Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown trojan infection causing a slur of troubles


  • Please log in to reply
15 replies to this topic

#1 mania12

mania12

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 11 April 2012 - 11:34 PM

I've always had issues with AVG anti-virus and Windows Defender. Upon a series of fights with the two programs, I somehow stopped the conflict. This may be irrelevant, but I thought it might be good to include since Windows Dfender is now unable to start and AVG doesn't seem to catch evrything/anything. About a month ago Windows Defender caught a Trojan (I can't remember correctly but I believe it was called Alureon) and said to have contained it. It further instructed me to restart and remove traces of the trojan. I restarted and was going to follow instructions which I found online to remove any of it's traces but I never got to that after restarting. According to the instrutions I was to download TSSDKiller.

So that was my history so far. Now I am faced with many other problems which I think the trojan is responsible for. I was recently attacked by the UKash virus which held me ransom from my computer. I went through multiple manual ways of removing the virus but had no luck since I was unable to locate the virus files to delete them or did any files on my system look suspicious (I am not computer expert though). I resorted to system restore which I believe will give me temporary relief. Also, last week I was trying to open internet explorer and load the google search page, but my computer froze up on me. I had to force my computer to shut down since I could not even open task manager. That's when the mess started and my computer told me my Windows OS was unable to start properly. I had to repair my computer through "system recovery" and the identified problem was that I had installed or updated something which was preventing my computer from starting. I suspect that was the trojan's doing. Before all this I had been suffering from bad internet connectivity and was troubled by network drivers which kept becomming corrupt( which I then had to download and reinstall manually). I've got my computer working again but I do feel as if something is still pumping in spyware since I am sometimes being redirected from my google searches to different pages and random pop-ups. Also sometimes when a page loads it would go to googledoubleclick.com (which shows as blank) then load the correct page.

I can feel as if something is wrong with my computer, but I just don't know how to go about dealing with it. I ran malwarebytes to try and remove the UKash virus but that did not work. Instead I found 3 other infections which I was able to remove. I am currently running a full system scan using AVG antivirus but nothing has come up. How can I find the root of all this trouble?

Thank you in advance and sorry for the lengthy post.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 11 April 2012 - 11:51 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 12 April 2012 - 06:07 PM

18:12:37.0796 8268 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
18:12:38.0076 8268 ============================================================
18:12:38.0076 8268 Current date / time: 2012/04/12 18:12:38.0076
18:12:38.0076 8268 SystemInfo:
18:12:38.0076 8268
18:12:38.0076 8268 OS Version: 6.0.6002 ServicePack: 2.0
18:12:38.0076 8268 Product type: Workstation
18:12:38.0076 8268 ComputerName: MEILING-PC
18:12:38.0076 8268 UserName: Mei Ling
18:12:38.0076 8268 Windows directory: C:\Windows
18:12:38.0076 8268 System windows directory: C:\Windows
18:12:38.0076 8268 Running under WOW64
18:12:38.0076 8268 Processor architecture: Intel x64
18:12:38.0076 8268 Number of processors: 2
18:12:38.0076 8268 Page size: 0x1000
18:12:38.0076 8268 Boot type: Normal boot
18:12:38.0076 8268 ============================================================
18:12:40.0120 8268 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:12:40.0120 8268 \Device\Harddisk0\DR0:
18:12:40.0120 8268 MBR used
18:12:40.0120 8268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x136F000, BlocksNum 0x240BF800
18:12:40.0151 8268 Initialize success
18:12:40.0151 8268 ============================================================
18:13:00.0072 5812 ============================================================
18:13:00.0072 5812 Scan started
18:13:00.0072 5812 Mode: Manual; TDLFS;
18:13:00.0072 5812 ============================================================
18:13:01.0648 5812 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:13:01.0664 5812 ACDaemon - ok
18:13:01.0773 5812 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
18:13:01.0788 5812 ACPI - ok
18:13:01.0882 5812 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:13:01.0898 5812 AdobeFlashPlayerUpdateSvc - ok
18:13:02.0007 5812 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
18:13:02.0022 5812 adp94xx - ok
18:13:02.0100 5812 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
18:13:02.0100 5812 adpahci - ok
18:13:02.0163 5812 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
18:13:02.0178 5812 adpu160m - ok
18:13:02.0241 5812 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
18:13:02.0272 5812 adpu320 - ok
18:13:02.0334 5812 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
18:13:02.0334 5812 AeLookupSvc - ok
18:13:02.0428 5812 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
18:13:02.0428 5812 AFD - ok
18:13:02.0490 5812 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
18:13:02.0490 5812 agp440 - ok
18:13:02.0553 5812 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
18:13:02.0553 5812 aic78xx - ok
18:13:02.0584 5812 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
18:13:02.0600 5812 ALG - ok
18:13:02.0615 5812 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
18:13:02.0631 5812 aliide - ok
18:13:02.0646 5812 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
18:13:02.0646 5812 amdide - ok
18:13:02.0678 5812 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
18:13:02.0693 5812 AmdK8 - ok
18:13:02.0818 5812 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
18:13:02.0818 5812 Appinfo - ok
18:13:02.0943 5812 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:13:02.0943 5812 Apple Mobile Device - ok
18:13:03.0099 5812 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
18:13:03.0099 5812 arc - ok
18:13:03.0177 5812 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
18:13:03.0177 5812 arcsas - ok
18:13:03.0224 5812 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:13:03.0224 5812 ArcSoftKsUFilter - ok
18:13:03.0270 5812 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
18:13:03.0286 5812 AsyncMac - ok
18:13:03.0348 5812 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
18:13:03.0348 5812 atapi - ok
18:13:03.0442 5812 athr (45511c7e870d3adddd60049232ea96b3) C:\Windows\system32\DRIVERS\athrx.sys
18:13:03.0489 5812 athr - ok
18:13:03.0629 5812 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
18:13:03.0629 5812 AudioEndpointBuilder - ok
18:13:03.0660 5812 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
18:13:03.0660 5812 AudioSrv - ok
18:13:03.0957 5812 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
18:13:04.0066 5812 AVGIDSAgent - ok
18:13:04.0175 5812 AVGIDSDriver (fa46adf6e497cf185160f09e603ce2a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:13:04.0175 5812 AVGIDSDriver - ok
18:13:04.0284 5812 AVGIDSEH (d6b93e5d8b96a66f55a4d2ee7f24667c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:13:04.0331 5812 AVGIDSEH - ok
18:13:04.0394 5812 AVGIDSFilter (ff6551f1ab0da3b30c9dec923f21b504) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:13:04.0394 5812 AVGIDSFilter - ok
18:13:04.0503 5812 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
18:13:04.0503 5812 Avgldx64 - ok
18:13:04.0550 5812 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
18:13:04.0550 5812 Avgmfx64 - ok
18:13:04.0612 5812 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
18:13:04.0612 5812 Avgrkx64 - ok
18:13:04.0643 5812 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
18:13:04.0659 5812 Avgtdia - ok
18:13:04.0877 5812 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:13:04.0877 5812 avgwd - ok
18:13:04.0955 5812 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:13:04.0971 5812 BBSvc - ok
18:13:05.0064 5812 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
18:13:05.0080 5812 BFE - ok
18:13:05.0158 5812 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
18:13:05.0189 5812 BITS - ok
18:13:05.0236 5812 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
18:13:05.0236 5812 blbdrive - ok
18:13:05.0345 5812 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:13:05.0361 5812 Bonjour Service - ok
18:13:05.0517 5812 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
18:13:05.0532 5812 bowser - ok
18:13:05.0579 5812 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
18:13:05.0579 5812 BrFiltLo - ok
18:13:05.0610 5812 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
18:13:05.0610 5812 BrFiltUp - ok
18:13:05.0657 5812 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
18:13:05.0657 5812 Browser - ok
18:13:05.0688 5812 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
18:13:05.0704 5812 Brserid - ok
18:13:05.0735 5812 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
18:13:05.0735 5812 BrSerWdm - ok
18:13:05.0782 5812 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
18:13:05.0798 5812 BrUsbMdm - ok
18:13:05.0813 5812 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
18:13:05.0829 5812 BrUsbSer - ok
18:13:05.0876 5812 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
18:13:05.0876 5812 BthEnum - ok
18:13:05.0922 5812 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
18:13:05.0922 5812 BTHMODEM - ok
18:13:05.0969 5812 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
18:13:05.0969 5812 BthPan - ok
18:13:06.0016 5812 BTHPORT (2ff122eeb3a712feda238fb331f738b9) C:\Windows\system32\Drivers\BTHport.sys
18:13:06.0032 5812 BTHPORT - ok
18:13:06.0063 5812 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
18:13:06.0078 5812 BthServ - ok
18:13:06.0125 5812 BTHUSB (2b668e7c1616c0e931714272934c678b) C:\Windows\system32\Drivers\BTHUSB.sys
18:13:06.0125 5812 BTHUSB - ok
18:13:06.0203 5812 btwaudio (4e26c89d8941ae0ad3f12de9c3dddb5a) C:\Windows\system32\drivers\btwaudio.sys
18:13:06.0219 5812 btwaudio - ok
18:13:06.0250 5812 btwavdt (6b15769244a37b1ff4ca4eba8693c7f3) C:\Windows\system32\drivers\btwavdt.sys
18:13:06.0250 5812 btwavdt - ok
18:13:06.0359 5812 btwdins (f28dab823fcda98f50dd677552a4dc52) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:13:06.0390 5812 btwdins - ok
18:13:06.0484 5812 btwl2cap (0037cb116097e8e0ea77f3b13c50ff1e) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:13:06.0484 5812 btwl2cap - ok
18:13:06.0531 5812 btwrchid (651154ee76ea31eee050f3b66e5d086b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:13:06.0531 5812 btwrchid - ok
18:13:06.0578 5812 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
18:13:06.0578 5812 cdfs - ok
18:13:06.0624 5812 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
18:13:06.0624 5812 cdrom - ok
18:13:06.0734 5812 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
18:13:06.0734 5812 CertPropSvc - ok
18:13:06.0780 5812 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
18:13:06.0780 5812 circlass - ok
18:13:06.0827 5812 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
18:13:06.0843 5812 CLFS - ok
18:13:06.0905 5812 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:13:06.0921 5812 clr_optimization_v2.0.50727_32 - ok
18:13:06.0968 5812 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:13:06.0968 5812 clr_optimization_v2.0.50727_64 - ok
18:13:07.0046 5812 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:13:07.0046 5812 clr_optimization_v4.0.30319_32 - ok
18:13:07.0092 5812 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:13:07.0108 5812 clr_optimization_v4.0.30319_64 - ok
18:13:07.0186 5812 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
18:13:07.0186 5812 CmBatt - ok
18:13:07.0233 5812 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
18:13:07.0233 5812 cmdide - ok
18:13:07.0280 5812 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
18:13:07.0280 5812 Compbatt - ok
18:13:07.0311 5812 COMSysApp - ok
18:13:07.0358 5812 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
18:13:07.0358 5812 crcdisk - ok
18:13:07.0420 5812 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
18:13:07.0436 5812 CryptSvc - ok
18:13:07.0498 5812 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
18:13:07.0545 5812 DcomLaunch - ok
18:13:07.0607 5812 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
18:13:07.0607 5812 DfsC - ok
18:13:07.0748 5812 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
18:13:07.0857 5812 DFSR - ok
18:13:07.0966 5812 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
18:13:07.0982 5812 Dhcp - ok
18:13:08.0028 5812 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
18:13:08.0028 5812 disk - ok
18:13:08.0075 5812 DMICall - ok
18:13:08.0122 5812 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
18:13:08.0138 5812 Dnscache - ok
18:13:08.0169 5812 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
18:13:08.0184 5812 dot3svc - ok
18:13:08.0216 5812 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
18:13:08.0231 5812 DPS - ok
18:13:08.0278 5812 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
18:13:08.0278 5812 drmkaud - ok
18:13:08.0340 5812 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
18:13:08.0403 5812 DXGKrnl - ok
18:13:08.0465 5812 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
18:13:08.0481 5812 E1G60 - ok
18:13:08.0543 5812 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
18:13:08.0559 5812 EapHost - ok
18:13:08.0621 5812 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
18:13:08.0621 5812 Ecache - ok
18:13:08.0668 5812 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
18:13:08.0684 5812 ehRecvr - ok
18:13:08.0699 5812 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
18:13:08.0699 5812 ehSched - ok
18:13:08.0730 5812 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
18:13:08.0777 5812 ehstart - ok
18:13:08.0855 5812 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
18:13:08.0871 5812 elxstor - ok
18:13:08.0949 5812 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
18:13:08.0980 5812 EMDMgmt - ok
18:13:09.0027 5812 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
18:13:09.0027 5812 ErrDev - ok
18:13:09.0089 5812 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
18:13:09.0089 5812 EventSystem - ok
18:13:09.0198 5812 EvtEng (2898eec4ff1c8204222d266f48a35b7d) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:13:09.0245 5812 EvtEng - ok
18:13:09.0386 5812 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
18:13:09.0401 5812 exfat - ok
18:13:09.0464 5812 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
18:13:09.0479 5812 fastfat - ok
18:13:09.0526 5812 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
18:13:09.0526 5812 fdc - ok
18:13:09.0573 5812 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
18:13:09.0573 5812 fdPHost - ok
18:13:09.0604 5812 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
18:13:09.0604 5812 FDResPub - ok
18:13:09.0651 5812 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
18:13:09.0666 5812 FileInfo - ok
18:13:09.0776 5812 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
18:13:09.0791 5812 Filetrace - ok
18:13:09.0838 5812 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:13:09.0854 5812 flpydisk - ok
18:13:10.0010 5812 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
18:13:10.0041 5812 FltMgr - ok
18:13:10.0212 5812 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
18:13:10.0259 5812 FontCache - ok
18:13:10.0337 5812 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:13:10.0353 5812 FontCache3.0.0.0 - ok
18:13:10.0462 5812 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
18:13:10.0462 5812 fssfltr - ok
18:13:10.0649 5812 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:13:10.0712 5812 fsssvc - ok
18:13:10.0852 5812 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
18:13:10.0868 5812 Fs_Rec - ok
18:13:10.0930 5812 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
18:13:10.0930 5812 gagp30kx - ok
18:13:11.0086 5812 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:13:11.0086 5812 GEARAspiWDM - ok
18:13:11.0226 5812 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
18:13:11.0242 5812 gpsvc - ok
18:13:11.0336 5812 gupdate1cab0312c51a695 (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:13:11.0336 5812 gupdate1cab0312c51a695 - ok
18:13:11.0351 5812 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:13:11.0351 5812 gupdatem - ok
18:13:11.0523 5812 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
18:13:11.0538 5812 HdAudAddService - ok
18:13:11.0616 5812 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:13:11.0648 5812 HDAudBus - ok
18:13:11.0694 5812 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
18:13:11.0694 5812 HidBth - ok
18:13:11.0726 5812 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
18:13:11.0726 5812 HidIr - ok
18:13:11.0757 5812 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
18:13:11.0772 5812 hidserv - ok
18:13:11.0819 5812 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
18:13:11.0819 5812 HidUsb - ok
18:13:11.0866 5812 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
18:13:11.0882 5812 hkmsvc - ok
18:13:11.0928 5812 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
18:13:11.0928 5812 HpCISSs - ok
18:13:12.0022 5812 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:13:12.0038 5812 HSFHWAZL - ok
18:13:12.0116 5812 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
18:13:12.0131 5812 HTTP - ok
18:13:12.0178 5812 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
18:13:12.0178 5812 i2omp - ok
18:13:12.0225 5812 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
18:13:12.0225 5812 i8042prt - ok
18:13:12.0287 5812 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
18:13:12.0287 5812 iaStor - ok
18:13:12.0350 5812 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
18:13:12.0365 5812 iaStorV - ok
18:13:12.0521 5812 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:13:12.0568 5812 idsvc - ok
18:13:12.0911 5812 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:13:13.0208 5812 igfx - ok
18:13:13.0254 5812 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
18:13:13.0254 5812 iirsp - ok
18:13:13.0301 5812 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
18:13:13.0332 5812 IKEEXT - ok
18:13:13.0410 5812 IntcAzAudAddService (46cb3abe8150e7b181e86d4906de17e8) C:\Windows\system32\drivers\RTKVHD64.sys
18:13:13.0473 5812 IntcAzAudAddService - ok
18:13:13.0566 5812 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
18:13:13.0566 5812 intelide - ok
18:13:13.0582 5812 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
18:13:13.0598 5812 intelppm - ok
18:13:13.0644 5812 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
18:13:13.0644 5812 IPBusEnum - ok
18:13:13.0691 5812 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:13:13.0707 5812 IpFilterDriver - ok
18:13:13.0754 5812 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
18:13:13.0769 5812 iphlpsvc - ok
18:13:13.0785 5812 IpInIp - ok
18:13:13.0800 5812 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
18:13:13.0894 5812 IPMIDRV - ok
18:13:13.0956 5812 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
18:13:13.0956 5812 IPNAT - ok
18:13:14.0112 5812 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
18:13:14.0144 5812 iPod Service - ok
18:13:14.0237 5812 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
18:13:14.0237 5812 IRENUM - ok
18:13:14.0284 5812 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
18:13:14.0284 5812 isapnp - ok
18:13:14.0393 5812 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
18:13:14.0393 5812 iScsiPrt - ok
18:13:14.0487 5812 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
18:13:14.0487 5812 iteatapi - ok
18:13:14.0534 5812 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
18:13:14.0534 5812 iteraid - ok
18:13:14.0612 5812 IviRegMgr (213822072085b5bbad9af30ab577d817) c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
18:13:14.0612 5812 IviRegMgr - ok
18:13:14.0721 5812 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
18:13:14.0721 5812 kbdclass - ok
18:13:14.0752 5812 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:13:14.0752 5812 kbdhid - ok
18:13:14.0783 5812 KeyIso (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
18:13:14.0799 5812 KeyIso - ok
18:13:14.0924 5812 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
18:13:14.0939 5812 KSecDD - ok
18:13:15.0126 5812 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
18:13:15.0126 5812 ksthunk - ok
18:13:15.0236 5812 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
18:13:15.0251 5812 KtmRm - ok
18:13:15.0298 5812 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
18:13:15.0298 5812 LanmanServer - ok
18:13:15.0345 5812 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
18:13:15.0360 5812 LanmanWorkstation - ok
18:13:15.0392 5812 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
18:13:15.0407 5812 lltdio - ok
18:13:15.0485 5812 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
18:13:15.0501 5812 lltdsvc - ok
18:13:15.0532 5812 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
18:13:15.0532 5812 lmhosts - ok
18:13:15.0594 5812 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
18:13:15.0594 5812 LSI_FC - ok
18:13:15.0641 5812 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
18:13:15.0657 5812 LSI_SAS - ok
18:13:15.0704 5812 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
18:13:15.0719 5812 LSI_SCSI - ok
18:13:15.0766 5812 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
18:13:15.0782 5812 luafv - ok
18:13:15.0828 5812 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
18:13:15.0906 5812 Mcx2Svc - ok
18:13:16.0000 5812 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:13:16.0000 5812 mdmxsdk - ok
18:13:16.0062 5812 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
18:13:16.0078 5812 megasas - ok
18:13:16.0125 5812 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
18:13:16.0140 5812 MegaSR - ok
18:13:16.0187 5812 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
18:13:16.0187 5812 MMCSS - ok
18:13:16.0218 5812 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
18:13:16.0234 5812 Modem - ok
18:13:16.0265 5812 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
18:13:16.0265 5812 monitor - ok
18:13:16.0296 5812 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
18:13:16.0312 5812 mouclass - ok
18:13:16.0359 5812 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
18:13:16.0359 5812 mouhid - ok
18:13:16.0406 5812 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
18:13:16.0421 5812 MountMgr - ok
18:13:16.0452 5812 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
18:13:16.0452 5812 mpio - ok
18:13:16.0484 5812 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
18:13:16.0484 5812 mpsdrv - ok
18:13:16.0530 5812 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
18:13:16.0562 5812 MpsSvc - ok
18:13:16.0608 5812 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
18:13:16.0624 5812 Mraid35x - ok
18:13:16.0671 5812 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
18:13:16.0671 5812 MRxDAV - ok
18:13:16.0749 5812 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:13:16.0764 5812 mrxsmb - ok
18:13:16.0811 5812 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:13:16.0827 5812 mrxsmb10 - ok
18:13:16.0858 5812 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:13:16.0858 5812 mrxsmb20 - ok
18:13:17.0045 5812 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
18:13:17.0061 5812 msahci - ok
18:13:17.0092 5812 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
18:13:17.0092 5812 msdsm - ok
18:13:17.0139 5812 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
18:13:17.0154 5812 MSDTC - ok
18:13:17.0186 5812 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
18:13:17.0186 5812 Msfs - ok
18:13:17.0232 5812 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
18:13:17.0232 5812 msisadrv - ok
18:13:17.0310 5812 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
18:13:17.0310 5812 MSiSCSI - ok
18:13:17.0326 5812 msiserver - ok
18:13:17.0529 5812 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
18:13:17.0529 5812 MSKSSRV - ok
18:13:17.0638 5812 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
18:13:17.0685 5812 MSPCLOCK - ok
18:13:17.0716 5812 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
18:13:17.0716 5812 MSPQM - ok
18:13:17.0763 5812 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
18:13:17.0778 5812 MsRPC - ok
18:13:17.0841 5812 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
18:13:17.0841 5812 mssmbios - ok
18:13:17.0919 5812 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
18:13:17.0919 5812 MSTEE - ok
18:13:18.0106 5812 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
18:13:18.0122 5812 Mup - ok
18:13:18.0340 5812 NACAgent (4b08af096245dbb0e70dc50995b05675) C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgent.exe
18:13:18.0356 5812 NACAgent - ok
18:13:18.0418 5812 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
18:13:18.0434 5812 napagent - ok
18:13:18.0527 5812 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
18:13:18.0543 5812 NativeWifiP - ok
18:13:18.0574 5812 NAVENG - ok
18:13:18.0574 5812 NAVEX15 - ok
18:13:18.0714 5812 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
18:13:18.0761 5812 NDIS - ok
18:13:18.0824 5812 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
18:13:18.0824 5812 NdisTapi - ok
18:13:18.0855 5812 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
18:13:18.0855 5812 Ndisuio - ok
18:13:18.0933 5812 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
18:13:18.0948 5812 NdisWan - ok
18:13:19.0042 5812 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
18:13:19.0042 5812 NDProxy - ok
18:13:19.0229 5812 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
18:13:19.0229 5812 NetBIOS - ok
18:13:19.0276 5812 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
18:13:19.0292 5812 netbt - ok
18:13:19.0323 5812 Netlogon (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
18:13:19.0323 5812 Netlogon - ok
18:13:19.0385 5812 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
18:13:19.0401 5812 Netman - ok
18:13:19.0416 5812 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
18:13:19.0432 5812 netprofm - ok
18:13:19.0541 5812 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:13:19.0541 5812 NetTcpPortSharing - ok
18:13:19.0744 5812 NETw5v64 (bfbd278f8c9bcec693345759ac278e14) C:\Windows\system32\DRIVERS\NETw5v64.sys
18:13:19.0884 5812 NETw5v64 - ok
18:13:20.0306 5812 NETwNv64 (6b138b65b531c3a2380becabef0b6157) C:\Windows\system32\DRIVERS\NETwNv64.sys
18:13:20.0524 5812 NETwNv64 - ok
18:13:20.0633 5812 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
18:13:20.0633 5812 nfrd960 - ok
18:13:20.0696 5812 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
18:13:20.0711 5812 NlaSvc - ok
18:13:20.0742 5812 Norton Internet Security - ok
18:13:20.0774 5812 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
18:13:20.0774 5812 Npfs - ok
18:13:20.0820 5812 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
18:13:20.0820 5812 nsi - ok
18:13:20.0867 5812 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
18:13:20.0867 5812 nsiproxy - ok
18:13:20.0945 5812 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
18:13:21.0086 5812 Ntfs - ok
18:13:21.0117 5812 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
18:13:21.0117 5812 Null - ok
18:13:21.0413 5812 nvlddmkm (f132116e136d93cdab00516eb840ae29) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:13:21.0647 5812 nvlddmkm - ok
18:13:21.0694 5812 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
18:13:21.0694 5812 nvraid - ok
18:13:21.0725 5812 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
18:13:21.0725 5812 nvstor - ok
18:13:21.0803 5812 nvsvc (a07657a71a2684e39abda46ec5c8d545) C:\Windows\system32\nvvsvc.exe
18:13:21.0803 5812 nvsvc - ok
18:13:21.0881 5812 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
18:13:21.0881 5812 nv_agp - ok
18:13:21.0897 5812 NwlnkFlt - ok
18:13:21.0928 5812 NwlnkFwd - ok
18:13:22.0146 5812 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:13:22.0302 5812 odserv - ok
18:13:22.0412 5812 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
18:13:22.0412 5812 ohci1394 - ok
18:13:22.0521 5812 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:13:22.0568 5812 ose - ok
18:13:22.0708 5812 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:13:22.0739 5812 p2pimsvc - ok
18:13:22.0786 5812 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:13:22.0802 5812 p2psvc - ok
18:13:22.0880 5812 PACSPTISVR (b8040c5c1fc1fbbbe5c78cb9eda343ec) C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
18:13:22.0911 5812 PACSPTISVR - ok
18:13:23.0082 5812 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
18:13:23.0082 5812 Parport - ok
18:13:23.0145 5812 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
18:13:23.0145 5812 partmgr - ok
18:13:23.0192 5812 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
18:13:23.0192 5812 PcaSvc - ok
18:13:23.0238 5812 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
18:13:23.0254 5812 pci - ok
18:13:23.0348 5812 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
18:13:23.0348 5812 pciide - ok
18:13:23.0504 5812 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
18:13:23.0504 5812 pcmcia - ok
18:13:23.0582 5812 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
18:13:23.0628 5812 PEAUTH - ok
18:13:23.0706 5812 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
18:13:23.0706 5812 PerfHost - ok
18:13:23.0831 5812 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
18:13:23.0894 5812 pla - ok
18:13:23.0987 5812 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
18:13:24.0003 5812 PlugPlay - ok
18:13:24.0065 5812 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:13:24.0081 5812 PNRPAutoReg - ok
18:13:24.0112 5812 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
18:13:24.0128 5812 PNRPsvc - ok
18:13:24.0252 5812 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
18:13:24.0284 5812 PolicyAgent - ok
18:13:24.0440 5812 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
18:13:24.0440 5812 PptpMiniport - ok
18:13:24.0533 5812 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
18:13:24.0549 5812 Processor - ok
18:13:24.0611 5812 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
18:13:24.0627 5812 ProfSvc - ok
18:13:24.0658 5812 ProtectedStorage (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
18:13:24.0658 5812 ProtectedStorage - ok
18:13:24.0705 5812 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
18:13:24.0705 5812 PSched - ok
18:13:24.0736 5812 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:13:24.0736 5812 PxHlpa64 - ok
18:13:24.0814 5812 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
18:13:24.0861 5812 ql2300 - ok
18:13:24.0892 5812 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
18:13:24.0892 5812 ql40xx - ok
18:13:24.0939 5812 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
18:13:24.0954 5812 QWAVE - ok
18:13:24.0986 5812 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
18:13:24.0986 5812 QWAVEdrv - ok
18:13:25.0001 5812 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
18:13:25.0017 5812 RasAcd - ok
18:13:25.0064 5812 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
18:13:25.0079 5812 RasAuto - ok
18:13:25.0110 5812 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:13:25.0110 5812 Rasl2tp - ok
18:13:25.0157 5812 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
18:13:25.0251 5812 RasMan - ok
18:13:25.0298 5812 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
18:13:25.0298 5812 RasPppoe - ok
18:13:25.0360 5812 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
18:13:25.0360 5812 RasSstp - ok
18:13:25.0407 5812 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
18:13:25.0422 5812 rdbss - ok
18:13:25.0469 5812 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:13:25.0469 5812 RDPCDD - ok
18:13:25.0516 5812 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
18:13:25.0532 5812 rdpdr - ok
18:13:25.0547 5812 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
18:13:25.0547 5812 RDPENCDD - ok
18:13:25.0641 5812 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
18:13:25.0672 5812 RDPWD - ok
18:13:25.0812 5812 RegSrvc (9600567e331f5ae87d31b0a60763e48c) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:13:25.0953 5812 RegSrvc - ok
18:13:26.0124 5812 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
18:13:26.0124 5812 RemoteAccess - ok
18:13:26.0171 5812 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
18:13:26.0187 5812 RemoteRegistry - ok
18:13:26.0312 5812 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
18:13:26.0343 5812 RFCOMM - ok
18:13:26.0390 5812 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys
18:13:26.0390 5812 rimsptsk - ok
18:13:26.0468 5812 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys
18:13:26.0468 5812 risdptsk - ok
18:13:26.0530 5812 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
18:13:26.0530 5812 RpcLocator - ok
18:13:26.0608 5812 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
18:13:26.0624 5812 RpcSs - ok
18:13:26.0670 5812 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
18:13:26.0670 5812 rspndr - ok
18:13:26.0748 5812 SampleCollector (9a5fb8de6567bc86fccde2f0336857a3) C:\Program Files\Sony\VAIO Care\collsvc.exe
18:13:26.0748 5812 SampleCollector - ok
18:13:26.0795 5812 SamSs (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
18:13:26.0795 5812 SamSs - ok
18:13:26.0873 5812 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
18:13:26.0873 5812 sbp2port - ok
18:13:26.0936 5812 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
18:13:26.0936 5812 SCardSvr - ok
18:13:27.0060 5812 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
18:13:27.0092 5812 Schedule - ok
18:13:27.0138 5812 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
18:13:27.0138 5812 SCPolicySvc - ok
18:13:27.0419 5812 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
18:13:27.0497 5812 sdbus - ok
18:13:27.0575 5812 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
18:13:27.0591 5812 SDRSVC - ok
18:13:27.0731 5812 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:13:27.0747 5812 SeaPort - ok
18:13:27.0840 5812 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:13:27.0840 5812 secdrv - ok
18:13:27.0903 5812 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
18:13:27.0918 5812 seclogon - ok
18:13:27.0965 5812 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
18:13:27.0965 5812 SENS - ok
18:13:28.0012 5812 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
18:13:28.0012 5812 Serenum - ok
18:13:28.0043 5812 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
18:13:28.0059 5812 Serial - ok
18:13:28.0090 5812 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
18:13:28.0090 5812 sermouse - ok
18:13:28.0137 5812 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
18:13:28.0137 5812 SessionEnv - ok
18:13:28.0184 5812 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
18:13:28.0199 5812 SFEP - ok
18:13:28.0308 5812 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
18:13:28.0324 5812 sffdisk - ok
18:13:28.0371 5812 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
18:13:28.0386 5812 sffp_mmc - ok
18:13:28.0418 5812 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
18:13:28.0418 5812 sffp_sd - ok
18:13:28.0464 5812 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
18:13:28.0464 5812 sfloppy - ok
18:13:28.0542 5812 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
18:13:28.0542 5812 SharedAccess - ok
18:13:28.0620 5812 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
18:13:28.0636 5812 ShellHWDetection - ok
18:13:28.0698 5812 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
18:13:28.0698 5812 SiSRaid2 - ok
18:13:28.0761 5812 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
18:13:28.0776 5812 SiSRaid4 - ok
18:13:28.0948 5812 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
18:13:29.0026 5812 slsvc - ok
18:13:29.0229 5812 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
18:13:29.0369 5812 SLUINotify - ok
18:13:29.0541 5812 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
18:13:29.0541 5812 Smb - ok
18:13:29.0603 5812 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
18:13:29.0603 5812 SNMPTRAP - ok
18:13:29.0697 5812 SOHCImp (7b24efa2a60ba7388fecda63ab24560a) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:13:29.0712 5812 SOHCImp - ok
18:13:29.0759 5812 SOHDBSvr (140fcf5ffae4efba9740a9fd8b49e0bf) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
18:13:29.0759 5812 SOHDBSvr - ok
18:13:29.0822 5812 SOHDms (d8c244121a06b581b097d9617d94cff1) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
18:13:29.0837 5812 SOHDms - ok
18:13:29.0884 5812 SOHDs (2db561887ea122b946bbe2821473edd8) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:13:29.0900 5812 SOHDs - ok
18:13:29.0962 5812 SOHPlMgr (ab9ee246a1eb2c3c7c6cb16e0b9462f7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
18:13:29.0993 5812 SOHPlMgr - ok
18:13:30.0180 5812 Sony Ericsson PCCompanion (1a623f2b69e1f182f995f963c55db935) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
18:13:30.0212 5812 Sony Ericsson PCCompanion - ok
18:13:30.0414 5812 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
18:13:30.0414 5812 spldr - ok
18:13:30.0508 5812 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
18:13:30.0524 5812 Spooler - ok
18:13:30.0570 5812 SRTSP - ok
18:13:30.0617 5812 SRTSPX - ok
18:13:30.0742 5812 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
18:13:30.0758 5812 srv - ok
18:13:30.0820 5812 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
18:13:30.0820 5812 srv2 - ok
18:13:30.0882 5812 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
18:13:30.0882 5812 srvnet - ok
18:13:30.0929 5812 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
18:13:30.0929 5812 SSDPSRV - ok
18:13:30.0976 5812 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
18:13:30.0992 5812 SstpSvc - ok
18:13:31.0054 5812 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
18:13:31.0085 5812 stisvc - ok
18:13:31.0179 5812 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
18:13:31.0179 5812 swenum - ok
18:13:31.0444 5812 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
18:13:31.0538 5812 swprv - ok
18:13:31.0678 5812 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
18:13:31.0678 5812 Symc8xx - ok
18:13:31.0772 5812 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
18:13:31.0772 5812 Sym_hi - ok
18:13:31.0803 5812 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
18:13:31.0803 5812 Sym_u3 - ok
18:13:31.0881 5812 SynTP (d985ab17dfd5771d006be3563c36994b) C:\Windows\system32\DRIVERS\SynTP.sys
18:13:31.0896 5812 SynTP - ok
18:13:31.0959 5812 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
18:13:31.0990 5812 SysMain - ok
18:13:32.0021 5812 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
18:13:32.0037 5812 TabletInputService - ok
18:13:32.0068 5812 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
18:13:32.0084 5812 TapiSrv - ok
18:13:32.0115 5812 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
18:13:32.0115 5812 TBS - ok
18:13:32.0255 5812 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
18:13:32.0427 5812 Tcpip - ok
18:13:32.0598 5812 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
18:13:32.0614 5812 Tcpip6 - ok
18:13:32.0645 5812 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
18:13:32.0645 5812 tcpipreg - ok
18:13:32.0723 5812 TcUsb (03f3b34e066b6983dc6cade1d41f0e2c) C:\Windows\system32\Drivers\tcusb.sys
18:13:32.0739 5812 TcUsb - ok
18:13:32.0770 5812 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
18:13:32.0770 5812 TDPIPE - ok
18:13:32.0801 5812 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
18:13:32.0817 5812 TDTCP - ok
18:13:32.0864 5812 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
18:13:32.0864 5812 tdx - ok
18:13:32.0895 5812 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
18:13:32.0910 5812 TermDD - ok
18:13:32.0973 5812 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
18:13:32.0988 5812 TermService - ok
18:13:33.0051 5812 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
18:13:33.0051 5812 Themes - ok
18:13:33.0129 5812 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
18:13:33.0129 5812 THREADORDER - ok
18:13:33.0160 5812 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
18:13:33.0176 5812 TrkWks - ok
18:13:33.0238 5812 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
18:13:33.0238 5812 TrustedInstaller - ok
18:13:33.0347 5812 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:13:33.0363 5812 tssecsrv - ok
18:13:33.0488 5812 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
18:13:33.0534 5812 tunmp - ok
18:13:33.0597 5812 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
18:13:33.0612 5812 tunnel - ok
18:13:33.0644 5812 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
18:13:33.0659 5812 uagp35 - ok
18:13:33.0753 5812 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:13:33.0768 5812 uCamMonitor - ok
18:13:33.0815 5812 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
18:13:33.0815 5812 udfs - ok
18:13:33.0862 5812 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
18:13:33.0862 5812 UI0Detect - ok
18:13:33.0940 5812 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
18:13:33.0940 5812 uliagpkx - ok
18:13:33.0971 5812 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
18:13:33.0987 5812 uliahci - ok
18:13:34.0018 5812 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
18:13:34.0049 5812 UlSata - ok
18:13:34.0065 5812 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
18:13:34.0065 5812 ulsata2 - ok
18:13:34.0127 5812 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
18:13:34.0127 5812 umbus - ok
18:13:34.0174 5812 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
18:13:34.0190 5812 upnphost - ok
18:13:34.0268 5812 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
18:13:34.0268 5812 USBAAPL64 - ok
18:13:34.0330 5812 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
18:13:34.0346 5812 usbccgp - ok
18:13:34.0470 5812 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
18:13:34.0470 5812 usbcir - ok
18:13:34.0533 5812 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
18:13:34.0533 5812 usbehci - ok
18:13:34.0580 5812 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
18:13:34.0580 5812 usbhub - ok
18:13:34.0626 5812 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
18:13:34.0626 5812 usbohci - ok
18:13:34.0673 5812 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
18:13:34.0673 5812 usbprint - ok
18:13:34.0751 5812 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
18:13:34.0767 5812 usbscan - ok
18:13:34.0814 5812 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:13:34.0814 5812 USBSTOR - ok
18:13:34.0876 5812 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
18:13:34.0876 5812 usbuhci - ok
18:13:34.0923 5812 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
18:13:34.0923 5812 usbvideo - ok
18:13:34.0970 5812 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
18:13:34.0970 5812 UxSms - ok
18:13:35.0094 5812 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
18:13:35.0094 5812 VAIO Entertainment TV Device Arbitration Service - ok
18:13:35.0141 5812 VAIO Event Service (73328c784ecfe7072bd102f370076b50) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:13:35.0157 5812 VAIO Event Service - ok
18:13:35.0235 5812 VAIO Power Management (b63f63960e7254d9d9ed28474b40eb31) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:13:35.0250 5812 VAIO Power Management - ok
18:13:35.0500 5812 VCFw (0ed1d51dcec67f96cc313d02a1741cf3) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:13:35.0672 5812 VCFw - ok
18:13:35.0734 5812 VcmIAlzMgr (7295a2b5795e7b8aa128e5df5a29b656) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:13:35.0765 5812 VcmIAlzMgr - ok
18:13:35.0828 5812 VcmXmlIfHelper (76df898710495c5b1476719410d8b895) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:13:35.0843 5812 VcmXmlIfHelper - ok
18:13:35.0921 5812 Vcsw - ok
18:13:36.0015 5812 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
18:13:36.0030 5812 vds - ok
18:13:36.0093 5812 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
18:13:36.0093 5812 vga - ok
18:13:36.0140 5812 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
18:13:36.0140 5812 VgaSave - ok
18:13:36.0171 5812 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
18:13:36.0171 5812 viaide - ok
18:13:36.0218 5812 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
18:13:36.0218 5812 volmgr - ok
18:13:36.0264 5812 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
18:13:36.0280 5812 volmgrx - ok
18:13:36.0342 5812 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
18:13:36.0342 5812 volsnap - ok
18:13:36.0483 5812 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
18:13:36.0483 5812 vsmraid - ok
18:13:36.0561 5812 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
18:13:36.0608 5812 VSS - ok
18:13:36.0701 5812 VzCdbSvc (79eb419f4a694b4514249e0d3db16ecf) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
18:13:36.0701 5812 VzCdbSvc - ok
18:13:36.0826 5812 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
18:13:36.0842 5812 W32Time - ok
18:13:36.0920 5812 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
18:13:36.0920 5812 WacomPen - ok
18:13:36.0982 5812 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:13:36.0982 5812 Wanarp - ok
18:13:36.0998 5812 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
18:13:36.0998 5812 Wanarpv6 - ok
18:13:37.0044 5812 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
18:13:37.0076 5812 wcncsvc - ok
18:13:37.0122 5812 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
18:13:37.0122 5812 WcsPlugInService - ok
18:13:37.0169 5812 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
18:13:37.0169 5812 Wd - ok
18:13:37.0247 5812 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
18:13:37.0294 5812 Wdf01000 - ok
18:13:37.0341 5812 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
18:13:37.0419 5812 WdiServiceHost - ok
18:13:37.0497 5812 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
18:13:37.0512 5812 WdiSystemHost - ok
18:13:37.0575 5812 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
18:13:37.0590 5812 WebClient - ok
18:13:37.0653 5812 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
18:13:37.0668 5812 Wecsvc - ok
18:13:37.0700 5812 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
18:13:37.0715 5812 wercplsupport - ok
18:13:37.0746 5812 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
18:13:37.0762 5812 WerSvc - ok
18:13:37.0824 5812 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
18:13:37.0824 5812 WimFltr - ok
18:13:37.0871 5812 WinDefend - ok
18:13:37.0887 5812 WinHttpAutoProxySvc - ok
18:13:37.0980 5812 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
18:13:37.0996 5812 Winmgmt - ok
18:13:38.0074 5812 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
18:13:38.0152 5812 WinRM - ok
18:13:38.0230 5812 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
18:13:38.0246 5812 Wlansvc - ok
18:13:38.0324 5812 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:13:38.0324 5812 wlcrasvc - ok
18:13:38.0511 5812 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:13:38.0542 5812 wlidsvc - ok
18:13:38.0667 5812 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
18:13:38.0667 5812 WmiAcpi - ok
18:13:38.0729 5812 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
18:13:38.0745 5812 wmiApSrv - ok
18:13:38.0776 5812 WMPNetworkSvc - ok
18:13:38.0823 5812 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
18:13:38.0838 5812 WPCSvc - ok
18:13:38.0885 5812 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
18:13:38.0901 5812 WPDBusEnum - ok
18:13:39.0041 5812 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:13:39.0072 5812 WPFFontCache_v0400 - ok
18:13:39.0150 5812 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
18:13:39.0150 5812 ws2ifsl - ok
18:13:39.0213 5812 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
18:13:39.0213 5812 wscsvc - ok
18:13:39.0275 5812 WSDPrintDevice (de5f5212ab34221dd1618b5fefe8db6c) C:\Windows\system32\DRIVERS\WSDPrint.sys
18:13:39.0275 5812 WSDPrintDevice - ok
18:13:39.0306 5812 WSDScan (c48e6ef92be6bfef9ee2430c42eaf2bd) C:\Windows\system32\DRIVERS\WSDScan.sys
18:13:39.0322 5812 WSDScan - ok
18:13:39.0338 5812 WSearch - ok
18:13:39.0665 5812 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
18:13:39.0806 5812 wuauserv - ok
18:13:40.0040 5812 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:13:40.0040 5812 WUDFRd - ok
18:13:40.0086 5812 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
18:13:40.0086 5812 wudfsvc - ok
18:13:40.0133 5812 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys
18:13:40.0133 5812 XAudio - ok
18:13:40.0164 5812 XAudioService (963c27034bba4ac52a13f7a3c657c708) C:\Windows\system32\DRIVERS\xaudio64.exe
18:13:40.0180 5812 XAudioService - ok
18:13:40.0274 5812 yukonx64 (56f8d7f9fcfb7be829da229dc9dfdfc1) C:\Windows\system32\DRIVERS\yk60x64.sys
18:13:40.0274 5812 yukonx64 - ok
18:13:40.0320 5812 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:13:40.0601 5812 \Device\Harddisk0\DR0 - ok
18:13:40.0617 5812 Boot (0x1200) (86230ddbf12ec9a238d89933889077c6) \Device\Harddisk0\DR0\Partition0
18:13:40.0617 5812 \Device\Harddisk0\DR0\Partition0 - ok
18:13:40.0617 5812 ============================================================
18:13:40.0617 5812 Scan finished
18:13:40.0617 5812 ============================================================
18:13:40.0632 8996 Detected object count: 0
18:13:40.0632 8996 Actual detected object count: 0


I have not downloaded GMER since I do have a Windows Vista 64 bit OS. Is there an alternative to this? I downloaded aswMBR but was unable to finish the scan since the the program kept crashing when it reached a certain point in the scanning process. It would always stop scanning once it reached one of the files in my temporary internet file folder. Windows asked me if I wanted to send them information about this problem and under details, it listed these files:

Files that help describe the problem:
C:\Users\Mei Ling\AppData\Local\Temp\WERD5CC.tmp.version.txt
C:\Users\Mei Ling\AppData\Local\Temp\WERE538.tmp.appcompat.txt
C:\Users\Mei Ling\AppData\Local\Temp\WEREC89.tmp.mdmp

I'm not sure if that helps or is even relevant. Thank you!


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 12 April 2012 - 11:36 PM

Ignore GMER

Run aswmbr in safemode and post the logs

good luck

#5 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 13 April 2012 - 11:35 AM

Even in safe mode I am unable to finish the scan and it stops at the same place and asks me if I want to report the problem to windows. Afterwards when I started windows normally again, I got this message from Windows Defender:

Application failed to initialize: 0x800106b5. A problem caused this program's sevice to stop. To start service, restart your computer or search Help and Support for how to start a service manually.

Edited by mania12, 13 April 2012 - 11:51 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 13 April 2012 - 06:36 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot let me know what it finds

Edited by narenxp, 13 April 2012 - 06:37 PM.


#7 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 13 April 2012 - 09:50 PM

No infections were found after the reboot.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 13 April 2012 - 10:41 PM

what happens when you run ASWMBR in safemode?

#9 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 13 April 2012 - 10:53 PM

It starts the scan and it runs for a while until it hits this certain point. The program stops and it crashes and I'm then asked if I want to report the problem to windows. This happens when I run it in safemode and it also happens when I run it normally.

Edited by mania12, 13 April 2012 - 10:55 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 13 April 2012 - 10:58 PM

Are you able to run malwarebytes? I think ransomware sshould block even malwarebytes from running

Download

http://download.sysinternals.com/files/AutoRuns.zip

Extract and launch Autoruns,allow it to finish the scan

Click on File-save as ,save it as

autorun.txt

Upload the text file to www.mediafire.com and post the link here

#11 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 13 April 2012 - 11:16 PM

I had already run malwarebytes in safemode when I tried to get rid of the ransomware. I found some infections (I think there were 3?) and fixed them with malwarebytes. Unfortunately none of the 3 infections found were the cause of the ransomware so as a last resort I just system restored. That was how I was able to get my computer back. I will now download the suggested program and update the results here shortly. Thanks

The link says web page cannot be found when I clicked on it...
I googled the program. Is this what I should be downloading?
http://technet.microsoft.com/en-us/sysinternals/bb963902

Edited by mania12, 13 April 2012 - 11:24 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 14 April 2012 - 12:08 AM

I'm sorry,here is the link

http://download.sysinternals.com/files/Autoruns.zip

good luck

#13 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 14 April 2012 - 12:18 AM

Here is the Autoruns file
http://www.mediafire.com/?gebnm7dm8oz7bm7

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:01 AM

Posted 14 April 2012 - 08:35 AM

I do not find anything suspicious here,we need to take a deeper look

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#15 mania12

mania12
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:01 AM

Posted 14 April 2012 - 11:22 AM

Alright. Thanks for pointing me in the right direction!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users