Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan Adload.DA


  • Please log in to reply
19 replies to this topic

#1 Kiry

Kiry

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 20 September 2012 - 01:29 PM

HELP!!! Windows Action Center started showing a notification: TrojanDownloader:Win32/Adload.DA and it says that I should download Microsoft Security Essentials to remove it. I ran a system scan through SUPERAnti Spyware, ESET & TDSKILLER and it didnt detected the trojan.

P.S. Two months ago I was infected with the same trojan and I could remove it with ESET but apparently it never disappeared from my computer! and now the same notification from action center appeared a few days ago. :(

Edited by Kiry, 20 September 2012 - 01:32 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:29 PM

Posted 20 September 2012 - 01:59 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 20 September 2012 - 02:07 PM

TDSSKILLER LOG:


15:04:27.0194 1068 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:04:27.0609 1068 ============================================================
15:04:27.0609 1068 Current date / time: 2012/09/20 15:04:27.0609
15:04:27.0609 1068 SystemInfo:
15:04:27.0609 1068
15:04:27.0609 1068 OS Version: 6.1.7601 ServicePack: 1.0
15:04:27.0610 1068 Product type: Workstation
15:04:27.0610 1068 ComputerName: VALY-VAIO
15:04:27.0610 1068 UserName: Valy
15:04:27.0610 1068 Windows directory: C:\Windows
15:04:27.0610 1068 System windows directory: C:\Windows
15:04:27.0610 1068 Running under WOW64
15:04:27.0610 1068 Processor architecture: Intel x64
15:04:27.0610 1068 Number of processors: 4
15:04:27.0610 1068 Page size: 0x1000
15:04:27.0610 1068 Boot type: Normal boot
15:04:27.0610 1068 ============================================================
15:04:28.0515 1068 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:04:28.0524 1068 Drive \Device\Harddisk2\DR2 - Size: 0x75C07200 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:04:28.0528 1068 ============================================================
15:04:28.0528 1068 \Device\Harddisk0\DR0:
15:04:28.0528 1068 MBR partitions:
15:04:28.0528 1068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10E5800, BlocksNum 0x32000
15:04:28.0528 1068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1117800, BlocksNum 0x3926E030
15:04:28.0528 1068 \Device\Harddisk2\DR2:
15:04:28.0529 1068 MBR partitions:
15:04:28.0529 1068 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
15:04:28.0529 1068 ============================================================
15:04:28.0615 1068 C: <-> \Device\Harddisk0\DR0\Partition2
15:04:28.0616 1068 ============================================================
15:04:28.0616 1068 Initialize success
15:04:28.0616 1068 ============================================================
15:04:47.0395 6784 ============================================================
15:04:47.0396 6784 Scan started
15:04:47.0396 6784 Mode: Manual; TDLFS;
15:04:47.0396 6784 ============================================================
15:04:48.0272 6784 ================ Scan system memory ========================
15:04:48.0272 6784 System memory - ok
15:04:48.0273 6784 ================ Scan services =============================
15:04:48.0352 6784 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:04:48.0354 6784 !SASCORE - ok
15:04:48.0527 6784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:04:48.0534 6784 1394ohci - ok
15:04:48.0596 6784 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:04:48.0602 6784 ACDaemon - ok
15:04:48.0646 6784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:04:48.0654 6784 ACPI - ok
15:04:48.0677 6784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:04:48.0679 6784 AcpiPmi - ok
15:04:48.0938 6784 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:04:48.0940 6784 AdobeARMservice - ok
15:04:49.0169 6784 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:04:49.0173 6784 AdobeFlashPlayerUpdateSvc - ok
15:04:49.0209 6784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:04:49.0221 6784 adp94xx - ok
15:04:49.0248 6784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:04:49.0258 6784 adpahci - ok
15:04:49.0288 6784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:04:49.0293 6784 adpu320 - ok
15:04:49.0339 6784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:04:49.0342 6784 AeLookupSvc - ok
15:04:49.0391 6784 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:04:49.0404 6784 AFD - ok
15:04:49.0448 6784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:04:49.0450 6784 agp440 - ok
15:04:49.0614 6784 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
15:04:49.0614 6784 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
15:04:49.0625 6784 Akamai ( HiddenFile.Multi.Generic ) - warning
15:04:49.0625 6784 Akamai - detected HiddenFile.Multi.Generic (1)
15:04:49.0698 6784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:04:49.0702 6784 ALG - ok
15:04:49.0766 6784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:04:49.0768 6784 aliide - ok
15:04:49.0782 6784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:04:49.0784 6784 amdide - ok
15:04:49.0810 6784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:04:49.0812 6784 AmdK8 - ok
15:04:49.0838 6784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:04:49.0840 6784 AmdPPM - ok
15:04:49.0873 6784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:04:49.0877 6784 amdsata - ok
15:04:49.0905 6784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:04:49.0911 6784 amdsbs - ok
15:04:49.0923 6784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:04:49.0925 6784 amdxata - ok
15:04:49.0963 6784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:04:49.0965 6784 AppID - ok
15:04:49.0990 6784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:04:49.0994 6784 AppIDSvc - ok
15:04:50.0027 6784 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:04:50.0028 6784 Appinfo - ok
15:04:50.0054 6784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:04:50.0058 6784 arc - ok
15:04:50.0086 6784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:04:50.0089 6784 arcsas - ok
15:04:50.0117 6784 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:04:50.0119 6784 ArcSoftKsUFilter - ok
15:04:50.0130 6784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:04:50.0132 6784 AsyncMac - ok
15:04:50.0174 6784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:04:50.0176 6784 atapi - ok
15:04:50.0234 6784 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:04:50.0281 6784 athr - ok
15:04:50.0335 6784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:04:50.0344 6784 AudioEndpointBuilder - ok
15:04:50.0379 6784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:04:50.0388 6784 AudioSrv - ok
15:04:50.0455 6784 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
15:04:50.0458 6784 AVP - ok
15:04:50.0504 6784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:04:50.0509 6784 AxInstSV - ok
15:04:50.0537 6784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:04:50.0559 6784 b06bdrv - ok
15:04:50.0595 6784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:04:50.0602 6784 b57nd60a - ok
15:04:50.0636 6784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:04:50.0641 6784 BDESVC - ok
15:04:50.0656 6784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:04:50.0658 6784 Beep - ok
15:04:50.0712 6784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:04:50.0722 6784 BFE - ok
15:04:50.0767 6784 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:04:50.0779 6784 BITS - ok
15:04:50.0809 6784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:04:50.0811 6784 blbdrive - ok
15:04:50.0845 6784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:04:50.0848 6784 bowser - ok
15:04:50.0899 6784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:04:50.0900 6784 BrFiltLo - ok
15:04:50.0916 6784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:04:50.0917 6784 BrFiltUp - ok
15:04:50.0967 6784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:04:50.0970 6784 Browser - ok
15:04:51.0001 6784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:04:51.0010 6784 Brserid - ok
15:04:51.0026 6784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:04:51.0028 6784 BrSerWdm - ok
15:04:51.0044 6784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:04:51.0046 6784 BrUsbMdm - ok
15:04:51.0069 6784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:04:51.0070 6784 BrUsbSer - ok
15:04:51.0094 6784 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:04:51.0096 6784 BthEnum - ok
15:04:51.0122 6784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:04:51.0127 6784 BTHMODEM - ok
15:04:51.0149 6784 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:04:51.0153 6784 BthPan - ok
15:04:51.0205 6784 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:04:51.0229 6784 BTHPORT - ok
15:04:51.0271 6784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:04:51.0273 6784 bthserv - ok
15:04:51.0308 6784 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:04:51.0311 6784 BTHUSB - ok
15:04:51.0342 6784 [ 6E04458E98DAF28826482E41A7A62DF5 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
15:04:51.0343 6784 btusbflt - ok
15:04:51.0372 6784 [ 4BDBDB86ABBA924E029FB2683BE7C505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:04:51.0375 6784 btwaudio - ok
15:04:51.0410 6784 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:04:51.0415 6784 btwavdt - ok
15:04:51.0473 6784 [ 31DA517946FFE416442E864592548F8A ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:04:51.0484 6784 btwdins - ok
15:04:51.0516 6784 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:04:51.0517 6784 btwl2cap - ok
15:04:51.0552 6784 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:04:51.0554 6784 btwrchid - ok
15:04:51.0602 6784 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
15:04:51.0607 6784 ccSet_NST - ok
15:04:51.0638 6784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:04:51.0642 6784 cdfs - ok
15:04:51.0682 6784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:04:51.0701 6784 cdrom - ok
15:04:51.0824 6784 [ 94C0522584D0DB4568E1E2C0E363F24E ] CDScheduler C:\Program Files (x86)\CyberDefender\SchedulerService\SchedulerService.exe
15:04:51.0837 6784 CDScheduler - ok
15:04:51.0877 6784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:04:51.0879 6784 CertPropSvc - ok
15:04:51.0912 6784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:04:51.0914 6784 circlass - ok
15:04:51.0956 6784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:04:51.0965 6784 CLFS - ok
15:04:52.0033 6784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:04:52.0038 6784 clr_optimization_v2.0.50727_32 - ok
15:04:52.0077 6784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:04:52.0083 6784 clr_optimization_v2.0.50727_64 - ok
15:04:52.0154 6784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:04:52.0156 6784 clr_optimization_v4.0.30319_32 - ok
15:04:52.0191 6784 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:04:52.0194 6784 clr_optimization_v4.0.30319_64 - ok
15:04:52.0212 6784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:04:52.0214 6784 CmBatt - ok
15:04:52.0231 6784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:04:52.0233 6784 cmdide - ok
15:04:52.0282 6784 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:04:52.0294 6784 CNG - ok
15:04:52.0322 6784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:04:52.0324 6784 Compbatt - ok
15:04:52.0363 6784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:04:52.0366 6784 CompositeBus - ok
15:04:52.0372 6784 COMSysApp - ok
15:04:52.0402 6784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:04:52.0404 6784 crcdisk - ok
15:04:52.0457 6784 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:04:52.0460 6784 CryptSvc - ok
15:04:52.0506 6784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:04:52.0515 6784 DcomLaunch - ok
15:04:52.0549 6784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:04:52.0559 6784 defragsvc - ok
15:04:52.0605 6784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:04:52.0609 6784 DfsC - ok
15:04:52.0615 6784 DFUBTUSB - ok
15:04:52.0659 6784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:04:52.0664 6784 Dhcp - ok
15:04:52.0686 6784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:04:52.0687 6784 discache - ok
15:04:52.0703 6784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:04:52.0706 6784 Disk - ok
15:04:52.0758 6784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:04:52.0762 6784 Dnscache - ok
15:04:52.0815 6784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:04:52.0824 6784 dot3svc - ok
15:04:52.0860 6784 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:04:52.0865 6784 Dot4 - ok
15:04:52.0901 6784 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
15:04:52.0902 6784 Dot4Print - ok
15:04:52.0943 6784 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:04:52.0945 6784 dot4usb - ok
15:04:52.0960 6784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:04:52.0964 6784 DPS - ok
15:04:52.0988 6784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:04:52.0989 6784 drmkaud - ok
15:04:53.0047 6784 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:04:53.0082 6784 DXGKrnl - ok
15:04:53.0110 6784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:04:53.0113 6784 EapHost - ok
15:04:53.0209 6784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:04:53.0425 6784 ebdrv - ok
15:04:53.0472 6784 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:04:53.0474 6784 EFS - ok
15:04:53.0532 6784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:04:53.0560 6784 ehRecvr - ok
15:04:53.0590 6784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:04:53.0595 6784 ehSched - ok
15:04:53.0641 6784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:04:53.0665 6784 elxstor - ok
15:04:53.0708 6784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:04:53.0709 6784 ErrDev - ok
15:04:53.0752 6784 esgiguard - ok
15:04:53.0784 6784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:04:53.0790 6784 EventSystem - ok
15:04:53.0809 6784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:04:53.0816 6784 exfat - ok
15:04:53.0834 6784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:04:53.0840 6784 fastfat - ok
15:04:53.0892 6784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:04:53.0914 6784 Fax - ok
15:04:53.0949 6784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:04:53.0950 6784 fdc - ok
15:04:53.0976 6784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:04:53.0979 6784 fdPHost - ok
15:04:53.0996 6784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:04:54.0000 6784 FDResPub - ok
15:04:54.0012 6784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:04:54.0017 6784 FileInfo - ok
15:04:54.0031 6784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:04:54.0034 6784 Filetrace - ok
15:04:54.0055 6784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:04:54.0057 6784 flpydisk - ok
15:04:54.0102 6784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:04:54.0111 6784 FltMgr - ok
15:04:54.0155 6784 [ E94E042BC24BB301767A8125D529B705 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
15:04:54.0159 6784 fltsrv - ok
15:04:54.0219 6784 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:04:54.0234 6784 FontCache - ok
15:04:54.0289 6784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:04:54.0294 6784 FontCache3.0.0.0 - ok
15:04:54.0330 6784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:04:54.0333 6784 FsDepends - ok
15:04:54.0379 6784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:04:54.0383 6784 Fs_Rec - ok
15:04:54.0431 6784 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:04:54.0436 6784 fvevol - ok
15:04:54.0456 6784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:04:54.0458 6784 gagp30kx - ok
15:04:54.0542 6784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:04:54.0552 6784 gpsvc - ok
15:04:54.0598 6784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:54.0601 6784 gupdate - ok
15:04:54.0610 6784 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:04:54.0613 6784 gupdatem - ok
15:04:54.0635 6784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:04:54.0637 6784 hcw85cir - ok
15:04:54.0688 6784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:04:54.0697 6784 HdAudAddService - ok
15:04:54.0715 6784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:04:54.0719 6784 HDAudBus - ok
15:04:54.0738 6784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:04:54.0741 6784 HidBatt - ok
15:04:54.0758 6784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:04:54.0762 6784 HidBth - ok
15:04:54.0779 6784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:04:54.0781 6784 HidIr - ok
15:04:54.0801 6784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:04:54.0805 6784 hidserv - ok
15:04:54.0826 6784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:04:54.0828 6784 HidUsb - ok
15:04:54.0868 6784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:04:54.0873 6784 hkmsvc - ok
15:04:54.0917 6784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:04:54.0926 6784 HomeGroupListener - ok
15:04:54.0947 6784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:04:54.0954 6784 HomeGroupProvider - ok
15:04:54.0969 6784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:04:54.0972 6784 HpSAMD - ok
15:04:55.0019 6784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:04:55.0048 6784 HTTP - ok
15:04:55.0082 6784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:04:55.0083 6784 hwpolicy - ok
15:04:55.0101 6784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:04:55.0105 6784 i8042prt - ok
15:04:55.0179 6784 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:04:55.0186 6784 iaStor - ok
15:04:55.0228 6784 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:04:55.0229 6784 IAStorDataMgrSvc - ok
15:04:55.0280 6784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:04:55.0291 6784 iaStorV - ok
15:04:55.0348 6784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:04:55.0382 6784 idsvc - ok
15:04:55.0405 6784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:04:55.0407 6784 iirsp - ok
15:04:55.0471 6784 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:04:55.0484 6784 IKEEXT - ok
15:04:55.0541 6784 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:04:55.0547 6784 Impcd - ok
15:04:55.0654 6784 [ 5F35FE198EE7818221414776F8413AB0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:04:55.0744 6784 IntcAzAudAddService - ok
15:04:55.0799 6784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:04:55.0800 6784 intelide - ok
15:04:55.0828 6784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:04:55.0829 6784 intelppm - ok
15:04:55.0862 6784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:04:55.0866 6784 IPBusEnum - ok
15:04:55.0908 6784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:04:55.0912 6784 IpFilterDriver - ok
15:04:55.0936 6784 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:04:55.0944 6784 iphlpsvc - ok
15:04:55.0983 6784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:04:55.0986 6784 IPMIDRV - ok
15:04:56.0001 6784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:04:56.0006 6784 IPNAT - ok
15:04:56.0041 6784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:04:56.0043 6784 IRENUM - ok
15:04:56.0059 6784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:04:56.0060 6784 isapnp - ok
15:04:56.0102 6784 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:04:56.0110 6784 iScsiPrt - ok
15:04:56.0132 6784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:04:56.0135 6784 kbdclass - ok
15:04:56.0156 6784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:04:56.0158 6784 kbdhid - ok
15:04:56.0179 6784 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:04:56.0181 6784 KeyIso - ok
15:04:56.0238 6784 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
15:04:56.0250 6784 KL1 - ok
15:04:56.0261 6784 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
15:04:56.0263 6784 kl2 - ok
15:04:56.0311 6784 [ C7D4F357C482DD37E2B05F34093B7B0C ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:04:56.0338 6784 KLIF - ok
15:04:56.0379 6784 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:04:56.0382 6784 KLIM6 - ok
15:04:56.0400 6784 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:04:56.0402 6784 klmouflt - ok
15:04:56.0442 6784 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:04:56.0447 6784 KSecDD - ok
15:04:56.0511 6784 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:04:56.0516 6784 KSecPkg - ok
15:04:56.0548 6784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:04:56.0550 6784 ksthunk - ok
15:04:56.0599 6784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:04:56.0612 6784 KtmRm - ok
15:04:56.0658 6784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:04:56.0665 6784 LanmanServer - ok
15:04:56.0703 6784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:04:56.0709 6784 LanmanWorkstation - ok
15:04:56.0731 6784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:04:56.0733 6784 lltdio - ok
15:04:56.0764 6784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:04:56.0775 6784 lltdsvc - ok
15:04:56.0791 6784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:04:56.0794 6784 lmhosts - ok
15:04:56.0830 6784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:04:56.0835 6784 LSI_FC - ok
15:04:56.0866 6784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:04:56.0870 6784 LSI_SAS - ok
15:04:56.0895 6784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:04:56.0898 6784 LSI_SAS2 - ok
15:04:56.0919 6784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:04:56.0924 6784 LSI_SCSI - ok
15:04:56.0952 6784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:04:56.0957 6784 luafv - ok
15:04:56.0996 6784 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:04:56.0997 6784 MBAMProtector - ok
15:04:57.0055 6784 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:04:57.0064 6784 MBAMService - ok
15:04:57.0114 6784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:04:57.0118 6784 Mcx2Svc - ok
15:04:57.0142 6784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:04:57.0144 6784 megasas - ok
15:04:57.0178 6784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:04:57.0187 6784 MegaSR - ok
15:04:57.0213 6784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:04:57.0219 6784 MMCSS - ok
15:04:57.0234 6784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:04:57.0236 6784 Modem - ok
15:04:57.0254 6784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:04:57.0255 6784 monitor - ok
15:04:57.0269 6784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:04:57.0271 6784 mouclass - ok
15:04:57.0296 6784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:04:57.0298 6784 mouhid - ok
15:04:57.0347 6784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:04:57.0350 6784 mountmgr - ok
15:04:57.0384 6784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:04:57.0389 6784 mpio - ok
15:04:57.0416 6784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:04:57.0419 6784 mpsdrv - ok
15:04:57.0474 6784 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:04:57.0487 6784 MpsSvc - ok
15:04:57.0545 6784 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:04:57.0550 6784 MRxDAV - ok
15:04:57.0582 6784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:04:57.0588 6784 mrxsmb - ok
15:04:57.0628 6784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:04:57.0636 6784 mrxsmb10 - ok
15:04:57.0658 6784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:04:57.0662 6784 mrxsmb20 - ok
15:04:57.0683 6784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:04:57.0687 6784 msahci - ok
15:04:57.0711 6784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:04:57.0715 6784 msdsm - ok
15:04:57.0741 6784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:04:57.0749 6784 MSDTC - ok
15:04:57.0791 6784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:04:57.0793 6784 Msfs - ok
15:04:57.0821 6784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:04:57.0823 6784 mshidkmdf - ok
15:04:57.0858 6784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:04:57.0860 6784 msisadrv - ok
15:04:57.0890 6784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:04:57.0898 6784 MSiSCSI - ok
15:04:57.0906 6784 msiserver - ok
15:04:57.0927 6784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:04:57.0929 6784 MSKSSRV - ok
15:04:57.0956 6784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:04:57.0958 6784 MSPCLOCK - ok
15:04:57.0977 6784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:04:57.0978 6784 MSPQM - ok
15:04:58.0023 6784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:04:58.0033 6784 MsRPC - ok
15:04:58.0072 6784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:04:58.0074 6784 mssmbios - ok
15:04:58.0137 6784 MSSQL$DDNI - ok
15:04:58.0174 6784 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:04:58.0177 6784 MSSQLServerADHelper100 - ok
15:04:58.0209 6784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:04:58.0211 6784 MSTEE - ok
15:04:58.0227 6784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:04:58.0229 6784 MTConfig - ok
15:04:58.0264 6784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:04:58.0266 6784 Mup - ok
15:04:58.0319 6784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:04:58.0339 6784 napagent - ok
15:04:58.0371 6784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:04:58.0380 6784 NativeWifiP - ok
15:04:58.0447 6784 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:04:58.0461 6784 NDIS - ok
15:04:58.0493 6784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:04:58.0495 6784 NdisCap - ok
15:04:58.0518 6784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:04:58.0521 6784 NdisTapi - ok
15:04:58.0560 6784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:04:58.0562 6784 Ndisuio - ok
15:04:58.0613 6784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:04:58.0618 6784 NdisWan - ok
15:04:58.0656 6784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:04:58.0658 6784 NDProxy - ok
15:04:58.0699 6784 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:04:58.0703 6784 Net Driver HPZ12 - ok
15:04:58.0731 6784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:04:58.0733 6784 NetBIOS - ok
15:04:58.0761 6784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:04:58.0767 6784 NetBT - ok
15:04:58.0788 6784 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:04:58.0791 6784 Netlogon - ok
15:04:58.0829 6784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:04:58.0836 6784 Netman - ok
15:04:58.0869 6784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:04:58.0877 6784 netprofm - ok
15:04:58.0906 6784 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:04:58.0912 6784 NetTcpPortSharing - ok
15:04:58.0938 6784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:04:58.0940 6784 nfrd960 - ok
15:04:58.0997 6784 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:04:59.0004 6784 NlaSvc - ok
15:04:59.0030 6784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:04:59.0032 6784 Npfs - ok
15:04:59.0063 6784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:04:59.0066 6784 nsi - ok
15:04:59.0081 6784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:04:59.0082 6784 nsiproxy - ok
15:04:59.0163 6784 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
15:04:59.0165 6784 NSL - ok
15:04:59.0252 6784 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:04:59.0320 6784 Ntfs - ok
15:04:59.0347 6784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:04:59.0349 6784 Null - ok
15:04:59.0377 6784 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:04:59.0382 6784 NVHDA - ok
15:04:59.0711 6784 [ CA8447574E9DAE22250C723819D3EF96 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:05:00.0046 6784 nvlddmkm - ok
15:05:00.0087 6784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:05:00.0092 6784 nvraid - ok
15:05:00.0136 6784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:05:00.0140 6784 nvstor - ok
15:05:00.0172 6784 [ AD1E49BCEB5D446A271C43BFA8FD71D2 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:05:00.0179 6784 nvsvc - ok
15:05:00.0216 6784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:05:00.0220 6784 nv_agp - ok
15:05:00.0243 6784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:05:00.0246 6784 ohci1394 - ok
15:05:00.0313 6784 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:00.0320 6784 ose - ok
15:05:00.0504 6784 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:05:00.0640 6784 osppsvc - ok
15:05:00.0694 6784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:05:00.0705 6784 p2pimsvc - ok
15:05:00.0749 6784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:05:00.0772 6784 p2psvc - ok
15:05:00.0803 6784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:05:00.0808 6784 Parport - ok
15:05:00.0844 6784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:05:00.0848 6784 partmgr - ok
15:05:00.0870 6784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:05:00.0875 6784 PcaSvc - ok
15:05:00.0926 6784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:05:00.0931 6784 pci - ok
15:05:00.0952 6784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:05:00.0955 6784 pciide - ok
15:05:00.0990 6784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:05:00.0996 6784 pcmcia - ok
15:05:01.0031 6784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:05:01.0033 6784 pcw - ok
15:05:01.0070 6784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:05:01.0099 6784 PEAUTH - ok
15:05:01.0202 6784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:05:01.0207 6784 PerfHost - ok
15:05:01.0305 6784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:05:01.0351 6784 pla - ok
15:05:01.0417 6784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:05:01.0426 6784 PlugPlay - ok
15:05:01.0503 6784 [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:05:01.0527 6784 PMBDeviceInfoProvider - ok
15:05:01.0552 6784 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:05:01.0557 6784 Pml Driver HPZ12 - ok
15:05:01.0572 6784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:05:01.0579 6784 PNRPAutoReg - ok
15:05:01.0608 6784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:05:01.0615 6784 PNRPsvc - ok
15:05:01.0667 6784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:05:01.0675 6784 PolicyAgent - ok
15:05:01.0720 6784 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:05:01.0726 6784 Power - ok
15:05:01.0768 6784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:05:01.0773 6784 PptpMiniport - ok
15:05:01.0807 6784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:05:01.0809 6784 Processor - ok
15:05:01.0854 6784 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:05:01.0859 6784 ProfSvc - ok
15:05:01.0881 6784 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:05:01.0884 6784 ProtectedStorage - ok
15:05:01.0922 6784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:05:01.0926 6784 Psched - ok
15:05:01.0946 6784 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:05:01.0947 6784 PxHlpa64 - ok
15:05:02.0024 6784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:05:02.0070 6784 ql2300 - ok
15:05:02.0095 6784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:05:02.0099 6784 ql40xx - ok
15:05:02.0134 6784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:05:02.0145 6784 QWAVE - ok
15:05:02.0162 6784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:05:02.0163 6784 QWAVEdrv - ok
15:05:02.0180 6784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:05:02.0182 6784 RasAcd - ok
15:05:02.0205 6784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:05:02.0208 6784 RasAgileVpn - ok
15:05:02.0229 6784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:05:02.0236 6784 RasAuto - ok
15:05:02.0278 6784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:05:02.0283 6784 Rasl2tp - ok
15:05:02.0332 6784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:05:02.0340 6784 RasMan - ok
15:05:02.0368 6784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:05:02.0372 6784 RasPppoe - ok
15:05:02.0386 6784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:05:02.0391 6784 RasSstp - ok
15:05:02.0418 6784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:05:02.0428 6784 rdbss - ok
15:05:02.0444 6784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:05:02.0446 6784 rdpbus - ok
15:05:02.0463 6784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:05:02.0464 6784 RDPCDD - ok
15:05:02.0483 6784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:05:02.0484 6784 RDPENCDD - ok
15:05:02.0505 6784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:05:02.0506 6784 RDPREFMP - ok
15:05:02.0554 6784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:05:02.0560 6784 RDPWD - ok
15:05:02.0607 6784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:05:02.0614 6784 rdyboost - ok
15:05:02.0656 6784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:05:02.0663 6784 RemoteAccess - ok
15:05:02.0696 6784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:05:02.0705 6784 RemoteRegistry - ok
15:05:02.0736 6784 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:05:02.0741 6784 RFCOMM - ok
15:05:02.0777 6784 [ 5CA4ABD888B602551B59BAA26941C167 ] rimspci C:\Windows\system32\drivers\rimssne64.sys
15:05:02.0781 6784 rimspci - ok
15:05:02.0802 6784 [ BB6E138AEB351728959DA5E2731D8140 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
15:05:02.0805 6784 risdsnpe - ok
15:05:02.0874 6784 [ D151224BC11078895A60FA970728FF59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:05:02.0884 6784 Roxio UPnP Renderer 10 - ok
15:05:02.0909 6784 [ 5022A927944878BD750960BD21E751AF ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:05:02.0919 6784 Roxio Upnp Server 10 - ok
15:05:02.0953 6784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:05:02.0957 6784 RpcEptMapper - ok
15:05:02.0993 6784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:05:02.0998 6784 RpcLocator - ok
15:05:03.0049 6784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:05:03.0059 6784 RpcSs - ok
15:05:03.0098 6784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:05:03.0102 6784 rspndr - ok
15:05:03.0135 6784 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:05:03.0138 6784 SamSs - ok
15:05:03.0185 6784 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:05:03.0187 6784 SASDIFSV - ok
15:05:03.0208 6784 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:05:03.0210 6784 SASKUTIL - ok
15:05:03.0253 6784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:05:03.0257 6784 sbp2port - ok
15:05:03.0292 6784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:05:03.0301 6784 SCardSvr - ok
15:05:03.0344 6784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:05:03.0346 6784 scfilter - ok
15:05:03.0422 6784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:05:03.0440 6784 Schedule - ok
15:05:03.0489 6784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:05:03.0491 6784 SCPolicySvc - ok
15:05:03.0524 6784 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:05:03.0528 6784 sdbus - ok
15:05:03.0549 6784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:05:03.0554 6784 SDRSVC - ok
15:05:03.0591 6784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:05:03.0594 6784 secdrv - ok
15:05:03.0638 6784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:05:03.0646 6784 seclogon - ok
15:05:03.0685 6784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:05:03.0689 6784 SENS - ok
15:05:03.0711 6784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:05:03.0717 6784 SensrSvc - ok
15:05:03.0753 6784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:05:03.0755 6784 Serenum - ok
15:05:03.0774 6784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:05:03.0777 6784 Serial - ok
15:05:03.0822 6784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:05:03.0825 6784 sermouse - ok
15:05:03.0913 6784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:05:03.0917 6784 SessionEnv - ok
15:05:03.0951 6784 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\drivers\SFEP.sys
15:05:03.0953 6784 SFEP - ok
15:05:03.0987 6784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:05:03.0989 6784 sffdisk - ok
15:05:04.0009 6784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:05:04.0011 6784 sffp_mmc - ok
15:05:04.0036 6784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:05:04.0038 6784 sffp_sd - ok
15:05:04.0071 6784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:05:04.0072 6784 sfloppy - ok
15:05:04.0139 6784 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:05:04.0151 6784 SharedAccess - ok
15:05:04.0194 6784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:04.0203 6784 ShellHWDetection - ok
15:05:04.0235 6784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:05:04.0237 6784 SiSRaid2 - ok
15:05:04.0269 6784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:05:04.0272 6784 SiSRaid4 - ok
15:05:04.0296 6784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:05:04.0300 6784 Smb - ok
15:05:04.0341 6784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:05:04.0348 6784 SNMPTRAP - ok
15:05:04.0420 6784 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:05:04.0422 6784 SOHCImp - ok
15:05:04.0439 6784 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:05:04.0440 6784 SOHDBSvr - ok
15:05:04.0475 6784 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:05:04.0482 6784 SOHDms - ok
15:05:04.0505 6784 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:05:04.0506 6784 SOHDs - ok
15:05:04.0536 6784 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:05:04.0537 6784 SOHPlMgr - ok
15:05:04.0569 6784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:05:04.0571 6784 spldr - ok
15:05:04.0628 6784 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:05:04.0639 6784 Spooler - ok
15:05:04.0765 6784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:05:04.0878 6784 sppsvc - ok
15:05:04.0924 6784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:05:04.0932 6784 sppuinotify - ok
15:05:04.0965 6784 [ A892134C28777978ECDE8283DC57AC0F ] SQLAgent$DDNI C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE
15:05:04.0977 6784 SQLAgent$DDNI - ok
15:05:05.0035 6784 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:05:05.0044 6784 SQLBrowser - ok
15:05:05.0090 6784 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:05:05.0093 6784 SQLWriter - ok
15:05:05.0133 6784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:05:05.0145 6784 srv - ok
15:05:05.0168 6784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:05:05.0179 6784 srv2 - ok
15:05:05.0196 6784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:05:05.0202 6784 srvnet - ok
15:05:05.0260 6784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:05:05.0267 6784 SSDPSRV - ok
15:05:05.0290 6784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:05:05.0295 6784 SstpSvc - ok
15:05:05.0328 6784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:05:05.0330 6784 stexstor - ok
15:05:05.0379 6784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:05:05.0391 6784 stisvc - ok
15:05:05.0439 6784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:05:05.0441 6784 swenum - ok
15:05:05.0511 6784 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:05:05.0525 6784 SwitchBoard - ok
15:05:05.0563 6784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:05:05.0586 6784 swprv - ok
15:05:05.0617 6784 [ 8F63178D1DB81BB79270AE55ECDD8321 ] SynTP C:\Windows\system32\drivers\SynTP.sys
15:05:05.0627 6784 SynTP - ok
15:05:05.0712 6784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:05:05.0738 6784 SysMain - ok
15:05:05.0779 6784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:05:05.0787 6784 TabletInputService - ok
15:05:05.0817 6784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:05:05.0825 6784 TapiSrv - ok
15:05:05.0849 6784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:05:05.0854 6784 TBS - ok
15:05:05.0936 6784 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:05:05.0994 6784 Tcpip - ok
15:05:06.0057 6784 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:05:06.0078 6784 TCPIP6 - ok
15:05:06.0128 6784 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:05:06.0129 6784 tcpipreg - ok
15:05:06.0166 6784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:05:06.0167 6784 TDPIPE - ok
15:05:06.0204 6784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:05:06.0205 6784 TDTCP - ok
15:05:06.0240 6784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:05:06.0243 6784 tdx - ok
15:05:06.0287 6784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:05:06.0288 6784 TermDD - ok
15:05:06.0342 6784 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:05:06.0353 6784 TermService - ok
15:05:06.0383 6784 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:05:06.0387 6784 Themes - ok
15:05:06.0425 6784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:05:06.0428 6784 THREADORDER - ok
15:05:06.0456 6784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:05:06.0461 6784 TrkWks - ok
15:05:06.0535 6784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:05:06.0538 6784 TrustedInstaller - ok
15:05:06.0590 6784 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:05:06.0591 6784 tssecsrv - ok
15:05:06.0636 6784 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:05:06.0637 6784 TsUsbFlt - ok
15:05:06.0679 6784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:05:06.0683 6784 tunnel - ok
15:05:06.0732 6784 [ 1A006963644C7FDE5BE60036F3A43E68 ] TVICHW64 C:\Windows\system32\DRIVERS\TVICHW64.SYS
15:05:06.0733 6784 TVICHW64 - ok
15:05:06.0772 6784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:05:06.0774 6784 uagp35 - ok
15:05:06.0818 6784 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:05:06.0820 6784 uCamMonitor - ok
15:05:06.0873 6784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:05:06.0881 6784 udfs - ok
15:05:06.0936 6784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:05:06.0944 6784 UI0Detect - ok
15:05:06.0964 6784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:05:06.0966 6784 uliagpkx - ok
15:05:07.0011 6784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:05:07.0012 6784 umbus - ok
15:05:07.0044 6784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:05:07.0045 6784 UmPass - ok
15:05:07.0079 6784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:05:07.0087 6784 upnphost - ok
15:05:07.0122 6784 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:05:07.0126 6784 usbccgp - ok
15:05:07.0174 6784 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:05:07.0177 6784 usbcir - ok
15:05:07.0207 6784 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:05:07.0209 6784 usbehci - ok
15:05:07.0244 6784 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:05:07.0253 6784 usbhub - ok
15:05:07.0282 6784 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:05:07.0283 6784 usbohci - ok
15:05:07.0309 6784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:05:07.0310 6784 usbprint - ok
15:05:07.0339 6784 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:05:07.0340 6784 usbscan - ok
15:05:07.0382 6784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:05:07.0385 6784 USBSTOR - ok
15:05:07.0419 6784 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:05:07.0420 6784 usbuhci - ok
15:05:07.0458 6784 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:05:07.0463 6784 usbvideo - ok
15:05:07.0499 6784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:05:07.0503 6784 UxSms - ok
15:05:07.0557 6784 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:05:07.0561 6784 VAIO Entertainment TV Device Arbitration Service - ok
15:05:07.0601 6784 [ 6B31C9CB94927DBEEB62E15275F4CC54 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:05:07.0604 6784 VAIO Event Service - ok
15:05:07.0684 6784 [ B8C9A7010AFD5CBBE194CB9EF7C4FD14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:05:07.0691 6784 VAIO Power Management - ok
15:05:07.0714 6784 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:05:07.0717 6784 VaultSvc - ok
15:05:07.0779 6784 [ 6A740F5FF3246C3BE3DD317299EFC88E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:05:07.0788 6784 VCFw - ok
15:05:07.0829 6784 [ FD03AC6CD1571AA8B2FF56D3C600E26E ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:05:07.0836 6784 VcmIAlzMgr - ok
15:05:07.0892 6784 [ 7A88CFD3FE99F2C9B95A6E2A08B96E14 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:05:07.0898 6784 VcmINSMgr - ok
15:05:07.0962 6784 [ 8EFAACCC7BFA1E9031EFDFB01A1B0D69 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:05:07.0968 6784 VcmXmlIfHelper - ok
15:05:08.0002 6784 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
15:05:08.0004 6784 VCService - ok
15:05:08.0046 6784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:05:08.0047 6784 vdrvroot - ok
15:05:08.0105 6784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:05:08.0116 6784 vds - ok
15:05:08.0150 6784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:05:08.0151 6784 vga - ok
15:05:08.0171 6784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:05:08.0172 6784 VgaSave - ok
15:05:08.0220 6784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:05:08.0226 6784 vhdmp - ok
15:05:08.0250 6784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:05:08.0251 6784 viaide - ok
15:05:08.0298 6784 [ 2DFD1EB9DE564460003DE1605A275E8D ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
15:05:08.0302 6784 vidsflt61 - ok
15:05:08.0322 6784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:05:08.0325 6784 volmgr - ok
15:05:08.0385 6784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:05:08.0395 6784 volmgrx - ok
15:05:08.0425 6784 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:05:08.0433 6784 volsnap - ok
15:05:08.0469 6784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:05:08.0474 6784 vsmraid - ok
15:05:08.0555 6784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:05:08.0623 6784 VSS - ok
15:05:08.0717 6784 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
15:05:08.0733 6784 VUAgent - ok
15:05:08.0770 6784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:05:08.0772 6784 vwifibus - ok
15:05:08.0794 6784 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:05:08.0796 6784 vwififlt - ok
15:05:08.0813 6784 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:05:08.0815 6784 vwifimp - ok
15:05:08.0853 6784 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:05:08.0875 6784 W32Time - ok
15:05:08.0914 6784 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:05:08.0915 6784 WacomPen - ok
15:05:08.0959 6784 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:05:08.0962 6784 WANARP - ok
15:05:08.0974 6784 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:05:08.0976 6784 Wanarpv6 - ok
15:05:09.0050 6784 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:05:09.0095 6784 WatAdminSvc - ok
15:05:09.0170 6784 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:05:09.0238 6784 wbengine - ok
15:05:09.0279 6784 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:05:09.0291 6784 WbioSrvc - ok
15:05:09.0325 6784 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:05:09.0348 6784 wcncsvc - ok
15:05:09.0376 6784 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:05:09.0383 6784 WcsPlugInService - ok
15:05:09.0412 6784 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:05:09.0413 6784 Wd - ok
15:05:09.0454 6784 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
15:05:09.0455 6784 WDC_SAM - ok
15:05:09.0509 6784 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:05:09.0531 6784 Wdf01000 - ok
15:05:09.0566 6784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:05:09.0571 6784 WdiServiceHost - ok
15:05:09.0588 6784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:05:09.0593 6784 WdiSystemHost - ok
15:05:09.0650 6784 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:05:09.0661 6784 WebClient - ok
15:05:09.0692 6784 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:05:09.0713 6784 Wecsvc - ok
15:05:09.0737 6784 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:05:09.0742 6784 wercplsupport - ok
15:05:09.0764 6784 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:05:09.0771 6784 WerSvc - ok
15:05:09.0799 6784 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:05:09.0801 6784 WfpLwf - ok
15:05:09.0820 6784 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:05:09.0821 6784 WIMMount - ok
15:05:09.0842 6784 WinDefend - ok
15:05:09.0861 6784 WinHttpAutoProxySvc - ok
15:05:09.0929 6784 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:05:09.0933 6784 Winmgmt - ok
15:05:10.0029 6784 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:05:10.0109 6784 WinRM - ok
15:05:10.0200 6784 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:05:10.0201 6784 WinUsb - ok
15:05:10.0265 6784 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:05:10.0281 6784 Wlansvc - ok
15:05:10.0428 6784 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:05:10.0457 6784 wlidsvc - ok
15:05:10.0494 6784 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:05:10.0495 6784 WmiAcpi - ok
15:05:10.0543 6784 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:05:10.0551 6784 wmiApSrv - ok
15:05:10.0581 6784 WMPNetworkSvc - ok
15:05:10.0616 6784 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:05:10.0623 6784 WPCSvc - ok
15:05:10.0669 6784 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:05:10.0676 6784 WPDBusEnum - ok
15:05:10.0714 6784 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:05:10.0715 6784 ws2ifsl - ok
15:05:10.0737 6784 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:05:10.0742 6784 wscsvc - ok
15:05:10.0755 6784 WSearch - ok
15:05:10.0886 6784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:05:10.0920 6784 wuauserv - ok
15:05:10.0987 6784 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:05:10.0991 6784 WudfPf - ok
15:05:11.0013 6784 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:05:11.0019 6784 WUDFRd - ok
15:05:11.0067 6784 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:05:11.0073 6784 wudfsvc - ok
15:05:11.0113 6784 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:05:11.0123 6784 WwanSvc - ok
15:05:11.0168 6784 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:05:11.0177 6784 yukonw7 - ok
15:05:11.0213 6784 ================ Scan global ===============================
15:05:11.0244 6784 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:05:11.0278 6784 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:05:11.0301 6784 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:05:11.0331 6784 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:05:11.0374 6784 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:05:11.0382 6784 [Global] - ok
15:05:11.0383 6784 ================ Scan MBR ==================================
15:05:11.0396 6784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:05:11.0909 6784 \Device\Harddisk0\DR0 - ok
15:05:11.0919 6784 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
15:05:12.0056 6784 \Device\Harddisk2\DR2 - ok
15:05:12.0057 6784 ================ Scan VBR ==================================
15:05:12.0083 6784 [ 2986D6BBE6F426137BB67B3C4A44E767 ] \Device\Harddisk0\DR0\Partition1
15:05:12.0086 6784 \Device\Harddisk0\DR0\Partition1 - ok
15:05:12.0097 6784 [ 265768813D2BB44862A89271452A0003 ] \Device\Harddisk0\DR0\Partition2
15:05:12.0100 6784 \Device\Harddisk0\DR0\Partition2 - ok
15:05:12.0108 6784 [ 99AE2C9A5F8DA7EFEEB42CC38C63A5D9 ] \Device\Harddisk2\DR2\Partition1
15:05:12.0111 6784 \Device\Harddisk2\DR2\Partition1 - ok
15:05:12.0112 6784 ============================================================
15:05:12.0112 6784 Scan finished
15:05:12.0112 6784 ============================================================
15:05:12.0133 7108 Detected object count: 1
15:05:12.0133 7108 Actual detected object count: 1
15:05:38.0571 7108 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
15:05:38.0571 7108 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#4 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 20 September 2012 - 02:42 PM

aswMBR Log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-20 15:09:09
-----------------------------
15:09:09.382 OS Version: Windows x64 6.1.7601 Service Pack 1
15:09:09.382 Number of processors: 4 586 0x2502
15:09:09.384 ComputerName: VALY-VAIO UserName: Valy
15:09:12.039 Initialize success
15:09:27.090 AVAST engine defs: 12092000
15:09:56.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:09:56.474 Disk 0 Vendor: ST950032 0004 Size: 476940MB BusType: 3
15:09:56.479 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000070
15:09:56.485 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
15:09:56.492 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000082
15:09:56.498 Disk 2 Vendor: RICOH 02 Size: 1884MB BusType: 0
15:09:56.517 Disk 0 MBR read successfully
15:09:56.525 Disk 0 MBR scan
15:09:56.550 Disk 0 Windows 7 default MBR code
15:09:56.572 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 8650 MB offset 2048
15:09:56.597 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 17717248
15:09:56.622 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 468188 MB offset 17922048
15:09:56.703 Disk 0 scanning C:\Windows\system32\drivers
15:10:16.026 Service scanning
15:10:59.003 Modules scanning
15:10:59.020 Disk 0 trace - called modules:
15:10:59.084 ntoskrnl.exe CLASSPNP.SYS disk.sys vsflt61.sys ACPI.sys iaStor.sys hal.dll
15:10:59.097 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006787060]
15:10:59.108 3 CLASSPNP.SYS[fffff8800101b43f] -> nt!IofCallDriver -> [0xfffffa8006620a60]
15:10:59.119 5 vsflt61.sys[fffff88000f870fd] -> nt!IofCallDriver -> [0xfffffa8004702dd0]
15:10:59.131 7 ACPI.sys[fffff88000ed67a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800471a050]
15:11:00.795 AVAST engine scan C:\Windows
15:11:04.613 AVAST engine scan C:\Windows\system32
15:16:39.158 AVAST engine scan C:\Windows\system32\drivers
15:17:01.027 AVAST engine scan C:\Users\Valy
15:26:24.406 AVAST engine scan C:\ProgramData
15:30:55.233 Scan finished successfully
15:40:24.787 Disk 0 MBR has been saved successfully to "C:\Users\Valy\Desktop\MBR.dat"
15:40:24.911 The log file has been saved successfully to "C:\Users\Valy\Desktop\aswMBR.txt"

#5 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 20 September 2012 - 09:58 PM

ESET SCAN

Posted Image

Several times a day I get this problem unexpectedly: "windows explorer has stopped working"
"windows explorer is restarting"

Edited by Kiry, 20 September 2012 - 10:02 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:29 PM

Posted 21 September 2012 - 01:46 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#7 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 09:44 PM

Mini Tool Box


MiniToolBox by Farbar Version: 23-07-2012
Ran by Valy (administrator) on 21-09-2012 at 22:36:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================








127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com.*
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com

There are 42 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Valy-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-81-58-F8-7F-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 50-63-13-F5-3D-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 2C-81-58-F8-7F-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bdc4:5dab:d3b8:8a70%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.144(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 21, 2012 10:26:26 PM
Lease Expires . . . . . . . . . . : Saturday, September 22, 2012 10:27:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218113630
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-03-E4-DF-00-24-BE-BE-75-CE
DNS Servers . . . . . . . . . . . : 70.45.95.8
70.45.95.9
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-24-BE-BE-75-CE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:18b7:713:3f57:fe6f(Preferred)
Link-local IPv6 Address . . . . . : fe80::18b7:713:3f57:fe6f%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C67F1FA0-7582-42B1-BDAF-119C1C7947BC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E713C92D-A565-472C-A643-4822E7FEEAA2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5CA2638F-A594-4D24-80BE-A37A7C278809}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F080DE39-A95A-4ECD-9EF4-659C412F3AD6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: static-host-70-45-95-8.onelinkpr.net
Address: 70.45.95.8

Name: google.com
Addresses: 2607:f8b0:4008:801::1000
74.125.229.193
74.125.229.194
74.125.229.195
74.125.229.196
74.125.229.197
74.125.229.198
74.125.229.199
74.125.229.200
74.125.229.201
74.125.229.206
74.125.229.192


Pinging google.com [74.125.229.201] with 32 bytes of data:
Reply from 74.125.229.201: bytes=32 time=37ms TTL=56
Reply from 74.125.229.201: bytes=32 time=36ms TTL=56

Ping statistics for 74.125.229.201:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 37ms, Average = 36ms
Server: static-host-70-45-95-8.onelinkpr.net
Address: 70.45.95.8

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=438ms TTL=50
Reply from 98.139.183.24: bytes=32 time=205ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 205ms, Maximum = 438ms, Average = 321ms
Server: static-host-70-45-95-8.onelinkpr.net
Address: 70.45.95.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...2a 81 58 f8 7f 8d ......Microsoft Virtual WiFi Miniport Adapter
12...50 63 13 f5 3d 59 ......Bluetooth Device (Personal Area Network)
11...2c 81 58 f8 7f 8d ......Atheros AR9285 Wireless Network Adapter
10...00 24 be be 75 ce ......Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.144 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.144 281
192.168.1.144 255.255.255.255 On-link 192.168.1.144 281
192.168.1.255 255.255.255.255 On-link 192.168.1.144 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.144 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.144 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:6ab8:18b7:713:3f57:fe6f/128
On-link
11 281 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::18b7:713:3f57:fe6f/128
On-link
11 281 fe80::bdc4:5dab:d3b8:8a70/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/20/2012 11:20:03 PM) (Source: Microsoft Security Client Setup) (User: Valy-VAIO)Valy-VAIO
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (09/20/2012 11:04:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2012 10:57:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/20/2012 10:36:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000050624
Faulting process id: 0x86c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (09/20/2012 03:43:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2012 03:41:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/20/2012 01:08:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2012 01:08:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/20/2012 10:30:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
.

Error: (09/20/2012 10:30:43 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]


System errors:
=============
Error: (09/21/2012 10:26:39 PM) (Source: NetBT) (User: )
Description: The name "VALY-VAIO :20" could not be registered on the interface with IP address 192.168.1.144.
The computer with the IP address 192.168.1.142 did not allow the name to be claimed by
this computer.

Error: (09/21/2012 10:26:39 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{5CA2638F-A594-4D24-80BE-A37A7C278809} because another computer on the network has the same name. The server could not start.

Error: (09/21/2012 10:26:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (09/21/2012 10:26:27 PM) (Source: NetBT) (User: )
Description: The name "VALY-VAIO :0" could not be registered on the interface with IP address 192.168.1.144.
The computer with the IP address 192.168.1.142 did not allow the name to be claimed by
this computer.

Error: (09/21/2012 10:26:15 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:25:07 PM on ?9/?21/?2012 was unexpected.

Error: (09/21/2012 09:15:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WPDBusEnum service.

Error: (09/21/2012 08:24:34 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (09/21/2012 08:24:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:23:39 PM on ?9/?21/?2012 was unexpected.

Error: (09/20/2012 11:17:09 PM) (Source: NetBT) (User: )
Description: The name "VALY-VAIO :0" could not be registered on the interface with IP address 192.168.1.144.
The computer with the IP address 192.168.1.142 did not allow the name to be claimed by
this computer.

Error: (09/20/2012 11:17:09 PM) (Source: NetBT) (User: )
Description: The name "VALY-VAIO :20" could not be registered on the interface with IP address 192.168.1.144.
The computer with the IP address 192.168.1.142 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (09/20/2012 11:20:03 PM) (Source: Microsoft Security Client Setup)(User: Valy-VAIO)Valy-VAIO
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (09/20/2012 11:04:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Valy\Downloads\esetsmartinstaller_enu (1).exe

Error: (09/20/2012 10:57:13 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe

Error: (09/20/2012 10:36:49 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000005062486c01cd975719e11d81C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll312ab9b7-0395-11e2-91a3-506313f53d59

Error: (09/20/2012 03:43:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Valy\Downloads\esetsmartinstaller_enu (1).exe

Error: (09/20/2012 03:41:26 PM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe

Error: (09/20/2012 01:08:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Valy\Downloads\esetsmartinstaller_enu.exe

Error: (09/20/2012 01:08:32 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Valy\Downloads\esetsmartinstaller_enu.exe

Error: (09/20/2012 10:30:43 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070013, The media is write protected.

Error: (09/20/2012 10:30:43 AM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected.


=========================== Installed Programs ============================

???? 2.6.8
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe AIR (Version: 3.3.0.3650)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (Version: 3.0.21.390)
Cisco Connect (Version: 1.3.11069.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CT and MRI Interactive Atlas of Cross-Sectional Anatomy (Version: 1.0)
CyberDefender Framework (Version: 1.3.0.4082)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DJ_AIO_05_F4400_Software_Min (Version: 140.0.690.000)
ESET Online Scanner v3
Evernote v. 4.1 (Version: 4.1.0.3431)
Free RAR Extract Frog (Version: 2.50)
GIMP 2.6.8
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.123)
HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (Version: 14.0)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® Turbo Boost Technology Driver (Version: 01.01.01.1007)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Development Kit 6 Update 22 (64-bit) (Version: 1.6.0.220)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
LANGE Q and A Radiography Examination Edition 8 (Version: 1.1)
Mabinogi
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Media Gallery (Version: 1.1.2.11260)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Safe Web Lite (Version: 2.0.0.16)
NVIDIA Drivers (Version: 1.10.56.34)
Oasis2Service (Version: 1.0.1)
OpenOffice.org 3.2 (Version: 3.2.9502)
Pando Media Booster (Version: 2.3.5.6)
PDF Settings CS5 (Version: 10.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.0.00.10260)
PMB VAIO Edition Guide (Version: 1.0.00.09250)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.0.01.11230)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (Version: 1.0.00.10150)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.0.01.12010)
PVSonyDll (Version: 1.00.0001)
PxMergeModule (Version: 1.00.0000)
QuickBooks Financial Center (Version: 1.30.0000)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6171)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (Version: 10.3)
Roxio Easy Media Creator Home (Version: 10.3.183)
Scan (Version: 140.0.80.000)
Service Pack 3 for SQL Server 2008 (KB2546951) (Version: 10.3.5500.0)
Setting Utility Series (Version: 5.1.0.11200)
SmartWi Connection Utility (Version: 4.9.4.20091005.2246)
Sony Home Network Library (Version: 2.0.1.12040)
Sony Home Network Library (Version: 2.0.2.12150)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
SUPERAntiSpyware (Version: 5.0.1146)
Synaptics Pointing Device Driver (Version: 14.0.3.0)
System Requirements Lab
System Requirements Lab for Intel (Version: 4.5.5.0)
Toolbox (Version: 140.0.428.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VAIO Care (Version: 6.4.2.11150)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.6.0.09250)
VAIO Content Metadata Intelligent Network Service Manager (Version: 3.7.0.14191)
VAIO Content Metadata Manager Settings (Version: 3.7.0.13221)
VAIO Content Metadata XML Interface Library (Version: 3.7.0.14191)
VAIO Content Monitoring Settings (Version: 2.4.1.09180)
VAIO Control Center (Version: 4.1.1.07160)
VAIO Data Restore Tool (Version: 1.2.0.09150)
VAIO DVD Menu Data (Version: 2.0.00.09240)
VAIO Entertainment Platform (Version: 3.6.0.09150)
VAIO Event Service (Version: 5.1.0.11300)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Help and Support (Version: 10.00.1029)
VAIO Media plus (Version: 2.0.1.12040)
VAIO Media plus Opening Movie (Version: 2.0.0.07030)
VAIO Movie Story Template Data (Version: 2.0.00.09240)
VAIO OOBE and Startup Assistant (Version: 2.00.1110)
VAIO Original Function Settings (Version: 2.0.0.07010)
VAIO Personalization Manager (Version: 2.0.0.06220)
VAIO Personalization Manager (Version: 2.0.3.12250)
VAIO Power Management (Version: 5.0.0.11300)
VAIO Survey (Version: 6.00.1028)
VAIO Transfer Support (Version: 1.1.2.06030)
VAIO Update (Version: 5.6.1.02150)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VAIO Update Merge Module x64 (Version: 5.6.10270)
VAIO Update Merge Module x64 (Version: 5.7.13130)
VAIO Wallpaper Contents (Version: 2.0.0.06010)
VD64Inst (Version: 1.00.0000)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
VU5x64 (Version: 1.0.0)
VU5x86 (Version: 1.0.0)
War of the Immortals EN
WIDCOMM Bluetooth Software (Version: 6.2.1.500)
Winamp (Version: 5.623 )
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
YTD Video Downloader 3.9

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4014.09 MB
Available physical RAM: 2221.83 MB
Total Pagefile: 8026.37 MB
Available Pagefile: 5868.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:457.21 GB) (Free:338.13 GB) NTFS
3 Drive f: () (Removable) (Total:1.84 GB) (Free:1.19 GB) FAT

========================= Users: ========================================

User accounts for \\VALY-VAIO

Administrator Guest Mcx1-VALY-VAIO
Valy


**** End of log ****

FSS

Farbar Service Scanner Version: 19-09-2012
Ran by Valy (administrator) on 21-09-2012 at 22:42:09
Running from "C:\Users\Valy\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 09:50 PM

Adware Cleaner

# AdwCleaner v2.002 - Logfile created 09/21/2012 at 22:46:10
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Valy - VALY-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Valy\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Valy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1402 octets] - [21/09/2012 22:46:10]

########## EOF - C:\AdwCleaner[S2].txt - [1462 octets] ##########

#9 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 09:57 PM

Posted Image

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:29 PM

Posted 21 September 2012 - 10:48 PM

Malwarebytes log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#11 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 11:30 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.21.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Valy :: VALY-VAIO [administrator]

9/21/2012 8:30:42 PM
mbam-log-2012-09-21 (20-30-42).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 494690
Time elapsed: 1 hour(s), 50 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 11:32 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/22/2012 12:31:12 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Advanced Explorer Setting Removed: HideIcons [HKCU]

Backup Registry file created at:
C:\Users\Valy\Desktop\rkill\rkill-09-22-2012-12-31-26.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com.*
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 crl.verisign.net

20 out of 62 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 09/22/2012 12:31:38 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)

#13 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 21 September 2012 - 11:39 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AVP" "Kaspersky Anti-Virus" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\avp.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "ISBMgr.exe" "" "Sony Corporation" "c:\program files (x86)\sony\isb utility\isbmgr.exe"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "SmartWiHelper" "SmartWi Helper" "Sony Electronics Corporation" "c:\program files (x86)\sony\smartwi connection utility\smartwihelper.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\shellex.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Kaspersky Anti-Virus" "Windows Shell Extension" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\shellex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\klwtbbho.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\ievkbd.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "ContributeBHO Class" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll"
+ "FilterBHO Class" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll"
+ "IEVkbdBHO Class" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\ievkbd.dll"
+ "Norton Safe Web Lite BHO" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton safe web lite\engine\2.0.0.16\coieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Contribute Toolbar" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll"
+ "Norton Safe Web Lite" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton safe web lite\engine\2.0.0.16\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Virtual Keyboard" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\ievkbd.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "URLs c&heck" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\x64\klwtbbho.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "&Virtual Keyboard" "IE Virtual Keyboard" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\ievkbd.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "URLs c&heck" "WebToolBar component" "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Valy-VAIO-Valy" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\LAUNCH CDPCO" "" "" "File not found: C:\Program Files (x86)\CyberDefender\PC Optimizer\CDPCO.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Sony Corporation\VAIO Care\VAIO Care" "VAIO Care" "Sony Corporation" "c:\program files\sony\vaio care\vcsystray.exe"
+ "\Sony Corporation\VAIO Care\VCOneClick" "VCOneClick" "Sony Corporation" "c:\program files\sony\vaio care\vconeclick.exe"
+ "\Sony Corporation\VAIO Update\Launch Application" "ShellExeProxy.exe" "Sony Corporation" "c:\program files\sony\vaio update common\shellexeproxy.exe"
+ "\Sony Corporation\VAIO Update\VAIO Update 5" "VAIO Update" "Sony Corporation" "c:\program files\sony\vaio update 5\vaioupdt.exe"
+ "\SONY\Java Update" "" "" "File not found: C:\Program Files\Java\jre6\bin\jusched.exe"
+ "\SONY\OOBEReminder" "OOBEFcdRegistration" "Sony Electronics, Inc." "c:\program files\sony\first experience\oobefcdregistration.exe"
+ "\SONY\OOBESendInfo" "OOBESendInfo" "" "c:\program files\sony\first experience\oobesendinfo.exe"
+ "\SONY\SUS-BCF\Level4Daily" "WBCBatteryCare" "Sony Corporation" "c:\program files (x86)\sony\setting utility series\wbcbatterycare.exe"
+ "\SONY\SUS-BCF\Level4Month" "WBCBatteryCare" "Sony Corporation" "c:\program files (x86)\sony\setting utility series\wbcbatterycare.exe"
+ "\SONY\VAIO Power Management\VPM Logon Start" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Power Management\VPM Session Change" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Power Management\VPM Unlock" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe"
+ "\SONY\VAIO Survey" " " "" "c:\program files (x86)\sony\vaio survey\vaio sat survey.exe"
+ "\SpyHunter4Startup" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "Akamai Technologies, Inc." "c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll"
+ "AVP" "Provides computer protection against viruses, dangerous software, network attacks, internet fraud and spam." "Kaspersky Lab ZAO" "c:\program files (x86)\kaspersky lab\kaspersky internet security 2012\avp.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "CDScheduler" "Required for CyberDefender products" "CyberDefender Corp." "c:\program files (x86)\cyberdefender\schedulerservice\schedulerservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MSSQL$DDNI" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files (x86)\microsoft sql server\mssql10.ddni\mssql\binn\sqlservr.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NSL" "Norton Safe Web Lite" "Symantec Corporation" "c:\program files (x86)\norton safe web lite\engine\2.0.0.16\ccsvchst.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "Roxio UPnP Renderer 10" "Roxio UPnP PRenderer Service" "Sonic Solutions" "c:\program files (x86)\roxio\digital home 10\roxioupnprenderer10.exe"
+ "Roxio Upnp Server 10" "RoxioUpnpService10 Module" "Sonic Solutions" "c:\program files (x86)\roxio\digital home 10\roxioupnpservice10.exe"
+ "SampleCollector" "Checks the systems performance for VAIO Care." "Sony Corporation" "c:\program files\sony\vaio care\vcperfservice.exe"
+ "SOHCImp" "VAIO Media plus Content Importer" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe"
+ "SOHDBSvr" "VAIO Media plus Database Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohdbsvr.exe"
+ "SOHDms" "VAIO Media plus Digital Media Server" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe"
+ "SOHDs" "VAIO Media plus Device Searcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohds.exe"
+ "SOHPlMgr" "VAIO Media plus Playlist Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohplmgr.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "uCamMonitor" "Monitor the status of the webcam on PC startup." "ArcSoft, Inc." "c:\program files (x86)\arcsoft\magic-i visual effects 2\ucammonitor.exe"
+ "VAIO Entertainment TV Device Arbitration Service" "Hardware Resource Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio entertainment platform\vzhardwareresourcemanager\vzhardwareresourcemanager\vzhardwareresourcemanager.exe"
+ "VAIO Event Service" "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited." "Sony Corporation" "c:\program files (x86)\sony\vaio event service\vesmgr.exe"
+ "VAIO Power Management" "Provides power management service for VAIO. If this service is stopped or disabled, power management functions for VAIO will not be available." "Sony Corporation" "c:\program files\sony\vaio power management\spmservice.exe"
+ "VCFw" "VAIO Content Folder Watcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe"
+ "VcmIAlzMgr" "Provides the content analysis function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe"
+ "VcmINSMgr" "Provides the information retrieval service function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent network service manager\vcminsmgr.exe"
+ "VcmXmlIfHelper" "VcmXml Helper Interface" "Sony Corporation" "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe"
+ "VCService" "Provides important VAIO Care functionality. If this service is stopped or disabled, VAIO Care may not function correctly." "Sony Corporation" "c:\program files\sony\vaio care\vcservice.exe"
+ "VUAgent" "Agent for VAIO Update." "Sony Corporation" "c:\program files\sony\vaio update common\vuagent.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ArcSoftKsUFilter" "For X64" "ArcSoft, Inc." "c:\windows\system32\drivers\arcsoftksufilter.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btusbflt" "Widcomm Bluetooth USB Filter for Windows XP" "Broadcom Corporation." "c:\windows\system32\drivers\btusbflt.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "ccSet_NST" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\nstx64\0200000.010\ccsetx64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "DFUBTUSB" "" "" "File not found: System32\Drivers\frmupgr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "esgiguard" "" "" "File not found: C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys"
+ "FixZeroAccess" "Zero Access Fix Tool" "Symantec Corporation" "c:\windows\system32\drivers\fixzeroaccess.sys"
+ "fltsrv" "Acronis Storage Filter Management Driver" "Acronis" "c:\windows\system32\drivers\fltsrv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "KL1" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl1.sys"
+ "kl2" "Kaspersky Unified Driver" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\kl2.sys"
+ "KLIF" "Kaspersky Lab Interceptor and Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klif.sys"
+ "KLIM6" "Kaspersky Anti-Virus NDIS 6 Filter" "Kaspersky Lab ZAO" "c:\windows\system32\drivers\klim6.sys"
+ "klmouflt" "Kaspersky Lab Mouse Class Filter" "Kaspersky Lab" "c:\windows\system32\drivers\klmouflt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 188.67 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimssne64.sys"
+ "risdsnpe" "RICOH PCIe SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdsne64.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SFEP" "Sony Firmware Extension Parser driver" "Sony Corporation" "c:\windows\system32\drivers\sfep.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TVICHW64" "TVicHW32 driver for Windows XP 64-bit edition" "EnTech Taiwan" "c:\windows\system32\drivers\tvichw64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vidsflt61" "Acronis Virtual Disk Storage Filter" "Acronis" "c:\windows\system32\drivers\vsflt61.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
+ "yukonw7" "" "" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VAIO Content Metadata Univ Filter" "DirectShow Filter for VCM Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax"
+ "VcmIAlzGPDFilter" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter.ax"
+ "VcmIAlzGPDFilter2" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter2.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "klogon" "Logon Visualizer" "Kaspersky Lab ZAO" "c:\windows\system32\klogon.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpf3l083.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l083.dll"
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"
"C:\Users\Valy\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Program Files\Windows Sidebar\Shared Gadgets\Kaspersky.Gadget"
+ "" "" "" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget"
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:29 PM

Posted 22 September 2012 - 07:59 AM

Do you still have the pop up?

#15 Kiry

Kiry
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:05:29 PM

Posted 22 September 2012 - 12:59 PM

Do you still have the pop up?


the action center message?
yes the trojan is still on my computer :(




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users