Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gen:Variant.TDss.20, BitDefender fails to remove


  • This topic is locked This topic is locked
19 replies to this topic

#1 Seridryck

Seridryck

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 10 April 2012 - 10:13 PM

I'm using BitDefender Internet Security 2010. When I run an antivirus scan, I receive the following pop-up during the scan:

BitDefender has blocked a virus!
Virus Name:
Gen:Variant.TDss.20

Accessed by:
svchost

Location:
C:\Windows\Temp\tmp00003bda\tmp000119a9

BitDefender could not disinfect, delete, or quarantine this item. Access to this object has been denied.


After the scan, I receive the following:
Results Summary:
Solved issues: 1. No threat requires your attention.

File Path
<System>=>c:\program files (x86)\sony\vaio event service\vesbaseps.dll *32 [2724] (full dump)

Threat Name
Gen:Variant.TDss.20

Result
deleted


If I run the scan again, I always receive the same information in the "BitDefender has blocked a virus!" pop-up, except with different hexadecimal numbers in the temp file. The Results Summary also shows the same file path, except the bracketed number is different.

I'm using 64-bit Windows 7 Home Premium, on a Sony Vaio F-series VPCF1 from 2010.

Is this even a virus, or just a false positive? If it is a virus, why is it so persistent, and how can I remove it?

BC AdBot (Login to Remove)

 


#2 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:09:20 AM

Posted 10 April 2012 - 11:23 PM

To find out if its a false positve, upload the file to Virustotal.

Tell me what the results are.


Thanks,
Pizza and Pepsi
Malware shall not pass!

#3 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 10 April 2012 - 11:54 PM

Okay... the temp file has a different location every time BitDefender detects it. When I go to look for it, it isn't there. Either BitDefender deletes it, or it has hidden or moved itself. Not sure which, since BitDefender both says "BitDefender could not disinfect, delete, or quarantine this item" and "Threat resolved/deleted." I'd just scan the whole C:\Windows\Temp folder, but it's 650 MB and Virustotal's max size is 32. So I can't scan the temp file BitDefender identifies as the file location.


However, I can upload the Vaio Event Service .dll file BitDefender calls the file path. Virustotal says:

SHA256: f57524db4fc50d3b5e1d68657256eeac0bebe5c0fd347ac7def72fb73cc76ad6
SHA1: 87c0c1203b30a8001691c7a806bbb8c71819da89
MD5: 7d85b3b4212d0ccf4169f0ec9b0ff8f8
File size: 13.5 KB ( 13824 bytes )
File name: VESBasePS.dll
File type: Win32 DLL
Detection ratio: 0 / 40
Analysis date: 2012-04-11 04:39:45 UTC ( 1 minute ago )

#4 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:09:20 AM

Posted 11 April 2012 - 05:24 PM

Try downloading Ccleaner.

Make sure that the windows temp files are check and then click run cleaner.


Next, download TFC.
Double-click the icon and allow TFC to restart the computer.


Now, see if Bitdefender still finds the virus.
Malware shall not pass!

#5 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 11 April 2012 - 06:43 PM

What are these downloads going to do? I'd like to know what else I'm putting on my computer. Is there any risk to using these?

I'm extremely new here, and I'm reluctant to do anything without talking to a site official first.

#6 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:09:20 AM

Posted 11 April 2012 - 07:15 PM

Here is a link that is on bleeping computer.
My link

Read Quietman's post and you will see that TFC cleaner is safe to use.
Malware shall not pass!

#7 Pizza and Pepsi

Pizza and Pepsi

  • Members
  • 277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CA
  • Local time:09:20 AM

Posted 11 April 2012 - 07:17 PM

Here is a link about ccleaner.

http://www.bleepingcomputer.com/forums/topic59767.html
Malware shall not pass!

#8 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 11 April 2012 - 09:32 PM

I downloaded both tools, they both deleted a lot of files.

And BitDefender still finds the virus. Same filepath, just with a different bracketed number. Same format of file location, just with a different hexadecimal on the temp file.

#9 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:01:20 PM

Posted 15 April 2012 - 10:56 PM

Hello and :welcome: to BleepingComputer.

Let's see what we're dealing with here.

Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4
  • Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply
***************************************************

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link

IMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe This must be done before beginning the download!

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from http://data.mbamupdates.com/tools/mbam-rules.exe'>here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

~Blade


In your next reply, please include the following:
Malwarebytes Log

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#10 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 16 April 2012 - 05:03 AM

I ran RKill, which closed Google Chrome as soon as it opened, but nothing else. I ran MBAM as well, and it came up empty. I haven't re-scanned with BitDefender yet to see if it still picks up the virus. Should I?

Here's the MBAM log:


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Dominic :: PETER [administrator]

4/16/2012 4:54:04 AM
mbam-log-2012-04-16 (04-54-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204786
Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:01:20 PM

Posted 16 April 2012 - 12:17 PM

Hello.

I haven't re-scanned with BitDefender yet to see if it still picks up the virus. Should I?

Not yet.

***************************************************

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

~Blade


In your next reply, please include the following:
TDSSKiller Log

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#12 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 16 April 2012 - 01:17 PM

Again, detected nothing. Here's the log:


13:11:58.0134 8336 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
13:12:00.0135 8336 ============================================================
13:12:00.0135 8336 Current date / time: 2012/04/16 13:12:00.0135
13:12:00.0135 8336 SystemInfo:
13:12:00.0135 8336
13:12:00.0135 8336 OS Version: 6.1.7601 ServicePack: 1.0
13:12:00.0135 8336 Product type: Workstation
13:12:00.0135 8336 ComputerName: PETER
13:12:00.0136 8336 UserName: Dominic
13:12:00.0136 8336 Windows directory: C:\Windows
13:12:00.0136 8336 System windows directory: C:\Windows
13:12:00.0136 8336 Running under WOW64
13:12:00.0136 8336 Processor architecture: Intel x64
13:12:00.0136 8336 Number of processors: 8
13:12:00.0136 8336 Page size: 0x1000
13:12:00.0136 8336 Boot type: Normal boot
13:12:00.0136 8336 ============================================================
13:12:06.0363 8336 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:12:06.0379 8336 \Device\Harddisk0\DR0:
13:12:06.0379 8336 MBR used
13:12:06.0379 8336 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1BB3000, BlocksNum 0x32000
13:12:06.0379 8336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BE5000, BlocksNum 0x238492B0
13:12:06.0461 8336 Initialize success
13:12:06.0461 8336 ============================================================
13:12:44.0271 7520 ============================================================
13:12:44.0271 7520 Scan started
13:12:44.0271 7520 Mode: Manual;
13:12:44.0271 7520 ============================================================
13:12:46.0537 7520 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:12:47.0626 7520 1394ohci - ok
13:12:47.0694 7520 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:12:47.0698 7520 ACDaemon - ok
13:12:47.0812 7520 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:12:47.0820 7520 ACPI - ok
13:12:47.0908 7520 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:12:48.0336 7520 AcpiPmi - ok
13:12:48.0451 7520 AdobeActiveFileMonitor8.0 (4451cc2275b04043ec2bcc757af97291) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
13:12:48.0455 7520 AdobeActiveFileMonitor8.0 - ok
13:12:48.0624 7520 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:12:48.0626 7520 AdobeARMservice - ok
13:12:48.0716 7520 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:12:50.0006 7520 adp94xx - ok
13:12:50.0126 7520 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:12:50.0343 7520 adpahci - ok
13:12:50.0475 7520 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:12:51.0077 7520 adpu320 - ok
13:12:51.0175 7520 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:12:51.0177 7520 AeLookupSvc - ok
13:12:51.0265 7520 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:12:51.0275 7520 AFD - ok
13:12:51.0490 7520 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:12:51.0782 7520 agp440 - ok
13:12:51.0918 7520 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:12:52.0078 7520 ALG - ok
13:12:52.0263 7520 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:12:52.0578 7520 aliide - ok
13:12:52.0710 7520 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:12:52.0847 7520 amdide - ok
13:12:52.0949 7520 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:12:52.0973 7520 AmdK8 - ok
13:12:53.0117 7520 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:12:53.0146 7520 AmdPPM - ok
13:12:53.0291 7520 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:12:53.0410 7520 amdsata - ok
13:12:53.0538 7520 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:12:53.0582 7520 amdsbs - ok
13:12:53.0660 7520 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:12:53.0661 7520 amdxata - ok
13:12:53.0786 7520 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:12:53.0827 7520 ApfiltrService - ok
13:12:53.0942 7520 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:12:54.0077 7520 AppID - ok
13:12:54.0157 7520 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:12:54.0181 7520 AppIDSvc - ok
13:12:54.0244 7520 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:12:54.0246 7520 Appinfo - ok
13:12:54.0393 7520 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:12:54.0395 7520 Apple Mobile Device - ok
13:12:54.0465 7520 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:12:54.0469 7520 arc - ok
13:12:54.0496 7520 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:12:54.0545 7520 arcsas - ok
13:12:54.0585 7520 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
13:12:54.0587 7520 ArcSoftKsUFilter - ok
13:12:54.0694 7520 Arrakis3 (02faf198a7f7ec16bd89f6e98b98060a) C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
13:12:54.0696 7520 Arrakis3 - ok
13:12:54.0845 7520 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:12:54.0846 7520 aspnet_state - ok
13:12:54.0914 7520 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:12:54.0948 7520 AsyncMac - ok
13:12:55.0109 7520 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:12:55.0110 7520 atapi - ok
13:12:55.0299 7520 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys
13:12:55.0327 7520 athr - ok
13:12:55.0510 7520 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:12:55.0523 7520 AudioEndpointBuilder - ok
13:12:55.0538 7520 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:12:55.0541 7520 AudioSrv - ok
13:12:55.0654 7520 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:12:55.0674 7520 AxInstSV - ok
13:12:55.0786 7520 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:12:55.0802 7520 b06bdrv - ok
13:12:55.0896 7520 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:12:55.0956 7520 b57nd60a - ok
13:12:56.0098 7520 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:12:56.0103 7520 BBSvc - ok
13:12:56.0225 7520 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:12:56.0258 7520 BDESVC - ok
13:12:56.0379 7520 BDFM (f050e487a787239c182c279ca97e8cf4) C:\Windows\system32\DRIVERS\bdfm.sys
13:12:56.0381 7520 BDFM - ok
13:12:56.0486 7520 BdfNdisf (cd211cfa62cab0d4c18b5cb8337f57c2) C:\Windows\system32\DRIVERS\BdfNdisf6.sys
13:12:56.0536 7520 BdfNdisf - ok
13:12:56.0694 7520 bdfsfltr (abd97bfb299713a51fe36aaab71f73a2) C:\Windows\system32\DRIVERS\bdfsfltr.sys
13:12:56.0700 7520 bdfsfltr - ok
13:12:56.0807 7520 bdfwfpf (1d634cdb4f742ac282d5265d46829ff6) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
13:12:56.0809 7520 bdfwfpf - ok
13:12:56.0883 7520 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys
13:12:56.0886 7520 BDVEDISK - ok
13:12:57.0008 7520 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:12:57.0031 7520 Beep - ok
13:12:57.0294 7520 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:12:57.0309 7520 BFE - ok
13:12:57.0401 7520 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:12:57.0421 7520 BITS - ok
13:12:57.0507 7520 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:12:57.0513 7520 blbdrive - ok
13:12:57.0619 7520 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:12:57.0628 7520 Bonjour Service - ok
13:12:57.0735 7520 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:12:57.0738 7520 bowser - ok
13:12:57.0775 7520 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:12:57.0778 7520 BrFiltLo - ok
13:12:57.0799 7520 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:12:57.0801 7520 BrFiltUp - ok
13:12:57.0881 7520 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:12:57.0885 7520 Browser - ok
13:12:57.0973 7520 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:12:57.0985 7520 Brserid - ok
13:12:58.0076 7520 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:12:58.0082 7520 BrSerWdm - ok
13:12:58.0111 7520 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:12:58.0117 7520 BrUsbMdm - ok
13:12:58.0136 7520 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:12:58.0153 7520 BrUsbSer - ok
13:12:58.0259 7520 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:12:58.0265 7520 BthEnum - ok
13:12:58.0317 7520 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:12:58.0324 7520 BTHMODEM - ok
13:12:58.0353 7520 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:12:58.0362 7520 BthPan - ok
13:12:58.0491 7520 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:12:58.0509 7520 BTHPORT - ok
13:12:58.0585 7520 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:12:58.0588 7520 bthserv - ok
13:12:58.0678 7520 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:12:58.0685 7520 BTHUSB - ok
13:12:58.0744 7520 btwampfl (71a07b6fc98030935e60edbffe9e9c85) C:\Windows\system32\drivers\btwampfl.sys
13:12:58.0753 7520 btwampfl - ok
13:12:58.0813 7520 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
13:12:58.0818 7520 btwaudio - ok
13:12:58.0898 7520 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
13:12:58.0903 7520 btwavdt - ok
13:12:58.0980 7520 btwdins (1af4adb12e5ec25041166da38c3b42c9) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:12:58.0996 7520 btwdins - ok
13:12:59.0101 7520 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
13:12:59.0104 7520 btwl2cap - ok
13:12:59.0135 7520 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
13:12:59.0138 7520 btwrchid - ok
13:12:59.0172 7520 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:12:59.0179 7520 cdfs - ok
13:12:59.0287 7520 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:12:59.0296 7520 cdrom - ok
13:12:59.0368 7520 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:12:59.0375 7520 CertPropSvc - ok
13:12:59.0462 7520 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:12:59.0469 7520 circlass - ok
13:12:59.0515 7520 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:12:59.0523 7520 CLFS - ok
13:12:59.0587 7520 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:59.0590 7520 clr_optimization_v2.0.50727_32 - ok
13:12:59.0620 7520 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:12:59.0623 7520 clr_optimization_v2.0.50727_64 - ok
13:12:59.0763 7520 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:59.0767 7520 clr_optimization_v4.0.30319_32 - ok
13:12:59.0807 7520 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:12:59.0811 7520 clr_optimization_v4.0.30319_64 - ok
13:12:59.0869 7520 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:12:59.0875 7520 CmBatt - ok
13:12:59.0966 7520 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:12:59.0973 7520 cmdide - ok
13:13:00.0029 7520 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:13:00.0039 7520 CNG - ok
13:13:00.0148 7520 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:13:00.0150 7520 Compbatt - ok
13:13:00.0235 7520 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:13:00.0242 7520 CompositeBus - ok
13:13:00.0262 7520 COMSysApp - ok
13:13:00.0376 7520 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:13:00.0383 7520 crcdisk - ok
13:13:00.0481 7520 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:13:00.0486 7520 CryptSvc - ok
13:13:00.0603 7520 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
13:13:00.0607 7520 dc3d - ok
13:13:00.0703 7520 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:13:00.0717 7520 DcomLaunch - ok
13:13:00.0771 7520 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:13:00.0781 7520 defragsvc - ok
13:13:00.0887 7520 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:13:00.0890 7520 DfsC - ok
13:13:00.0971 7520 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:13:00.0979 7520 Dhcp - ok
13:13:01.0060 7520 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:13:01.0061 7520 discache - ok
13:13:01.0091 7520 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:13:01.0095 7520 Disk - ok
13:13:01.0180 7520 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:13:01.0185 7520 Dnscache - ok
13:13:01.0246 7520 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:13:01.0258 7520 dot3svc - ok
13:13:01.0404 7520 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
13:13:01.0412 7520 dot4 - ok
13:13:01.0550 7520 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
13:13:01.0556 7520 Dot4Print - ok
13:13:01.0620 7520 Dot4Scan (488669cd1cd3bdcfdd9a5fda72209069) C:\Windows\system32\DRIVERS\Dot4Scan.sys
13:13:01.0625 7520 Dot4Scan - ok
13:13:01.0722 7520 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
13:13:01.0728 7520 dot4usb - ok
13:13:01.0784 7520 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:13:01.0789 7520 DPS - ok
13:13:01.0868 7520 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:13:01.0872 7520 drmkaud - ok
13:13:01.0961 7520 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:13:01.0988 7520 DXGKrnl - ok
13:13:02.0081 7520 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:13:02.0085 7520 EapHost - ok
13:13:02.0225 7520 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:13:02.0364 7520 ebdrv - ok
13:13:02.0473 7520 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:13:02.0475 7520 EFS - ok
13:13:02.0604 7520 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:13:02.0618 7520 ehRecvr - ok
13:13:02.0651 7520 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:13:02.0653 7520 ehSched - ok
13:13:02.0763 7520 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:13:02.0785 7520 elxstor - ok
13:13:02.0909 7520 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:13:02.0913 7520 ErrDev - ok
13:13:02.0959 7520 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:13:02.0965 7520 EventSystem - ok
13:13:03.0068 7520 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:13:03.0161 7520 exfat - ok
13:13:03.0253 7520 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:13:03.0272 7520 fastfat - ok
13:13:03.0402 7520 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:13:03.0444 7520 Fax - ok
13:13:03.0562 7520 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:13:03.0568 7520 fdc - ok
13:13:03.0632 7520 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:13:03.0635 7520 fdPHost - ok
13:13:03.0668 7520 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:13:03.0671 7520 FDResPub - ok
13:13:03.0731 7520 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:13:03.0734 7520 FileInfo - ok
13:13:03.0815 7520 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:13:03.0833 7520 Filetrace - ok
13:13:03.0919 7520 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:13:03.0937 7520 FLEXnet Licensing Service - ok
13:13:04.0058 7520 FLEXnet Licensing Service 64 (a4297244d4f817278a6ae45b1899ca9c) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:13:04.0084 7520 FLEXnet Licensing Service 64 - ok
13:13:04.0198 7520 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:13:04.0206 7520 flpydisk - ok
13:13:04.0354 7520 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:13:04.0361 7520 FltMgr - ok
13:13:04.0466 7520 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:13:04.0498 7520 FontCache - ok
13:13:04.0624 7520 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:13:04.0626 7520 FontCache3.0.0.0 - ok
13:13:04.0685 7520 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:13:04.0693 7520 FsDepends - ok
13:13:04.0836 7520 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
13:13:04.0840 7520 fssfltr - ok
13:13:04.0993 7520 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:13:05.0019 7520 fsssvc - ok
13:13:05.0138 7520 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:13:05.0145 7520 Fs_Rec - ok
13:13:05.0202 7520 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:13:05.0207 7520 fvevol - ok
13:13:05.0351 7520 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:13:05.0360 7520 gagp30kx - ok
13:13:05.0420 7520 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:05.0423 7520 GEARAspiWDM - ok
13:13:05.0545 7520 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:13:05.0562 7520 gpsvc - ok
13:13:05.0663 7520 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:13:05.0665 7520 gupdate - ok
13:13:05.0701 7520 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:13:05.0704 7520 gupdatem - ok
13:13:05.0770 7520 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:13:05.0774 7520 gusvc - ok
13:13:05.0864 7520 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:13:05.0871 7520 hcw85cir - ok
13:13:05.0955 7520 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:13:05.0970 7520 HdAudAddService - ok
13:13:06.0074 7520 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:13:06.0082 7520 HDAudBus - ok
13:13:06.0137 7520 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:13:06.0143 7520 HidBatt - ok
13:13:06.0220 7520 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:13:06.0227 7520 HidBth - ok
13:13:06.0308 7520 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:13:06.0314 7520 HidIr - ok
13:13:06.0366 7520 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:13:06.0369 7520 hidserv - ok
13:13:06.0499 7520 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:13:06.0505 7520 HidUsb - ok
13:13:06.0588 7520 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:13:06.0597 7520 hkmsvc - ok
13:13:06.0686 7520 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:13:06.0694 7520 HomeGroupListener - ok
13:13:06.0772 7520 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:13:06.0779 7520 HomeGroupProvider - ok
13:13:06.0967 7520 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:13:06.0970 7520 hpqcxs08 - ok
13:13:07.0021 7520 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:13:07.0025 7520 hpqddsvc - ok
13:13:07.0187 7520 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:13:07.0195 7520 HpSAMD - ok
13:13:07.0340 7520 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:13:07.0353 7520 HTTP - ok
13:13:07.0478 7520 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:13:07.0479 7520 hwpolicy - ok
13:13:07.0548 7520 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:13:07.0555 7520 i8042prt - ok
13:13:07.0694 7520 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
13:13:07.0701 7520 iaStor - ok
13:13:07.0765 7520 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:13:07.0767 7520 IAStorDataMgrSvc - ok
13:13:07.0918 7520 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:13:07.0934 7520 iaStorV - ok
13:13:08.0117 7520 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:13:08.0120 7520 IDriverT - ok
13:13:08.0402 7520 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:13:08.0420 7520 idsvc - ok
13:13:08.0533 7520 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:13:08.0540 7520 iirsp - ok
13:13:08.0622 7520 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:13:08.0641 7520 IKEEXT - ok
13:13:08.0746 7520 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys
13:13:08.0756 7520 Impcd - ok
13:13:08.0859 7520 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys
13:13:08.0891 7520 IntcAzAudAddService - ok
13:13:09.0028 7520 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:13:09.0034 7520 intelide - ok
13:13:09.0111 7520 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:13:09.0119 7520 intelppm - ok
13:13:09.0160 7520 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:13:09.0169 7520 IPBusEnum - ok
13:13:09.0314 7520 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:09.0322 7520 IpFilterDriver - ok
13:13:09.0370 7520 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:13:09.0384 7520 iphlpsvc - ok
13:13:09.0510 7520 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:13:09.0514 7520 IPMIDRV - ok
13:13:09.0618 7520 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:13:09.0627 7520 IPNAT - ok
13:13:09.0740 7520 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:13:09.0751 7520 iPod Service - ok
13:13:09.0845 7520 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:13:09.0851 7520 IRENUM - ok
13:13:09.0912 7520 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:13:09.0919 7520 isapnp - ok
13:13:10.0044 7520 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:13:10.0059 7520 iScsiPrt - ok
13:13:10.0134 7520 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
13:13:10.0136 7520 IviRegMgr - ok
13:13:10.0251 7520 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:13:10.0255 7520 kbdclass - ok
13:13:10.0330 7520 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:13:10.0333 7520 kbdhid - ok
13:13:10.0429 7520 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:13:10.0432 7520 KeyIso - ok
13:13:10.0503 7520 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:13:10.0507 7520 KSecDD - ok
13:13:10.0566 7520 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:13:10.0571 7520 KSecPkg - ok
13:13:10.0666 7520 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:13:10.0672 7520 ksthunk - ok
13:13:10.0713 7520 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:13:10.0730 7520 KtmRm - ok
13:13:10.0832 7520 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:13:10.0840 7520 LanmanServer - ok
13:13:10.0903 7520 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:13:10.0909 7520 LanmanWorkstation - ok
13:13:11.0020 7520 LIVESRV (7cef520fbf872fa709301d427c7e16f8) C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
13:13:11.0025 7520 LIVESRV - ok
13:13:11.0119 7520 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:13:11.0126 7520 lltdio - ok
13:13:11.0169 7520 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:13:11.0184 7520 lltdsvc - ok
13:13:11.0267 7520 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:13:11.0275 7520 lmhosts - ok
13:13:11.0356 7520 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:13:11.0365 7520 LSI_FC - ok
13:13:11.0471 7520 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:13:11.0479 7520 LSI_SAS - ok
13:13:11.0512 7520 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:13:11.0520 7520 LSI_SAS2 - ok
13:13:11.0621 7520 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:13:11.0630 7520 LSI_SCSI - ok
13:13:11.0659 7520 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:13:11.0661 7520 luafv - ok
13:13:11.0767 7520 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:13:11.0776 7520 Mcx2Svc - ok
13:13:11.0833 7520 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:13:11.0841 7520 megasas - ok
13:13:11.0950 7520 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:13:11.0963 7520 MegaSR - ok
13:13:12.0082 7520 Microsoft SharePoint Workspace Audit Service - ok
13:13:12.0186 7520 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:13:12.0187 7520 MMCSS - ok
13:13:12.0245 7520 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:13:12.0249 7520 Modem - ok
13:13:12.0354 7520 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:13:12.0355 7520 monitor - ok
13:13:12.0447 7520 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:13:12.0455 7520 mouclass - ok
13:13:12.0544 7520 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:13:12.0547 7520 mouhid - ok
13:13:12.0632 7520 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:13:12.0635 7520 mountmgr - ok
13:13:12.0744 7520 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:13:12.0754 7520 mpio - ok
13:13:12.0842 7520 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:13:12.0849 7520 mpsdrv - ok
13:13:12.0953 7520 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:13:12.0970 7520 MpsSvc - ok
13:13:13.0086 7520 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:13:13.0096 7520 MRxDAV - ok
13:13:13.0162 7520 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:13:13.0167 7520 mrxsmb - ok
13:13:13.0323 7520 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:13:13.0328 7520 mrxsmb10 - ok
13:13:13.0394 7520 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:13:13.0398 7520 mrxsmb20 - ok
13:13:13.0527 7520 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:13:13.0534 7520 msahci - ok
13:13:13.0602 7520 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:13:13.0612 7520 msdsm - ok
13:13:13.0708 7520 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:13:13.0719 7520 MSDTC - ok
13:13:13.0788 7520 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:13:13.0791 7520 Msfs - ok
13:13:13.0888 7520 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:13:13.0893 7520 mshidkmdf - ok
13:13:13.0947 7520 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:13:13.0949 7520 msisadrv - ok
13:13:14.0046 7520 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:13:14.0056 7520 MSiSCSI - ok
13:13:14.0075 7520 msiserver - ok
13:13:14.0134 7520 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:13:14.0140 7520 MSKSSRV - ok
13:13:14.0245 7520 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:13:14.0252 7520 MSPCLOCK - ok
13:13:14.0302 7520 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:13:14.0307 7520 MSPQM - ok
13:13:14.0435 7520 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:13:14.0443 7520 MsRPC - ok
13:13:14.0506 7520 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:13:14.0513 7520 mssmbios - ok
13:13:14.0577 7520 MSSQL$DDNI - ok
13:13:14.0636 7520 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:13:14.0638 7520 MSSQLServerADHelper100 - ok
13:13:14.0721 7520 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:13:14.0727 7520 MSTEE - ok
13:13:14.0761 7520 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:13:14.0767 7520 MTConfig - ok
13:13:14.0850 7520 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:13:14.0852 7520 Mup - ok
13:13:14.0933 7520 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:13:14.0943 7520 napagent - ok
13:13:15.0037 7520 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:13:15.0051 7520 NativeWifiP - ok
13:13:15.0131 7520 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:13:15.0150 7520 NDIS - ok
13:13:15.0237 7520 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:13:15.0243 7520 NdisCap - ok
13:13:15.0325 7520 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:13:15.0331 7520 NdisTapi - ok
13:13:15.0441 7520 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:13:15.0448 7520 Ndisuio - ok
13:13:15.0514 7520 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:13:15.0524 7520 NdisWan - ok
13:13:15.0623 7520 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:13:15.0630 7520 NDProxy - ok
13:13:15.0762 7520 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
13:13:15.0770 7520 Net Driver HPZ12 - ok
13:13:15.0815 7520 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:13:15.0818 7520 NetBIOS - ok
13:13:15.0875 7520 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:13:15.0880 7520 NetBT - ok
13:13:15.0974 7520 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:13:15.0976 7520 Netlogon - ok
13:13:16.0022 7520 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:13:16.0032 7520 Netman - ok
13:13:16.0155 7520 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:13:16.0159 7520 NetMsmqActivator - ok
13:13:16.0169 7520 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:13:16.0171 7520 NetPipeActivator - ok
13:13:16.0269 7520 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:13:16.0281 7520 netprofm - ok
13:13:16.0422 7520 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:13:16.0424 7520 NetTcpActivator - ok
13:13:16.0434 7520 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:13:16.0436 7520 NetTcpPortSharing - ok
13:13:16.0509 7520 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:13:16.0517 7520 nfrd960 - ok
13:13:16.0609 7520 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:13:16.0617 7520 NlaSvc - ok
13:13:16.0693 7520 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:13:16.0695 7520 Npfs - ok
13:13:16.0764 7520 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:13:16.0768 7520 nsi - ok
13:13:16.0847 7520 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:13:16.0848 7520 nsiproxy - ok
13:13:16.0970 7520 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:13:16.0996 7520 Ntfs - ok
13:13:17.0093 7520 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:13:17.0098 7520 Null - ok
13:13:17.0159 7520 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
13:13:17.0164 7520 NVHDA - ok
13:13:17.0552 7520 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:13:17.0810 7520 nvlddmkm - ok
13:13:17.0926 7520 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:13:17.0932 7520 nvraid - ok
13:13:17.0952 7520 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:13:17.0958 7520 nvstor - ok
13:13:18.0002 7520 nvsvc (24ab15d09a13d5a40567211a1ab9b479) C:\Windows\system32\nvvsvc.exe
13:13:18.0008 7520 nvsvc - ok
13:13:18.0386 7520 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:13:18.0395 7520 nv_agp - ok
13:13:18.0552 7520 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:13:18.0561 7520 ohci1394 - ok
13:13:19.0203 7520 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:13:19.0207 7520 ose - ok
13:13:19.0475 7520 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:13:19.0827 7520 osppsvc - ok
13:13:19.0936 7520 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:13:19.0945 7520 p2pimsvc - ok
13:13:19.0989 7520 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:13:20.0001 7520 p2psvc - ok
13:13:20.0238 7520 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:13:20.0245 7520 Parport - ok
13:13:20.0415 7520 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:13:20.0418 7520 partmgr - ok
13:13:20.0483 7520 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:13:20.0490 7520 PcaSvc - ok
13:13:20.0597 7520 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:13:20.0602 7520 pci - ok
13:13:20.0658 7520 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:13:20.0664 7520 pciide - ok
13:13:20.0752 7520 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:13:20.0786 7520 pcmcia - ok
13:13:20.0869 7520 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:13:20.0872 7520 pcw - ok
13:13:20.0939 7520 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:13:20.0960 7520 PEAUTH - ok
13:13:21.0029 7520 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:13:21.0033 7520 PerfHost - ok
13:13:21.0201 7520 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:13:21.0235 7520 pla - ok
13:13:21.0393 7520 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:13:21.0404 7520 PlugPlay - ok
13:13:21.0518 7520 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:13:21.0536 7520 PMBDeviceInfoProvider - ok
13:13:21.0674 7520 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
13:13:21.0678 7520 Pml Driver HPZ12 - ok
13:13:21.0705 7520 PnkBstrA - ok
13:13:21.0752 7520 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:13:21.0760 7520 PNRPAutoReg - ok
13:13:21.0858 7520 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:13:21.0865 7520 PNRPsvc - ok
13:13:21.0946 7520 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
13:13:21.0950 7520 Point64 - ok
13:13:22.0144 7520 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:13:22.0208 7520 PolicyAgent - ok
13:13:22.0369 7520 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:13:22.0376 7520 Power - ok
13:13:22.0520 7520 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:13:22.0525 7520 PptpMiniport - ok
13:13:22.0564 7520 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:13:22.0568 7520 Processor - ok
13:13:22.0662 7520 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:13:22.0667 7520 ProfSvc - ok
13:13:22.0729 7520 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:13:22.0732 7520 ProtectedStorage - ok
13:13:22.0831 7520 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:13:22.0833 7520 Psched - ok
13:13:22.0886 7520 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:13:22.0890 7520 PSI_SVC_2 - ok
13:13:22.0970 7520 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:13:22.0973 7520 PxHlpa64 - ok
13:13:23.0053 7520 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:13:23.0090 7520 ql2300 - ok
13:13:23.0188 7520 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:13:23.0197 7520 ql40xx - ok
13:13:23.0245 7520 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:13:23.0266 7520 QWAVE - ok
13:13:23.0384 7520 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:13:23.0390 7520 QWAVEdrv - ok
13:13:23.0422 7520 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:13:23.0427 7520 RasAcd - ok
13:13:23.0527 7520 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:13:23.0534 7520 RasAgileVpn - ok
13:13:23.0570 7520 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:13:23.0580 7520 RasAuto - ok
13:13:23.0697 7520 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:23.0705 7520 Rasl2tp - ok
13:13:23.0762 7520 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:13:23.0779 7520 RasMan - ok
13:13:23.0876 7520 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:23.0883 7520 RasPppoe - ok
13:13:23.0914 7520 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:13:23.0922 7520 RasSstp - ok
13:13:24.0041 7520 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:13:24.0049 7520 rdbss - ok
13:13:24.0101 7520 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:13:24.0107 7520 rdpbus - ok
13:13:24.0205 7520 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:24.0206 7520 RDPCDD - ok
13:13:24.0224 7520 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:13:24.0224 7520 RDPENCDD - ok
13:13:24.0241 7520 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:13:24.0242 7520 RDPREFMP - ok
13:13:24.0425 7520 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:13:24.0436 7520 RDPWD - ok
13:13:24.0494 7520 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:13:24.0500 7520 rdyboost - ok
13:13:24.0602 7520 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
13:13:24.0605 7520 regi - ok
13:13:24.0649 7520 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:13:24.0658 7520 RemoteAccess - ok
13:13:24.0763 7520 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:13:24.0774 7520 RemoteRegistry - ok
13:13:24.0830 7520 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:13:24.0836 7520 RFCOMM - ok
13:13:24.0935 7520 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
13:13:24.0943 7520 rimspci - ok
13:13:24.0970 7520 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
13:13:24.0976 7520 risdsnpe - ok
13:13:25.0044 7520 Roxio UPnP Renderer 10 (ba6ce930e1453677f7565ae45181ad76) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
13:13:25.0051 7520 Roxio UPnP Renderer 10 - ok
13:13:25.0086 7520 Roxio Upnp Server 10 (3a3d707a35ea30a6cf88b9e555e3d815) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
13:13:25.0094 7520 Roxio Upnp Server 10 - ok
13:13:25.0174 7520 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:13:25.0179 7520 RpcEptMapper - ok
13:13:25.0229 7520 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:13:25.0236 7520 RpcLocator - ok
13:13:25.0394 7520 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:13:25.0403 7520 RpcSs - ok
13:13:25.0503 7520 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:13:25.0511 7520 rspndr - ok
13:13:25.0630 7520 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:13:25.0633 7520 SamSs - ok
13:13:25.0721 7520 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:13:25.0730 7520 sbp2port - ok
13:13:25.0894 7520 scan (cc0f90969c8c951217b53eb6a4487328) C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll
13:13:25.0899 7520 scan - ok
13:13:25.0997 7520 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:13:26.0011 7520 SCardSvr - ok
13:13:26.0145 7520 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:13:26.0152 7520 scfilter - ok
13:13:26.0299 7520 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:13:26.0334 7520 Schedule - ok
13:13:26.0456 7520 SCManager - ok
13:13:26.0547 7520 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:13:26.0550 7520 SCPolicySvc - ok
13:13:26.0700 7520 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
13:13:26.0708 7520 sdbus - ok
13:13:26.0813 7520 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:13:26.0826 7520 SDRSVC - ok
13:13:26.0963 7520 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:13:26.0967 7520 SeaPort - ok
13:13:27.0054 7520 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:13:27.0057 7520 secdrv - ok
13:13:27.0123 7520 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:13:27.0132 7520 seclogon - ok
13:13:27.0206 7520 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:13:27.0211 7520 SENS - ok
13:13:27.0247 7520 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:13:27.0256 7520 SensrSvc - ok
13:13:27.0339 7520 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:13:27.0345 7520 Serenum - ok
13:13:27.0439 7520 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:13:27.0446 7520 Serial - ok
13:13:27.0519 7520 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:13:27.0525 7520 sermouse - ok
13:13:27.0640 7520 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:13:27.0650 7520 SessionEnv - ok
13:13:27.0710 7520 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
13:13:27.0715 7520 SFEP - ok
13:13:27.0831 7520 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:13:27.0837 7520 sffdisk - ok
13:13:27.0872 7520 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:13:27.0878 7520 sffp_mmc - ok
13:13:27.0980 7520 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:13:27.0985 7520 sffp_sd - ok
13:13:28.0044 7520 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:13:28.0050 7520 sfloppy - ok
13:13:28.0147 7520 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:13:28.0163 7520 SharedAccess - ok
13:13:28.0233 7520 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:13:28.0244 7520 ShellHWDetection - ok
13:13:28.0382 7520 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:13:28.0389 7520 SiSRaid2 - ok
13:13:28.0436 7520 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:13:28.0444 7520 SiSRaid4 - ok
13:13:28.0544 7520 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:13:28.0548 7520 SkypeUpdate - ok
13:13:28.0642 7520 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:13:28.0647 7520 Smb - ok
13:13:28.0766 7520 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:13:28.0774 7520 SNMPTRAP - ok
13:13:28.0887 7520 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:13:28.0890 7520 SOHCImp - ok
13:13:28.0962 7520 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
13:13:28.0971 7520 SOHDms - ok
13:13:29.0084 7520 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:13:29.0087 7520 SOHDs - ok
13:13:29.0175 7520 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
13:13:29.0182 7520 SpfService - ok
13:13:29.0343 7520 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:13:29.0346 7520 spldr - ok
13:13:29.0419 7520 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:13:29.0433 7520 Spooler - ok
13:13:29.0629 7520 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:13:29.0753 7520 sppsvc - ok
13:13:29.0848 7520 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:13:29.0858 7520 sppuinotify - ok
13:13:29.0939 7520 SQLAgent$DDNI (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE
13:13:29.0947 7520 SQLAgent$DDNI - ok
13:13:30.0021 7520 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:13:30.0027 7520 SQLBrowser - ok
13:13:30.0091 7520 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:13:30.0094 7520 SQLWriter - ok
13:13:30.0237 7520 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:13:30.0247 7520 srv - ok
13:13:30.0380 7520 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:13:30.0389 7520 srv2 - ok
13:13:30.0467 7520 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:13:30.0471 7520 srvnet - ok
13:13:30.0576 7520 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:13:30.0584 7520 SSDPSRV - ok
13:13:30.0639 7520 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:13:30.0649 7520 SstpSvc - ok
13:13:30.0765 7520 Steam Client Service - ok
13:13:30.0842 7520 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:13:30.0849 7520 stexstor - ok
13:13:30.0967 7520 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:13:30.0982 7520 stisvc - ok
13:13:31.0107 7520 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:13:31.0114 7520 swenum - ok
13:13:31.0170 7520 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:13:31.0182 7520 swprv - ok
13:13:31.0343 7520 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:13:31.0371 7520 SysMain - ok
13:13:31.0502 7520 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:13:31.0512 7520 TabletInputService - ok
13:13:31.0560 7520 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:13:31.0576 7520 TapiSrv - ok
13:13:31.0626 7520 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:13:31.0636 7520 TBS - ok
13:13:31.0804 7520 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:13:31.0841 7520 Tcpip - ok
13:13:32.0004 7520 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:13:32.0017 7520 TCPIP6 - ok
13:13:32.0144 7520 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:13:32.0150 7520 tcpipreg - ok
13:13:32.0195 7520 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:13:32.0200 7520 TDPIPE - ok
13:13:32.0325 7520 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:13:32.0332 7520 TDTCP - ok
13:13:32.0414 7520 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:13:32.0422 7520 tdx - ok
13:13:32.0545 7520 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:13:32.0553 7520 TermDD - ok
13:13:32.0636 7520 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:13:32.0647 7520 TermService - ok
13:13:32.0751 7520 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:13:32.0756 7520 Themes - ok
13:13:32.0798 7520 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:13:32.0801 7520 THREADORDER - ok
13:13:32.0863 7520 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:13:32.0867 7520 TrkWks - ok
13:13:32.0928 7520 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:13:32.0931 7520 TrustedInstaller - ok
13:13:33.0018 7520 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:13:33.0023 7520 tssecsrv - ok
13:13:33.0115 7520 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:13:33.0123 7520 TsUsbFlt - ok
13:13:33.0174 7520 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:13:33.0181 7520 tunnel - ok
13:13:33.0350 7520 TVICHW32 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW32.SYS
13:13:33.0357 7520 TVICHW32 - ok
13:13:33.0419 7520 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:13:33.0428 7520 uagp35 - ok
13:13:33.0486 7520 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
13:13:33.0489 7520 uCamMonitor - ok
13:13:33.0587 7520 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:13:33.0600 7520 udfs - ok
13:13:33.0681 7520 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:13:33.0691 7520 UI0Detect - ok
13:13:33.0784 7520 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:13:33.0793 7520 uliagpkx - ok
13:13:33.0850 7520 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:13:33.0858 7520 umbus - ok
13:13:33.0929 7520 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:13:33.0935 7520 UmPass - ok
13:13:34.0006 7520 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:13:34.0017 7520 upnphost - ok
13:13:34.0100 7520 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
13:13:34.0107 7520 USBAAPL64 - ok
13:13:34.0215 7520 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:13:34.0223 7520 usbccgp - ok
13:13:34.0368 7520 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:13:34.0375 7520 usbcir - ok
13:13:34.0449 7520 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:13:34.0452 7520 usbehci - ok
13:13:34.0487 7520 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:13:34.0495 7520 usbhub - ok
13:13:34.0594 7520 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:13:34.0601 7520 usbohci - ok
13:13:34.0682 7520 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:13:34.0685 7520 usbprint - ok
13:13:34.0778 7520 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:13:34.0784 7520 usbscan - ok
13:13:34.0879 7520 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:13:34.0887 7520 USBSTOR - ok
13:13:34.0958 7520 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:13:34.0964 7520 usbuhci - ok
13:13:35.0056 7520 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
13:13:35.0066 7520 usbvideo - ok
13:13:35.0122 7520 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:13:35.0127 7520 UxSms - ok
13:13:35.0239 7520 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
13:13:35.0242 7520 VAIO Entertainment TV Device Arbitration Service - ok
13:13:35.0362 7520 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
13:13:35.0366 7520 VAIO Event Service - ok
13:13:35.0489 7520 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:13:35.0496 7520 VAIO Power Management - ok
13:13:35.0596 7520 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:13:35.0599 7520 VaultSvc - ok
13:13:35.0721 7520 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:13:35.0732 7520 VCFw - ok
13:13:35.0825 7520 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
13:13:35.0836 7520 VcmIAlzMgr - ok
13:13:35.0884 7520 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
13:13:35.0892 7520 VcmINSMgr - ok
13:13:35.0992 7520 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
13:13:35.0995 7520 VcmXmlIfHelper - ok
13:13:36.0094 7520 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
13:13:36.0096 7520 VCService - ok
13:13:36.0224 7520 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:13:36.0227 7520 vdrvroot - ok
13:13:36.0302 7520 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:13:36.0316 7520 vds - ok
13:13:36.0426 7520 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:13:36.0429 7520 vga - ok
13:13:36.0483 7520 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:13:36.0489 7520 VgaSave - ok
13:13:36.0611 7520 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:13:36.0624 7520 vhdmp - ok
13:13:36.0660 7520 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:13:36.0666 7520 viaide - ok
13:13:36.0787 7520 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:13:36.0790 7520 volmgr - ok
13:13:36.0854 7520 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:13:36.0862 7520 volmgrx - ok
13:13:36.0991 7520 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:13:36.0995 7520 volsnap - ok
13:13:37.0045 7520 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:13:37.0056 7520 vsmraid - ok
13:13:37.0201 7520 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:13:37.0228 7520 VSS - ok
13:13:37.0376 7520 VSSERV (a1a4177638e5662ee5205e1e6c5cf965) C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
13:13:37.0389 7520 VSSERV - ok
13:13:37.0636 7520 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
13:13:37.0652 7520 VUAgent - ok
13:13:37.0756 7520 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:13:37.0758 7520 vwifibus - ok
13:13:37.0785 7520 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:13:37.0793 7520 vwififlt - ok
13:13:37.0911 7520 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:13:37.0917 7520 vwifimp - ok
13:13:37.0965 7520 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:13:37.0983 7520 W32Time - ok
13:13:38.0101 7520 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:13:38.0106 7520 WacomPen - ok
13:13:38.0170 7520 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:13:38.0178 7520 WANARP - ok
13:13:38.0191 7520 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:13:38.0193 7520 Wanarpv6 - ok
13:13:38.0412 7520 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:13:38.0446 7520 WatAdminSvc - ok
13:13:38.0600 7520 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:13:38.0632 7520 wbengine - ok
13:13:38.0723 7520 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:13:38.0738 7520 WbioSrvc - ok
13:13:38.0810 7520 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:13:38.0828 7520 wcncsvc - ok
13:13:38.0916 7520 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:13:38.0926 7520 WcsPlugInService - ok
13:13:38.0984 7520 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:13:38.0991 7520 Wd - ok
13:13:39.0128 7520 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
13:13:39.0134 7520 WDC_SAM - ok
13:13:39.0195 7520 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:13:39.0209 7520 Wdf01000 - ok
13:13:39.0307 7520 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:13:39.0313 7520 WdiServiceHost - ok
13:13:39.0326 7520 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:13:39.0332 7520 WdiSystemHost - ok
13:13:39.0426 7520 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:13:39.0442 7520 WebClient - ok
13:13:39.0533 7520 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:13:39.0548 7520 Wecsvc - ok
13:13:39.0587 7520 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:13:39.0598 7520 wercplsupport - ok
13:13:39.0682 7520 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:13:39.0693 7520 WerSvc - ok
13:13:39.0745 7520 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:13:39.0750 7520 WfpLwf - ok
13:13:39.0854 7520 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:13:39.0861 7520 WIMMount - ok
13:13:39.0889 7520 WinDefend - ok
13:13:39.0919 7520 WinHttpAutoProxySvc - ok
13:13:40.0027 7520 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:13:40.0033 7520 Winmgmt - ok
13:13:40.0155 7520 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:13:40.0189 7520 WinRM - ok
13:13:40.0319 7520 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:13:40.0341 7520 Wlansvc - ok
13:13:40.0516 7520 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:13:40.0519 7520 wlcrasvc - ok
13:13:40.0670 7520 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:13:40.0687 7520 wlidsvc - ok
13:13:40.0809 7520 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:13:40.0815 7520 WmiAcpi - ok
13:13:40.0899 7520 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:13:40.0911 7520 wmiApSrv - ok
13:13:40.0951 7520 WMPNetworkSvc - ok
13:13:41.0033 7520 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:13:41.0042 7520 WPCSvc - ok
13:13:41.0117 7520 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:13:41.0128 7520 WPDBusEnum - ok
13:13:41.0221 7520 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:13:41.0227 7520 ws2ifsl - ok
13:13:41.0287 7520 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:13:41.0293 7520 wscsvc - ok
13:13:41.0385 7520 WSearch - ok
13:13:41.0523 7520 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:13:41.0560 7520 wuauserv - ok
13:13:41.0683 7520 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:13:41.0692 7520 WudfPf - ok
13:13:41.0738 7520 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:13:41.0750 7520 WUDFRd - ok
13:13:41.0855 7520 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:13:41.0862 7520 wudfsvc - ok
13:13:41.0913 7520 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:13:41.0928 7520 WwanSvc - ok
13:13:42.0029 7520 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys
13:13:42.0045 7520 yukonw7 - ok
13:13:42.0111 7520 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:13:42.0174 7520 \Device\Harddisk0\DR0 - ok
13:13:42.0179 7520 Boot (0x1200) (0286c6a85f06bb12f7641e07c8274027) \Device\Harddisk0\DR0\Partition0
13:13:42.0182 7520 \Device\Harddisk0\DR0\Partition0 - ok
13:13:42.0205 7520 Boot (0x1200) (fb6e46ed8c3454e5ac7395bf126b8bbd) \Device\Harddisk0\DR0\Partition1
13:13:42.0208 7520 \Device\Harddisk0\DR0\Partition1 - ok
13:13:42.0209 7520 ============================================================
13:13:42.0209 7520 Scan finished
13:13:42.0209 7520 ============================================================
13:13:42.0221 5440 Detected object count: 0
13:13:42.0221 5440 Actual detected object count: 0
13:14:10.0690 5432 Deinitialize success

#13 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:01:20 PM

Posted 16 April 2012 - 01:57 PM

Check and see if Bitdefender is still finding the file.

If so, please note the exact location it detects and do not reboot the computer.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#14 Seridryck

Seridryck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 16 April 2012 - 03:58 PM

It still finds it. While scanning, it gives me the following pop-up:


BitDefender Antivirus Alert

BitDefender has blocked a virus!

Virus Name:
Gen:Variant.TDss.20

Accessed by:
svchost

Location:
C:\Windows\Temp\tmp000070c8\tmp000121df

BitDefender could not disinfect, delete, or quarantine this item. Access to this object has been denied.




When the scan is complete, I get the following message:


Antivirus Scan
Results Summary
Below you can find the results summary for the current scan task.
Solved issues: 1
No threat requires your attention.
BitDefender has detected and blocked viruses on your computer! This is the list of threats. Please click the virus name to see its corresponding list of infected items.




If I then click on "View Solved Items," I get this screen:


Solved issues: 1

File Path
<System>=>c:\program files (x86)\sony\vaio event service\vesbaseps.dll *32 [2536] (full dump)

Threat Name
Gen:Variant.TDss.20

Result
deleted




I'd like to point out that the temp file location and the bracketed number in the file path are different every time I scan, whether or not I reboot my computer. But I'll still refrain from rebooting.

#15 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:01:20 PM

Posted 16 April 2012 - 04:50 PM

It appears that the issues on your system will require a more in-depth examination than can be performed in this forum. Please read the information in this guide, and follow all the steps beginning with step 6. After you have followed the steps in that guide, I would like you to start a new thread HERE and include a link to this thread.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. The MRT is very busy, so it could be several days (3-5 days is the average wait right now) before you receive a reply. But rest assured, help is on the way!

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users