Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

redirect issues as well as pop ups

Started by ama de casa , Sep 27 2012 09:18 AM

Please log in to reply

10 replies to this topic

#1 ama de casa

New Member

Members
6 posts

Posted 27 September 2012 - 09:18 AM

Good Morning!

I am having redirect issues as well as multiple pop up ads in both lower corners of my computer. I have run superspywareblaster, spybot, and malwarebytes. Pop up blockers are on. When this problem first emerged a couple of weeks ago, I reloaded Windows 7....but the problems are back. My surf habits are few (CNN/nyt/a few 'old moms' blogs, recipe sites) but this is annoying as heck. What should be my next step? I've spent the last two days trying to get rid of the problems myself and my family would really appreciate someone helping me to fix this so they could once again have clean clothes and hot food instead of listening to mom say bad words to the computer ;)

Thanks so much!

BC Ads
BleepingComputer.com

#2 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 27 September 2012 - 09:21 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 ama de casa

New Member

Members
6 posts

Posted 27 September 2012 - 12:03 PM

THANKS for the speedy reply. It took me a little longer than expected because I kept getting a redirect to a page to by norton when I tried to download! aswmbr would not complete so ran in safe mode with networking as instructed. there is no log file for eset because it said there were no threats.

09:48:38.0773 10416 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:48:40.0802 10416 ============================================================
09:48:40.0802 10416 Current date / time: 2012/09/27 09:48:40.0802
09:48:40.0802 10416 SystemInfo:
09:48:40.0802 10416
09:48:40.0802 10416 OS Version: 6.1.7601 ServicePack: 1.0
09:48:40.0802 10416 Product type: Workstation
09:48:40.0802 10416 ComputerName: DBR-VAIO3
09:48:40.0802 10416 UserName: Mommydearest
09:48:40.0802 10416 Windows directory: C:\Windows
09:48:40.0802 10416 System windows directory: C:\Windows
09:48:40.0802 10416 Running under WOW64
09:48:40.0802 10416 Processor architecture: Intel x64
09:48:40.0802 10416 Number of processors: 4
09:48:40.0802 10416 Page size: 0x1000
09:48:40.0802 10416 Boot type: Normal boot
09:48:40.0802 10416 ============================================================
09:48:41.0422 10416 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:48:41.0422 10416 ============================================================
09:48:41.0422 10416 \Device\Harddisk0\DR0:
09:48:41.0422 10416 MBR partitions:
09:48:41.0422 10416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1886800, BlocksNum 0x32000
09:48:41.0422 10416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18B8800, BlocksNum 0x38ACD000
09:48:41.0422 10416 ============================================================
09:48:41.0522 10416 C: <-> \Device\Harddisk0\DR0\Partition2
09:48:41.0522 10416 ============================================================
09:48:41.0522 10416 Initialize success
09:48:41.0522 10416 ============================================================
09:49:04.0167 4172 ============================================================
09:49:04.0167 4172 Scan started
09:49:04.0167 4172 Mode: Manual; TDLFS;
09:49:04.0167 4172 ============================================================
09:49:04.0417 4172 ================ Scan system memory ========================
09:49:04.0417 4172 System memory - ok
09:49:04.0417 4172 ================ Scan services =============================
09:49:04.0573 4172 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:49:04.0573 4172 !SASCORE - ok
09:49:04.0916 4172 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:49:04.0916 4172 1394ohci - ok
09:49:05.0157 4172 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:49:05.0157 4172 ACDaemon - ok
09:49:05.0187 4172 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:49:05.0197 4172 ACPI - ok
09:49:05.0227 4172 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:49:05.0227 4172 AcpiPmi - ok
09:49:05.0297 4172 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:49:05.0297 4172 AdobeARMservice - ok
09:49:05.0427 4172 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:49:05.0437 4172 AdobeFlashPlayerUpdateSvc - ok
09:49:05.0467 4172 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:49:05.0477 4172 adp94xx - ok
09:49:05.0507 4172 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:49:05.0507 4172 adpahci - ok
09:49:05.0547 4172 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:49:05.0547 4172 adpu320 - ok
09:49:05.0567 4172 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:49:05.0567 4172 AeLookupSvc - ok
09:49:05.0627 4172 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:49:05.0637 4172 AFD - ok
09:49:05.0667 4172 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:49:05.0667 4172 agp440 - ok
09:49:05.0697 4172 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:49:05.0707 4172 ALG - ok
09:49:05.0737 4172 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:49:05.0737 4172 aliide - ok
09:49:05.0757 4172 [ 6F7DCC837AF60FEFC235877A7D312077 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:49:05.0767 4172 AMD External Events Utility - ok
09:49:05.0767 4172 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:49:05.0767 4172 amdide - ok
09:49:05.0777 4172 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:49:05.0777 4172 AmdK8 - ok
09:49:05.0967 4172 [ 0D28CD1E31B59D73F10BD8144C0762B3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:49:06.0167 4172 amdkmdag - ok
09:49:06.0217 4172 [ 66D5254B0DA7400CC7E26DC9BBD8E90E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:49:06.0227 4172 amdkmdap - ok
09:49:06.0237 4172 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:49:06.0237 4172 AmdPPM - ok
09:49:06.0277 4172 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:49:06.0287 4172 amdsata - ok
09:49:06.0327 4172 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:49:06.0327 4172 amdsbs - ok
09:49:06.0337 4172 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:49:06.0337 4172 amdxata - ok
09:49:06.0377 4172 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
09:49:06.0377 4172 AMPPAL - ok
09:49:06.0387 4172 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
09:49:06.0387 4172 AMPPALP - ok
09:49:06.0467 4172 [ 83A0E7BA4AE616D3654E700D9C5FF9DB ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
09:49:06.0477 4172 AMPPALR3 - ok
09:49:06.0517 4172 [ 9DC1A45BA81C923DB68A162B0F0D0149 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:49:06.0517 4172 ApfiltrService - ok
09:49:06.0557 4172 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:49:06.0557 4172 AppID - ok
09:49:06.0587 4172 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:49:06.0587 4172 AppIDSvc - ok
09:49:06.0607 4172 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:49:06.0607 4172 Appinfo - ok
09:49:06.0687 4172 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:49:06.0697 4172 Apple Mobile Device - ok
09:49:06.0737 4172 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:49:06.0737 4172 AppMgmt - ok
09:49:06.0777 4172 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:49:06.0777 4172 arc - ok
09:49:06.0777 4172 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:49:06.0777 4172 arcsas - ok
09:49:06.0817 4172 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:49:06.0817 4172 ArcSoftKsUFilter - ok
09:49:06.0907 4172 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:49:06.0917 4172 aspnet_state - ok
09:49:06.0967 4172 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:49:06.0977 4172 aswFsBlk - ok
09:49:06.0997 4172 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:49:06.0997 4172 aswMonFlt - ok
09:49:07.0007 4172 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:49:07.0007 4172 aswRdr - ok
09:49:07.0087 4172 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:49:07.0087 4172 aswSnx - ok
09:49:07.0102 4172 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:49:07.0118 4172 aswSP - ok
09:49:07.0133 4172 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:49:07.0133 4172 aswTdi - ok
09:49:07.0165 4172 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:49:07.0165 4172 AsyncMac - ok
09:49:07.0180 4172 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:49:07.0180 4172 atapi - ok
09:49:07.0243 4172 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:49:07.0258 4172 athr - ok
09:49:07.0305 4172 [ 26970F26EBAB7D5D1B795A3F9013CD80 ] ATSwpWDF C:\Windows\system32\DRIVERS\ATSwpWDF.sys
09:49:07.0321 4172 ATSwpWDF - ok
09:49:07.0352 4172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:49:07.0367 4172 AudioEndpointBuilder - ok
09:49:07.0383 4172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:49:07.0383 4172 AudioSrv - ok
09:49:07.0461 4172 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:49:07.0461 4172 avast! Antivirus - ok
09:49:07.0508 4172 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:49:07.0508 4172 AxInstSV - ok
09:49:07.0555 4172 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:49:07.0555 4172 b06bdrv - ok
09:49:07.0586 4172 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:49:07.0586 4172 b57nd60a - ok
09:49:07.0633 4172 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:49:07.0633 4172 BDESVC - ok
09:49:07.0648 4172 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:49:07.0648 4172 Beep - ok
09:49:07.0711 4172 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:49:07.0711 4172 BFE - ok
09:49:07.0757 4172 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:49:07.0757 4172 BITS - ok
09:49:07.0789 4172 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:49:07.0789 4172 blbdrive - ok
09:49:07.0867 4172 [ E52221FF68AABB5BEE32A7DEE69E7EAB ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
09:49:07.0867 4172 Bluetooth Device Monitor - ok
09:49:07.0913 4172 [ 5CFA8896A5E10B226B0606B4C84D97AE ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
09:49:07.0929 4172 Bluetooth Media Service - ok
09:49:07.0960 4172 [ 03FE8826F70FC84401B554C4004C4593 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
09:49:07.0960 4172 Bluetooth OBEX Service - ok
09:49:08.0054 4172 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:49:08.0054 4172 Bonjour Service - ok
09:49:08.0085 4172 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:49:08.0085 4172 bowser - ok
09:49:08.0116 4172 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:49:08.0116 4172 BrFiltLo - ok
09:49:08.0116 4172 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:49:08.0116 4172 BrFiltUp - ok
09:49:08.0163 4172 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:49:08.0163 4172 Browser - ok
09:49:08.0194 4172 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:49:08.0194 4172 Brserid - ok
09:49:08.0194 4172 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:49:08.0194 4172 BrSerWdm - ok
09:49:08.0210 4172 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:49:08.0210 4172 BrUsbMdm - ok
09:49:08.0210 4172 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:49:08.0225 4172 BrUsbSer - ok
09:49:08.0257 4172 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:49:08.0257 4172 BthEnum - ok
09:49:08.0288 4172 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:49:08.0288 4172 BTHMODEM - ok
09:49:08.0303 4172 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:49:08.0303 4172 BthPan - ok
09:49:08.0366 4172 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:49:08.0366 4172 BTHPORT - ok
09:49:08.0413 4172 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:49:08.0413 4172 bthserv - ok
09:49:08.0413 4172 [ A5B3E8B2B78C7B3DA56A0DE490E6718C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
09:49:08.0428 4172 BTHSSecurityMgr - ok
09:49:08.0444 4172 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:49:08.0444 4172 BTHUSB - ok
09:49:08.0459 4172 [ A0CA8F0493D26E67436929856E32F585 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
09:49:08.0459 4172 btmaux - ok
09:49:08.0522 4172 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
09:49:08.0522 4172 btmhsf - ok
09:49:08.0537 4172 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:49:08.0537 4172 cdfs - ok
09:49:08.0584 4172 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:49:08.0584 4172 cdrom - ok
09:49:08.0615 4172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:49:08.0615 4172 CertPropSvc - ok
09:49:08.0631 4172 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:49:08.0631 4172 circlass - ok
09:49:08.0678 4172 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:49:08.0678 4172 CLFS - ok
09:49:08.0740 4172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:49:08.0740 4172 clr_optimization_v2.0.50727_32 - ok
09:49:08.0771 4172 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:49:08.0771 4172 clr_optimization_v2.0.50727_64 - ok
09:49:08.0834 4172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:49:08.0849 4172 clr_optimization_v4.0.30319_32 - ok
09:49:08.0881 4172 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:49:08.0881 4172 clr_optimization_v4.0.30319_64 - ok
09:49:08.0912 4172 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:49:08.0912 4172 CmBatt - ok
09:49:08.0943 4172 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:49:08.0943 4172 cmdide - ok
09:49:08.0990 4172 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:49:09.0005 4172 CNG - ok
09:49:09.0037 4172 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:49:09.0037 4172 Compbatt - ok
09:49:09.0052 4172 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:49:09.0052 4172 CompositeBus - ok
09:49:09.0052 4172 COMSysApp - ok
09:49:09.0083 4172 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:49:09.0083 4172 crcdisk - ok
09:49:09.0130 4172 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:49:09.0130 4172 CryptSvc - ok
09:49:09.0146 4172 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:49:09.0146 4172 CSC - ok
09:49:09.0177 4172 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:49:09.0193 4172 CscService - ok
09:49:09.0302 4172 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:49:09.0302 4172 cvhsvc - ok
09:49:09.0349 4172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:49:09.0349 4172 DcomLaunch - ok
09:49:09.0380 4172 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:49:09.0380 4172 defragsvc - ok
09:49:09.0395 4172 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:49:09.0411 4172 DfsC - ok
09:49:09.0427 4172 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:49:09.0442 4172 Dhcp - ok
09:49:09.0458 4172 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:49:09.0458 4172 discache - ok
09:49:09.0489 4172 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:49:09.0489 4172 Disk - ok
09:49:09.0505 4172 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:49:09.0520 4172 dmvsc - ok
09:49:09.0536 4172 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:49:09.0536 4172 Dnscache - ok
09:49:09.0567 4172 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:49:09.0567 4172 dot3svc - ok
09:49:09.0598 4172 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:49:09.0598 4172 DPS - ok
09:49:09.0629 4172 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:49:09.0645 4172 drmkaud - ok
09:49:09.0676 4172 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:49:09.0692 4172 DXGKrnl - ok
09:49:09.0723 4172 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
09:49:09.0739 4172 e1yexpress - ok
09:49:09.0754 4172 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:49:09.0754 4172 EapHost - ok
09:49:09.0832 4172 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:49:09.0895 4172 ebdrv - ok
09:49:09.0941 4172 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:49:09.0941 4172 EFS - ok
09:49:10.0082 4172 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:49:10.0113 4172 ehRecvr - ok
09:49:10.0113 4172 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:49:10.0129 4172 ehSched - ok
09:49:10.0160 4172 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:49:10.0175 4172 elxstor - ok
09:49:10.0175 4172 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:49:10.0175 4172 ErrDev - ok
09:49:10.0253 4172 esgiguard - ok
09:49:10.0285 4172 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:49:10.0300 4172 EventSystem - ok
09:49:10.0378 4172 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:49:10.0394 4172 EvtEng - ok
09:49:10.0409 4172 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:49:10.0409 4172 exfat - ok
09:49:10.0425 4172 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:49:10.0425 4172 fastfat - ok
09:49:10.0487 4172 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:49:10.0487 4172 Fax - ok
09:49:10.0519 4172 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:49:10.0519 4172 fdc - ok
09:49:10.0550 4172 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:49:10.0550 4172 fdPHost - ok
09:49:10.0565 4172 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:49:10.0565 4172 FDResPub - ok
09:49:10.0597 4172 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:49:10.0597 4172 FileInfo - ok
09:49:10.0597 4172 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:49:10.0597 4172 Filetrace - ok
09:49:10.0628 4172 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:49:10.0628 4172 flpydisk - ok
09:49:10.0643 4172 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:49:10.0659 4172 FltMgr - ok
09:49:10.0690 4172 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:49:10.0706 4172 FontCache - ok
09:49:10.0753 4172 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:49:10.0753 4172 FontCache3.0.0.0 - ok
09:49:10.0831 4172 [ 8F46017C1442E25B2BED0377A4733EC1 ] FPLService C:\Program Files\TrueSuite\TrueSuite.Service.exe
09:49:10.0831 4172 FPLService - ok
09:49:10.0846 4172 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:49:10.0846 4172 FsDepends - ok
09:49:10.0877 4172 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:49:10.0893 4172 Fs_Rec - ok
09:49:10.0924 4172 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:49:10.0940 4172 fvevol - ok
09:49:10.0955 4172 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:49:10.0971 4172 gagp30kx - ok
09:49:11.0002 4172 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:49:11.0018 4172 GEARAspiWDM - ok
09:49:11.0065 4172 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:49:11.0065 4172 gpsvc - ok
09:49:11.0158 4172 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:49:11.0158 4172 gupdate - ok
09:49:11.0174 4172 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:49:11.0174 4172 gupdatem - ok
09:49:11.0221 4172 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:49:11.0221 4172 gusvc - ok
09:49:11.0252 4172 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:49:11.0252 4172 hcw85cir - ok
09:49:11.0283 4172 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:49:11.0283 4172 HdAudAddService - ok
09:49:11.0314 4172 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:49:11.0330 4172 HDAudBus - ok
09:49:11.0330 4172 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:49:11.0330 4172 HidBatt - ok
09:49:11.0345 4172 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:49:11.0361 4172 HidBth - ok
09:49:11.0361 4172 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:49:11.0361 4172 HidIr - ok
09:49:11.0392 4172 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:49:11.0392 4172 hidserv - ok
09:49:11.0423 4172 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:49:11.0423 4172 HidUsb - ok
09:49:11.0455 4172 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:49:11.0455 4172 hkmsvc - ok
09:49:11.0470 4172 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:49:11.0470 4172 HomeGroupListener - ok
09:49:11.0501 4172 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:49:11.0501 4172 HomeGroupProvider - ok
09:49:11.0533 4172 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:49:11.0533 4172 HpSAMD - ok
09:49:11.0564 4172 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:49:11.0579 4172 HTTP - ok
09:49:11.0595 4172 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:49:11.0595 4172 hwpolicy - ok
09:49:11.0626 4172 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:49:11.0642 4172 i8042prt - ok
09:49:11.0673 4172 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:49:11.0673 4172 iaStor - ok
09:49:11.0735 4172 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:49:11.0735 4172 IAStorDataMgrSvc - ok
09:49:11.0767 4172 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:49:11.0767 4172 iaStorV - ok
09:49:11.0798 4172 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
09:49:11.0813 4172 iBtFltCoex - ok
09:49:11.0907 4172 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:49:11.0923 4172 IconMan_R - ok
09:49:12.0016 4172 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:49:12.0032 4172 idsvc - ok
09:49:12.0063 4172 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:49:12.0063 4172 iirsp - ok
09:49:12.0110 4172 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:49:12.0125 4172 IKEEXT - ok
09:49:12.0172 4172 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
09:49:12.0172 4172 intaud_WaveExtensible - ok
09:49:12.0250 4172 [ CDB772F707AC24B43A20C821852CA61F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:49:12.0281 4172 IntcAzAudAddService - ok
09:49:12.0313 4172 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:49:12.0313 4172 IntcDAud - ok
09:49:12.0344 4172 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:49:12.0344 4172 intelide - ok
09:49:12.0562 4172 [ 9937600A1584FF00565D5379EB4C9EDB ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
09:49:12.0765 4172 intelkmd - ok
09:49:12.0781 4172 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:49:12.0781 4172 intelppm - ok
09:49:12.0796 4172 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:49:12.0796 4172 IPBusEnum - ok
09:49:12.0827 4172 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:49:12.0827 4172 IpFilterDriver - ok
09:49:12.0859 4172 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:49:12.0874 4172 iphlpsvc - ok
09:49:12.0874 4172 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:49:12.0874 4172 IPMIDRV - ok
09:49:12.0890 4172 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:49:12.0905 4172 IPNAT - ok
09:49:12.0983 4172 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:49:12.0983 4172 iPod Service - ok
09:49:13.0015 4172 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:49:13.0030 4172 IRENUM - ok
09:49:13.0046 4172 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:49:13.0061 4172 isapnp - ok
09:49:13.0077 4172 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:49:13.0077 4172 iScsiPrt - ok
09:49:13.0139 4172 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
09:49:13.0139 4172 iwdbus - ok
09:49:13.0186 4172 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:49:13.0186 4172 jhi_service - ok
09:49:13.0217 4172 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:49:13.0217 4172 kbdclass - ok
09:49:13.0249 4172 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:49:13.0249 4172 kbdhid - ok
09:49:13.0264 4172 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:49:13.0264 4172 KeyIso - ok
09:49:13.0295 4172 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:49:13.0295 4172 KSecDD - ok
09:49:13.0327 4172 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:49:13.0327 4172 KSecPkg - ok
09:49:13.0342 4172 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:49:13.0358 4172 ksthunk - ok
09:49:13.0373 4172 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:49:13.0389 4172 KtmRm - ok
09:49:13.0436 4172 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:49:13.0436 4172 LanmanServer - ok
09:49:13.0451 4172 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:49:13.0467 4172 LanmanWorkstation - ok
09:49:13.0514 4172 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:49:13.0514 4172 lltdio - ok
09:49:13.0545 4172 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:49:13.0545 4172 lltdsvc - ok
09:49:13.0576 4172 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:49:13.0576 4172 lmhosts - ok
09:49:13.0639 4172 [ F4A17DCAB576267C85663E64F3ACE5A4 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:49:13.0654 4172 LMS - ok
09:49:13.0685 4172 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:49:13.0701 4172 LSI_FC - ok
09:49:13.0701 4172 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:49:13.0701 4172 LSI_SAS - ok
09:49:13.0717 4172 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:49:13.0717 4172 LSI_SAS2 - ok
09:49:13.0717 4172 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:49:13.0732 4172 LSI_SCSI - ok
09:49:13.0763 4172 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:49:13.0763 4172 luafv - ok
09:49:13.0795 4172 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:49:13.0810 4172 Mcx2Svc - ok
09:49:13.0810 4172 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:49:13.0810 4172 megasas - ok
09:49:13.0826 4172 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:49:13.0841 4172 MegaSR - ok
09:49:13.0857 4172 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:49:13.0873 4172 MEIx64 - ok
09:49:13.0904 4172 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:49:13.0904 4172 MMCSS - ok
09:49:13.0919 4172 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:49:13.0919 4172 Modem - ok
09:49:13.0935 4172 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:49:13.0935 4172 monitor - ok
09:49:13.0951 4172 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:49:13.0951 4172 mouclass - ok
09:49:13.0966 4172 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
09:49:13.0966 4172 mouhid - ok
09:49:13.0982 4172 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:49:13.0982 4172 mountmgr - ok
09:49:14.0013 4172 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:49:14.0013 4172 mpio - ok
09:49:14.0044 4172 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:49:14.0044 4172 mpsdrv - ok
09:49:14.0075 4172 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:49:14.0091 4172 MpsSvc - ok
09:49:14.0107 4172 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:49:14.0107 4172 MRxDAV - ok
09:49:14.0153 4172 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:49:14.0153 4172 mrxsmb - ok
09:49:14.0169 4172 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:49:14.0169 4172 mrxsmb10 - ok
09:49:14.0185 4172 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:49:14.0185 4172 mrxsmb20 - ok
09:49:14.0200 4172 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:49:14.0216 4172 msahci - ok
09:49:14.0216 4172 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:49:14.0216 4172 msdsm - ok
09:49:14.0247 4172 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:49:14.0247 4172 MSDTC - ok
09:49:14.0294 4172 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:49:14.0294 4172 Msfs - ok
09:49:14.0309 4172 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:49:14.0309 4172 mshidkmdf - ok
09:49:14.0325 4172 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:49:14.0325 4172 msisadrv - ok
09:49:14.0356 4172 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:49:14.0356 4172 MSiSCSI - ok
09:49:14.0356 4172 msiserver - ok
09:49:14.0403 4172 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:49:14.0403 4172 MSKSSRV - ok
09:49:14.0403 4172 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:49:14.0403 4172 MSPCLOCK - ok
09:49:14.0403 4172 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:49:14.0403 4172 MSPQM - ok
09:49:14.0434 4172 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:49:14.0434 4172 MsRPC - ok
09:49:14.0434 4172 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:49:14.0434 4172 mssmbios - ok
09:49:14.0450 4172 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:49:14.0450 4172 MSTEE - ok
09:49:14.0450 4172 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:49:14.0450 4172 MTConfig - ok
09:49:14.0450 4172 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:49:14.0450 4172 Mup - ok
09:49:14.0481 4172 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:49:14.0481 4172 MyWiFiDHCPDNS - ok
09:49:14.0512 4172 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:49:14.0528 4172 napagent - ok
09:49:14.0559 4172 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:49:14.0575 4172 NativeWifiP - ok
09:49:14.0637 4172 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:49:14.0637 4172 NDIS - ok
09:49:14.0684 4172 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:49:14.0684 4172 NdisCap - ok
09:49:14.0699 4172 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:49:14.0715 4172 NdisTapi - ok
09:49:14.0715 4172 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:49:14.0715 4172 Ndisuio - ok
09:49:14.0731 4172 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:49:14.0731 4172 NdisWan - ok
09:49:14.0731 4172 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:49:14.0731 4172 NDProxy - ok
09:49:14.0746 4172 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:49:14.0746 4172 NetBIOS - ok
09:49:14.0777 4172 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:49:14.0777 4172 NetBT - ok
09:49:14.0793 4172 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:49:14.0793 4172 Netlogon - ok
09:49:14.0824 4172 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:49:14.0824 4172 Netman - ok
09:49:14.0871 4172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:49:14.0871 4172 NetMsmqActivator - ok
09:49:14.0871 4172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:49:14.0871 4172 NetPipeActivator - ok
09:49:14.0902 4172 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:49:14.0918 4172 netprofm - ok
09:49:14.0933 4172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:49:14.0933 4172 NetTcpActivator - ok
09:49:14.0933 4172 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:49:14.0933 4172 NetTcpPortSharing - ok
09:49:15.0105 4172 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
09:49:15.0230 4172 NETwNs64 - ok
09:49:15.0277 4172 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:49:15.0277 4172 nfrd960 - ok
09:49:15.0308 4172 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:49:15.0323 4172 NlaSvc - ok
09:49:15.0339 4172 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:49:15.0339 4172 Npfs - ok
09:49:15.0355 4172 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:49:15.0355 4172 nsi - ok
09:49:15.0370 4172 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:49:15.0370 4172 nsiproxy - ok
09:49:15.0417 4172 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:49:15.0433 4172 Ntfs - ok
09:49:15.0448 4172 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:49:15.0448 4172 Null - ok
09:49:15.0464 4172 [ 01266516E6E88D183A2B58722EEB4443 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
09:49:15.0479 4172 nusb3hub - ok
09:49:15.0495 4172 [ 5EC04F55CC5F165F21752712437DF638 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:49:15.0495 4172 nusb3xhc - ok
09:49:15.0698 4172 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:49:15.0901 4172 nvlddmkm - ok
09:49:15.0932 4172 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:49:15.0932 4172 nvraid - ok
09:49:15.0947 4172 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:49:15.0947 4172 nvstor - ok
09:49:15.0963 4172 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:49:15.0963 4172 nv_agp - ok
09:49:16.0025 4172 [ 07571684567859DA796A566CC78FFA74 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
09:49:16.0025 4172 Oasis2Service - ok
09:49:16.0119 4172 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:49:16.0119 4172 odserv - ok
09:49:16.0150 4172 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:49:16.0150 4172 ohci1394 - ok
09:49:16.0197 4172 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:49:16.0197 4172 ose - ok
09:49:16.0353 4172 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:49:16.0462 4172 osppsvc - ok
09:49:16.0493 4172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:49:16.0509 4172 p2pimsvc - ok
09:49:16.0525 4172 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:49:16.0525 4172 p2psvc - ok
09:49:16.0556 4172 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:49:16.0556 4172 Parport - ok
09:49:16.0587 4172 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:49:16.0587 4172 partmgr - ok
09:49:16.0618 4172 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:49:16.0634 4172 PcaSvc - ok
09:49:16.0649 4172 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:49:16.0649 4172 pci - ok
09:49:16.0665 4172 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:49:16.0665 4172 pciide - ok
09:49:16.0681 4172 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:49:16.0681 4172 pcmcia - ok
09:49:16.0681 4172 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:49:16.0681 4172 pcw - ok
09:49:16.0696 4172 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:49:16.0727 4172 PEAUTH - ok
09:49:16.0774 4172 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:49:16.0790 4172 PeerDistSvc - ok
09:49:16.0868 4172 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:49:16.0868 4172 PerfHost - ok
09:49:16.0930 4172 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:49:16.0946 4172 pla - ok
09:49:17.0039 4172 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:49:17.0055 4172 PlugPlay - ok
09:49:17.0133 4172 [ E9605A180001A6B5551112D91DE92CA1 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:49:17.0164 4172 PMBDeviceInfoProvider - ok
09:49:17.0180 4172 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:49:17.0180 4172 PNRPAutoReg - ok
09:49:17.0195 4172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:49:17.0195 4172 PNRPsvc - ok
09:49:17.0227 4172 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:49:17.0242 4172 PolicyAgent - ok
09:49:17.0273 4172 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:49:17.0273 4172 Power - ok
09:49:17.0305 4172 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:49:17.0305 4172 PptpMiniport - ok
09:49:17.0320 4172 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:49:17.0320 4172 Processor - ok
09:49:17.0351 4172 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:49:17.0367 4172 ProfSvc - ok
09:49:17.0383 4172 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:49:17.0383 4172 ProtectedStorage - ok
09:49:17.0398 4172 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:49:17.0398 4172 Psched - ok
09:49:17.0445 4172 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:49:17.0461 4172 ql2300 - ok
09:49:17.0461 4172 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:49:17.0461 4172 ql40xx - ok
09:49:17.0476 4172 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:49:17.0492 4172 QWAVE - ok
09:49:17.0507 4172 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:49:17.0507 4172 QWAVEdrv - ok
09:49:17.0523 4172 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:49:17.0523 4172 RasAcd - ok
09:49:17.0539 4172 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:49:17.0539 4172 RasAgileVpn - ok
09:49:17.0570 4172 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:49:17.0570 4172 RasAuto - ok
09:49:17.0601 4172 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:49:17.0601 4172 Rasl2tp - ok
09:49:17.0632 4172 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:49:17.0632 4172 RasMan - ok
09:49:17.0663 4172 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:49:17.0663 4172 RasPppoe - ok
09:49:17.0679 4172 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:49:17.0695 4172 RasSstp - ok
09:49:17.0710 4172 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:49:17.0710 4172 rdbss - ok
09:49:17.0710 4172 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:49:17.0710 4172 rdpbus - ok
09:49:17.0741 4172 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:49:17.0741 4172 RDPCDD - ok
09:49:17.0773 4172 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:49:17.0788 4172 RDPDR - ok
09:49:17.0788 4172 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:49:17.0788 4172 RDPENCDD - ok
09:49:17.0819 4172 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:49:17.0819 4172 RDPREFMP - ok
09:49:17.0851 4172 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:49:17.0851 4172 RDPWD - ok
09:49:17.0897 4172 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:49:17.0897 4172 rdyboost - ok
09:49:17.0929 4172 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:49:17.0944 4172 RegSrvc - ok
09:49:17.0960 4172 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:49:17.0975 4172 RemoteAccess - ok
09:49:18.0022 4172 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:49:18.0022 4172 RemoteRegistry - ok
09:49:18.0053 4172 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:49:18.0053 4172 RFCOMM - ok
09:49:18.0085 4172 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:49:18.0085 4172 RpcEptMapper - ok
09:49:18.0100 4172 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:49:18.0100 4172 RpcLocator - ok
09:49:18.0131 4172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:49:18.0131 4172 RpcSs - ok
09:49:18.0163 4172 [ 9D21618E7A3B2C75CF1A2ECBBE723730 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
09:49:18.0163 4172 RSPCIESTOR - ok
09:49:18.0194 4172 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:49:18.0194 4172 rspndr - ok
09:49:18.0241 4172 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:49:18.0241 4172 RTL8167 - ok
09:49:18.0272 4172 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:49:18.0272 4172 s3cap - ok
09:49:18.0287 4172 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:49:18.0287 4172 SamSs - ok
09:49:18.0350 4172 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:49:18.0350 4172 SASDIFSV - ok
09:49:18.0365 4172 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:49:18.0365 4172 SASKUTIL - ok
09:49:18.0381 4172 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:49:18.0381 4172 sbp2port - ok
09:49:18.0443 4172 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:49:18.0459 4172 SBSDWSCService - ok
09:49:18.0490 4172 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:49:18.0490 4172 SCardSvr - ok
09:49:18.0506 4172 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:49:18.0506 4172 scfilter - ok
09:49:18.0537 4172 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:49:18.0553 4172 Schedule - ok
09:49:18.0584 4172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:49:18.0584 4172 SCPolicySvc - ok
09:49:18.0631 4172 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:49:18.0631 4172 sdbus - ok
09:49:18.0646 4172 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:49:18.0662 4172 SDRSVC - ok
09:49:18.0677 4172 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:49:18.0677 4172 secdrv - ok
09:49:18.0677 4172 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:49:18.0693 4172 seclogon - ok
09:49:18.0709 4172 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:49:18.0709 4172 SENS - ok
09:49:18.0740 4172 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:49:18.0740 4172 SensrSvc - ok
09:49:18.0771 4172 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:49:18.0771 4172 Serenum - ok
09:49:18.0802 4172 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:49:18.0802 4172 Serial - ok
09:49:18.0818 4172 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:49:18.0818 4172 sermouse - ok
09:49:18.0849 4172 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:49:18.0849 4172 SessionEnv - ok
09:49:18.0880 4172 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
09:49:18.0880 4172 SFEP - ok
09:49:18.0896 4172 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:49:18.0896 4172 sffdisk - ok
09:49:18.0911 4172 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:49:18.0911 4172 sffp_mmc - ok
09:49:18.0911 4172 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:49:18.0911 4172 sffp_sd - ok
09:49:18.0927 4172 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:49:18.0927 4172 sfloppy - ok
09:49:18.0974 4172 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:49:18.0989 4172 Sftfs - ok
09:49:19.0052 4172 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:49:19.0067 4172 sftlist - ok
09:49:19.0099 4172 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:49:19.0099 4172 Sftplay - ok
09:49:19.0130 4172 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:49:19.0130 4172 Sftredir - ok
09:49:19.0130 4172 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:49:19.0130 4172 Sftvol - ok
09:49:19.0145 4172 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:49:19.0161 4172 sftvsa - ok
09:49:19.0192 4172 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:49:19.0192 4172 SharedAccess - ok
09:49:19.0223 4172 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:49:19.0239 4172 ShellHWDetection - ok
09:49:19.0255 4172 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:49:19.0255 4172 SiSRaid2 - ok
09:49:19.0270 4172 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:49:19.0270 4172 SiSRaid4 - ok
09:49:19.0286 4172 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:49:19.0286 4172 Smb - ok
09:49:19.0317 4172 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:49:19.0317 4172 SNMPTRAP - ok
09:49:19.0364 4172 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:49:19.0364 4172 SOHCImp - ok
09:49:19.0395 4172 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:49:19.0395 4172 SOHDs - ok
09:49:19.0426 4172 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:49:19.0442 4172 SpfService - ok
09:49:19.0457 4172 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:49:19.0457 4172 spldr - ok
09:49:19.0504 4172 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:49:19.0504 4172 Spooler - ok
09:49:19.0598 4172 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:49:19.0660 4172 sppsvc - ok
09:49:19.0660 4172 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:49:19.0676 4172 sppuinotify - ok
09:49:19.0707 4172 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:49:19.0723 4172 srv - ok
09:49:19.0723 4172 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:49:19.0738 4172 srv2 - ok
09:49:19.0754 4172 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:49:19.0754 4172 srvnet - ok
09:49:19.0801 4172 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:49:19.0801 4172 SSDPSRV - ok
09:49:19.0801 4172 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:49:19.0801 4172 SstpSvc - ok
09:49:19.0832 4172 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:49:19.0832 4172 stexstor - ok
09:49:19.0879 4172 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:49:19.0879 4172 stisvc - ok
09:49:19.0894 4172 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:49:19.0894 4172 storflt - ok
09:49:19.0925 4172 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:49:19.0925 4172 StorSvc - ok
09:49:19.0957 4172 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:49:19.0957 4172 storvsc - ok
09:49:19.0972 4172 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:49:19.0972 4172 swenum - ok
09:49:20.0050 4172 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:49:20.0066 4172 swprv - ok
09:49:20.0097 4172 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:49:20.0113 4172 SysMain - ok
09:49:20.0144 4172 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:49:20.0159 4172 TabletInputService - ok
09:49:20.0159 4172 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:49:20.0175 4172 TapiSrv - ok
09:49:20.0175 4172 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:49:20.0175 4172 TBS - ok
09:49:20.0253 4172 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:49:20.0269 4172 Tcpip - ok
09:49:20.0331 4172 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:49:20.0331 4172 TCPIP6 - ok
09:49:20.0362 4172 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:49:20.0362 4172 tcpipreg - ok
09:49:20.0378 4172 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:49:20.0378 4172 TDPIPE - ok
09:49:20.0409 4172 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:49:20.0425 4172 TDTCP - ok
09:49:20.0440 4172 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:49:20.0440 4172 tdx - ok
09:49:20.0456 4172 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:49:20.0456 4172 TermDD - ok
09:49:20.0487 4172 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:49:20.0503 4172 TermService - ok
09:49:20.0518 4172 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:49:20.0518 4172 Themes - ok
09:49:20.0549 4172 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:49:20.0549 4172 THREADORDER - ok
09:49:20.0565 4172 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:49:20.0565 4172 TPM - ok
09:49:20.0596 4172 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:49:20.0596 4172 TrkWks - ok
09:49:20.0659 4172 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:49:20.0659 4172 TrustedInstaller - ok
09:49:20.0674 4172 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:49:20.0674 4172 tssecsrv - ok
09:49:20.0690 4172 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:49:20.0690 4172 TsUsbFlt - ok
09:49:20.0705 4172 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:49:20.0705 4172 TsUsbGD - ok
09:49:20.0737 4172 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:49:20.0737 4172 tunnel - ok
09:49:20.0752 4172 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:49:20.0768 4172 uagp35 - ok
09:49:20.0799 4172 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:49:20.0815 4172 uCamMonitor - ok
09:49:20.0830 4172 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:49:20.0830 4172 udfs - ok
09:49:20.0861 4172 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:49:20.0877 4172 UI0Detect - ok
09:49:20.0893 4172 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:49:20.0908 4172 uliagpkx - ok
09:49:20.0924 4172 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:49:20.0924 4172 umbus - ok
09:49:20.0939 4172 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:49:20.0939 4172 UmPass - ok
09:49:20.0971 4172 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:49:20.0986 4172 UmRdpService - ok
09:49:21.0080 4172 [ DB641944F7E4B14C13C3FEFC89843F69 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:49:21.0095 4172 UNS - ok
09:49:21.0127 4172 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:49:21.0127 4172 upnphost - ok
09:49:21.0173 4172 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:49:21.0173 4172 USBAAPL64 - ok
09:49:21.0205 4172 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:49:21.0205 4172 usbccgp - ok
09:49:21.0236 4172 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:49:21.0236 4172 usbcir - ok
09:49:21.0236 4172 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:49:21.0236 4172 usbehci - ok
09:49:21.0298 4172 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:49:21.0298 4172 usbhub - ok
09:49:21.0314 4172 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:49:21.0314 4172 usbohci - ok
09:49:21.0314 4172 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:49:21.0329 4172 usbprint - ok
09:49:21.0361 4172 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:49:21.0361 4172 USBSTOR - ok
09:49:21.0376 4172 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:49:21.0376 4172 usbuhci - ok
09:49:21.0392 4172 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:49:21.0392 4172 usbvideo - ok
09:49:21.0423 4172 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:49:21.0423 4172 UxSms - ok
09:49:21.0485 4172 [ 387D3DFFCF0A544539E9C5D8B81169A2 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
09:49:21.0485 4172 VAIO Event Service - ok
09:49:21.0548 4172 [ D1933E428D991B15AFFD48B1A7BEB643 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:49:21.0548 4172 VAIO Power Management - ok
09:49:21.0563 4172 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:49:21.0579 4172 VaultSvc - ok
09:49:21.0641 4172 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:49:21.0641 4172 VCFw - ok
09:49:21.0688 4172 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:49:21.0704 4172 VcmIAlzMgr - ok
09:49:21.0782 4172 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:49:21.0797 4172 VcmINSMgr - ok
09:49:21.0829 4172 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:49:21.0829 4172 VcmXmlIfHelper - ok
09:49:21.0907 4172 [ 9F2D25FA154A32C8C80420A46FBBF815 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
09:49:21.0907 4172 VCService - ok
09:49:21.0953 4172 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:49:21.0953 4172 vdrvroot - ok
09:49:22.0047 4172 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:49:22.0047 4172 vds - ok
09:49:22.0094 4172 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:49:22.0094 4172 vga - ok
09:49:22.0109 4172 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:49:22.0109 4172 VgaSave - ok
09:49:22.0109 4172 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:49:22.0109 4172 vhdmp - ok
09:49:22.0125 4172 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:49:22.0141 4172 viaide - ok
09:49:22.0172 4172 [ 6AD85F32EA4AA65BB2EA652F2B9D4005 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:49:22.0172 4172 VIPAppService - ok
09:49:22.0219 4172 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:49:22.0219 4172 vmbus - ok
09:49:22.0219 4172 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:49:22.0219 4172 VMBusHID - ok
09:49:22.0250 4172 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:49:22.0250 4172 volmgr - ok
09:49:22.0250 4172 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:49:22.0250 4172 volmgrx - ok
09:49:22.0281 4172 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:49:22.0281 4172 volsnap - ok
09:49:22.0312 4172 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:49:22.0312 4172 vsmraid - ok
09:49:22.0375 4172 [ 8BE8C47D5B09F5550DCBF6FCD8832CCB ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:49:22.0375 4172 VSNService - ok
09:49:22.0437 4172 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:49:22.0453 4172 VSS - ok
09:49:22.0546 4172 [ F5742637A15179AD47C41855A3BF9415 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:49:22.0562 4172 VUAgent - ok
09:49:22.0577 4172 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:49:22.0593 4172 vwifibus - ok
09:49:22.0609 4172 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:49:22.0609 4172 vwififlt - ok
09:49:22.0609 4172 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:49:22.0609 4172 vwifimp - ok
09:49:22.0640 4172 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:49:22.0640 4172 W32Time - ok
09:49:22.0671 4172 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:49:22.0671 4172 WacomPen - ok
09:49:22.0702 4172 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:49:22.0702 4172 WANARP - ok
09:49:22.0702 4172 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:49:22.0702 4172 Wanarpv6 - ok
09:49:22.0765 4172 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:49:22.0780 4172 WatAdminSvc - ok
09:49:22.0827 4172 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:49:22.0843 4172 wbengine - ok
09:49:22.0889 4172 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:49:22.0889 4172 WbioSrvc - ok
09:49:22.0905 4172 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:49:22.0905 4172 wcncsvc - ok
09:49:22.0905 4172 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:49:22.0921 4172 WcsPlugInService - ok
09:49:22.0936 4172 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:49:22.0936 4172 Wd - ok
09:49:22.0983 4172 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
09:49:22.0983 4172 WDC_SAM - ok
09:49:23.0030 4172 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:49:23.0030 4172 Wdf01000 - ok
09:49:23.0061 4172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:49:23.0061 4172 WdiServiceHost - ok
09:49:23.0061 4172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:49:23.0061 4172 WdiSystemHost - ok
09:49:23.0108 4172 [ 63CE387483E74A0BD79EE4E5EBA1FD2E ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
09:49:23.0108 4172 wdkmd - ok
09:49:23.0123 4172 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:49:23.0123 4172 WebClient - ok
09:49:23.0139 4172 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:49:23.0155 4172 Wecsvc - ok
09:49:23.0155 4172 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:49:23.0155 4172 wercplsupport - ok
09:49:23.0201 4172 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:49:23.0201 4172 WerSvc - ok
09:49:23.0233 4172 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:49:23.0233 4172 WfpLwf - ok
09:49:23.0248 4172 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:49:23.0248 4172 WIMMount - ok
09:49:23.0264 4172 WinDefend - ok
09:49:23.0264 4172 WinHttpAutoProxySvc - ok
09:49:23.0311 4172 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:49:23.0311 4172 Winmgmt - ok
09:49:23.0373 4172 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:49:23.0404 4172 WinRM - ok
09:49:23.0467 4172 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:49:23.0467 4172 WinUsb - ok
09:49:23.0513 4172 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:49:23.0529 4172 Wlansvc - ok
09:49:23.0576 4172 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:49:23.0576 4172 wlcrasvc - ok
09:49:23.0654 4172 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:49:23.0685 4172 wlidsvc - ok
09:49:23.0716 4172 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:49:23.0716 4172 WmiAcpi - ok
09:49:23.0747 4172 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:49:23.0747 4172 wmiApSrv - ok
09:49:23.0763 4172 WMPNetworkSvc - ok
09:49:23.0794 4172 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:49:23.0794 4172 WPCSvc - ok
09:49:23.0810 4172 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:49:23.0810 4172 WPDBusEnum - ok
09:49:23.0841 4172 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:49:23.0841 4172 ws2ifsl - ok
09:49:23.0857 4172 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:49:23.0872 4172 wscsvc - ok
09:49:23.0872 4172 WSearch - ok
09:49:23.0935 4172 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:49:23.0950 4172 wuauserv - ok
09:49:23.0981 4172 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:49:23.0981 4172 WudfPf - ok
09:49:24.0044 4172 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:49:24.0044 4172 WUDFRd - ok
09:49:24.0075 4172 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:49:24.0075 4172 wudfsvc - ok
09:49:24.0091 4172 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:49:24.0091 4172 WwanSvc - ok
09:49:24.0106 4172 ================ Scan global ===============================
09:49:24.0137 4172 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:49:24.0169 4172 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:49:24.0184 4172 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:49:24.0215 4172 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:49:24.0247 4172 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:49:24.0247 4172 [Global] - ok
09:49:24.0247 4172 ================ Scan MBR ==================================
09:49:24.0262 4172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:49:24.0699 4172 \Device\Harddisk0\DR0 - ok
09:49:24.0699 4172 ================ Scan VBR ==================================
09:49:24.0730 4172 [ 15BA19F34E05AFC423E2110CFF98DB52 ] \Device\Harddisk0\DR0\Partition1
09:49:24.0730 4172 \Device\Harddisk0\DR0\Partition1 - ok
09:49:24.0730 4172 [ 700D56B29618B517ECB6C9439DD9ACD9 ] \Device\Harddisk0\DR0\Partition2
09:49:24.0730 4172 \Device\Harddisk0\DR0\Partition2 - ok
09:49:24.0730 4172 ============================================================
09:49:24.0730 4172 Scan finished
09:49:24.0730 4172 ============================================================
09:49:24.0746 1876 Detected object count: 0

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 10:04:21
-----------------------------
10:04:21.579 OS Version: Windows x64 6.1.7601 Service Pack 1
10:04:21.579 Number of processors: 4 586 0x2A07
10:04:21.579 ComputerName: DBR-VAIO3 UserName:
10:04:26.899 Initialize success
10:04:28.272 AVAST engine defs: 12092700
10:04:33.779 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:04:33.779 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 8
10:04:33.794 Disk 0 MBR read successfully
10:04:33.794 Disk 0 MBR scan
10:04:34.200 Disk 0 Windows 7 default MBR code
10:04:34.215 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12556 MB offset 2048
10:04:34.699 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 25716736
10:04:34.746 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 464282 MB offset 25921536
10:04:35.198 Disk 0 scanning C:\Windows\system32\drivers
10:04:52.046 Service scanning
10:05:11.967 Modules scanning
10:05:11.967 Disk 0 trace - called modules:
10:05:11.999 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
10:05:11.999 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800754d060]
10:05:11.999 3 CLASSPNP.SYS[fffff88000c7743f] -> nt!IofCallDriver -> [0xfffffa80062f2e40]
10:05:11.999 5 ACPI.sys[fffff88000f847a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80062f5050]
10:05:13.683 AVAST engine scan C:\Windows
10:05:16.632 AVAST engine scan C:\Windows\system32
10:07:36.190 AVAST engine scan C:\Windows\system32\drivers
10:08:00.416 AVAST engine scan C:\Users\Mommydearest
10:19:54.087 AVAST engine scan C:\ProgramData
10:20:47.969 Scan finished successfully
10:21:18.951 Disk 0 MBR has been saved successfully to "C:\Users\Mommydearest\Desktop\MBR.dat"
10:21:18.966 The log file has been saved successfully to "C:\Users\Mommydearest\Desktop\scan1aswMBRsafemode.txt"

#4 ama de casa

New Member

Members
6 posts

Posted 27 September 2012 - 12:26 PM

if it's any help, the last two redirects I got were to this http://63.209.69.107/search/web/auburn+university/C10/ecn/43552-1173298_229985/v5 and this http://63.209.69.107/search/web/gymnastics+college+board+bama+forum+pm/a22/46831-06_h3/v5

#5 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 27 September 2012 - 12:55 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#6 ama de casa

New Member

Members
6 posts

Posted 27 September 2012 - 02:20 PM

Here you go!

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.27.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mommydearest :: DBR-VAIO3 [administrator]

9/27/2012 1:11:36 PM
mbam-log-2012-09-27 (13-11-36).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 334904
Time elapsed: 31 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mommydearest (administrator) on 27-09-2012 at 13:47:43
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

Farbar Service Scanner Version: 19-09-2012
Ran by Mommydearest (administrator) on 27-09-2012 at 13:50:06
Running from "C:\Users\Mommydearest\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

# AdwCleaner v2.003 - Logfile created 09/27/2012 at 13:57:30
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Mommydearest - DBR-VAIO3
# Boot Mode : Normal
# Running from : C:\Users\Mommydearest\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [1354 octets] - [26/09/2012 22:45:01]
AdwCleaner[R2].txt - [1255 octets] - [26/09/2012 23:00:33]
AdwCleaner[R3].txt - [1186 octets] - [27/09/2012 13:57:30]

########## EOF - C:\AdwCleaner[R3].txt - [1246 octets] ##########

# AdwCleaner v2.003 - Logfile created 09/27/2012 at 13:59:14
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Mommydearest - DBR-VAIO3
# Boot Mode : Normal
# Running from : C:\Users\Mommydearest\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[R1].txt - [1354 octets] - [26/09/2012 22:45:01]
AdwCleaner[R2].txt - [1255 octets] - [26/09/2012 23:00:33]
AdwCleaner[R3].txt - [1315 octets] - [27/09/2012 13:57:30]
AdwCleaner[S1].txt - [1871 octets] - [27/09/2012 13:59:14]

########## EOF - C:\AdwCleaner[S1].txt - [1931 octets] ##########

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.1 (09.27.2012)
OS: Windows 7 Professional x64
Ran by Mommydearest on Thu 09/27/2012 at 14:16:31.65
Blog: http://thisisudax.blogspot.com
**************************************************************

*** Registry Values: 0 Detections

*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.
Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}

*** Files: 0 Detections

*** Folders: 0 Detections

*** Event Viewer Logs - Cleared

**************************************************************
Scan was completed on Thu 09/27/2012 at 14:16:31.93
End of Report

#7 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 27 September 2012 - 02:51 PM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f

Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

Run minitoolbox again and post the new log

#8 ama de casa

New Member

Members
6 posts

Posted 27 September 2012 - 04:57 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mommydearest (administrator) on 27-09-2012 at 16:48:26
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost

**** End of log ****
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/27/2012 04:50:50 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Mommydearest\Desktop\rkill\rkill-09-27-2012-04-50-54.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/27/2012 04:51:02 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint\apoint.exe"
+ "BTMTrayAgent" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "ISBMgr.exe" "" "Sony Corporation" "c:\program files (x86)\sony\isb utility\isbmgr.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\applephotostreams.exe"
+ "com.apple.dav.bookmarks.daemon" "BookmarkDAV_client.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\bookmarkdav_client.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "RoboForm" "RoboForm TaskBar Icon" "Siber Systems" "c:\program files (x86)\siber systems\ai roboform\robotaskbaricon.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "BTMSentToExt" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "RoboForm Toolbar Helper" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform-x64.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\64bit\vipaddonforie64.dll"
+ "TrueSuite Website Log On" "TrueSuite Website Log On" "AuthenTec Inc." "c:\program files\truesuite\truesuite.iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "RoboForm Toolbar Helper" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipaddonforie.dll"
+ "TrueSuite Website Log On" "TrueSuite Website Log On" "AuthenTec Inc." "c:\program files\truesuite\x86\truesuite.iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&RoboForm Toolbar" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform-x64.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "&RoboForm Toolbar" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Fill Forms" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform-x64.dll"
+ "Save Forms" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform-x64.dll"
+ "Show RoboForm Toolbar" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform-x64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "Fill Forms" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform.dll"
+ "ieSpell" "" "" "File not found: C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM"
+ "ieSpell Options" "" "" "File not found: C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM"
+ "Save Forms" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform.dll"
+ "Show RoboForm Toolbar" "RoboForm Main Module" "Siber Systems Inc." "c:\program files (x86)\siber systems\ai roboform\roboform.dll"
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\DDNi Startup" "DDNiStartup" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\ddnistartup.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Run RoboForm TaskBar Icon" "RoboForm TaskBar Icon" "Siber Systems" "c:\program files (x86)\siber systems\ai roboform\robotaskbaricon.exe"
+ "\Sony Corporation\VAIO Care\AutoCheckMessage" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\CRMReminder" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\VAIO Care" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\VAU" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\VCCheckIolo" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\VCMetrics" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Care\VCOneClick" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe"
+ "\Sony Corporation\VAIO Control Center\Level4Daily" "VAIO Control Center(WBCBatteryCare Module)" "Sony Corporation" "c:\program files (x86)\sony\vaio control center\wbcbatterycare.exe"
+ "\Sony Corporation\VAIO Control Center\Level4Month" "VAIO Control Center(WBCBatteryCare Module)" "Sony Corporation" "c:\program files (x86)\sony\vaio control center\wbcbatterycare.exe"
+ "\Sony Corporation\VAIO Gate\VAIO Gate" "VAIO Gate" "Sony Corporation" "c:\program files\sony\vaio gate\vaio gate.exe"
+ "\Sony Corporation\VAIO Power Management\VPM Logon Start" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\Sony Corporation\VAIO Power Management\VPM Session Change" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\Sony Corporation\VAIO Power Management\VPM Unlock" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\Sony Corporation\VAIO Smart Network\VSN Logon Start" "VAIO Smart Network" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnclient.exe"
+ "\Sony\Keyboard Shortcuts" "Keyboard Shortcuts" "" "c:\program files (x86)\sony\keyboard shortcuts\keyboardshortcuts.exe"
+ "\Sony\VAIO Survey" "" "Sony Electronics Inc." "c:\program files (x86)\sony\vaio survey\vsscheduler.exe"
+ "\SpyHunter4Startup" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"
+ "\VAIO® Messenger (Administrator)" "VAIO Messenger" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\vaio messenger.exe"
+ "\VAIO® Messenger (Mommydearest)" "VAIO Messenger" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\vaio messenger.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMPPALR3" "Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "Bluetooth Device Monitor" "A process to monitor Bluetooth radio state and configure Bluetooth remote folders." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\devmonsrv.exe"
+ "Bluetooth Media Service" "Provides Bluetooth Media Profiles support" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\mediasrv.exe"
+ "Bluetooth OBEX Service" "Provides Bluetooth File Transfer Protocol support." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\obexsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "AuthenTec, Inc" "c:\program files\truesuite\truesuite.service.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files (x86)\intel\services\ipt\jhi_service.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "Oasis2Service" "DDNI Oasis 2 Services" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis2service\oasis2service.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SampleCollector" "Checks the systems performance for VAIO Care." "Sony Corporation" "c:\program files\sony\vaio care\vcperfservice.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SOHCImp" "VAIO Content Importer" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe"
+ "SOHDs" "VAIO Device Searcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohds.exe"
+ "SpfService" "VAIO Entertainment Common Service" "Sony Corporation" "c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe"
+ "uCamMonitor" "Monitor the status of the webcam on PC startup." "ArcSoft, Inc." "c:\program files (x86)\arcsoft\magic-i visual effects 2\ucammonitor.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VAIO Event Service" "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited." "Sony Corporation" "c:\program files (x86)\sony\vaio control center\vesmgr.exe"
+ "VAIO Power Management" "Provides power management service for VAIO. If this service is stopped or disabled, power management functions for VAIO will not be available." "Sony Corporation" "c:\program files\sony\vaio power management\spmservice.exe"
+ "VCFw" "VAIO Content Folder Watcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe"
+ "VcmIAlzMgr" "Provides the content analysis function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe"
+ "VcmINSMgr" "Provides the information retrieval service function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent network service manager\vcminsmgr.exe"
+ "VcmXmlIfHelper" "VcmXml Helper Interface" "Sony Corporation" "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe"
+ "VCService" "Provides important VAIO Care functionality. If this service is stopped or disabled, VAIO Care may not function correctly." "Sony Corporation" "c:\program files\sony\vaio care\vcservice.exe"
+ "VIPAppService" "VIP Service" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipappservice.exe"
+ "VSNService" "VAIO Smart Network Service" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnservice.exe"
+ "VUAgent" "Agent for VAIO Update." "Sony Corporation" "c:\program files\sony\vaio update common\vuagent.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Bluetooth 3.0 + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ArcSoftKsUFilter" "For X64" "ArcSoft, Inc." "c:\windows\system32\drivers\arcsoftksufilter.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "ATSwpWDF" " AuthenTec Fingerprint Sensor WBF Driver" "AuthenTec, Inc." "c:\windows\system32\drivers\atswpwdf.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btmaux" "Bluetooth Auxiliary Driver" "Intel Corporation" "c:\windows\system32\drivers\btmaux.sys"
+ "btmhsf" "Bluetooth HighSpeed Filter Driver" "Intel Corporation" "c:\windows\system32\drivers\btmhsf.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1y60x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iBtFltCoex" "Intel® Centrino® Wireless (Bluetooth Adapter) Driver" "Intel Corporation" "c:\windows\system32\drivers\ibtfltcoex.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd64.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 185.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SFEP" "Sony Firmware Extension Parser driver" "Sony Corporation" "c:\windows\system32\drivers\sfep.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "wdkmd" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnka.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "VAIO Content Metadata Univ Filter" "DirectShow Filter for VCM Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax"
+ "VcmIAlzGPDFilter" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter.ax"
+ "VcmIAlzGPDFilter2" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter2.ax"
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnk.dll"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "ATWBFCredProv" "AuthenTec WinBio Credential Provider" "AuthenTec, Inc." "c:\windows\system32\atwbfcredprov.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "ATWBFCredProv" "AuthenTec WinBio Credential Provider" "AuthenTec, Inc." "c:\windows\system32\atwbfcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"
"C:\Users\Mommydearest\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Avast! antivirus monitor" "Avast! antivirus sidebar gadget." "AVAST Software" "C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml"

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mommydearest (administrator) on 27-09-2012 at 16:55:29
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost

**** End of log ****

#9 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 27 September 2012 - 05:05 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Create a new restore point

Follow this guide to turn off and turn on your restore points

XP-http://support.microsoft.com/kb/310405

Vista & windows 7-http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing