 ShellHWDetection - ok
15:39:53.0631 7000 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:39:53.0646 7000 SiSRaid2 - ok
15:39:53.0709 7000 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:39:53.0724 7000 SiSRaid4 - ok
15:39:53.0740 7000 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:39:53.0771 7000 Smb - ok
15:39:53.0818 7000 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:39:53.0818 7000 SNMPTRAP - ok
15:39:53.0912 7000 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:39:53.0943 7000 SOHCImp - ok
15:39:54.0005 7000 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:39:54.0021 7000 SOHDms - ok
15:39:54.0036 7000 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:39:54.0036 7000 SOHDs - ok
15:39:54.0130 7000 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:39:54.0161 7000 SpfService - ok
15:39:54.0286 7000 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:39:54.0286 7000 spldr - ok
15:39:54.0380 7000 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:39:54.0426 7000 Spooler - ok
15:39:54.0582 7000 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:39:54.0770 7000 sppsvc - ok
15:39:54.0863 7000 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:39:54.0879 7000 sppuinotify - ok
15:39:55.0050 7000 SQLAgent$SQLEXPRESS (3420e0482ad95120b471b7328a8d7d08) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:39:55.0082 7000 SQLAgent$SQLEXPRESS - ok
15:39:55.0160 7000 SQLBrowser (7d67c07c63796775cc5492bcfeaff125) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:39:55.0191 7000 SQLBrowser - ok
15:39:55.0222 7000 SQLWriter (54a531aa07a2c786040ba476122176a4) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:39:55.0238 7000 SQLWriter - ok
15:39:55.0378 7000 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:39:55.0409 7000 srv - ok
15:39:55.0456 7000 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:39:55.0487 7000 srv2 - ok
15:39:55.0518 7000 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:39:55.0518 7000 srvnet - ok
15:39:55.0550 7000 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:39:55.0565 7000 SSDPSRV - ok
15:39:55.0581 7000 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:39:55.0581 7000 SstpSvc - ok
15:39:55.0612 7000 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:39:55.0628 7000 stexstor - ok
15:39:55.0721 7000 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:39:55.0768 7000 stisvc - ok
15:39:55.0846 7000 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:39:55.0846 7000 swenum - ok
15:39:55.0893 7000 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:39:55.0924 7000 swprv - ok
15:39:56.0018 7000 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:39:56.0096 7000 SysMain - ok
15:39:56.0205 7000 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:39:56.0236 7000 TabletInputService - ok
15:39:56.0252 7000 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:39:56.0283 7000 TapiSrv - ok
15:39:56.0314 7000 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:39:56.0330 7000 TBS - ok
15:39:56.0439 7000 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:39:56.0486 7000 Tcpip - ok
15:39:56.0595 7000 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:39:56.0595 7000 TCPIP6 - ok
15:39:56.0642 7000 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:39:56.0657 7000 tcpipreg - ok
15:39:56.0688 7000 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:39:56.0688 7000 TDPIPE - ok
15:39:56.0720 7000 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:39:56.0735 7000 TDTCP - ok
15:39:56.0782 7000 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:39:56.0813 7000 tdx - ok
15:39:56.0860 7000 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:39:56.0860 7000 TermDD - ok
15:39:56.0891 7000 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:39:56.0922 7000 TermService - ok
15:39:56.0985 7000 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:39:57.0000 7000 Themes - ok
15:39:57.0032 7000 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:39:57.0032 7000 THREADORDER - ok
15:39:57.0078 7000 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
15:39:57.0094 7000 tmactmon - ok
15:39:57.0110 7000 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
15:39:57.0141 7000 tmcomm - ok
15:39:57.0156 7000 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
15:39:57.0172 7000 tmevtmgr - ok
15:39:57.0203 7000 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
15:39:57.0219 7000 tmtdi - ok
15:39:57.0234 7000 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:39:57.0250 7000 TrkWks - ok
15:39:57.0312 7000 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
15:39:57.0328 7000 truecrypt - ok
15:39:57.0437 7000 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:39:57.0468 7000 TrustedInstaller - ok
15:39:57.0531 7000 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:57.0546 7000 tssecsrv - ok
15:39:57.0609 7000 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:39:57.0624 7000 TsUsbFlt - ok
15:39:57.0671 7000 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:39:57.0687 7000 tunnel - ok
15:39:57.0702 7000 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:39:57.0718 7000 uagp35 - ok
15:39:57.0765 7000 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:39:57.0796 7000 uCamMonitor - ok
15:39:57.0890 7000 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:39:57.0905 7000 udfs - ok
15:39:57.0968 7000 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:39:57.0983 7000 UI0Detect - ok
15:39:58.0030 7000 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:39:58.0030 7000 uliagpkx - ok
15:39:58.0092 7000 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:39:58.0108 7000 umbus - ok
15:39:58.0124 7000 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:39:58.0139 7000 UmPass - ok
15:39:58.0217 7000 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
15:39:58.0280 7000 Updater Service for StartNow Toolbar - ok
15:39:58.0404 7000 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:39:58.0436 7000 upnphost - ok
15:39:58.0514 7000 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:58.0529 7000 usbccgp - ok
15:39:58.0592 7000 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:39:58.0607 7000 usbcir - ok
15:39:58.0638 7000 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:39:58.0638 7000 usbehci - ok
15:39:58.0670 7000 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:39:58.0685 7000 usbhub - ok
15:39:58.0701 7000 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:39:58.0716 7000 usbohci - ok
15:39:58.0748 7000 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
15:39:58.0763 7000 usbprint - ok
15:39:58.0826 7000 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:39:58.0841 7000 usbscan - ok
15:39:58.0872 7000 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:58.0888 7000 USBSTOR - ok
15:39:58.0982 7000 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:39:58.0997 7000 usbuhci - ok
15:39:59.0060 7000 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:39:59.0075 7000 usbvideo - ok
15:39:59.0106 7000 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:39:59.0122 7000 UxSms - ok
15:39:59.0184 7000 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:39:59.0216 7000 VAIO Event Service - ok
15:39:59.0278 7000 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:39:59.0325 7000 VAIO Power Management - ok
15:39:59.0403 7000 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:39:59.0403 7000 VaultSvc - ok
15:39:59.0512 7000 VCFw (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:39:59.0590 7000 VCFw - ok
15:39:59.0652 7000 VcmIAlzMgr (07f47a1df726537313c1023515175532) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:39:59.0730 7000 VcmIAlzMgr - ok
15:39:59.0793 7000 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:39:59.0824 7000 VcmINSMgr - ok
15:39:59.0886 7000 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:39:59.0918 7000 VcmXmlIfHelper - ok
15:39:59.0949 7000 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
15:39:59.0949 7000 VCService - ok
15:40:00.0027 7000 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:40:00.0042 7000 vdrvroot - ok
15:40:00.0105 7000 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:40:00.0136 7000 vds - ok
15:40:00.0167 7000 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:40:00.0183 7000 vga - ok
15:40:00.0214 7000 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:40:00.0214 7000 VgaSave - ok
15:40:00.0261 7000 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:40:00.0292 7000 vhdmp - ok
15:40:00.0323 7000 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:40:00.0323 7000 viaide - ok
15:40:00.0354 7000 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:40:00.0370 7000 volmgr - ok
15:40:00.0417 7000 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:40:00.0448 7000 volmgrx - ok
15:40:00.0573 7000 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:40:00.0588 7000 volsnap - ok
15:40:00.0635 7000 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:40:00.0635 7000 vsmraid - ok
15:40:00.0822 7000 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:40:00.0885 7000 VSS - ok
15:40:00.0994 7000 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
15:40:01.0010 7000 VUAgent - ok
15:40:01.0072 7000 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:40:01.0088 7000 vwifibus - ok
15:40:01.0103 7000 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:40:01.0119 7000 vwififlt - ok
15:40:01.0134 7000 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:40:01.0150 7000 vwifimp - ok
15:40:01.0181 7000 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:40:01.0197 7000 W32Time - ok
15:40:01.0259 7000 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
15:40:01.0290 7000 W3SVC - ok
15:40:01.0322 7000 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:40:01.0337 7000 WacomPen - ok
15:40:01.0368 7000 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:40:01.0400 7000 WANARP - ok
15:40:01.0400 7000 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:40:01.0400 7000 Wanarpv6 - ok
15:40:01.0415 7000 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
15:40:01.0431 7000 WAS - ok
15:40:01.0493 7000 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:40:01.0540 7000 WatAdminSvc - ok
15:40:01.0634 7000 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:40:01.0680 7000 wbengine - ok
15:40:01.0712 7000 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:40:01.0712 7000 WbioSrvc - ok
15:40:01.0758 7000 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:40:01.0790 7000 wcncsvc - ok
15:40:01.0821 7000 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:40:01.0836 7000 WcsPlugInService - ok
15:40:01.0883 7000 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:40:01.0899 7000 Wd - ok
15:40:01.0930 7000 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
15:40:01.0946 7000 WDC_SAM - ok
15:40:02.0024 7000 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:40:02.0055 7000 Wdf01000 - ok
15:40:02.0133 7000 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:40:02.0148 7000 WdiServiceHost - ok
15:40:02.0148 7000 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:40:02.0148 7000 WdiSystemHost - ok
15:40:02.0195 7000 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:40:02.0226 7000 WebClient - ok
15:40:02.0273 7000 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:40:02.0304 7000 Wecsvc - ok
15:40:02.0336 7000 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:40:02.0351 7000 wercplsupport - ok
15:40:02.0367 7000 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:40:02.0398 7000 WerSvc - ok
15:40:02.0414 7000 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:40:02.0429 7000 WfpLwf - ok
15:40:02.0460 7000 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:40:02.0476 7000 WIMMount - ok
15:40:02.0492 7000 WinDefend - ok
15:40:02.0492 7000 WinHttpAutoProxySvc - ok
15:40:02.0538 7000 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:40:02.0570 7000 Winmgmt - ok
15:40:02.0679 7000 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:40:02.0726 7000 WinRM - ok
15:40:02.0772 7000 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:40:02.0788 7000 WinUsb - ok
15:40:02.0835 7000 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:40:02.0882 7000 Wlansvc - ok
15:40:02.0944 7000 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:40:02.0960 7000 wlcrasvc - ok
15:40:03.0100 7000 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:40:03.0162 7000 wlidsvc - ok
15:40:03.0240 7000 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:40:03.0256 7000 WmiAcpi - ok
15:40:03.0318 7000 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:40:03.0350 7000 wmiApSrv - ok
15:40:03.0365 7000 WMPNetworkSvc - ok
15:40:03.0396 7000 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:40:03.0412 7000 WPCSvc - ok
15:40:03.0459 7000 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:40:03.0474 7000 WPDBusEnum - ok
15:40:03.0506 7000 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:40:03.0521 7000 ws2ifsl - ok
15:40:03.0552 7000 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:40:03.0568 7000 wscsvc - ok
15:40:03.0615 7000 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
15:40:03.0630 7000 WSDPrintDevice - ok
15:40:03.0662 7000 WSearch - ok
15:40:03.0740 7000 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:40:03.0833 7000 wuauserv - ok
15:40:03.0896 7000 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:40:03.0911 7000 WudfPf - ok
15:40:03.0942 7000 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:40:03.0958 7000 WUDFRd - ok
15:40:03.0989 7000 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:40:04.0020 7000 wudfsvc - ok
15:40:04.0052 7000 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:40:04.0098 7000 WwanSvc - ok
15:40:04.0161 7000 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:40:04.0208 7000 YahooAUService - ok
15:40:04.0270 7000 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
15:40:04.0301 7000 yukonw7 - ok
15:40:04.0332 7000 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:40:04.0769 7000 \Device\Harddisk0\DR0 - ok
15:40:04.0769 7000 MBR (0x1B8) (25dd37712c5c4c588f88f364399975d8) \Device\Harddisk1\DR1
15:40:08.0373 7000 \Device\Harddisk1\DR1 - ok
15:40:08.0420 7000 Boot (0x1200) (c7bc1e4f00811478220755bfdb9971f9) \Device\Harddisk0\DR0\Partition0
15:40:08.0420 7000 \Device\Harddisk0\DR0\Partition0 - ok
15:40:08.0451 7000 Boot (0x1200) (5f501590badc08de731632a641ef0d1c) \Device\Harddisk0\DR0\Partition1
15:40:08.0451 7000 \Device\Harddisk0\DR0\Partition1 - ok
15:40:08.0466 7000 Boot (0x1200) (1d8898820f66fcd3aef082b593296255) \Device\Harddisk1\DR1\Partition0
15:40:08.0466 7000 \Device\Harddisk1\DR1\Partition0 - ok
15:40:08.0466 7000 ============================================================
15:40:08.0466 7000 Scan finished
15:40:08.0466 7000 ============================================================
15:40:08.0482 6000 Detected object count: 0
15:40:08.0482 6000 Actual detected object count: 0
15:40:12.0304 2404 Deinitialize success


Third Run:

16:53:47.0203 6364 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:53:47.0685 6364 ============================================================
16:53:47.0685 6364 Current date / time: 2012/12/02 16:53:47.0685
16:53:47.0685 6364 SystemInfo:
16:53:47.0685 6364
16:53:47.0686 6364 OS Version: 6.1.7601 ServicePack: 1.0
16:53:47.0686 6364 Product type: Workstation
16:53:47.0686 6364 ComputerName: ROBERT-VAIO7
16:53:47.0686 6364 UserName: Robert
16:53:47.0686 6364 Windows directory: C:\Windows
16:53:47.0686 6364 System windows directory: C:\Windows
16:53:47.0686 6364 Running under WOW64
16:53:47.0686 6364 Processor architecture: Intel x64
16:53:47.0686 6364 Number of processors: 8
16:53:47.0686 6364 Page size: 0x1000
16:53:47.0686 6364 Boot type: Normal boot
16:53:47.0686 6364 ============================================================
16:53:48.0092 6364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:48.0104 6364 ============================================================
16:53:48.0104 6364 \Device\Harddisk0\DR0:
16:53:48.0104 6364 MBR partitions:
16:53:48.0104 6364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
16:53:48.0104 6364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x38F53030
16:53:48.0104 6364 ============================================================
16:53:48.0124 6364 C: <-> \Device\Harddisk0\DR0\Partition2
16:53:48.0125 6364 ============================================================
16:53:48.0125 6364 Initialize success
16:53:48.0125 6364 ============================================================
16:53:54.0383 11840 ============================================================
16:53:54.0383 11840 Scan started
16:53:54.0383 11840 Mode: Manual;
16:53:54.0383 11840 ============================================================
16:53:55.0488 11840 ================ Scan system memory ========================
16:53:55.0488 11840 System memory - ok
16:53:55.0489 11840 ================ Scan services =============================
16:53:55.0711 11840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:53:55.0717 11840 1394ohci - ok
16:53:55.0721 11840 A2DDA - ok
16:53:55.0794 11840 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:53:55.0798 11840 ACDaemon - ok
16:53:55.0846 11840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:53:55.0854 11840 ACPI - ok
16:53:55.0879 11840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:53:55.0880 11840 AcpiPmi - ok
16:53:55.0987 11840 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
16:53:55.0990 11840 AdobeActiveFileMonitor10.0 - ok
16:53:56.0052 11840 [ 3FD8DC2C9735C2AA70155102CFB93EDA ] AdobeActiveFileMonitor7.0 C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
16:53:56.0056 11840 AdobeActiveFileMonitor7.0 - ok
16:53:56.0130 11840 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:53:56.0133 11840 AdobeARMservice - ok
16:53:56.0256 11840 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:53:56.0263 11840 AdobeFlashPlayerUpdateSvc - ok
16:53:56.0305 11840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:53:56.0315 11840 adp94xx - ok
16:53:56.0355 11840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:53:56.0363 11840 adpahci - ok
16:53:56.0394 11840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:53:56.0398 11840 adpu320 - ok
16:53:56.0435 11840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:53:56.0437 11840 AeLookupSvc - ok
16:53:56.0478 11840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:53:56.0487 11840 AFD - ok
16:53:56.0528 11840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:53:56.0529 11840 agp440 - ok
16:53:56.0558 11840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:53:56.0561 11840 ALG - ok
16:53:56.0599 11840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:53:56.0600 11840 aliide - ok
16:53:56.0631 11840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:53:56.0633 11840 amdide - ok
16:53:56.0663 11840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:53:56.0665 11840 AmdK8 - ok
16:53:56.0704 11840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:53:56.0706 11840 AmdPPM - ok
16:53:56.0743 11840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:53:56.0747 11840 amdsata - ok
16:53:56.0835 11840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:53:56.0840 11840 amdsbs - ok
16:53:56.0871 11840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:53:56.0873 11840 amdxata - ok
16:53:56.0923 11840 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
16:53:56.0930 11840 ApfiltrService - ok
16:53:57.0001 11840 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
16:53:57.0003 11840 AppHostSvc - ok
16:53:57.0053 11840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:53:57.0055 11840 AppID - ok
16:53:57.0074 11840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:53:57.0076 11840 AppIDSvc - ok
16:53:57.0118 11840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:53:57.0120 11840 Appinfo - ok
16:53:57.0214 11840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:53:57.0217 11840 arc - ok
16:53:57.0242 11840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:53:57.0245 11840 arcsas - ok
16:53:57.0268 11840 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:53:57.0269 11840 ArcSoftKsUFilter - ok
16:53:57.0380 11840 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:53:57.0382 11840 aspnet_state - ok
16:53:57.0401 11840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:53:57.0403 11840 AsyncMac - ok
16:53:57.0432 11840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:53:57.0433 11840 atapi - ok
16:53:57.0499 11840 [ 08BAAA2432E81031A6C3B11AD5A67E2B ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:53:57.0526 11840 athr - ok
16:53:57.0586 11840 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys
16:53:57.0608 11840 athur - ok
16:53:57.0652 11840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:53:57.0666 11840 AudioEndpointBuilder - ok
16:53:57.0687 11840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:53:57.0694 11840 AudioSrv - ok
16:53:57.0729 11840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:53:57.0732 11840 AxInstSV - ok
16:53:57.0762 11840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:53:57.0771 11840 b06bdrv - ok
16:53:57.0801 11840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:53:57.0806 11840 b57nd60a - ok
16:53:57.0863 11840 [ 7F29CDC01B61FDC67B7FF6E9588080BD ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:53:57.0889 11840 BBSvc - ok
16:53:57.0919 11840 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:53:57.0924 11840 BBUpdate - ok
16:53:57.0944 11840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:53:57.0947 11840 BDESVC - ok
16:53:57.0960 11840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:53:57.0961 11840 Beep - ok
16:53:58.0001 11840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:53:58.0011 11840 BFE - ok
16:53:58.0064 11840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
16:53:58.0078 11840 BITS - ok
16:53:58.0092 11840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:53:58.0093 11840 blbdrive - ok
16:53:58.0119 11840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:53:58.0121 11840 bowser - ok
16:53:58.0140 11840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:53:58.0142 11840 BrFiltLo - ok
16:53:58.0159 11840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:53:58.0160 11840 BrFiltUp - ok
16:53:58.0178 11840 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:53:58.0181 11840 BridgeMP - ok
16:53:58.0224 11840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:53:58.0227 11840 Browser - ok
16:53:58.0253 11840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:53:58.0259 11840 Brserid - ok
16:53:58.0274 11840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:53:58.0276 11840 BrSerWdm - ok
16:53:58.0295 11840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:53:58.0296 11840 BrUsbMdm - ok
16:53:58.0324 11840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:53:58.0325 11840 BrUsbSer - ok
16:53:58.0363 11840 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
16:53:58.0364 11840 BTCFilterService - ok
16:53:58.0396 11840 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:53:58.0398 11840 BthEnum - ok
16:53:58.0406 11840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:53:58.0408 11840 BTHMODEM - ok
16:53:58.0427 11840 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:53:58.0430 11840 BthPan - ok
16:53:58.0473 11840 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:53:58.0480 11840 BTHPORT - ok
16:53:58.0514 11840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:53:58.0517 11840 bthserv - ok
16:53:58.0551 11840 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:53:58.0553 11840 BTHUSB - ok
16:53:58.0582 11840 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:53:58.0588 11840 btwampfl - ok
16:53:58.0600 11840 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:53:58.0603 11840 btwaudio - ok
16:53:58.0615 11840 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
16:53:58.0618 11840 btwavdt - ok
16:53:58.0692 11840 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:53:58.0703 11840 btwdins - ok
16:53:58.0716 11840 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:53:58.0717 11840 btwl2cap - ok
16:53:58.0738 11840 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:53:58.0739 11840 btwrchid - ok
16:53:58.0752 11840 catchme - ok
16:53:58.0780 11840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:53:58.0782 11840 cdfs - ok
16:53:58.0817 11840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:53:58.0821 11840 cdrom - ok
16:53:58.0862 11840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:53:58.0865 11840 CertPropSvc - ok
16:53:58.0879 11840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:53:58.0881 11840 circlass - ok
16:53:58.0910 11840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:53:58.0917 11840 CLFS - ok
16:53:58.0973 11840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:58.0975 11840 clr_optimization_v2.0.50727_32 - ok
16:53:59.0013 11840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:53:59.0016 11840 clr_optimization_v2.0.50727_64 - ok
16:53:59.0102 11840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:53:59.0126 11840 clr_optimization_v4.0.30319_32 - ok
16:53:59.0152 11840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:53:59.0172 11840 clr_optimization_v4.0.30319_64 - ok
16:53:59.0203 11840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:53:59.0205 11840 CmBatt - ok
16:53:59.0241 11840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:53:59.0242 11840 cmdide - ok
16:53:59.0285 11840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:53:59.0295 11840 CNG - ok
16:53:59.0305 11840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:53:59.0307 11840 Compbatt - ok
16:53:59.0341 11840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:53:59.0343 11840 CompositeBus - ok
16:53:59.0349 11840 COMSysApp - ok
16:53:59.0372 11840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:53:59.0373 11840 crcdisk - ok
16:53:59.0415 11840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:53:59.0418 11840 CryptSvc - ok
16:53:59.0460 11840 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:53:59.0461 11840 dc3d - ok
16:53:59.0506 11840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:53:59.0513 11840 DcomLaunch - ok
16:53:59.0537 11840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:53:59.0542 11840 defragsvc - ok
16:53:59.0580 11840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:53:59.0582 11840 DfsC - ok
16:53:59.0597 11840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:53:59.0602 11840 Dhcp - ok
16:53:59.0636 11840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:53:59.0638 11840 discache - ok
16:53:59.0676 11840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:53:59.0679 11840 Disk - ok
16:53:59.0705 11840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:53:59.0710 11840 Dnscache - ok
16:53:59.0753 11840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:53:59.0759 11840 dot3svc - ok
16:53:59.0773 11840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:53:59.0778 11840 DPS - ok
16:53:59.0791 11840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:53:59.0792 11840 drmkaud - ok
16:53:59.0842 11840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:53:59.0861 11840 DXGKrnl - ok
16:53:59.0893 11840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:53:59.0896 11840 EapHost - ok
16:53:59.0982 11840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:54:00.0037 11840 ebdrv - ok
16:54:00.0069 11840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:54:00.0071 11840 EFS - ok
16:54:00.0130 11840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:54:00.0143 11840 ehRecvr - ok
16:54:00.0175 11840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:54:00.0178 11840 ehSched - ok
16:54:00.0213 11840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:54:00.0221 11840 elxstor - ok
16:54:00.0237 11840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:54:00.0238 11840 ErrDev - ok
16:54:00.0266 11840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:54:00.0273 11840 EventSystem - ok
16:54:00.0286 11840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:54:00.0289 11840 exfat - ok
16:54:00.0308 11840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:54:00.0311 11840 fastfat - ok
16:54:00.0357 11840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:54:00.0371 11840 Fax - ok
16:54:00.0393 11840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:54:00.0395 11840 fdc - ok
16:54:00.0423 11840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:54:00.0424 11840 fdPHost - ok
16:54:00.0436 11840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:54:00.0437 11840 FDResPub - ok
16:54:00.0449 11840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:54:00.0450 11840 FileInfo - ok
16:54:00.0464 11840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:54:00.0465 11840 Filetrace - ok
16:54:00.0555 11840 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:54:00.0568 11840 FLEXnet Licensing Service - ok
16:54:00.0595 11840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:54:00.0597 11840 flpydisk - ok
16:54:00.0634 11840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:54:00.0638 11840 FltMgr - ok
16:54:00.0689 11840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:54:00.0712 11840 FontCache - ok
16:54:00.0762 11840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:54:00.0763 11840 FontCache3.0.0.0 - ok
16:54:00.0779 11840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:54:00.0781 11840 FsDepends - ok
16:54:00.0812 11840 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:54:00.0814 11840 fssfltr - ok
16:54:00.0915 11840 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:54:00.0944 11840 fsssvc - ok
16:54:00.0972 11840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:54:00.0973 11840 Fs_Rec - ok
16:54:01.0002 11840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:54:01.0006 11840 fvevol - ok
16:54:01.0029 11840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:54:01.0031 11840 gagp30kx - ok
16:54:01.0110 11840 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:54:01.0112 11840 GoogleDesktopManager-051210-111108 - ok
16:54:01.0165 11840 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
16:54:01.0168 11840 GoToAssist - ok
16:54:01.0216 11840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:54:01.0232 11840 gpsvc - ok
16:54:01.0269 11840 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:01.0272 11840 gupdate - ok
16:54:01.0282 11840 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:01.0284 11840 gupdatem - ok
16:54:01.0317 11840 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:54:01.0322 11840 gusvc - ok
16:54:01.0335 11840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:54:01.0337 11840 hcw85cir - ok
16:54:01.0376 11840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:54:01.0383 11840 HdAudAddService - ok
16:54:01.0396 11840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:54:01.0399 11840 HDAudBus - ok
16:54:01.0414 11840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:54:01.0415 11840 HidBatt - ok
16:54:01.0440 11840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:54:01.0442 11840 HidBth - ok
16:54:01.0462 11840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:54:01.0464 11840 HidIr - ok
16:54:01.0488 11840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:54:01.0490 11840 hidserv - ok
16:54:01.0496 11840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:54:01.0497 11840 HidUsb - ok
16:54:01.0536 11840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:54:01.0539 11840 hkmsvc - ok
16:54:01.0577 11840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:54:01.0583 11840 HomeGroupListener - ok
16:54:01.0625 11840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:54:01.0630 11840 HomeGroupProvider - ok
16:54:01.0640 11840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:54:01.0642 11840 HpSAMD - ok
16:54:01.0693 11840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:54:01.0708 11840 HTTP - ok
16:54:01.0742 11840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:54:01.0743 11840 hwpolicy - ok
16:54:01.0773 11840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:54:01.0775 11840 i8042prt - ok
16:54:01.0801 11840 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:54:01.0807 11840 iaStor - ok
16:54:01.0846 11840 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:54:01.0848 11840 IAStorDataMgrSvc - ok
16:54:01.0869 11840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:54:01.0878 11840 iaStorV - ok
16:54:01.0923 11840 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:54:01.0927 11840 IDriverT - ok
16:54:01.0991 11840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:54:02.0007 11840 idsvc - ok
16:54:02.0035 11840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:54:02.0037 11840 iirsp - ok
16:54:02.0085 11840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:54:02.0101 11840 IKEEXT - ok
16:54:02.0127 11840 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\drivers\Impcd.sys
16:54:02.0130 11840 Impcd - ok
16:54:02.0199 11840 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:54:02.0240 11840 IntcAzAudAddService - ok
16:54:02.0252 11840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:54:02.0253 11840 intelide - ok
16:54:02.0274 11840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:54:02.0275 11840 intelppm - ok
16:54:02.0295 11840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:54:02.0298 11840 IPBusEnum - ok
16:54:02.0324 11840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:54:02.0325 11840 IpFilterDriver - ok
16:54:02.0367 11840 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:54:02.0375 11840 iphlpsvc - ok
16:54:02.0412 11840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:54:02.0414 11840 IPMIDRV - ok
16:54:02.0440 11840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:54:02.0442 11840 IPNAT - ok
16:54:02.0451 11840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:54:02.0452 11840 IRENUM - ok
16:54:02.0463 11840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:54:02.0464 11840 isapnp - ok
16:54:02.0482 11840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:54:02.0486 11840 iScsiPrt - ok
16:54:02.0510 11840 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:54:02.0512 11840 IviRegMgr - ok
16:54:02.0516 11840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:54:02.0517 11840 kbdclass - ok
16:54:02.0546 11840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:54:02.0548 11840 kbdhid - ok
16:54:02.0561 11840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:54:02.0563 11840 KeyIso - ok
16:54:02.0602 11840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:54:02.0604 11840 KSecDD - ok
16:54:02.0635 11840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:54:02.0637 11840 KSecPkg - ok
16:54:02.0654 11840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:54:02.0655 11840 ksthunk - ok
16:54:02.0689 11840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:54:02.0695 11840 KtmRm - ok
16:54:02.0738 11840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:54:02.0746 11840 LanmanServer - ok
16:54:02.0788 11840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:54:02.0794 11840 LanmanWorkstation - ok
16:54:02.0811 11840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:54:02.0813 11840 lltdio - ok
16:54:02.0847 11840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:54:02.0855 11840 lltdsvc - ok
16:54:02.0874 11840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:54:02.0876 11840 lmhosts - ok
16:54:02.0908 11840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:54:02.0911 11840 LSI_FC - ok
16:54:02.0936 11840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:54:02.0938 11840 LSI_SAS - ok
16:54:02.0954 11840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:54:02.0956 11840 LSI_SAS2 - ok
16:54:02.0966 11840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:54:02.0969 11840 LSI_SCSI - ok
16:54:02.0980 11840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:54:02.0983 11840 luafv - ok
16:54:03.0052 11840 [ 98E19D3FCAAE0236816E4942C5771F89 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
16:54:03.0058 11840 McComponentHostServiceSony - ok
16:54:03.0101 11840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:54:03.0106 11840 Mcx2Svc - ok
16:54:03.0135 11840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:54:03.0137 11840 megasas - ok
16:54:03.0156 11840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:54:03.0163 11840 MegaSR - ok
16:54:03.0183 11840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:54:03.0187 11840 MMCSS - ok
16:54:03.0205 11840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:54:03.0207 11840 Modem - ok
16:54:03.0217 11840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:54:03.0219 11840 monitor - ok
16:54:03.0261 11840 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
16:54:03.0262 11840 motccgp - ok
16:54:03.0299 11840 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
16:54:03.0300 11840 motccgpfl - ok
16:54:03.0312 11840 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
16:54:03.0314 11840 motmodem - ok
16:54:03.0390 11840 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
16:54:03.0395 11840 MotoHelper - ok
16:54:03.0413 11840 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
16:54:03.0414 11840 MotoSwitchService - ok
16:54:03.0426 11840 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
16:54:03.0428 11840 Motousbnet - ok
16:54:03.0440 11840 [ D075B1D964A314D240F5498773EE89DF ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
16:54:03.0442 11840 motusbdevice - ok
16:54:03.0459 11840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:54:03.0460 11840 mouclass - ok
16:54:03.0481 11840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:54:03.0482 11840 mouhid - ok
16:54:03.0516 11840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:54:03.0518 11840 mountmgr - ok
16:54:03.0556 11840 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:54:03.0561 11840 MpFilter - ok
16:54:03.0579 11840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:54:03.0583 11840 mpio - ok
16:54:03.0694 11840 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKsl864b0d57 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKsl864b0d57.sys
16:54:03.0696 11840 MpKsl864b0d57 - ok
16:54:03.0745 11840 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKslb2675209 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslb2675209.sys
16:54:03.0747 11840 MpKslb2675209 - ok
16:54:03.0778 11840 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKslf5e3d27a C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F8C0F10E-2841-43EE-9D80-0C63A3AC852D}\MpKslf5e3d27a.sys
16:54:03.0780 11840 MpKslf5e3d27a - ok
16:54:03.0795 11840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:54:03.0798 11840 mpsdrv - ok
16:54:03.0849 11840 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:54:03.0866 11840 MpsSvc - ok
16:54:03.0898 11840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:54:03.0901 11840 MRxDAV - ok
16:54:03.0940 11840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:54:03.0943 11840 mrxsmb - ok
16:54:03.0979 11840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:54:03.0984 11840 mrxsmb10 - ok
16:54:03.0998 11840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:54:04.0000 11840 mrxsmb20 - ok
16:54:04.0037 11840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:54:04.0038 11840 msahci - ok
16:54:04.0075 11840 [ AAAC4B494DE45836121A40AEC980B631 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
16:54:04.0077 11840 MsDepSvc - ok
16:54:04.0118 11840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:54:04.0122 11840 msdsm - ok
16:54:04.0144 11840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:54:04.0149 11840 MSDTC - ok
16:54:04.0177 11840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:54:04.0179 11840 Msfs - ok
16:54:04.0191 11840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:54:04.0192 11840 mshidkmdf - ok
16:54:04.0202 11840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:54:04.0203 11840 msisadrv - ok
16:54:04.0234 11840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:54:04.0238 11840 MSiSCSI - ok
16:54:04.0244 11840 msiserver - ok
16:54:04.0264 11840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:54:04.0265 11840 MSKSSRV - ok
16:54:04.0311 11840 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:54:04.0311 11840 MsMpSvc - ok
16:54:04.0326 11840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:54:04.0327 11840 MSPCLOCK - ok
16:54:04.0339 11840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:54:04.0340 11840 MSPQM - ok
16:54:04.0379 11840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:54:04.0386 11840 MsRPC - ok
16:54:04.0399 11840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:54:04.0401 11840 mssmbios - ok
16:54:04.0489 11840 MSSQL$SQLEXPRESS - ok
16:54:04.0546 11840 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:54:04.0549 11840 MSSQLServerADHelper100 - ok
16:54:04.0586 11840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:54:04.0587 11840 MSTEE - ok
16:54:04.0604 11840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:54:04.0605 11840 MTConfig - ok
16:54:04.0644 11840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:54:04.0645 11840 Mup - ok
16:54:04.0703 11840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:54:04.0713 11840 napagent - ok
16:54:04.0748 11840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:54:04.0754 11840 NativeWifiP - ok
16:54:04.0820 11840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:54:04.0835 11840 NDIS - ok
16:54:04.0857 11840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:54:04.0859 11840 NdisCap - ok
16:54:04.0873 11840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:54:04.0875 11840 NdisTapi - ok
16:54:04.0908 11840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:54:04.0910 11840 Ndisuio - ok
16:54:04.0943 11840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:54:04.0946 11840 NdisWan - ok
16:54:04.0982 11840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:54:04.0984 11840 NDProxy - ok
16:54:05.0031 11840 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
16:54:05.0049 11840 Nero BackItUp Scheduler 4.0 - ok
16:54:05.0082 11840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:54:05.0084 11840 NetBIOS - ok
16:54:05.0121 11840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:54:05.0127 11840 NetBT - ok
16:54:05.0137 11840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:54:05.0140 11840 Netlogon - ok
16:54:05.0172 11840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:54:05.0181 11840 Netman - ok
16:54:05.0214 11840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:54:05.0233 11840 NetMsmqActivator - ok
16:54:05.0243 11840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:54:05.0245 11840 NetPipeActivator - ok
16:54:05.0273 11840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:54:05.0283 11840 netprofm - ok
16:54:05.0290 11840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:54:05.0292 11840 NetTcpActivator - ok
16:54:05.0301 11840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:54:05.0303 11840 NetTcpPortSharing - ok
16:54:05.0326 11840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:54:05.0328 11840 nfrd960 - ok
16:54:05.0361 11840 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:54:05.0364 11840 NisDrv - ok
16:54:05.0405 11840 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
16:54:05.0413 11840 NisSrv - ok
16:54:05.0457 11840 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:54:05.0464 11840 NlaSvc - ok
16:54:05.0478 11840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:54:05.0480 11840 Npfs - ok
16:54:05.0491 11840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:54:05.0493 11840 nsi - ok
16:54:05.0516 11840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:54:05.0517 11840 nsiproxy - ok
16:54:05.0573 11840 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:54:05.0596 11840 Ntfs - ok
16:54:05.0611 11840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:54:05.0612 11840 Null - ok
16:54:05.0622 11840 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:54:05.0624 11840 nusb3hub - ok
16:54:05.0638 11840 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
16:54:05.0641 11840 nusb3xhc - ok
16:54:05.0665 11840 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:54:05.0668 11840 NVHDA - ok
16:54:05.0908 11840 [ FBE6AC1C3591CB67543FAD15ABD26BCB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:54:06.0098 11840 nvlddmkm - ok
16:54:06.0135 11840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:54:06.0138 11840 nvraid - ok
16:54:06.0152 11840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:54:06.0156 11840 nvstor - ok
16:54:06.0210 11840 [ 147B0D17255FD796F990CC6F745605C5 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:54:06.0232 11840 nvsvc - ok
16:54:06.0254 11840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:54:06.0257 11840 nv_agp - ok
16:54:06.0336 11840 [ 07D0A535A44DD048EE346853B0BB9349 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
16:54:06.0338 11840 Oasis2Service - ok
16:54:06.0381 11840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:54:06.0383 11840 ohci1394 - ok
16:54:06.0447 11840 [ 26E8B61BE3826318587CE66B37FD9E48 ] OKI OPHG DCS Loader C:\Windows\system32\spool\DRIVERS\x64\3\OPHGLDCS.EXE
16:54:06.0448 11840 OKI OPHG DCS Loader - ok
16:54:06.0489 11840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:54:06.0492 11840 ose - ok
16:54:06.0627 11840 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:54:06.0686 11840 osppsvc - ok
16:54:06.0723 11840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:54:06.0728 11840 p2pimsvc - ok
16:54:06.0742 11840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:54:06.0749 11840 p2psvc - ok
16:54:06.0778 11840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:54:06.0781 11840 Parport - ok
16:54:06.0812 11840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:54:06.0814 11840 partmgr - ok
16:54:06.0832 11840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:54:06.0838 11840 PcaSvc - ok
16:54:06.0871 11840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:54:06.0875 11840 pci - ok
16:54:06.0909 11840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:54:06.0910 11840 pciide - ok
16:54:06.0943 11840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:54:06.0947 11840 pcmcia - ok
16:54:06.0966 11840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:54:06.0967 11840 pcw - ok
16:54:06.0987 11840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:54:06.0997 11840 PEAUTH - ok
16:54:07.0070 11840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:54:07.0073 11840 PerfHost - ok
16:54:07.0131 11840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:54:07.0148 11840 pla - ok
16:54:07.0182 11840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:54:07.0188 11840 PlugPlay - ok
16:54:07.0244 11840 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:54:07.0254 11840 PMBDeviceInfoProvider - ok
16:54:07.0273 11840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:54:07.0276 11840 PNRPAutoReg - ok
16:54:07.0300 11840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:54:07.0306 11840 PNRPsvc - ok
16:54:07.0339 11840 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:54:07.0341 11840 Point64 - ok
16:54:07.0367 11840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:54:07.0376 11840 PolicyAgent - ok
16:54:07.0403 11840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:54:07.0407 11840 Power - ok
16:54:07.0447 11840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:54:07.0450 11840 PptpMiniport - ok
16:54:07.0476 11840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:54:07.0478 11840 Processor - ok
16:54:07.0519 11840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:54:07.0524 11840 ProfSvc - ok
16:54:07.0537 11840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:54:07.0538 11840 ProtectedStorage - ok
16:54:07.0569 11840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:54:07.0572 11840 Psched - ok
16:54:07.0594 11840 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:54:07.0598 11840 PSI_SVC_2 - ok
16:54:07.0636 11840 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:54:07.0637 11840 PxHlpa64 - ok
16:54:07.0679 11840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:54:07.0702 11840 ql2300 - ok
16:54:07.0729 11840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:54:07.0732 11840 ql40xx - ok
16:54:07.0760 11840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:54:07.0764 11840 QWAVE - ok
16:54:07.0776 11840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:54:07.0778 11840 QWAVEdrv - ok
16:54:07.0792 11840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:54:07.0793 11840 RasAcd - ok
16:54:07.0809 11840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:54:07.0812 11840 RasAgileVpn - ok
16:54:07.0826 11840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:54:07.0830 11840 RasAuto - ok
16:54:07.0868 11840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:54:07.0871 11840 Rasl2tp - ok
16:54:07.0907 11840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:54:07.0915 11840 RasMan - ok
16:54:07.0939 11840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:54:07.0942 11840 RasPppoe - ok
16:54:07.0956 11840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:54:07.0959 11840 RasSstp - ok
16:54:07.0995 11840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:54:08.0000 11840 rdbss - ok
16:54:08.0019 11840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:54:08.0020 11840 rdpbus - ok
16:54:08.0039 11840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:54:08.0040 11840 RDPCDD - ok
16:54:08.0056 11840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:54:08.0057 11840 RDPENCDD - ok
16:54:08.0072 11840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:54:08.0073 11840 RDPREFMP - ok
16:54:08.0102 11840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:54:08.0106 11840 RDPWD - ok
16:54:08.0144 11840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:54:08.0148 11840 rdyboost - ok
16:54:08.0170 11840 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
16:54:08.0171 11840 regi - ok
16:54:08.0198 11840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:54:08.0201 11840 RemoteAccess - ok
16:54:08.0227 11840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:54:08.0232 11840 RemoteRegistry - ok
16:54:08.0250 11840 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:54:08.0254 11840 RFCOMM - ok
16:54:08.0278 11840 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
16:54:08.0281 11840 rimspci - ok
16:54:08.0302 11840 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
16:54:08.0304 11840 risdsnpe - ok
16:54:08.0320 11840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:54:08.0324 11840 RpcEptMapper - ok
16:54:08.0340 11840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:54:08.0342 11840 RpcLocator - ok
16:54:08.0384 11840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
16:54:08.0390 11840 RpcSs - ok
16:54:08.0419 11840 [ C606C5F712A3761896CEFFA4AF6B1268 ] RsFx0151 C:\Windows\system32\DRIVERS\RsFx0151.sys
16:54:08.0426 11840 RsFx0151 - ok
16:54:08.0455 11840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:54:08.0457 11840 rspndr - ok
16:54:08.0471 11840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:54:08.0473 11840 SamSs - ok
16:54:08.0508 11840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:54:08.0510 11840 sbp2port - ok
16:54:08.0532 11840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:54:08.0536 11840 SCardSvr - ok
16:54:08.0565 11840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:54:08.0567 11840 scfilter - ok
16:54:08.0614 11840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:54:08.0638 11840 Schedule - ok
16:54:08.0680 11840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:54:08.0681 11840 SCPolicySvc - ok
16:54:08.0697 11840 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
16:54:08.0700 11840 sdbus - ok
16:54:08.0714 11840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:54:08.0719 11840 SDRSVC - ok
16:54:08.0734 11840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:54:08.0736 11840 secdrv - ok
16:54:08.0774 11840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:54:08.0778 11840 seclogon - ok
16:54:08.0801 11840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
16:54:08.0805 11840 SENS - ok
16:54:08.0817 11840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:54:08.0820 11840 SensrSvc - ok
16:54:08.0844 11840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:54:08.0845 11840 Serenum - ok
16:54:08.0870 11840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:54:08.0873 11840 Serial - ok
16:54:08.0913 11840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:54:08.0915 11840 sermouse - ok
16:54:08.0961 11840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:54:08.0967 11840 SessionEnv - ok
16:54:08.0989 11840 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
16:54:08.0990 11840 SFEP - ok
16:54:09.0024 11840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:54:09.0025 11840 sffdisk - ok
16:54:09.0039 11840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:54:09.0040 11840 sffp_mmc - ok
16:54:09.0053 11840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:54:09.0054 11840 sffp_sd - ok
16:54:09.0080 11840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:54:09.0082 11840 sfloppy - ok
16:54:09.0121 11840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:54:09.0130 11840 SharedAccess - ok
16:54:09.0173 11840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:54:09.0183 11840 ShellHWDetection - ok
16:54:09.0228 11840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:54:09.0230 11840 SiSRaid2 - ok
16:54:09.0247 11840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:54:09.0248 11840 SiSRaid4 - ok
16:54:09.0391 11840 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:54:09.0429 11840 Skype C2C Service - ok
16:54:09.0451 11840 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:54:09.0454 11840 SkypeUpdate - ok
16:54:09.0472 11840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:54:09.0475 11840 Smb - ok
16:54:09.0501 11840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:54:09.0503 11840 SNMPTRAP - ok
16:54:09.0546 11840 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:54:09.0551 11840 SOHCImp - ok
16:54:09.0582 11840 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
16:54:09.0591 11840 SOHDms - ok
16:54:09.0608 11840 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:54:09.0610 11840 SOHDs - ok
16:54:09.0667 11840 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
16:54:09.0673 11840 SpfService - ok
16:54:09.0693 11840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:54:09.0694 11840 spldr - ok
16:54:09.0739 11840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:54:09.0749 11840 Spooler - ok
16:54:09.0843 11840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:54:09.0894 11840 sppsvc - ok
16:54:09.0911 11840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:54:09.0914 11840 sppuinotify - ok
16:54:10.0017 11840 [ 3420E0482AD95120B471B7328A8D7D08 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:54:10.0027 11840 SQLAgent$SQLEXPRESS - ok
16:54:10.0083 11840 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:54:10.0090 11840 SQLBrowser - ok
16:54:10.0126 11840 [ 54A531AA07A2C786040BA476122176A4 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:54:10.0129 11840 SQLWriter - ok
16:54:10.0176 11840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:54:10.0186 11840 srv - ok
16:54:10.0205 11840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:54:10.0214 11840 srv2 - ok
16:54:10.0235 11840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:54:10.0240 11840 srvnet - ok
16:54:10.0262 11840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:54:10.0269 11840 SSDPSRV - ok
16:54:10.0285 11840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:54:10.0290 11840 SstpSvc - ok
16:54:10.0311 11840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:54:10.0314 11840 stexstor - ok
16:54:10.0349 11840 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:54:10.0351 11840 StillCam - ok
16:54:10.0412 11840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:54:10.0427 11840 stisvc - ok
16:54:10.0433 11840 SUHDCrypt - ok
16:54:10.0469 11840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:54:10.0470 11840 swenum - ok
16:54:10.0507 11840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:54:10.0521 11840 swprv - ok
16:54:10.0578 11840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:54:10.0600 11840 SysMain - ok
16:54:10.0635 11840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:54:10.0638 11840 TabletInputService - ok
16:54:10.0657 11840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:54:10.0663 11840 TapiSrv - ok
16:54:10.0677 11840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:54:10.0680 11840 TBS - ok
16:54:10.0733 11840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:54:10.0756 11840 Tcpip - ok
16:54:10.0786 11840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:54:10.0794 11840 TCPIP6 - ok
16:54:10.0804 11840 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:54:10.0805 11840 tcpipreg - ok
16:54:10.0835 11840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:54:10.0836 11840 TDPIPE - ok
16:54:10.0869 11840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:54:10.0871 11840 TDTCP - ok
16:54:10.0901 11840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:54:10.0903 11840 tdx - ok
16:54:10.0937 11840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:54:10.0939 11840 TermDD - ok
16:54:10.0981 11840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:54:10.0996 11840 TermService - ok
16:54:11.0023 11840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:54:11.0028 11840 Themes - ok
16:54:11.0051 11840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:54:11.0054 11840 THREADORDER - ok
16:54:11.0070 11840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:54:11.0076 11840 TrkWks - ok
16:54:11.0124 11840 [ 8DE922CD4FEA6F83B10805DF965B9A08 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
16:54:11.0130 11840 truecrypt - ok
16:54:11.0190 11840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:54:11.0195 11840 TrustedInstaller - ok
16:54:11.0239 11840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:54:11.0241 11840 tssecsrv - ok
16:54:11.0273 11840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:54:11.0276 11840 TsUsbFlt - ok
16:54:11.0314 11840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:54:11.0318 11840 tunnel - ok
16:54:11.0334 11840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:54:11.0336 11840 uagp35 - ok
16:54:11.0372 11840 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:54:11.0375 11840 uCamMonitor - ok
16:54:11.0400 11840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:54:11.0408 11840 udfs - ok
16:54:11.0435 11840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:54:11.0439 11840 UI0Detect - ok
16:54:11.0458 11840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:54:11.0461 11840 uliagpkx - ok
16:54:11.0502 11840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:54:11.0504 11840 umbus - ok
16:54:11.0527 11840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:54:11.0529 11840 UmPass - ok
16:54:11.0554 11840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:54:11.0560 11840 upnphost - ok
16:54:11.0572 11840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:54:11.0574 11840 usbccgp - ok
16:54:11.0606 11840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:54:11.0609 11840 usbcir - ok
16:54:11.0641 11840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:54:11.0644 11840 usbehci - ok
16:54:11.0672 11840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:54:11.0679 11840 usbhub - ok
16:54:11.0696 11840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:54:11.0697 11840 usbohci - ok
16:54:11.0714 11840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:54:11.0716 11840 usbprint - ok
16:54:11.0753 11840 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:54:11.0755 11840 usbscan - ok
16:54:11.0789 11840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:54:11.0792 11840 USBSTOR - ok
16:54:11.0812 11840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:54:11.0814 11840 usbuhci - ok
16:54:11.0835 11840 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:54:11.0840 11840 usbvideo - ok
16:54:11.0862 11840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:54:11.0865 11840 UxSms - ok
16:54:11.0900 11840 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:54:11.0903 11840 VAIO Event Service - ok
16:54:11.0959 11840 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:54:11.0970 11840 VAIO Power Management - ok
16:54:11.0988 11840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:54:11.0990 11840 VaultSvc - ok
16:54:12.0061 11840 [ 6888526AEB8DDABDE6F778FD40FC0693 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:54:12.0083 11840 VCFw - ok
16:54:12.0141 11840 [ 07F47A1DF726537313C1023515175532 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:54:12.0157 11840 VcmIAlzMgr - ok
16:54:12.0206 11840 [ CBB9F0D1017E0BED4CB5BBC0EBF26DC1 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:54:12.0214 11840 VcmINSMgr - ok
16:54:12.0237 11840 [ C8E3BA694CC5EACEC4C01660ACE40D56 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:54:12.0241 11840 VcmXmlIfHelper - ok
16:54:12.0284 11840 [ 8F0840FF3A11D6B3F767AD6C79AC2A40 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
16:54:12.0286 11840 VCService - ok
16:54:12.0321 11840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:54:12.0323 11840 vdrvroot - ok
16:54:12.0371 11840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:54:12.0385 11840 vds - ok
16:54:12.0417 11840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:54:12.0419 11840 vga - ok
16:54:12.0431 11840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:54:12.0433 11840 VgaSave - ok
16:54:12.0467 11840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:54:12.0471 11840 vhdmp - ok
16:54:12.0490 11840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:54:12.0491 11840 viaide - ok
16:54:12.0512 11840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:54:12.0515 11840 volmgr - ok
16:54:12.0555 11840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:54:12.0561 11840 volmgrx - ok
16:54:12.0575 11840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:54:12.0580 11840 volsnap - ok
16:54:12.0606 11840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:54:12.0609 11840 vsmraid - ok
16:54:12.0707 11840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:54:12.0734 11840 VSS - ok
16:54:12.0797 11840 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
16:54:12.0811 11840 VUAgent - ok
16:54:12.0834 11840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:54:12.0835 11840 vwifibus - ok
16:54:12.0848 11840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:54:12.0849 11840 vwififlt - ok
16:54:12.0860 11840 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:54:12.0861 11840 vwifimp - ok
16:54:12.0888 11840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:54:12.0895 11840 W32Time - ok
16:54:12.0950 11840 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
16:54:12.0957 11840 W3SVC - ok
16:54:12.0968 11840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:54:12.0969 11840 WacomPen - ok
16:54:13.0005 11840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:54:13.0007 11840 WANARP - ok
16:54:13.0011 11840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:54:13.0012 11840 Wanarpv6 - ok
16:54:13.0023 11840 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
16:54:13.0026 11840 WAS - ok
16:54:13.0087 11840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:54:13.0111 11840 WatAdminSvc - ok
16:54:13.0168 11840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:54:13.0191 11840 wbengine - ok
16:54:13.0209 11840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:54:13.0215 11840 WbioSrvc - ok
16:54:13.0256 11840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:54:13.0265 11840 wcncsvc - ok
16:54:13.0292 11840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:54:13.0295 11840 WcsPlugInService - ok
16:54:13.0321 11840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:54:13.0322 11840 Wd - ok
16:54:13.0346 11840 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
16:54:13.0347 11840 WDC_SAM - ok
16:54:13.0391 11840 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:54:13.0404 11840 Wdf01000 - ok
16:54:13.0420 11840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:54:13.0425 11840 WdiServiceHost - ok
16:54:13.0430 11840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:54:13.0433 11840 WdiSystemHost - ok
16:54:13.0477 11840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:54:13.0486 11840 WebClient - ok
16:54:13.0506 11840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:54:13.0514 11840 Wecsvc - ok
16:54:13.0532 11840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:54:13.0535 11840 wercplsupport - ok
16:54:13.0546 11840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:54:13.0549 11840 WerSvc - ok
16:54:13.0573 11840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:54:13.0574 11840 WfpLwf - ok
16:54:13.0590 11840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:54:13.0591 11840 WIMMount - ok
16:54:13.0606 11840 WinDefend - ok
16:54:13.0612 11840 WinHttpAutoProxySvc - ok
16:54:13.0652 11840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:54:13.0658 11840 Winmgmt - ok
16:54:13.0745 11840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:54:13.0778 11840 WinRM - ok
16:54:13.0816 11840 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:54:13.0818 11840 WinUsb - ok
16:54:13.0856 11840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:54:13.0874 11840 Wlansvc - ok
16:54:13.0919 11840 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:54:13.0922 11840 wlcrasvc - ok
16:54:14.0025 11840 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:54:14.0059 11840 wlidsvc - ok
16:54:14.0091 11840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:54:14.0092 11840 WmiAcpi - ok
16:54:14.0115 11840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:54:14.0118 11840 wmiApSrv - ok
16:54:14.0131 11840 WMPNetworkSvc - ok
16:54:14.0149 11840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:54:14.0153 11840 WPCSvc - ok
16:54:14.0194 11840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:54:14.0199 11840 WPDBusEnum - ok
16:54:14.0222 11840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:54:14.0224 11840 ws2ifsl - ok
16:54:14.0249 11840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
16:54:14.0254 11840 wscsvc - ok
16:54:14.0280 11840 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:54:14.0281 11840 WSDPrintDevice - ok
16:54:14.0286 11840 WSearch - ok
16:54:14.0373 11840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:54:14.0417 11840 wuauserv - ok
16:54:14.0465 11840 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:54:14.0469 11840 WudfPf - ok
16:54:14.0504 11840 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:54:14.0509 11840 WUDFRd - ok
16:54:14.0542 11840 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:54:14.0548 11840 wudfsvc - ok
16:54:14.0564 11840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:54:14.0573 11840 WwanSvc - ok
16:54:14.0631 11840 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:54:14.0641 11840 YahooAUService - ok
16:54:14.0673 11840 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
16:54:14.0681 11840 yukonw7 - ok
16:54:14.0706 11840 ================ Scan global ===============================
16:54:14.0742 11840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:54:14.0770 11840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:54:14.0779 11840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
16:54:14.0806 11840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:54:14.0829 11840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:54:14.0835 11840 [Global] - ok
16:54:14.0836 11840 ================ Scan MBR ==================================
16:54:14.0838 11840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:54:14.0838 11840 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:54:14.0892 11840 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:54:14.0892 11840 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:54:14.0892 11840 ================ Scan VBR ==================================
16:54:14.0894 11840 [ C7BC1E4F00811478220755BFDB9971F9 ] \Device\Harddisk0\DR0\Partition1
16:54:14.0896 11840 \Device\Harddisk0\DR0\Partition1 - ok
16:54:14.0909 11840 [ 5F501590BADC08DE731632A641EF0D1C ] \Device\Harddisk0\DR0\Partition2
16:54:14.0911 11840 \Device\Harddisk0\DR0\Partition2 - ok
16:54:14.0911 11840 ============================================================
16:54:14.0911 11840 Scan finished
16:54:14.0911 11840 ============================================================
16:54:14.0920 1224 Detected object count: 1
16:54:14.0920 1224 Actual detected object count: 1
16:57:31.0138 1224 \Device\Harddisk0\DR0\# - copied to quarantine
16:57:31.0141 1224 \Device\Harddisk0\DR0 - copied to quarantine
16:57:31.0463 1224 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:57:31.0467 1224 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:57:31.0499 1224 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:57:31.0517 1224 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:57:31.0520 1224 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:57:31.0522 1224 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:57:31.0525 1224 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:57:31.0530 1224 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:57:31.0535 1224 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:57:31.0538 1224 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:57:31.0541 1224 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:57:31.0545 1224 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:57:31.0580 1224 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:57:31.0641 1224 \Device\Harddisk0\DR0 - ok
16:57:31.0821 1224 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:57:40.0225 7148 Deinitialize success
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#15
Westie99

Westie99

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
And for aswMBRtxt.txt this file: (I'm not sure it finished because it never said finished yet showed no progress by changing the text on the window even, so I just clicked save log and here is what was there. If you want rerun on it, I can do it)

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-02 17:15:17
-----------------------------
17:15:17.134 OS Version: Windows x64 6.1.7601 Service Pack 1
17:15:17.134 Number of processors: 8 586 0x1E05
17:15:17.135 ComputerName: ROBERT-VAIO7 UserName: Robert
17:15:19.860 Initialize success
17:16:08.935 AVAST engine defs: 12120101
17:16:28.558 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:16:28.564 Disk 0 Vendor: TOSHIBA_ LH50 Size: 476940MB BusType: 3
17:16:28.581 Disk 0 MBR read successfully
17:16:28.588 Disk 0 MBR scan
17:16:28.597 Disk 0 Windows 7 default MBR code
17:16:28.613 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
17:16:28.633 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 20973568
17:16:28.650 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466598 MB offset 21178368
17:16:28.672 Disk 0 scanning C:\Windows\system32\drivers
17:16:41.177 Service scanning
17:16:41.867 Service A2DDA E:\Run\a2ddax64.sys **LOCKED** 21
17:17:11.887 Modules scanning
17:17:11.910 Disk 0 trace - called modules:
17:17:11.960 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:17:11.966 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ab9790]
17:17:11.972 3 CLASSPNP.SYS[fffff88001d9143f] -> nt!IofCallDriver -> [0xfffffa800481ee40]
17:17:11.979 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004821050]
17:17:13.515 AVAST engine scan C:\Windows
17:17:17.266 AVAST engine scan C:\Windows\system32
17:20:37.840 AVAST engine scan C:\Windows\system32\drivers
17:20:52.225 AVAST engine scan C:\Users\Robert
18:15:01.001 Disk 0 MBR has been saved successfully to "C:\Users\Robert\Desktop\MBR.dat"
18:15:01.010 The log file has been saved successfully to "C:\Users\Robert\Desktop\aswMBRtxt.txt"
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP