Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Searchnu.com/406 redirect virus


  • This topic is locked This topic is locked
10 replies to this topic

#1 Mortada

Mortada

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 07 April 2012 - 06:01 PM

Hi there,

A laptop that my family member uses have been infected with what appears to be a malware by the name of searchnu.com/406.

It hijacked the laptops firefox and chrome browsers. Currently we are using Tend Micro on that piece of machine.

Can I please get some assistance with this burning issue.

Thank you for your time.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:45 PM

Posted 07 April 2012 - 06:32 PM

Hello and welcme.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 07 April 2012 - 08:18 PM

Hi,

I've attached the results.

Thank you for the help

...................................


MiniToolBox by Farbar Version: 18-01-2012
Ran by Refka (administrator) on 08-04-2012 at 13:09:45
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?<) subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Refka-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : EC-55-F9-E9-13-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-53-01-67
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-53-01-67
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-53-01-66
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::896c:823b:f156:8e32%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, 8 April 2012 12:58:10 p.m.
Lease Expires . . . . . . . . . . : Monday, 9 April 2012 12:58:08 p.m.
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 311208322
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-58-79-E9-F0-BF-97-57-70-C2
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F0-BF-97-57-70-C2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14de:eab:8212:f273(Preferred)
Link-local IPv6 Address . . . . . : fe80::14de:eab:8212:f273%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{0713F3A9-F919-40B2-A1F9-C505A9160C41}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{84B28DE5-8A87-4EC8-A72B-FAAE43408D14}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1F353A95-555D-4153-B083-AE224C287F90}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{93A599E2-4F88-459D-8249-7E8E424E2AD1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dsldevice.lan
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.237.103
74.125.237.104
74.125.237.97
74.125.237.96
74.125.237.110
74.125.237.105
74.125.237.100
74.125.237.98
74.125.237.101
74.125.237.102
74.125.237.99


Pinging google.com [74.125.237.105] with 32 bytes of data:
Reply from 74.125.237.105: bytes=32 time=152ms TTL=54
Reply from 74.125.237.105: bytes=32 time=69ms TTL=53

Ping statistics for 74.125.237.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 152ms, Average = 110ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=348ms TTL=48
Reply from 98.139.183.24: bytes=32 time=295ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 295ms, Maximum = 348ms, Average = 321ms
Server: dsldevice.lan
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...ec 55 f9 e9 13 2a ......Bluetooth Device (Personal Area Network)
13...8c a9 82 53 01 67 ......Microsoft Virtual WiFi Miniport Adapter #2
12...8c a9 82 53 01 67 ......Microsoft Virtual WiFi Miniport Adapter
11...8c a9 82 53 01 66 ......Intel® WiFi Link 1000 BGN
10...f0 bf 97 57 70 c2 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.70 281
192.168.1.70 255.255.255.255 On-link 192.168.1.70 281
192.168.1.255 255.255.255.255 On-link 192.168.1.70 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.70 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.70 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:14de:eab:8212:f273/128
On-link
11 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::14de:eab:8212:f273/128
On-link
11 281 fe80::896c:823b:f156:8e32/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 10 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 10 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/07/2012 11:28:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: VcmINSMgr.exe, version: 3.9.0.10250, time stamp: 0x4cc542e3
Faulting module name: CddbMusicIDSony.dll, version: 2.6.206.203, time stamp: 0x4bc521ff
Exception code: 0xc0000005
Fault offset: 0x00003906
Faulting process id: 0xa40
Faulting application start time: 0xVcmINSMgr.exe0
Faulting application path: VcmINSMgr.exe1
Faulting module path: VcmINSMgr.exe2
Report Id: VcmINSMgr.exe3

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:25 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:20 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))


System errors:
=============
Error: (04/08/2012 00:58:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/08/2012 00:57:44 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:43 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:42 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:41 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:39 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:39 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:37 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:36 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (04/08/2012 00:57:35 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (04/07/2012 11:28:04 PM) (Source: Application Error)(User: )
Description: VcmINSMgr.exe3.9.0.102504cc542e3CddbMusicIDSony.dll2.6.206.2034bc521ffc000000500003906a4001cd14afda20d94bC:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exeC:\Program Files\Sony\VCM Intelligent Network Service Manager\cddb\CddbMusicIDSony.dllbcfdf3bd-80a4-11e1-8e70-ec55f9e9132a

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:26 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/07/2012 11:17:25 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (04/07/2012 11:17:21 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (04/07/2012 11:17:20 PM) (Source: Windows Search Service)(User: )
Description: Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))


=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (Version: 15.4.5722.2)
???? Windows Live (Version: 15.4.3502.0922)
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) (Version: 15.4.5722.2)
Adobe Flash Player 10 ActiveX (Version: 10.1.85.3)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Reader 9.4.0 MUI (Version: 9.4.0)
Alps Pointing-device for VAIO
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.808.0)
AuthenTec TrueSuite (Version: 4.0.100.4)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0106.1235.22490)
Catalyst Control Center InstallProxy (Version: 2011.0106.1235.22490)
Catalyst Control Center Localization All (Version: 2011.0106.1235.22490)
Catalyst Control Center Profiles Mobile (Version: 2011.0106.1235.22490)
ccc-core-static (Version: 2011.0106.1235.22490)
ccc-utility64 (Version: 2011.0106.1235.22490)
CCC Help Chinese Standard (Version: 2011.0106.1234.22490)
CCC Help Chinese Traditional (Version: 2011.0106.1234.22490)
CCC Help Czech (Version: 2011.0106.1234.22490)
CCC Help Danish (Version: 2011.0106.1234.22490)
CCC Help Dutch (Version: 2011.0106.1234.22490)
CCC Help English (Version: 2011.0106.1234.22490)
CCC Help Finnish (Version: 2011.0106.1234.22490)
CCC Help French (Version: 2011.0106.1234.22490)
CCC Help German (Version: 2011.0106.1234.22490)
CCC Help Greek (Version: 2011.0106.1234.22490)
CCC Help Hungarian (Version: 2011.0106.1234.22490)
CCC Help Italian (Version: 2011.0106.1234.22490)
CCC Help Japanese (Version: 2011.0106.1234.22490)
CCC Help Korean (Version: 2011.0106.1234.22490)
CCC Help Norwegian (Version: 2011.0106.1234.22490)
CCC Help Polish (Version: 2011.0106.1234.22490)
CCC Help Portuguese (Version: 2011.0106.1234.22490)
CCC Help Russian (Version: 2011.0106.1234.22490)
CCC Help Spanish (Version: 2011.0106.1234.22490)
CCC Help Swedish (Version: 2011.0106.1234.22490)
CCC Help Thai (Version: 2011.0106.1234.22490)
CCleaner (Version: 3.12)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
i`u khi?n ActiveX Windows Live Mesh da`nh cho kt ni tu` xa (Version: 15.4.5722.2)
Evernote (Version: 3.5.7.2910)
Google Chrome (Version: 18.0.1025.151)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
iCloud (Version: 1.1.0.40)
iLivid (Version: 1.92)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.0000)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
Media Gallery (Version: 1.4.0.11300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Norton Online Backup (Version: 2.1.17869)
PMB (Version: 5.5.00.11260)
PMB VAIO Edition Plug-in (Version: 1.4.00.09190)
PMB VAIO Edition Plug-in (Version: 1.4.00.11290)
PX Profile Update (Version: 1.00.1.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek Ethernet Controller Driver (Version: 7.40.126.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.69)
RealUpgrade 1.1 (Version: 1.1.0)
Remote Keyboard (Version: 1.1.0.12170)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)
Searchqu Toolbar (Version: 3.0.0.122375)
Skype 5.5 (Version: 5.5.124)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Maximum Security 2012 (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VAIO - Media Gallery (Version: 1.4.0.11300)
VAIO - PMB VAIO Edition Guide (Version: 1.4.00.10090)
VAIO - PMB VAIO Edition Plug-in (Version: 1.4.00.11300)
VAIO - Remote Keyboard (Version: 1.0.0.12170)
VAIO Care (Version: 6.3.3.02100)
VAIO Control Center (Version: 4.4.0.11260)
VAIO Data Restore Tool (Version: 1.5.0.10140)
VAIO Gate (Version: 2.3.0.11090)
VAIO Gate Default (Version: 2.3.0.11220)
VAIO Hardware Diagnostics (Version: 4.1.0.10120)
VAIO Manual (Version: 1.2.0.11040)
VAIO Media plus (Version: 2.1.0.23300)
VAIO Media plus Opening Movie (Version: 2.1.0.14080)
VAIO Quick Web Access (Version: 1.4.5.1)
VAIO Sample Contents (Version: 1.4.1.09010)
VAIO Smart Network (Version: 3.4.0.12090)
VAIO Transfer Support (Version: 1.3.0.11250)
VAIO Update (Version: 5.3.0.11180)
Webroot Software Installer
WIDCOMM Bluetooth Software (Version: 6.3.0.6300)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3508.1109)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WMV9/VC-1 Video Playback (Version: 1.00.0000)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 4011.86 MB
Available physical RAM: 2173.02 MB
Total Pagefile: 8021.91 MB
Available Pagefile: 5794.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:286.36 GB) (Free:239.4 GB) NTFS

========================= Users: ========================================

User accounts for \\REFKA-VAIO

Administrator Guest Refka


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:45 PM

Posted 07 April 2012 - 08:39 PM

You're welcome, Are you Asian? as this file exists,do you know what it is?
i`u khi?n ActiveX Windows Live Mesh da`nh cho kt ni tu` xa (Version: 15.4.5722.2)


Go into your Remove Programs and remove
Searchqu Toolbar (Version: 3.0.0.122375)

Java 6 Update 22 (64-bit) (Version: 6.0.220)
Java 6 Update 22 (Version: 6.0.220)
Adobe Reader 9.4.0 MUI (Version: 9.4.0)

Reboot


Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional




Go here Java SE Runtime Environment 7 Downloads
Accept License Agreement

Downlaod and install the latest Java,lasy one on list.
jre-7u3-windows-x64.exe



How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 07 April 2012 - 09:29 PM

Thanks for the prompt response.

No I'm not Asian. I live in New Zealand. Not sure what that update is either. looks weird coming from Microsoft. This isn't my computer I'm just trying to figure out what to do :d.

In terms of the searchnu problem.. I did all the steps mentioned above.. It still appears, browsers are still being hijacked but www.searchnu.com/460.

The laptop is uber slow as well when switching on. What do you recommend the next phase of action would be?

Thanks

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:45 PM

Posted 08 April 2012 - 09:01 PM

Lets try one more......

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 08 April 2012 - 09:50 PM

Hi,

Thank your continuing support. Here is the log file from TDSSkiller.exe

-----------------------------------------------------------------------

14:41:43.0248 7832 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
14:41:43.0918 7832 ============================================================
14:41:43.0918 7832 Current date / time: 2012/04/09 14:41:43.0918
14:41:43.0918 7832 SystemInfo:
14:41:43.0918 7832
14:41:43.0918 7832 OS Version: 6.1.7601 ServicePack: 1.0
14:41:43.0918 7832 Product type: Workstation
14:41:43.0918 7832 ComputerName: REFKA-VAIO
14:41:43.0918 7832 UserName: Refka
14:41:43.0918 7832 Windows directory: C:\Windows
14:41:43.0918 7832 System windows directory: C:\Windows
14:41:43.0918 7832 Running under WOW64
14:41:43.0918 7832 Processor architecture: Intel x64
14:41:43.0918 7832 Number of processors: 4
14:41:43.0918 7832 Page size: 0x1000
14:41:43.0918 7832 Boot type: Normal boot
14:41:43.0918 7832 ============================================================
14:42:01.0172 7832 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:01.0172 7832 \Device\Harddisk0\DR0:
14:42:01.0172 7832 MBR used
14:42:01.0172 7832 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1743000, BlocksNum 0x32000
14:42:01.0172 7832 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1775000, BlocksNum 0x23CB9000
14:42:01.0235 7832 Initialize success
14:42:01.0235 7832 ============================================================
14:42:32.0468 4960 ============================================================
14:42:32.0468 4960 Scan started
14:42:32.0468 4960 Mode: Manual; TDLFS;
14:42:32.0468 4960 ============================================================
14:42:33.0903 4960 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:42:33.0950 4960 1394ohci - ok
14:42:34.0621 4960 81377605 - ok
14:42:34.0839 4960 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:42:34.0901 4960 ACDaemon - ok
14:42:35.0541 4960 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:42:35.0588 4960 ACPI - ok
14:42:36.0149 4960 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:42:36.0165 4960 AcpiPmi - ok
14:42:36.0571 4960 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:36.0571 4960 AdobeARMservice - ok
14:42:37.0288 4960 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:42:37.0366 4960 adp94xx - ok
14:42:38.0427 4960 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:42:38.0474 4960 adpahci - ok
14:42:39.0301 4960 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:42:39.0332 4960 adpu320 - ok
14:42:40.0784 4960 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:42:40.0799 4960 AeLookupSvc - ok
14:42:41.0376 4960 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:42:41.0423 4960 AFD - ok
14:42:42.0531 4960 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:42:42.0546 4960 agp440 - ok
14:42:43.0014 4960 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:42:43.0030 4960 ALG - ok
14:42:43.0358 4960 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:42:43.0373 4960 aliide - ok
14:42:43.0779 4960 AMD External Events Utility (27886774ff03fca3a6c1a7e7e15e771b) C:\Windows\system32\atiesrxx.exe
14:42:43.0779 4960 AMD External Events Utility - ok
14:42:43.0997 4960 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:42:44.0028 4960 amdide - ok
14:42:45.0744 4960 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:42:45.0760 4960 AmdK8 - ok
14:42:47.0008 4960 amdkmdag (d39bb7315c0f5fdf8258bdbfc4268af0) C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:47.0913 4960 amdkmdag - ok
14:42:48.0989 4960 amdkmdap (4aedbedb288e6a32fd48f2768d59826d) C:\Windows\system32\DRIVERS\atikmpag.sys
14:42:49.0005 4960 amdkmdap - ok
14:42:49.0098 4960 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:42:49.0114 4960 AmdPPM - ok
14:42:49.0254 4960 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:42:49.0270 4960 amdsata - ok
14:42:49.0332 4960 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:42:49.0364 4960 amdsbs - ok
14:42:49.0410 4960 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:42:49.0426 4960 amdxata - ok
14:42:49.0816 4960 Amsp (1b7d1f0a0dfadbc797c16364792a7aa5) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:42:49.0816 4960 Amsp - ok
14:42:50.0752 4960 ApfiltrService (9dc1a45ba81c923db68a162b0f0d0149) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:42:50.0768 4960 ApfiltrService - ok
14:42:50.0892 4960 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:42:50.0939 4960 AppID - ok
14:42:51.0017 4960 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:42:51.0033 4960 AppIDSvc - ok
14:42:51.0111 4960 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:42:51.0126 4960 Appinfo - ok
14:42:51.0485 4960 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:42:51.0485 4960 Apple Mobile Device - ok
14:42:51.0672 4960 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:42:51.0688 4960 arc - ok
14:42:51.0766 4960 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:42:51.0782 4960 arcsas - ok
14:42:51.0844 4960 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:42:51.0860 4960 ArcSoftKsUFilter - ok
14:42:51.0922 4960 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:51.0953 4960 AsyncMac - ok
14:42:52.0218 4960 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:42:52.0234 4960 atapi - ok
14:42:52.0343 4960 ATSwpWDF (26970f26ebab7d5d1b795a3f9013cd80) C:\Windows\system32\DRIVERS\ATSwpWDF.sys
14:42:52.0390 4960 ATSwpWDF - ok
14:42:52.0608 4960 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:42:52.0624 4960 AudioEndpointBuilder - ok
14:42:52.0655 4960 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:42:52.0671 4960 AudioSrv - ok
14:42:52.0874 4960 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:42:52.0889 4960 AxInstSV - ok
14:42:52.0952 4960 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:42:52.0998 4960 b06bdrv - ok
14:42:53.0108 4960 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:42:53.0139 4960 b57nd60a - ok
14:42:53.0248 4960 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:42:53.0264 4960 BDESVC - ok
14:42:53.0295 4960 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:42:53.0310 4960 Beep - ok
14:42:53.0529 4960 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:42:53.0591 4960 BFE - ok
14:42:53.0654 4960 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:42:53.0700 4960 BITS - ok
14:42:53.0763 4960 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:53.0794 4960 blbdrive - ok
14:42:53.0950 4960 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:42:53.0966 4960 Bonjour Service - ok
14:42:54.0044 4960 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:42:54.0075 4960 bowser - ok
14:42:54.0137 4960 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:42:54.0168 4960 BrFiltLo - ok
14:42:54.0200 4960 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:42:54.0215 4960 BrFiltUp - ok
14:42:54.0278 4960 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:42:54.0293 4960 Browser - ok
14:42:54.0340 4960 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:42:54.0371 4960 Brserid - ok
14:42:54.0418 4960 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:54.0434 4960 BrSerWdm - ok
14:42:54.0465 4960 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:54.0496 4960 BrUsbMdm - ok
14:42:54.0512 4960 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:54.0527 4960 BrUsbSer - ok
14:42:54.0652 4960 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:42:54.0668 4960 BthEnum - ok
14:42:54.0714 4960 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:42:54.0730 4960 BTHMODEM - ok
14:42:54.0824 4960 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:42:54.0855 4960 BthPan - ok
14:42:55.0120 4960 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:42:55.0182 4960 BTHPORT - ok
14:42:55.0245 4960 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:42:55.0276 4960 bthserv - ok
14:42:55.0338 4960 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:42:55.0370 4960 BTHUSB - ok
14:42:55.0572 4960 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
14:42:55.0604 4960 btwampfl - ok
14:42:55.0853 4960 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys
14:42:55.0884 4960 btwaudio - ok
14:42:56.0009 4960 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys
14:42:56.0040 4960 btwavdt - ok
14:42:56.0992 4960 btwdins (692f8648d7686d91e34a65ac698019d8) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:42:57.0008 4960 btwdins - ok
14:42:58.0926 4960 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:42:58.0942 4960 btwl2cap - ok
14:43:00.0752 4960 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys
14:43:00.0767 4960 btwrchid - ok
14:43:02.0483 4960 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:43:02.0499 4960 cdfs - ok
14:43:04.0917 4960 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:43:04.0948 4960 cdrom - ok
14:43:05.0619 4960 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:43:05.0634 4960 CertPropSvc - ok
14:43:06.0071 4960 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:43:06.0087 4960 circlass - ok
14:43:06.0212 4960 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:43:06.0258 4960 CLFS - ok
14:43:07.0194 4960 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:43:07.0210 4960 clr_optimization_v2.0.50727_32 - ok
14:43:07.0787 4960 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:43:07.0818 4960 clr_optimization_v2.0.50727_64 - ok
14:43:08.0411 4960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:43:08.0832 4960 clr_optimization_v4.0.30319_32 - ok
14:43:09.0222 4960 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:43:09.0222 4960 clr_optimization_v4.0.30319_64 - ok
14:43:10.0268 4960 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:43:10.0283 4960 CmBatt - ok
14:43:11.0032 4960 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:43:11.0048 4960 cmdide - ok
14:43:11.0812 4960 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:43:11.0952 4960 CNG - ok
14:43:12.0670 4960 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:43:12.0701 4960 Compbatt - ok
14:43:13.0403 4960 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:43:13.0434 4960 CompositeBus - ok
14:43:14.0698 4960 COMSysApp - ok
14:43:15.0275 4960 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:43:15.0291 4960 crcdisk - ok
14:43:15.0728 4960 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:43:15.0759 4960 CryptSvc - ok
14:43:16.0008 4960 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:43:16.0024 4960 cvhsvc - ok
14:43:17.0584 4960 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:43:17.0600 4960 DcomLaunch - ok
14:43:18.0458 4960 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:43:18.0489 4960 defragsvc - ok
14:43:19.0300 4960 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:43:19.0331 4960 DfsC - ok
14:43:19.0706 4960 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:43:19.0737 4960 Dhcp - ok
14:43:19.0815 4960 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:43:19.0830 4960 discache - ok
14:43:19.0908 4960 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:43:19.0940 4960 Disk - ok
14:43:20.0033 4960 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:43:20.0033 4960 Dnscache - ok
14:43:20.0064 4960 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:43:20.0096 4960 dot3svc - ok
14:43:20.0189 4960 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:43:20.0236 4960 DPS - ok
14:43:20.0330 4960 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:43:20.0345 4960 drmkaud - ok
14:43:20.0564 4960 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:43:20.0610 4960 DXGKrnl - ok
14:43:20.0704 4960 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
14:43:20.0751 4960 e1yexpress - ok
14:43:20.0876 4960 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:43:20.0891 4960 EapHost - ok
14:43:21.0032 4960 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:43:21.0297 4960 ebdrv - ok
14:43:21.0437 4960 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:43:21.0437 4960 EFS - ok
14:43:21.0843 4960 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:43:21.0858 4960 ehRecvr - ok
14:43:22.0014 4960 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:43:22.0014 4960 ehSched - ok
14:43:22.0529 4960 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:43:22.0592 4960 elxstor - ok
14:43:22.0638 4960 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:43:22.0701 4960 ErrDev - ok
14:43:22.0779 4960 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:43:22.0810 4960 EventSystem - ok
14:43:23.0590 4960 EvtEng (f8f610093e1d7fdfa477fc34d15d5c60) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:43:23.0621 4960 EvtEng - ok
14:43:24.0963 4960 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:43:24.0994 4960 exfat - ok
14:43:26.0289 4960 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:43:26.0320 4960 fastfat - ok
14:43:26.0913 4960 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:43:26.0991 4960 Fax - ok
14:43:27.0334 4960 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:43:27.0365 4960 fdc - ok
14:43:27.0459 4960 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:43:27.0474 4960 fdPHost - ok
14:43:27.0506 4960 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:43:27.0521 4960 FDResPub - ok
14:43:27.0568 4960 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:43:27.0599 4960 FileInfo - ok
14:43:27.0646 4960 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:43:27.0662 4960 Filetrace - ok
14:43:27.0693 4960 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:43:27.0724 4960 flpydisk - ok
14:43:27.0833 4960 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:43:27.0849 4960 FltMgr - ok
14:43:28.0036 4960 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
14:43:28.0130 4960 FontCache - ok
14:43:28.0410 4960 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:43:28.0410 4960 FontCache3.0.0.0 - ok
14:43:28.0832 4960 FPLService (d96ad29bf9c3a32fe116f6141e24fdd6) C:\Program Files\TrueSuite\TrueSuite.Service.exe
14:43:28.0832 4960 FPLService - ok
14:43:31.0484 4960 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:43:31.0499 4960 FsDepends - ok
14:43:32.0108 4960 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:43:32.0123 4960 Fs_Rec - ok
14:43:32.0903 4960 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:43:32.0950 4960 fvevol - ok
14:43:33.0636 4960 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:43:33.0668 4960 gagp30kx - ok
14:43:34.0744 4960 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:43:34.0760 4960 GEARAspiWDM - ok
14:43:36.0132 4960 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:43:36.0226 4960 gpsvc - ok
14:43:36.0616 4960 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:43:36.0663 4960 gupdate - ok
14:43:36.0772 4960 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:43:36.0772 4960 gupdatem - ok
14:43:37.0037 4960 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:43:37.0224 4960 gusvc - ok
14:43:38.0519 4960 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:43:38.0566 4960 hcw85cir - ok
14:43:40.0344 4960 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:43:40.0376 4960 HdAudAddService - ok
14:43:41.0826 4960 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:43:41.0873 4960 HDAudBus - ok
14:43:42.0918 4960 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:43:42.0950 4960 HidBatt - ok
14:43:43.0698 4960 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:43:43.0714 4960 HidBth - ok
14:43:46.0647 4960 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:43:46.0678 4960 HidIr - ok
14:43:47.0115 4960 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:43:47.0130 4960 hidserv - ok
14:43:48.0066 4960 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:43:48.0082 4960 HidUsb - ok
14:43:48.0706 4960 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:43:48.0737 4960 hkmsvc - ok
14:43:50.0625 4960 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:43:50.0656 4960 HomeGroupListener - ok
14:43:50.0921 4960 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:43:50.0953 4960 HomeGroupProvider - ok
14:43:51.0280 4960 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:43:51.0296 4960 HpSAMD - ok
14:43:51.0374 4960 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:43:51.0436 4960 HTTP - ok
14:43:51.0561 4960 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:43:51.0577 4960 hwpolicy - ok
14:43:51.0623 4960 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:43:51.0655 4960 i8042prt - ok
14:43:51.0811 4960 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
14:43:51.0826 4960 iaStor - ok
14:43:52.0138 4960 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
14:43:52.0138 4960 IAStorDataMgrSvc - ok
14:43:52.0388 4960 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:43:52.0466 4960 iaStorV - ok
14:43:53.0027 4960 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:43:53.0074 4960 idsvc - ok
14:43:54.0838 4960 igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:43:55.0384 4960 igfx - ok
14:43:56.0086 4960 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:43:56.0117 4960 iirsp - ok
14:43:56.0242 4960 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:43:56.0289 4960 IKEEXT - ok
14:43:56.0554 4960 IntcAzAudAddService (cdb772f707ac24b43a20c821852ca61f) C:\Windows\system32\drivers\RTKVHD64.sys
14:43:56.0616 4960 IntcAzAudAddService - ok
14:43:56.0897 4960 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:43:56.0928 4960 IntcDAud - ok
14:43:57.0131 4960 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:43:57.0147 4960 intelide - ok
14:43:57.0599 4960 intelkmd (0ac9e321d604be48a0d72b69ba484bdc) C:\Windows\system32\DRIVERS\igdpmd64.sys
14:43:58.0067 4960 intelkmd - ok
14:43:58.0785 4960 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:43:58.0800 4960 intelppm - ok
14:43:58.0894 4960 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:43:58.0910 4960 IPBusEnum - ok
14:43:58.0972 4960 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:43:59.0003 4960 IpFilterDriver - ok
14:43:59.0206 4960 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:43:59.0237 4960 iphlpsvc - ok
14:43:59.0315 4960 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:43:59.0346 4960 IPMIDRV - ok
14:43:59.0378 4960 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:43:59.0409 4960 IPNAT - ok
14:43:59.0565 4960 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
14:43:59.0580 4960 iPod Service - ok
14:43:59.0658 4960 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:43:59.0674 4960 IRENUM - ok
14:43:59.0768 4960 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:43:59.0783 4960 isapnp - ok
14:43:59.0892 4960 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:43:59.0939 4960 iScsiPrt - ok
14:44:00.0064 4960 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:44:00.0095 4960 kbdclass - ok
14:44:00.0158 4960 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:44:00.0189 4960 kbdhid - ok
14:44:00.0236 4960 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:44:00.0236 4960 KeyIso - ok
14:44:00.0282 4960 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:44:00.0314 4960 KSecDD - ok
14:44:00.0360 4960 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:44:00.0376 4960 KSecPkg - ok
14:44:00.0454 4960 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:44:00.0470 4960 ksthunk - ok
14:44:00.0579 4960 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:44:00.0594 4960 KtmRm - ok
14:44:00.0719 4960 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:44:00.0750 4960 LanmanServer - ok
14:44:00.0828 4960 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:44:00.0844 4960 LanmanWorkstation - ok
14:44:00.0891 4960 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:44:00.0922 4960 lltdio - ok
14:44:01.0016 4960 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:44:01.0047 4960 lltdsvc - ok
14:44:01.0062 4960 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:44:01.0094 4960 lmhosts - ok
14:44:01.0296 4960 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:44:01.0296 4960 LMS - ok
14:44:01.0359 4960 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:44:01.0390 4960 LSI_FC - ok
14:44:01.0421 4960 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:44:01.0437 4960 LSI_SAS - ok
14:44:01.0484 4960 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:44:01.0499 4960 LSI_SAS2 - ok
14:44:01.0530 4960 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:44:01.0546 4960 LSI_SCSI - ok
14:44:01.0577 4960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:44:01.0608 4960 luafv - ok
14:44:01.0733 4960 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
14:44:01.0749 4960 MBAMProtector - ok
14:44:01.0827 4960 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:44:01.0842 4960 MBAMService - ok
14:44:02.0092 4960 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
14:44:02.0217 4960 McComponentHostService - ok
14:44:02.0856 4960 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:44:02.0872 4960 Mcx2Svc - ok
14:44:03.0153 4960 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:44:03.0184 4960 megasas - ok
14:44:03.0855 4960 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:44:03.0886 4960 MegaSR - ok
14:44:04.0682 4960 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
14:44:04.0713 4960 MEIx64 - ok
14:44:05.0337 4960 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:44:05.0352 4960 MMCSS - ok
14:44:07.0271 4960 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:44:07.0287 4960 Modem - ok
14:44:07.0989 4960 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:44:08.0036 4960 monitor - ok
14:44:09.0206 4960 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:44:09.0221 4960 mouclass - ok
14:44:10.0220 4960 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:44:10.0251 4960 mouhid - ok
14:44:11.0858 4960 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:44:11.0873 4960 mountmgr - ok
14:44:13.0059 4960 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:44:13.0090 4960 mpio - ok
14:44:13.0215 4960 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:44:13.0230 4960 mpsdrv - ok
14:44:13.0511 4960 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:44:13.0558 4960 MpsSvc - ok
14:44:14.0541 4960 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:44:14.0572 4960 MRxDAV - ok
14:44:15.0976 4960 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:44:15.0992 4960 mrxsmb - ok
14:44:17.0926 4960 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:44:17.0973 4960 mrxsmb10 - ok
14:44:18.0847 4960 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:44:18.0879 4960 mrxsmb20 - ok
14:44:21.0375 4960 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:44:21.0390 4960 msahci - ok
14:44:23.0169 4960 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:44:23.0184 4960 msdsm - ok
14:44:24.0120 4960 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:44:24.0151 4960 MSDTC - ok
14:44:24.0619 4960 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:44:24.0635 4960 Msfs - ok
14:44:24.0697 4960 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:44:24.0729 4960 mshidkmdf - ok
14:44:24.0853 4960 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:44:24.0869 4960 msisadrv - ok
14:44:24.0994 4960 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:44:25.0025 4960 MSiSCSI - ok
14:44:25.0041 4960 msiserver - ok
14:44:25.0197 4960 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:44:25.0212 4960 MSKSSRV - ok
14:44:25.0290 4960 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:44:25.0306 4960 MSPCLOCK - ok
14:44:25.0337 4960 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:44:25.0353 4960 MSPQM - ok
14:44:25.0524 4960 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:44:25.0555 4960 MsRPC - ok
14:44:25.0727 4960 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:44:25.0743 4960 mssmbios - ok
14:44:25.0821 4960 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:44:25.0836 4960 MSTEE - ok
14:44:25.0867 4960 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:44:25.0899 4960 MTConfig - ok
14:44:25.0945 4960 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:44:25.0961 4960 Mup - ok
14:44:26.0273 4960 MyWiFiDHCPDNS (f6ea50dbc391f04ca49427010657ccb3) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:44:26.0304 4960 MyWiFiDHCPDNS - ok
14:44:28.0363 4960 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:44:28.0395 4960 napagent - ok
14:44:29.0814 4960 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:44:29.0861 4960 NativeWifiP - ok
14:44:30.0111 4960 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:44:30.0173 4960 NDIS - ok
14:44:30.0454 4960 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:44:30.0485 4960 NdisCap - ok
14:44:30.0610 4960 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:44:30.0657 4960 NdisTapi - ok
14:44:30.0735 4960 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:44:30.0750 4960 Ndisuio - ok
14:44:30.0937 4960 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:44:30.0953 4960 NdisWan - ok
14:44:31.0078 4960 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:44:31.0109 4960 NDProxy - ok
14:44:31.0171 4960 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:44:31.0203 4960 NetBIOS - ok
14:44:31.0312 4960 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:44:31.0343 4960 NetBT - ok
14:44:31.0405 4960 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:44:31.0421 4960 Netlogon - ok
14:44:31.0515 4960 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:44:31.0546 4960 Netman - ok
14:44:31.0577 4960 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:44:31.0608 4960 netprofm - ok
14:44:31.0905 4960 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:44:31.0936 4960 NetTcpPortSharing - ok
14:44:32.0295 4960 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
14:44:32.0653 4960 netw5v64 - ok
14:44:33.0106 4960 NETwNs64 (30933bb56fb611d0252bad488adfb533) C:\Windows\system32\DRIVERS\NETwNs64.sys
14:44:33.0511 4960 NETwNs64 - ok
14:44:34.0510 4960 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:44:34.0541 4960 nfrd960 - ok
14:44:35.0103 4960 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:44:35.0103 4960 NlaSvc - ok
14:44:35.0711 4960 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
14:44:35.0758 4960 NOBU - ok
14:44:37.0318 4960 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:44:37.0333 4960 Npfs - ok
14:44:38.0425 4960 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:44:38.0425 4960 nsi - ok
14:44:39.0985 4960 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:44:40.0017 4960 nsiproxy - ok
14:44:40.0329 4960 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:44:40.0578 4960 Ntfs - ok
14:44:41.0733 4960 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:44:41.0748 4960 Null - ok
14:44:43.0589 4960 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
14:44:43.0620 4960 nusb3hub - ok
14:44:44.0790 4960 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:44:44.0821 4960 nusb3xhc - ok
14:44:45.0243 4960 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:44:45.0274 4960 nvraid - ok
14:44:45.0367 4960 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:44:45.0414 4960 nvstor - ok
14:44:45.0492 4960 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:44:45.0508 4960 nv_agp - ok
14:44:45.0555 4960 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:44:45.0570 4960 ohci1394 - ok
14:44:45.0835 4960 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:44:45.0867 4960 ose - ok
14:44:47.0785 4960 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:44:47.0926 4960 osppsvc - ok
14:44:48.0955 4960 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:44:48.0987 4960 p2pimsvc - ok
14:44:49.0127 4960 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:44:49.0158 4960 p2psvc - ok
14:44:49.0486 4960 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:44:49.0517 4960 Parport - ok
14:44:49.0595 4960 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:44:49.0626 4960 partmgr - ok
14:44:49.0689 4960 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:44:49.0720 4960 PcaSvc - ok
14:44:49.0782 4960 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:44:49.0782 4960 pci - ok
14:44:49.0860 4960 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:44:49.0876 4960 pciide - ok
14:44:50.0016 4960 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:44:50.0047 4960 pcmcia - ok
14:44:50.0094 4960 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:44:50.0125 4960 pcw - ok
14:44:50.0344 4960 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:44:50.0406 4960 PEAUTH - ok
14:44:54.0057 4960 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:44:54.0103 4960 PerfHost - ok
14:44:54.0961 4960 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:44:55.0039 4960 pla - ok
14:44:55.0195 4960 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:44:55.0227 4960 PlugPlay - ok
14:44:56.0116 4960 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:44:56.0116 4960 PMBDeviceInfoProvider - ok
14:44:56.0178 4960 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:44:56.0209 4960 PNRPAutoReg - ok
14:44:56.0287 4960 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:44:56.0287 4960 PNRPsvc - ok
14:44:56.0459 4960 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:44:56.0490 4960 PolicyAgent - ok
14:44:56.0677 4960 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:44:56.0693 4960 Power - ok
14:44:57.0099 4960 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:44:57.0130 4960 PptpMiniport - ok
14:44:57.0208 4960 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:44:57.0223 4960 Processor - ok
14:44:57.0317 4960 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:44:57.0317 4960 ProfSvc - ok
14:44:57.0364 4960 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:44:57.0364 4960 ProtectedStorage - ok
14:44:57.0489 4960 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:44:57.0520 4960 Psched - ok
14:44:57.0723 4960 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:44:57.0816 4960 ql2300 - ok
14:44:57.0847 4960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:44:57.0863 4960 ql40xx - ok
14:44:57.0957 4960 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:44:57.0972 4960 QWAVE - ok
14:44:58.0050 4960 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:44:58.0081 4960 QWAVEdrv - ok
14:44:58.0097 4960 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:44:58.0113 4960 RasAcd - ok
14:44:58.0175 4960 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:44:58.0191 4960 RasAgileVpn - ok
14:44:58.0237 4960 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:44:58.0253 4960 RasAuto - ok
14:44:58.0315 4960 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:44:58.0331 4960 Rasl2tp - ok
14:44:58.0393 4960 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:44:58.0440 4960 RasMan - ok
14:44:58.0456 4960 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:44:58.0503 4960 RasPppoe - ok
14:44:58.0518 4960 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:44:58.0549 4960 RasSstp - ok
14:44:58.0596 4960 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:44:58.0643 4960 rdbss - ok
14:44:58.0674 4960 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:44:58.0705 4960 rdpbus - ok
14:44:58.0721 4960 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:44:58.0752 4960 RDPCDD - ok
14:44:58.0877 4960 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:44:58.0893 4960 RDPENCDD - ok
14:44:58.0939 4960 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:44:58.0955 4960 RDPREFMP - ok
14:44:59.0080 4960 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:44:59.0127 4960 RDPWD - ok
14:44:59.0220 4960 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:44:59.0251 4960 rdyboost - ok
14:44:59.0532 4960 RegSrvc (9276f4d4109fc349925d28e00e533146) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:44:59.0548 4960 RegSrvc - ok
14:45:01.0234 4960 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:45:01.0265 4960 RemoteAccess - ok
14:45:01.0390 4960 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:45:01.0436 4960 RemoteRegistry - ok
14:45:01.0733 4960 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:45:01.0764 4960 RFCOMM - ok
14:45:01.0826 4960 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:45:01.0842 4960 RpcEptMapper - ok
14:45:01.0936 4960 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:45:01.0951 4960 RpcLocator - ok
14:45:02.0029 4960 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:45:02.0045 4960 RpcSs - ok
14:45:02.0326 4960 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
14:45:02.0357 4960 RSPCIESTOR - ok
14:45:02.0904 4960 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:45:02.0935 4960 rspndr - ok
14:45:03.0871 4960 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:45:03.0902 4960 RTL8167 - ok
14:45:04.0542 4960 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:45:04.0542 4960 SamSs - ok
14:45:05.0337 4960 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:45:05.0353 4960 sbp2port - ok
14:45:06.0804 4960 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:45:06.0835 4960 SCardSvr - ok
14:45:07.0553 4960 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:45:07.0568 4960 scfilter - ok
14:45:08.0769 4960 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:45:08.0847 4960 Schedule - ok
14:45:10.0345 4960 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:45:10.0345 4960 SCPolicySvc - ok
14:45:11.0281 4960 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
14:45:11.0312 4960 sdbus - ok
14:45:11.0874 4960 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:45:11.0874 4960 SDRSVC - ok
14:45:12.0747 4960 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:45:12.0763 4960 secdrv - ok
14:45:13.0621 4960 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:45:13.0637 4960 seclogon - ok
14:45:14.0183 4960 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:45:14.0214 4960 SENS - ok
14:45:15.0743 4960 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:45:15.0758 4960 SensrSvc - ok
14:45:17.0928 4960 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:45:17.0959 4960 Serenum - ok
14:45:18.0552 4960 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:45:18.0583 4960 Serial - ok
14:45:18.0973 4960 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:45:19.0004 4960 sermouse - ok
14:45:19.0831 4960 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:45:19.0846 4960 SessionEnv - ok
14:45:21.0516 4960 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\DRIVERS\SFEP.sys
14:45:21.0531 4960 SFEP - ok
14:45:23.0388 4960 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:45:23.0419 4960 sffdisk - ok
14:45:24.0682 4960 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:45:24.0729 4960 sffp_mmc - ok
14:45:26.0788 4960 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:45:26.0804 4960 sffp_sd - ok
14:45:27.0771 4960 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:45:27.0802 4960 sfloppy - ok
14:45:29.0206 4960 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:45:29.0253 4960 Sftfs - ok
14:45:29.0425 4960 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:45:29.0440 4960 sftlist - ok
14:45:29.0986 4960 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:45:30.0018 4960 Sftplay - ok
14:45:30.0907 4960 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:45:30.0922 4960 Sftredir - ok
14:45:31.0874 4960 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:45:31.0890 4960 Sftvol - ok
14:45:32.0233 4960 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:45:32.0248 4960 sftvsa - ok
14:45:33.0777 4960 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:45:33.0808 4960 SharedAccess - ok
14:45:34.0183 4960 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:45:34.0214 4960 ShellHWDetection - ok
14:45:34.0916 4960 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:45:34.0932 4960 SiSRaid2 - ok
14:45:35.0462 4960 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:45:35.0493 4960 SiSRaid4 - ok
14:45:36.0273 4960 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:45:36.0304 4960 Smb - ok
14:45:36.0835 4960 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:45:36.0928 4960 SNMPTRAP - ok
14:45:37.0178 4960 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:45:37.0178 4960 SOHCImp - ok
14:45:37.0334 4960 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:45:37.0350 4960 SOHDms - ok
14:45:37.0381 4960 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:45:37.0381 4960 SOHDs - ok
14:45:37.0537 4960 SpfService (b8047e776e50fc2384801083a77900e0) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:45:37.0537 4960 SpfService - ok
14:45:38.0488 4960 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:45:38.0520 4960 spldr - ok
14:45:39.0300 4960 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:45:39.0315 4960 Spooler - ok
14:45:40.0204 4960 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:45:40.0251 4960 sppsvc - ok
14:45:40.0782 4960 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:45:40.0797 4960 sppuinotify - ok
14:45:41.0234 4960 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:45:41.0265 4960 srv - ok
14:45:41.0359 4960 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:45:41.0406 4960 srv2 - ok
14:45:41.0608 4960 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:45:41.0655 4960 SrvHsfHDA - ok
14:45:41.0952 4960 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:45:42.0030 4960 SrvHsfV92 - ok
14:45:43.0075 4960 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:45:43.0122 4960 SrvHsfWinac - ok
14:45:43.0793 4960 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:45:43.0824 4960 srvnet - ok
14:45:44.0339 4960 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:45:44.0354 4960 SSDPSRV - ok
14:45:44.0401 4960 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:45:44.0432 4960 SstpSvc - ok
14:45:44.0651 4960 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:45:44.0666 4960 stexstor - ok
14:45:44.0760 4960 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:45:44.0853 4960 stisvc - ok
14:45:44.0947 4960 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:45:44.0963 4960 swenum - ok
14:45:45.0056 4960 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:45:45.0103 4960 swprv - ok
14:45:45.0228 4960 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:45:45.0243 4960 SysMain - ok
14:45:45.0306 4960 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:45:45.0321 4960 TabletInputService - ok
14:45:45.0415 4960 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:45:45.0462 4960 TapiSrv - ok
14:45:45.0540 4960 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:45:45.0555 4960 TBS - ok
14:45:45.0914 4960 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:45:45.0992 4960 Tcpip - ok
14:45:46.0647 4960 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:45:46.0679 4960 TCPIP6 - ok
14:45:47.0163 4960 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:45:47.0194 4960 tcpipreg - ok
14:45:47.0881 4960 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:45:47.0912 4960 TDPIPE - ok
14:45:48.0208 4960 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:45:48.0224 4960 TDTCP - ok
14:45:48.0380 4960 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:45:48.0442 4960 tdx - ok
14:45:48.0520 4960 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:45:48.0536 4960 TermDD - ok
14:45:48.0645 4960 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:45:48.0661 4960 TermService - ok
14:45:48.0848 4960 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:45:48.0864 4960 Themes - ok
14:45:48.0926 4960 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:45:48.0926 4960 THREADORDER - ok
14:45:49.0098 4960 tmactmon (e386dd8ec68c67ca3e2a3abdc1df5c56) C:\Windows\system32\DRIVERS\tmactmon.sys
14:45:49.0129 4960 tmactmon - ok
14:45:49.0238 4960 tmcomm (ab011c569487fd65c8944ddf8cbb2572) C:\Windows\system32\DRIVERS\tmcomm.sys
14:45:49.0269 4960 tmcomm - ok
14:45:49.0332 4960 tmeevw (1161f882b3cfa8076870a09924e0adc2) C:\Windows\system32\DRIVERS\tmeevw.sys
14:45:49.0347 4960 tmeevw - ok
14:45:49.0410 4960 tmevtmgr (8870a3d7305455b47adccd226f8e51bc) C:\Windows\system32\DRIVERS\tmevtmgr.sys
14:45:49.0425 4960 tmevtmgr - ok
14:45:49.0550 4960 tmnciesc (f0ae672ee91e7f1ef24644621b57ca7f) C:\Windows\system32\DRIVERS\tmnciesc.sys
14:45:49.0566 4960 tmnciesc - ok
14:45:49.0690 4960 tmtdi (065cb7d9278d778fb9ef62cead01433f) C:\Windows\system32\DRIVERS\tmtdi.sys
14:45:49.0722 4960 tmtdi - ok
14:45:49.0815 4960 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
14:45:49.0831 4960 TPM - ok
14:45:49.0956 4960 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:45:49.0971 4960 TrkWks - ok
14:45:50.0034 4960 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:45:50.0065 4960 TrustedInstaller - ok
14:45:50.0143 4960 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:45:50.0174 4960 tssecsrv - ok
14:45:50.0299 4960 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:45:50.0330 4960 TsUsbFlt - ok
14:45:50.0470 4960 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:45:50.0502 4960 tunnel - ok
14:45:50.0548 4960 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:45:50.0580 4960 uagp35 - ok
14:45:50.0860 4960 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
14:45:50.0860 4960 uCamMonitor - ok
14:45:51.0016 4960 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:45:51.0048 4960 udfs - ok
14:45:51.0141 4960 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:45:51.0172 4960 UI0Detect - ok
14:45:51.0250 4960 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:45:51.0266 4960 uliagpkx - ok
14:45:51.0531 4960 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:45:51.0547 4960 umbus - ok
14:45:52.0202 4960 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:45:52.0218 4960 UmPass - ok
14:45:52.0514 4960 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:45:52.0561 4960 UNS - ok
14:45:53.0076 4960 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:45:53.0107 4960 upnphost - ok
14:45:53.0356 4960 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:45:53.0388 4960 USBAAPL64 - ok
14:45:53.0481 4960 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:45:53.0512 4960 usbccgp - ok
14:45:53.0590 4960 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:45:53.0606 4960 usbcir - ok
14:45:53.0668 4960 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:45:53.0684 4960 usbehci - ok
14:45:53.0793 4960 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:45:53.0840 4960 usbhub - ok
14:45:53.0918 4960 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:45:53.0934 4960 usbohci - ok
14:45:54.0012 4960 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:45:54.0044 4960 usbprint - ok
14:45:54.0106 4960 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:45:54.0137 4960 USBSTOR - ok
14:45:54.0184 4960 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:45:54.0200 4960 usbuhci - ok
14:45:54.0340 4960 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:45:54.0371 4960 usbvideo - ok
14:45:54.0449 4960 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:45:54.0465 4960 UxSms - ok
14:45:54.0761 4960 VAIO Event Service (2c9732b39f81395cc9fe40f181cd3433) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:45:54.0761 4960 VAIO Event Service - ok
14:45:55.0074 4960 VAIO Power Management (c994f2b3b45c9987049ca511ee1f2768) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:45:55.0090 4960 VAIO Power Management - ok
14:45:55.0137 4960 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:45:55.0152 4960 VaultSvc - ok
14:45:55.0511 4960 VCFw (6888526aeb8ddabde6f778fd40fc0693) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:45:55.0527 4960 VCFw - ok
14:45:55.0730 4960 VcmIAlzMgr (f0672b2368e859284a4c44ae2cca4c72) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:45:55.0745 4960 VcmIAlzMgr - ok
14:45:55.0870 4960 VcmINSMgr (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:45:55.0886 4960 VcmINSMgr - ok
14:45:55.0995 4960 VcmXmlIfHelper (c8e3ba694cc5eacec4c01660ace40d56) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:45:56.0026 4960 VcmXmlIfHelper - ok
14:45:56.0946 4960 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:45:56.0962 4960 vdrvroot - ok
14:45:57.0040 4960 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:45:57.0056 4960 vds - ok
14:45:57.0180 4960 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:45:57.0196 4960 vga - ok
14:45:57.0258 4960 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:45:57.0274 4960 VgaSave - ok
14:45:57.0414 4960 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:45:57.0446 4960 vhdmp - ok
14:45:57.0508 4960 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:45:57.0539 4960 viaide - ok
14:45:57.0648 4960 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:45:57.0664 4960 volmgr - ok
14:45:57.0773 4960 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:45:57.0804 4960 volmgrx - ok
14:45:57.0882 4960 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:45:57.0914 4960 volsnap - ok
14:45:58.0038 4960 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:45:58.0070 4960 vsmraid - ok
14:45:58.0241 4960 VSNService (028e420b12654492d25625688055108c) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:45:58.0257 4960 VSNService - ok
14:45:58.0350 4960 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:45:58.0460 4960 VSS - ok
14:45:58.0569 4960 VUAgent (e29c6166f7f24efb1fd3f534a6016e63) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
14:45:58.0584 4960 VUAgent - ok
14:45:58.0850 4960 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:45:58.0865 4960 vwifibus - ok
14:45:58.0896 4960 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:45:58.0928 4960 vwififlt - ok
14:45:58.0943 4960 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:45:58.0974 4960 vwifimp - ok
14:45:59.0099 4960 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:45:59.0130 4960 W32Time - ok
14:45:59.0146 4960 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:45:59.0177 4960 WacomPen - ok
14:45:59.0240 4960 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:45:59.0271 4960 WANARP - ok
14:45:59.0302 4960 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:45:59.0302 4960 Wanarpv6 - ok
14:45:59.0474 4960 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:45:59.0520 4960 WatAdminSvc - ok
14:45:59.0708 4960 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:45:59.0817 4960 wbengine - ok
14:45:59.0926 4960 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:45:59.0973 4960 WbioSrvc - ok
14:46:00.0051 4960 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:46:00.0098 4960 wcncsvc - ok
14:46:00.0129 4960 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:46:00.0160 4960 WcsPlugInService - ok
14:46:00.0332 4960 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:46:00.0347 4960 Wd - ok
14:46:00.0410 4960 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:46:00.0456 4960 Wdf01000 - ok
14:46:00.0503 4960 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:46:00.0550 4960 WdiServiceHost - ok
14:46:00.0566 4960 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:46:00.0566 4960 WdiSystemHost - ok
14:46:00.0644 4960 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:46:00.0675 4960 WebClient - ok
14:46:00.0737 4960 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:46:00.0768 4960 Wecsvc - ok
14:46:00.0815 4960 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:46:00.0815 4960 wercplsupport - ok
14:46:00.0862 4960 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:46:00.0862 4960 WerSvc - ok
14:46:01.0002 4960 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:01.0034 4960 WfpLwf - ok
14:46:01.0065 4960 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:46:01.0080 4960 WIMMount - ok
14:46:01.0221 4960 WinDefend - ok
14:46:01.0236 4960 WinHttpAutoProxySvc - ok
14:46:01.0486 4960 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:46:01.0517 4960 Winmgmt - ok
14:46:01.0642 4960 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:46:01.0767 4960 WinRM - ok
14:46:02.0001 4960 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:46:02.0016 4960 WinUsb - ok
14:46:02.0110 4960 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:46:02.0172 4960 Wlansvc - ok
14:46:02.0578 4960 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:46:02.0609 4960 wlcrasvc - ok
14:46:02.0734 4960 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:46:02.0765 4960 wlidsvc - ok
14:46:03.0015 4960 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:46:03.0030 4960 WmiAcpi - ok
14:46:03.0280 4960 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:46:03.0280 4960 wmiApSrv - ok
14:46:03.0358 4960 WMPNetworkSvc - ok
14:46:03.0436 4960 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:46:03.0452 4960 WPCSvc - ok
14:46:03.0561 4960 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:46:03.0592 4960 WPDBusEnum - ok
14:46:03.0779 4960 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:46:03.0795 4960 ws2ifsl - ok
14:46:03.0920 4960 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:46:03.0935 4960 wscsvc - ok
14:46:03.0966 4960 WSearch - ok
14:46:04.0216 4960 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:46:04.0247 4960 wuauserv - ok
14:46:04.0606 4960 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:46:04.0637 4960 WudfPf - ok
14:46:04.0762 4960 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:04.0778 4960 WUDFRd - ok
14:46:04.0871 4960 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:46:04.0887 4960 wudfsvc - ok
14:46:05.0043 4960 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:46:05.0074 4960 WwanSvc - ok
14:46:05.0168 4960 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:46:05.0433 4960 \Device\Harddisk0\DR0 - ok
14:46:05.0464 4960 Boot (0x1200) (85a2924a9ea4780026c2531cba0fa6b2) \Device\Harddisk0\DR0\Partition0
14:46:05.0480 4960 \Device\Harddisk0\DR0\Partition0 - ok
14:46:05.0526 4960 Boot (0x1200) (549405a3d648cd3e6eb1c55651ecc544) \Device\Harddisk0\DR0\Partition1
14:46:05.0558 4960 \Device\Harddisk0\DR0\Partition1 - ok
14:46:05.0558 4960 ============================================================
14:46:05.0558 4960 Scan finished
14:46:05.0558 4960 ============================================================
14:46:05.0589 7200 Detected object count: 0
14:46:05.0589 7200 Actual detected object count: 0

#8 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 08 April 2012 - 09:53 PM

I would just like to say that the laptop has gone considerably slower from the time this Searchnu.com/406 issue popped up. It takes a good 10minutes just to start up the machine. The machine isn't that old at all.. maybe a year old at most if that..

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:45 PM

Posted 08 April 2012 - 10:08 PM

Hello. we are going to move you as we need some special tools to kill this.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Mortada

Mortada
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:45 PM

Posted 08 April 2012 - 10:33 PM

Hi,

I've completed the relevant steps mentioned above in completing a ticket for Rootkit removal. I didn't run GMER due to that fact that Instructions specify only for windows running 32bits, and as you are aware this laptop is running on 64 bits. Either way I posted you the link of my new ticket in the relevant forum. I thank you again for your help in looking into this matter.

http://www.bleepingcomputer.com/forums/topic449415.html

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:45 PM

Posted 09 April 2012 - 09:34 AM

Thank you.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users