Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Livesearchnow and others redirecting safari, firefox,etc


  • This topic is locked This topic is locked
18 replies to this topic

#1 afe16rugby

afe16rugby

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 04 November 2012 - 10:52 AM

I seem to have livesearchnow and others redirecting me to 68.xxx. etc. Can you please help me remove them.

Thank you sooo much for you assistance.

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 04 November 2012 - 08:58 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 05 November 2012 - 08:41 AM

Thank you for helping me. I have windows 7. All browsers are showing problems, safari, firefox, chrome.


DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by Afe at 8:24:41 on 2012-11-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3935.2089 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Afe\Downloads\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Webblog: {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Webblog: {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files (x86)\wbtooltb\wbtoolDx.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [EasyLinkAdvisor] "C:\Program Files (x86)\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
uRun: [sbitunesagent] C:\Program Files (x86)\Songbird\songbirditunesagent.exe
uRun: [IVONA ControlCenter] "C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe" --action=run-silent
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Bonus.SSR.FR10] "C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} - hxxp://10.10.10.107/webviewer.cab
DPF: {3AA1C0E3-DA98-4BB4-91AE-D3BC61178240} - hxxp://10.10.10.107/GVersionMan.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{4644E885-130D-4E8D-AF2B-BC966822FB5A} : DHCPNameServer = 172.26.38.1 172.26.38.2 8.8.8.8
TCP: Interfaces\{77051440-098B-467C-9B03-450E55C4F20F} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{77051440-098B-467C-9B03-450E55C4F20F}\051627B656270275966696 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{77051440-098B-467C-9B03-450E55C4F20F}\051627B656270275966696D27657563747 : DHCPNameServer = 192.168.3.1
TCP: Interfaces\{77051440-098B-467C-9B03-450E55C4F20F}\07169747F6E6 : DHCPNameServer = 71.252.0.12 68.237.161.12
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.skipity.com
FF - prefs.js: keyword.URL - hxxp://search.skipity.com/?source=ab&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\Afe\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-09-11 11:03; LogMeInClient@logmein.com; C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\LogMeInClient@logmein.com
FF - ExtSQL: 2012-09-29 00:34; artur.dubovoy@gmail.com; C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-10-04 00:30; {d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}; C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-1 55856]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-18 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 cpuz134;cpuz134;C:\Windows\System32\drivers\cpuz134_x64.sys [2010-10-13 21480]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-24 399432]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-9-17 1251840]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-8-18 189984]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-26 1153368]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-9-11 2754984]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-10-1 104960]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-10-1 411496]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2009-10-1 19968]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-8-18 139264]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 44928]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-11 25928]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 29696]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-8-18 11392]
R3 vrvd5;vrvd5;C:\Windows\System32\drivers\vrvd5.sys [2012-6-26 13344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-8-18 393216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-14 136176]
S2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-24 676936]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250808]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2010-1-15 35840]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2010-12-18 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2010-12-18 9096]
S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-25 48488]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-14 136176]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-5-13 44480]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 115168]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2009-10-1 167424]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-1 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-1 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-1 427304]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-1 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-1 91432]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-30 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-10-1 468264]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-10-1 357672]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-10-1 110888]
S3 Volfinchdr;Volfinchdr;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-26 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
.
=============== File Associations ===============
.
ShellExec: VCExporterLaunch.exe: open="C:\Program Files (x86)\Sony\VAIO VP Utilities\VCELaunch.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-04 13:30:32 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2012-11-04 13:30:30 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2012-11-04 13:27:18 -------- d-----w- C:\Program Files (x86)\XBMC
2012-11-02 08:20:21 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BC50A19-E9F7-4F6C-AC4D-DEADCEA10698}\offreg.dll
2012-11-02 08:18:06 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9BC50A19-E9F7-4F6C-AC4D-DEADCEA10698}\mpengine.dll
2012-10-26 01:50:46 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-23 17:36:39 163056 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-21 16:36:57 -------- d-----w- C:\nuance_dragon_naturally_speaking_professional_v11_5_iso-ind_files
2012-10-10 07:36:17 -------- d-sh--w- C:\found.003
2012-10-10 01:16:17 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-10 01:14:22 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 01:14:22 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 01:13:20 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 01:13:20 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 01:13:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-10 01:13:03 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-10 01:12:57 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 01:12:56 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 01:12:55 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 01:12:54 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 01:12:54 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 01:12:54 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-08 02:43:40 -------- d-----w- C:\JRT
.
==================== Find3M ====================
.
2012-10-26 01:50:37 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-26 01:50:37 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-10-10 02:27:28 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 02:27:28 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-29 23:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-16 15:39:06 794906 ----a-w- C:\Windows\unins000.exe
2010-11-27 17:19:28 5470720 ----a-w- C:\Program Files (x86)\SharePod.exe
2009-02-13 16:02:52 80896 ----a-w- C:\Program Files\devcon_amd64.exe
.
============= FINISH: 8:25:05.38 ===============




Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is disabled!)
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CloneSpy 2.62
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.65.1.1000
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Mozilla Firefox (16.0.2)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/26/2009 3:22:03 PM
System Uptime: 11/5/2012 7:49:10 AM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 291 GiB total, 1.224 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1801.451 GiB free.
E: is Removable
F: is Removable
G: is CDROM ()
H: is FIXED (NTFS) - 466 GiB total, 1.028 GiB free.
I: is FIXED (NTFS) - 1863 GiB total, 5.532 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Officejet 6500 E709a
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer:
Name: Officejet 6500 E709a
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID:
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer:
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet 6500 E709a
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Officejet 6500 E709a
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
==== System Restore Points ===================
.
RP523: 10/31/2012 1:40:12 AM - Scheduled Checkpoint
RP524: 11/4/2012 8:28:44 AM - Installed DirectX
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
"Nero SoundTrax Help
µTorrent
4500_G510gm_Help_Web
4500_G510nz_Help
4500G510gm_Software_Min
4500G510gm_web
4500G510nz
4500G510nz_Software_Min
4Videosoft PDF to ePub Maker
64 Bit HP CIO Components Installer
6500_E709_BasicWeb
6500_E709_Help_BasicWeb
7-Zip 9.15 (x64 edition)
7-Zip 9.20
ABBYY FineReader 10 Corporate Edition
Activation Assistant for the 2007 Microsoft Office suites
Adobe Digital Editions
Adobe Encore DVD 1.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Photoshop Lightroom 4 64-bit
Adobe Premiere Pro Tryout
Adobe Reader X (10.1.4)
ADS Tech Master Installer V3.5
ADS Tech V3.5 DVD Xpress CapWiz
Advanced Batch Converter
Advertising Center
Alps Pointing-device for VAIO
Any DVD Converter Professional 4.1.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
AT&T Labs' Natural Voices 1.4 - Desktop Runtime
Audacity 1.3.12 (Unicode)
Avery Wizard 4.0
AviSynth 2.5
AVS Audio Recorder version 3.9
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
Balabolka
Bing Bar
BitRope Recorder
BlackWidow version 6.28
Bonjour
BookDrive Capture 4
bpd_scan
BPDSoftware_Ini
BufferChm
CCleaner
Click to Disc
Click to Disc Editor
CloneSpy 2.62
ConvertHelper 2.2
Copy
CopyTrans Suite Remove Only
CPUID CPU-Z 1.55
D3DX10
Destinations
DeviceDiscovery
DiskAid 5.42
DivX Setup
DJ_AIO_03_F4200_Software_Min
DocMgr
DocProc
DolbyFiles
Drivers Install For Linksys Easylink Advisor
DVD Decrypter (Remove Only)
DVD Flick 1.3.0.7
DVD Shrink 3.2
DVDFab 8.2.0.0 (03/08/2012) Qt
DVDSmith Movie Backup 1.0.4
EASEUS Partition Master 6.5.2 Home Edition
ePUBee Drm Removal 1.0
ESET Online Scanner v3
F4200
Fax
File Splitter and Joiner (FFSJ v3.3)
FileHunter
FlashFXP v4.0
FrostWire 5.4.0
FUJIFILM MyFinePix Studio 2.0
Garmin ANT Agent
Garmin BaseCamp
Garmin City Navigator North America NT 2012.40 Update
Garmin Communicator Plugin
Garmin Training Center v5
Garmin USB Drivers
Garmin WebUpdater
Gimp 2.6.2 Debug
Google Chrome
Google SketchUp 8
Google Update Helper
GPBaseService2
HandBrake 0.9.5
Hanso Recorder
Hewlett-Packard ACLM.NET v1.1.0.0
HiJackThis
HP Customer Participation Program 13.0
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 4500 G510g-m
HP Officejet 4500 G510n-z
HP Officejet 6500 E709 Series
HP Photosmart Essential 3.5
HP Product Detection
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
iJoysoft DVD Ripper Platinum
ImagXpress
iMesh
ImgBurn
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IrfanView (remove only)
iTunes
IVONA
IVONA ControlCenter
Java 7 Update 7
Java Auto Updater
Junk Mail filter update
LAME v3.98.2 for Audacity
LeapFrog Connect
LeapFrog Tag Plugin
Linksys EasyLink Advisor 1.6 (0032)
Magic Boss Key Version 4.10
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.65.1.1000
ManyCam 3.0.91 (remove only)
MarketResearch
McAfee Security Scan Plus
MediaMonkey 3.2
Menu Templates - Starter Kit
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Money Plus
Microsoft Money Shared Libraries
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2005 Tools for Office Runtime
mIRC
MobileMe Control Panel
Mobipocket Reader 6.2
Movie Templates - Starter Kit
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Transfer
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
Network64
NewsLeecher v3.9 Final
OCR Software by I.R.I.S. 13.0
Par-N-Rar 1.24
PDF to ePub Converter 3.0.3
PDFCreator
pdfforge Toolbar v5.1
PeerBlock 1.1 (r518)
Picasa 3
PlayReady PC Runtime amd64
Primo
QuickBooks
QuickBooks Pro 2011
QuickPar 0.9
QuickTime
RAF
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Runtime
Safari
Scan
Scan Tailor
Scan to PDF
SDFormatter
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SES Driver
Setting Utility Series
Shop for HP Supplies
Skype Click to Call
Skype™ 5.10
SmartViewer3.0
SmartWebPrinting
SmartWi Connection Utility
Snagit 10
snapter
SolutionCenter
Songbird 1.9.3 (Build 1959)
Sony Home Network Library
Sony Picture Utility
Sony Sound Forge 8.0
SoundTrax
Sp5
Sp5Intl
Sp5TTInt
SpCommon
SpPhones
Spybot - Search & Destroy
Status
SUPERAntiSpyware
TeamViewer 7
Text Speaker 3.1
Toolbox
TrayApp
Ulead DVD MovieFactory 2 SE
Ulead GIF Animator 5 TBYB
Ulead Straight-to-Disc SDK
Ulead VideoStudio 7 SE DVD
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
VAIO Care
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Intelligent Network Service Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story
VAIO Movie Story Template Data
VAIO OOBE and Startup Assistant
VAIO Original Function Settings
VAIO Power Management
VAIO Presentation Support
VAIO Quick Web Access
VAIO Survey
VAIO Update 4
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.4053
VD64Inst
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
VNC Enterprise Edition E4.6.1
VNC Mirror Driver 1.8.0
VNC Printer Driver 1.7.0
Webblog
WebEx
WebReg
Wii Video 9 6
Winamp
Winamp Detector Plug-in
WinDirStat 1.1.2
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Center
WinMerge 2.12.4
WinPcap 4.1.1
WinRAR 4.01 (64-bit)
XBMC
Xilisoft DVD Ripper Ultimate
Xvid 1.2.2 final uninstall
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Yeosoft Text to MP3 Speaker 3.5
YouTube Downloader App 3.00
Zultrax P2P
.
==== Event Viewer Messages From Past Week ========
.
11/5/2012 7:51:03 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/5/2012 7:49:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
11/5/2012 7:49:49 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.
11/5/2012 7:49:49 AM, Error: Service Control Manager [7000] - The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/5/2012 7:49:20 AM, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/4/2012 8:48:31 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
11/4/2012 4:31:59 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/4/2012 11:53:09 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/4/2012 10:09:00 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/4/2012 10:07:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/4/2012 10:07:25 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/4/2012 10:07:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/4/2012 10:07:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/4/2012 10:07:00 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache SASDIFSV SASKUTIL spldr Wanarpv6
11/3/2012 10:18:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
10/30/2012 8:57:59 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
.
==== End Of File ===========================


Thank you. :)

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 05 November 2012 - 02:55 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 05 November 2012 - 11:45 PM

# AdwCleaner v2.006 - Logfile created 11/05/2012 at 23:34:24
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Afe - MAIER1-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Afe\Downloads\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Afe\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Mon\AppData\Roaming\Mozilla\Firefox\Profiles\cszi54ih.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Afe\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [17096 octets] - [01/10/2012 06:48:02]
AdwCleaner[R2].txt - [17086 octets] - [07/10/2012 21:36:08]
AdwCleaner[S1].txt - [16066 octets] - [07/10/2012 21:38:29]
AdwCleaner[R3].txt - [1409 octets] - [05/11/2012 23:33:12]
AdwCleaner[S2].txt - [1344 octets] - [05/11/2012 23:34:24]

########## EOF - C:\AdwCleaner[S2].txt - [1404 octets] ##########

RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Afe [Admin rights]
Mode : Remove -- Date : 11/05/2012 23:41:55

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[TASK][SUSP PATH] {AAA4B40C-BA03-445A-8DD9-A8B30470C55B} : C:\Windows\system32\pcalua.exe -a "C:\Users\Afe\Desktop\Computer Utils\Diskmapper2\dm2.exe" -d "C:\Users\Afe\Desktop\Computer Utils\Diskmapper2" -> DELETED
[TASK][SUSP PATH] {CF05BF4B-4E03-4045-BF86-CEBF6211ECB8} : C:\Windows\system32\pcalua.exe -a "C:\Users\Afe\AppData\Local\Temp\Rar$EX11.192\QuickBooks Pro 2010 incl Serial + Patch\Setup_QuickBooksPro2010.exe" -d "C:\Program Files (x86)\Akamai\Download Manager" -> DELETED
[TASK][SUSP PATH] {E11D24DE-F60D-418D-9AA3-EF72BADB3C41} : C:\Windows\system32\pcalua.exe -a C:\Users\Afe\Desktop\Diskmapper2\dm2.exe -d C:\Users\Afe\Desktop\Diskmapper2 -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVS-26VAT0 +++++
--- User ---
[MBR] 23bbc772bc575202c312bc87344c827f
[BSP] 5df9849016ef7955048cda7929029341 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 7530 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 15423488 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 15628288 | Size: 297613 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11052012_02d2341.txt >>
RKreport[1]_S_11052012_02d2341.txt ; RKreport[2]_D_11052012_02d2341.txt

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 05 November 2012 - 11:48 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 08 November 2012 - 05:29 AM

I am still getting redirects from searchreno and others. Here is the log below.

ComboFix 12-11-05.03 - Afe 11/06/2012 0:51.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3935.2311 [GMT -5:00]
Running from: c:\users\Afe\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM106A.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM107C.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM108D.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM108F.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM110E.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM11CB.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM123A.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM126B.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM128C.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1369.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM136B.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM137C.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM13EC.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM13FD.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM140F.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM14FB.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM153B.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM156C.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM15CC.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1679.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1795.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1852.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1893.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM18E3.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1923.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM19B1.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1A5F.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1AED.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1B6C.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1BBC.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1D15.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1D65.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1DC5.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1E34.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1E75.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1EB5.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM1FC0.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM207D.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM20AE.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM219B.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM219D.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM21AF.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEM21E0.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEMEEE.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEMF0F.tmp
c:\users\Afe\AppData\Local\Temp\XTMP1MC3VE\DEMFFB.tmp
c:\users\Afe\AppData\Local\Temp\YTMP7MC8AA\TAA26CC.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-10-06 to 2012-11-06 )))))))))))))))))))))))))))))))
.
.
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\users\TEMP ACCT\AppData\Local\temp
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\users\Mon\AppData\Local\temp
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\users\Maier1\AppData\Local\temp
2012-11-06 06:01 . 2012-11-06 06:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-06 04:44 . 2012-09-25 04:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-04 13:30 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-11-04 13:30 . 2010-05-26 16:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-11-04 13:27 . 2012-11-04 13:27 -------- d-----w- c:\program files (x86)\XBMC
2012-11-02 08:18 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9BC50A19-E9F7-4F6C-AC4D-DEADCEA10698}\mpengine.dll
2012-10-26 01:51 . 2012-10-26 01:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-10-23 17:36 . 2012-10-23 17:36 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-21 16:36 . 2011-11-22 10:29 -------- d-----w- C:\nuance_dragon_naturally_speaking_professional_v11_5_iso-ind_files
2012-10-10 07:36 . 2012-10-10 07:36 -------- d-----w- C:\found.003
2012-10-10 01:16 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 01:14 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 01:14 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 01:13 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 01:13 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 01:13 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 01:13 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 01:12 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 01:12 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 01:12 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 01:12 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 01:12 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 01:12 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-08 02:43 . 2012-10-08 02:55 -------- d-----w- C:\JRT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-26 01:50 . 2012-10-01 20:55 821736 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-26 01:50 . 2010-05-25 22:54 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-10 07:08 . 2010-01-09 02:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-10 02:27 . 2012-04-02 03:27 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-10 02:27 . 2011-05-23 13:37 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-01 14:21 . 2012-10-01 14:21 388096 ----a-r- c:\users\Afe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-29 23:54 . 2011-08-11 17:02 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-24 11:15 . 2012-09-22 07:01 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 07:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 07:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 07:01 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 07:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 07:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 07:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 07:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 07:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-13 01:03 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-13 01:03 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-13 01:03 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-13 01:03 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 19:31 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-10 01:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-16 15:39 . 2012-08-16 15:39 794906 ----a-w- c:\windows\unins000.exe
2010-11-27 17:19 . 2011-07-26 05:22 5470720 ----a-w- c:\program files (x86)\SharePod.exe
2009-02-13 16:02 . 2009-02-13 16:02 80896 ----a-w- c:\program files\devcon_amd64.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{C3947F4E-8894-4C04-98E0-DF182C706DDF}]
2010-12-09 16:02 86696 ----a-w- c:\program files (x86)\wbtooltb\wbtoolDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C3947F4E-8894-4C04-98E0-DF182C706DDF}"= "c:\program files (x86)\wbtooltb\wbtoolDx.dll" [2010-12-09 86696]
.
[HKEY_CLASSES_ROOT\clsid\{c3947f4e-8894-4c04-98e0-df182c706ddf}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="c:\program files (x86)\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-15 454784]
"sbitunesagent"="c:\program files (x86)\Songbird\songbirditunesagent.exe" [2011-01-27 266240]
"IVONA ControlCenter"="c:\program files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe" [2009-10-28 1515520]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-02 5664640]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2012-03-23 14749544]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2012-09-14 2164632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-08-27 79872]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Bonus.SSR.FR10"="c:\program files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" [2009-12-20 941320]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2010-09-27 1443080]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-7-12 113664]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2010-9-30 1156384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2009-03-02 35840]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [2011-11-12 24576]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-05-14 44480]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 rssasnt;rssasnt;c:\users\Public\Documents\RSupport\rcc50\rssas64.sys [x]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2008-09-29 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-18 110888]
R3 Volfinchdr;Volfinchdr;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-26 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-24 140672]
S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 47632]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-09-17 1251840]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-08-05 139264]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-07-20 44928]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-07-20 29696]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 vrvd5;vrvd5;c:\windows\system32\DRIVERS\vrvd5.sys [2012-06-26 13344]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-07-31 393216]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 02:27]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 21:22]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-14 21:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} - hxxp://10.10.10.107/webviewer.cab
DPF: {3AA1C0E3-DA98-4BB4-91AE-D3BC61178240} - hxxp://10.10.10.107/GVersionMan.cab
FF - ProfilePath - c:\users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.skipity.com
FF - prefs.js: keyword.URL - hxxp://search.skipity.com/?source=ab&q=
FF - ExtSQL: 2012-09-11 11:03; LogMeInClient@logmein.com; c:\users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\LogMeInClient@logmein.com
FF - ExtSQL: 2012-09-29 00:34; artur.dubovoy@gmail.com; c:\users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-10-04 00:30; {d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}; c:\users\Afe\AppData\Roaming\Mozilla\Firefox\Profiles\wvzv8vax.default\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
.
**************************************************************************
.
Completion time: 2012-11-06 01:11:23 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-06 06:11
.
Pre-Run: 4,662,218,752 bytes free
Post-Run: 8,784,060,416 bytes free
.
- - End Of File - - 6F1EDF7F242AA8EF47E4AEB76A6DA7BE

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 08 November 2012 - 07:25 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 11 November 2012 - 07:25 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 12 November 2012 - 01:12 AM

Still having problems and for some reason I have lost all C: drive space. Seem like something has taken up all and any available space. It is really weird and bothering.

TDSSKILLER found no threats.

Here are the log posts.

01:00:00.0951 9032 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:00:01.0281 9032 ============================================================
01:00:01.0281 9032 Current date / time: 2012/11/12 01:00:01.0281
01:00:01.0281 9032 SystemInfo:
01:00:01.0281 9032
01:00:01.0281 9032 OS Version: 6.1.7601 ServicePack: 1.0
01:00:01.0281 9032 Product type: Workstation
01:00:01.0281 9032 ComputerName: MAIER1-VAIO
01:00:01.0281 9032 UserName: Afe
01:00:01.0281 9032 Windows directory: C:\Windows
01:00:01.0281 9032 System windows directory: C:\Windows
01:00:01.0281 9032 Running under WOW64
01:00:01.0281 9032 Processor architecture: Intel x64
01:00:01.0281 9032 Number of processors: 2
01:00:01.0281 9032 Page size: 0x1000
01:00:01.0281 9032 Boot type: Normal boot
01:00:01.0281 9032 ============================================================
01:00:01.0941 9032 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:00:01.0941 9032 Drive \Device\Harddisk3\DR12 - Size: 0x3C100000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:00:01.0951 9032 ============================================================
01:00:01.0951 9032 \Device\Harddisk0\DR0:
01:00:01.0951 9032 MBR partitions:
01:00:01.0951 9032 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xEB5800, BlocksNum 0x32000
01:00:01.0951 9032 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xEE7800, BlocksNum 0x24546AB0
01:00:01.0951 9032 \Device\Harddisk3\DR12:
01:00:01.0951 9032 GPT partitions:
01:00:01.0951 9032 \Device\Harddisk3\DR12\Partition1: GPT, TypeGUID: {5265636F-7665-11AA-AA11-00306543ECAC}, UniqueGUID: {09B682AD-DEEC-45F7-9768-22432DCEF402}, Name: Apple_HFS_Untitled_2, StartLBA 0x28, BlocksNum 0xC738
01:00:01.0951 9032 \Device\Harddisk3\DR12\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {762CA558-87E7-4B5C-8DB7-810A5E16DA0F}, Name: , StartLBA 0xC760, BlocksNum 0x6D984
01:00:01.0951 9032 MBR partitions:
01:00:01.0951 9032 ============================================================
01:00:02.0031 9032 C: <-> \Device\Harddisk0\DR0\Partition2
01:00:02.0031 9032 ============================================================
01:00:02.0031 9032 Initialize success
01:00:02.0031 9032 ============================================================
01:00:03.0915 7732 ============================================================
01:00:03.0915 7732 Scan started
01:00:03.0915 7732 Mode: Manual;
01:00:03.0915 7732 ============================================================
01:00:04.0244 7732 ================ Scan system memory ========================
01:00:04.0244 7732 System memory - ok
01:00:04.0244 7732 ================ Scan services =============================
01:00:04.0709 7732 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:00:04.0711 7732 !SASCORE - ok
01:00:05.0106 7732 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:00:05.0116 7732 1394ohci - ok
01:00:05.0526 7732 [ D5934C8B21C2BBBDD259B691DEFE33BA ] ABBYY.Licensing.FineReader.Corporate.10.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
01:00:05.0546 7732 ABBYY.Licensing.FineReader.Corporate.10.0 - ok
01:00:05.0966 7732 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
01:00:05.0986 7732 ACDaemon - ok
01:00:06.0106 7732 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:00:06.0106 7732 ACPI - ok
01:00:06.0466 7732 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:00:06.0466 7732 AcpiPmi - ok
01:00:06.0686 7732 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
01:00:06.0686 7732 Adobe LM Service - ok
01:00:06.0938 7732 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:00:06.0954 7732 AdobeARMservice - ok
01:00:07.0459 7732 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:00:07.0459 7732 AdobeFlashPlayerUpdateSvc - ok
01:00:07.0539 7732 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:00:07.0559 7732 adp94xx - ok
01:00:07.0649 7732 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:00:07.0659 7732 adpahci - ok
01:00:07.0709 7732 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:00:07.0709 7732 adpu320 - ok
01:00:07.0779 7732 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:00:07.0779 7732 AeLookupSvc - ok
01:00:07.0879 7732 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:00:07.0899 7732 AFD - ok
01:00:08.0029 7732 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:00:08.0029 7732 agp440 - ok
01:00:08.0069 7732 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:00:08.0069 7732 ALG - ok
01:00:08.0109 7732 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:00:08.0109 7732 aliide - ok
01:00:08.0310 7732 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:00:08.0310 7732 amdide - ok
01:00:08.0350 7732 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:00:08.0350 7732 AmdK8 - ok
01:00:08.0370 7732 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:00:08.0370 7732 AmdPPM - ok
01:00:08.0902 7732 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:00:08.0905 7732 amdsata - ok
01:00:08.0995 7732 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:00:08.0999 7732 amdsbs - ok
01:00:09.0233 7732 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:00:09.0233 7732 amdxata - ok
01:00:09.0283 7732 [ 56BD886820C4AEDF493CFCDF1CCFB004 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
01:00:09.0293 7732 ApfiltrService - ok
01:00:09.0403 7732 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:00:09.0403 7732 AppID - ok
01:00:09.0433 7732 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:00:09.0433 7732 AppIDSvc - ok
01:00:09.0513 7732 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:00:09.0523 7732 Appinfo - ok
01:00:09.0793 7732 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:00:09.0793 7732 Apple Mobile Device - ok
01:00:09.0923 7732 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:00:09.0933 7732 arc - ok
01:00:09.0963 7732 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:00:09.0963 7732 arcsas - ok
01:00:09.0993 7732 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:00:09.0993 7732 ArcSoftKsUFilter - ok
01:00:10.0043 7732 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:00:10.0053 7732 AsyncMac - ok
01:00:10.0133 7732 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:00:10.0133 7732 atapi - ok
01:00:10.0243 7732 [ 5D4529AC4156E16BEDB01441AE0CF984 ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:00:10.0293 7732 athr - ok
01:00:10.0573 7732 [ DE0EDE41BC530F1759C6FFFCB8C7A0CF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:00:10.0743 7732 atikmdag - ok
01:00:10.0893 7732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:00:10.0913 7732 AudioEndpointBuilder - ok
01:00:10.0933 7732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:00:10.0943 7732 AudioSrv - ok
01:00:11.0053 7732 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:00:11.0053 7732 AxInstSV - ok
01:00:11.0123 7732 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:00:11.0143 7732 b06bdrv - ok
01:00:11.0263 7732 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:00:11.0263 7732 b57nd60a - ok
01:00:11.0795 7732 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
01:00:11.0795 7732 BBSvc - ok
01:00:11.0904 7732 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:00:12.0044 7732 BDESVC - ok
01:00:12.0138 7732 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:00:12.0138 7732 Beep - ok
01:00:12.0231 7732 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:00:12.0247 7732 BFE - ok
01:00:12.0294 7732 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
01:00:12.0341 7732 BITS - ok
01:00:12.0419 7732 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:00:12.0419 7732 blbdrive - ok
01:00:12.0528 7732 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:00:12.0559 7732 Bonjour Service - ok
01:00:12.0653 7732 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:00:12.0668 7732 bowser - ok
01:00:12.0699 7732 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:00:12.0699 7732 BrFiltLo - ok
01:00:12.0777 7732 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:00:12.0777 7732 BrFiltUp - ok
01:00:12.0871 7732 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:00:12.0871 7732 BridgeMP - ok
01:00:12.0933 7732 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:00:12.0933 7732 Browser - ok
01:00:12.0980 7732 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:00:12.0996 7732 Brserid - ok
01:00:13.0074 7732 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:00:13.0074 7732 BrSerWdm - ok
01:00:13.0121 7732 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:00:13.0121 7732 BrUsbMdm - ok
01:00:13.0152 7732 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:00:13.0152 7732 BrUsbSer - ok
01:00:13.0245 7732 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
01:00:13.0245 7732 BthEnum - ok
01:00:13.0448 7732 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:00:13.0448 7732 BTHMODEM - ok
01:00:13.0542 7732 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:00:13.0542 7732 BthPan - ok
01:00:13.0651 7732 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
01:00:13.0671 7732 BTHPORT - ok
01:00:13.0721 7732 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:00:13.0731 7732 bthserv - ok
01:00:13.0851 7732 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
01:00:13.0851 7732 BTHUSB - ok
01:00:13.0981 7732 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
01:00:13.0981 7732 BVRPMPR5a64 - ok
01:00:14.0031 7732 catchme - ok
01:00:14.0071 7732 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:00:14.0081 7732 cdfs - ok
01:00:14.0271 7732 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:00:14.0271 7732 cdrom - ok
01:00:14.0361 7732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:00:14.0361 7732 CertPropSvc - ok
01:00:14.0411 7732 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:00:14.0411 7732 circlass - ok
01:00:14.0648 7732 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:00:14.0655 7732 CLFS - ok
01:00:14.0768 7732 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:00:14.0771 7732 clr_optimization_v2.0.50727_32 - ok
01:00:14.0916 7732 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:00:14.0916 7732 clr_optimization_v2.0.50727_64 - ok
01:00:15.0476 7732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:00:15.0476 7732 clr_optimization_v4.0.30319_32 - ok
01:00:15.0727 7732 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:00:15.0727 7732 clr_optimization_v4.0.30319_64 - ok
01:00:15.0758 7732 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:00:15.0758 7732 CmBatt - ok
01:00:15.0836 7732 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:00:15.0836 7732 cmdide - ok
01:00:15.0930 7732 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:00:15.0946 7732 CNG - ok
01:00:16.0024 7732 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:00:16.0024 7732 Compbatt - ok
01:00:16.0246 7732 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:00:16.0256 7732 CompositeBus - ok
01:00:16.0266 7732 COMSysApp - ok
01:00:16.0366 7732 [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x64.sys
01:00:16.0366 7732 cpuz134 - ok
01:00:16.0446 7732 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:00:16.0446 7732 crcdisk - ok
01:00:16.0566 7732 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:00:16.0566 7732 CryptSvc - ok
01:00:16.0666 7732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:00:16.0696 7732 DcomLaunch - ok
01:00:16.0766 7732 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:00:16.0766 7732 defragsvc - ok
01:00:16.0826 7732 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:00:16.0826 7732 DfsC - ok
01:00:16.0946 7732 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:00:16.0946 7732 Dhcp - ok
01:00:16.0966 7732 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:00:16.0966 7732 discache - ok
01:00:17.0046 7732 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:00:17.0046 7732 Disk - ok
01:00:17.0146 7732 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:00:17.0146 7732 Dnscache - ok
01:00:17.0236 7732 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:00:17.0236 7732 dot3svc - ok
01:00:17.0356 7732 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:00:17.0356 7732 Dot4 - ok
01:00:17.0457 7732 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:00:17.0457 7732 Dot4Print - ok
01:00:17.0507 7732 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:00:17.0507 7732 dot4usb - ok
01:00:17.0577 7732 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:00:17.0587 7732 DPS - ok
01:00:17.0637 7732 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:00:17.0637 7732 drmkaud - ok
01:00:17.0727 7732 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:00:17.0757 7732 DXGKrnl - ok
01:00:17.0807 7732 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:00:17.0807 7732 EapHost - ok
01:00:17.0907 7732 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:00:17.0997 7732 ebdrv - ok
01:00:18.0077 7732 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:00:18.0077 7732 EFS - ok
01:00:18.0227 7732 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:00:18.0277 7732 ehRecvr - ok
01:00:18.0327 7732 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:00:18.0337 7732 ehSched - ok
01:00:18.0427 7732 [ 594F6168A9658B20FC89B02F897BBD25 ] elagopro C:\Windows\system32\DRIVERS\elagop64.sys
01:00:18.0427 7732 elagopro - ok
01:00:18.0447 7732 [ 5D47A65314942C5125E603A3316E9B09 ] elaunidr C:\Windows\system32\DRIVERS\elauni64.sys
01:00:18.0447 7732 elaunidr - ok
01:00:18.0487 7732 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:00:18.0497 7732 elxstor - ok
01:00:18.0577 7732 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
01:00:18.0587 7732 epmntdrv - ok
01:00:18.0617 7732 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:00:18.0617 7732 ErrDev - ok
01:00:18.0657 7732 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
01:00:18.0657 7732 EuGdiDrv - ok
01:00:18.0707 7732 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:00:18.0707 7732 EventSystem - ok
01:00:18.0747 7732 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:00:18.0747 7732 exfat - ok
01:00:18.0787 7732 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:00:18.0797 7732 fastfat - ok
01:00:18.0867 7732 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:00:18.0887 7732 Fax - ok
01:00:18.0917 7732 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:00:18.0917 7732 fdc - ok
01:00:18.0957 7732 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:00:18.0957 7732 fdPHost - ok
01:00:18.0997 7732 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:00:18.0997 7732 FDResPub - ok
01:00:19.0017 7732 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:00:19.0017 7732 FileInfo - ok
01:00:19.0027 7732 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:00:19.0027 7732 Filetrace - ok
01:00:19.0047 7732 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:00:19.0057 7732 flpydisk - ok
01:00:19.0117 7732 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:00:19.0127 7732 FltMgr - ok
01:00:19.0187 7732 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
01:00:19.0187 7732 FlyUsb - ok
01:00:19.0277 7732 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:00:19.0317 7732 FontCache - ok
01:00:19.0408 7732 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:00:19.0408 7732 FontCache3.0.0.0 - ok
01:00:19.0462 7732 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:00:19.0464 7732 FsDepends - ok
01:00:19.0558 7732 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
01:00:19.0560 7732 fssfltr - ok
01:00:19.0647 7732 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:00:19.0649 7732 Fs_Rec - ok
01:00:19.0738 7732 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:00:19.0748 7732 fvevol - ok
01:00:19.0798 7732 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:00:19.0798 7732 gagp30kx - ok
01:00:19.0888 7732 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:00:19.0888 7732 GEARAspiWDM - ok
01:00:19.0988 7732 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:00:20.0028 7732 gpsvc - ok
01:00:20.0146 7732 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
01:00:20.0148 7732 grmnusb - ok
01:00:21.0040 7732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:00:21.0040 7732 gupdate - ok
01:00:21.0100 7732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:00:21.0100 7732 gupdatem - ok
01:00:21.0238 7732 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:00:21.0238 7732 gusvc - ok
01:00:21.0301 7732 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:00:21.0301 7732 hcw85cir - ok
01:00:21.0394 7732 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:00:21.0394 7732 HdAudAddService - ok
01:00:21.0457 7732 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:00:21.0457 7732 HDAudBus - ok
01:00:21.0488 7732 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:00:21.0488 7732 HidBatt - ok
01:00:21.0550 7732 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:00:21.0550 7732 HidBth - ok
01:00:21.0581 7732 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:00:21.0581 7732 HidIr - ok
01:00:21.0628 7732 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
01:00:21.0628 7732 hidserv - ok
01:00:21.0722 7732 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
01:00:21.0722 7732 HidUsb - ok
01:00:21.0784 7732 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:00:21.0800 7732 hkmsvc - ok
01:00:21.0878 7732 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:00:21.0878 7732 HomeGroupListener - ok
01:00:21.0956 7732 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:00:21.0956 7732 HomeGroupProvider - ok
01:00:22.0658 7732 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
01:00:22.0658 7732 hpqcxs08 - ok
01:00:22.0767 7732 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
01:00:22.0767 7732 hpqddsvc - ok
01:00:22.0845 7732 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:00:22.0845 7732 HpSAMD - ok
01:00:22.0954 7732 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
01:00:22.0985 7732 HPSLPSVC - ok
01:00:23.0110 7732 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
01:00:23.0126 7732 HsfXAudioService - ok
01:00:23.0235 7732 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:00:23.0265 7732 HTTP - ok
01:00:23.0325 7732 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:00:23.0325 7732 hwpolicy - ok
01:00:23.0405 7732 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:00:23.0405 7732 i8042prt - ok
01:00:23.0475 7732 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
01:00:23.0485 7732 IAANTMON - ok
01:00:23.0535 7732 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:00:23.0535 7732 iaStor - ok
01:00:23.0605 7732 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:00:23.0615 7732 iaStorV - ok
01:00:23.0725 7732 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:00:23.0765 7732 idsvc - ok
01:00:23.0985 7732 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:00:24.0185 7732 igfx - ok
01:00:24.0225 7732 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:00:24.0225 7732 iirsp - ok
01:00:24.0295 7732 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:00:24.0360 7732 IKEEXT - ok
01:00:24.0460 7732 [ B16FC828CE7A76A8F1CE682E6EAD2627 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:00:24.0523 7732 IntcAzAudAddService - ok
01:00:24.0587 7732 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
01:00:24.0592 7732 IntcHdmiAddService - ok
01:00:24.0610 7732 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:00:24.0611 7732 intelide - ok
01:00:24.0649 7732 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:00:24.0649 7732 intelppm - ok
01:00:24.0689 7732 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:00:24.0689 7732 IPBusEnum - ok
01:00:24.0749 7732 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:00:24.0749 7732 IpFilterDriver - ok
01:00:24.0839 7732 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:00:24.0859 7732 iphlpsvc - ok
01:00:24.0919 7732 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:00:24.0919 7732 IPMIDRV - ok
01:00:24.0949 7732 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:00:24.0949 7732 IPNAT - ok
01:00:25.0109 7732 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:00:25.0149 7732 iPod Service - ok
01:00:25.0239 7732 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:00:25.0239 7732 IRENUM - ok
01:00:25.0289 7732 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:00:25.0289 7732 isapnp - ok
01:00:25.0379 7732 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:00:25.0389 7732 iScsiPrt - ok
01:00:25.0409 7732 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
01:00:25.0409 7732 kbdclass - ok
01:00:25.0479 7732 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:00:25.0489 7732 kbdhid - ok
01:00:25.0519 7732 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:00:25.0529 7732 KeyIso - ok
01:00:25.0589 7732 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:00:25.0589 7732 KSecDD - ok
01:00:25.0649 7732 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:00:25.0659 7732 KSecPkg - ok
01:00:25.0699 7732 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:00:25.0699 7732 ksthunk - ok
01:00:25.0739 7732 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:00:25.0749 7732 KtmRm - ok
01:00:25.0849 7732 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:00:25.0859 7732 LanmanServer - ok
01:00:25.0949 7732 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:00:25.0949 7732 LanmanWorkstation - ok
01:00:26.0189 7732 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
01:00:26.0339 7732 LeapFrog Connect Device Service - ok
01:00:26.0439 7732 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
01:00:26.0439 7732 libusb0 - ok
01:00:26.0489 7732 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:00:26.0489 7732 lltdio - ok
01:00:26.0549 7732 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:00:26.0549 7732 lltdsvc - ok
01:00:26.0579 7732 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:00:26.0579 7732 lmhosts - ok
01:00:26.0629 7732 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:00:26.0629 7732 LSI_FC - ok
01:00:26.0679 7732 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:00:26.0679 7732 LSI_SAS - ok
01:00:26.0749 7732 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:00:26.0749 7732 LSI_SAS2 - ok
01:00:26.0789 7732 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:00:26.0789 7732 LSI_SCSI - ok
01:00:26.0839 7732 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:00:26.0839 7732 luafv - ok
01:00:26.0869 7732 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
01:00:26.0879 7732 ManyCam - ok
01:00:26.0979 7732 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:00:26.0979 7732 MBAMProtector - ok
01:00:27.0272 7732 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:00:27.0287 7732 MBAMScheduler - ok
01:00:27.0365 7732 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:00:27.0397 7732 MBAMService - ok
01:00:27.0443 7732 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
01:00:27.0443 7732 mcaudrv_simple - ok
01:00:27.0615 7732 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
01:00:27.0615 7732 McComponentHostService - ok
01:00:27.0709 7732 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:00:27.0709 7732 Mcx2Svc - ok
01:00:27.0771 7732 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:00:27.0771 7732 mdmxsdk - ok
01:00:27.0802 7732 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:00:27.0802 7732 megasas - ok
01:00:27.0848 7732 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:00:27.0858 7732 MegaSR - ok
01:00:27.0998 7732 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
01:00:27.0998 7732 Microsoft Office Groove Audit Service - ok
01:00:28.0048 7732 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:00:28.0048 7732 MMCSS - ok
01:00:28.0078 7732 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:00:28.0078 7732 Modem - ok
01:00:28.0098 7732 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:00:28.0108 7732 monitor - ok
01:00:28.0158 7732 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
01:00:28.0158 7732 mouclass - ok
01:00:28.0218 7732 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:00:28.0218 7732 mouhid - ok
01:00:28.0398 7732 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:00:28.0398 7732 mountmgr - ok
01:00:28.0778 7732 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:00:28.0838 7732 MozillaMaintenance - ok
01:00:28.0898 7732 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:00:28.0908 7732 mpio - ok
01:00:28.0948 7732 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:00:28.0948 7732 mpsdrv - ok
01:00:29.0048 7732 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:00:29.0068 7732 MpsSvc - ok
01:00:29.0138 7732 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:00:29.0148 7732 MRxDAV - ok
01:00:29.0228 7732 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:00:29.0228 7732 mrxsmb - ok
01:00:29.0318 7732 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:00:29.0328 7732 mrxsmb10 - ok
01:00:29.0398 7732 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:00:29.0398 7732 mrxsmb20 - ok
01:00:29.0469 7732 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:00:29.0469 7732 msahci - ok
01:00:29.0539 7732 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:00:29.0539 7732 msdsm - ok
01:00:29.0559 7732 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:00:29.0569 7732 MSDTC - ok
01:00:29.0619 7732 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:00:29.0619 7732 Msfs - ok
01:00:29.0629 7732 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:00:29.0629 7732 mshidkmdf - ok
01:00:29.0689 7732 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:00:29.0689 7732 msisadrv - ok
01:00:29.0729 7732 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:00:29.0729 7732 MSiSCSI - ok
01:00:29.0739 7732 msiserver - ok
01:00:29.0769 7732 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:00:29.0769 7732 MSKSSRV - ok
01:00:29.0799 7732 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:00:29.0809 7732 MSPCLOCK - ok
01:00:29.0829 7732 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:00:29.0829 7732 MSPQM - ok
01:00:29.0889 7732 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:00:29.0919 7732 MsRPC - ok
01:00:29.0999 7732 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:00:29.0999 7732 mssmbios - ok
01:00:30.0039 7732 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:00:30.0039 7732 MSTEE - ok
01:00:30.0069 7732 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:00:30.0069 7732 MTConfig - ok
01:00:30.0119 7732 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:00:30.0119 7732 Mup - ok
01:00:30.0189 7732 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:00:30.0219 7732 napagent - ok
01:00:30.0269 7732 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:00:30.0269 7732 NativeWifiP - ok
01:00:30.0359 7732 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:00:30.0399 7732 NDIS - ok
01:00:30.0419 7732 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:00:30.0419 7732 NdisCap - ok
01:00:30.0439 7732 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:00:30.0449 7732 NdisTapi - ok
01:00:30.0519 7732 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:00:30.0529 7732 Ndisuio - ok
01:00:30.0599 7732 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:00:30.0609 7732 NdisWan - ok
01:00:30.0688 7732 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:00:30.0690 7732 NDProxy - ok
01:00:31.0010 7732 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
01:00:31.0050 7732 Nero BackItUp Scheduler 4.0 - ok
01:00:31.0130 7732 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:00:31.0130 7732 Net Driver HPZ12 - ok
01:00:31.0210 7732 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
01:00:31.0210 7732 Netaapl - ok
01:00:31.0270 7732 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:00:31.0270 7732 NetBIOS - ok
01:00:31.0330 7732 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:00:31.0340 7732 NetBT - ok
01:00:31.0350 7732 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:00:31.0350 7732 Netlogon - ok
01:00:31.0410 7732 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:00:31.0420 7732 Netman - ok
01:00:31.0460 7732 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:00:31.0500 7732 netprofm - ok
01:00:31.0540 7732 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:00:31.0540 7732 NetTcpPortSharing - ok
01:00:31.0730 7732 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
01:00:31.0880 7732 netw5v64 - ok
01:00:31.0930 7732 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:00:31.0930 7732 nfrd960 - ok
01:00:32.0040 7732 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:00:32.0040 7732 NlaSvc - ok
01:00:32.0110 7732 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
01:00:32.0110 7732 NPF - ok
01:00:32.0140 7732 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:00:32.0140 7732 Npfs - ok
01:00:32.0170 7732 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:00:32.0170 7732 nsi - ok
01:00:32.0180 7732 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:00:32.0190 7732 nsiproxy - ok
01:00:32.0300 7732 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:00:32.0350 7732 Ntfs - ok
01:00:32.0400 7732 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:00:32.0410 7732 Null - ok
01:00:32.0491 7732 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:00:32.0501 7732 nvraid - ok
01:00:32.0591 7732 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:00:32.0591 7732 nvstor - ok
01:00:32.0681 7732 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:00:32.0681 7732 nv_agp - ok
01:00:32.0832 7732 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:00:32.0871 7732 odserv - ok
01:00:32.0943 7732 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:00:32.0945 7732 ohci1394 - ok
01:00:33.0021 7732 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:00:33.0024 7732 ose - ok
01:00:33.0073 7732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:00:33.0083 7732 p2pimsvc - ok
01:00:33.0153 7732 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:00:33.0153 7732 p2psvc - ok
01:00:33.0193 7732 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:00:33.0193 7732 Parport - ok
01:00:33.0263 7732 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:00:33.0263 7732 partmgr - ok
01:00:33.0283 7732 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:00:33.0293 7732 PcaSvc - ok
01:00:33.0323 7732 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:00:33.0333 7732 pci - ok
01:00:33.0393 7732 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:00:33.0393 7732 pciide - ok
01:00:33.0433 7732 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:00:33.0433 7732 pcmcia - ok
01:00:33.0463 7732 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:00:33.0463 7732 pcw - ok
01:00:33.0503 7732 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:00:33.0523 7732 PEAUTH - ok
01:00:33.0563 7732 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:00:33.0573 7732 PerfHost - ok
01:00:33.0633 7732 pfc - ok
01:00:33.0723 7732 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:00:33.0773 7732 pla - ok
01:00:33.0883 7732 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:00:33.0903 7732 PlugPlay - ok
01:00:34.0013 7732 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:00:34.0013 7732 Pml Driver HPZ12 - ok
01:00:34.0033 7732 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:00:34.0033 7732 PNRPAutoReg - ok
01:00:34.0083 7732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:00:34.0093 7732 PNRPsvc - ok
01:00:34.0415 7732 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:00:34.0433 7732 PolicyAgent - ok
01:00:34.0488 7732 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:00:34.0498 7732 Power - ok
01:00:34.0740 7732 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:00:34.0740 7732 PptpMiniport - ok
01:00:34.0780 7732 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:00:34.0780 7732 Processor - ok
01:00:34.0890 7732 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:00:34.0900 7732 ProfSvc - ok
01:00:34.0930 7732 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:00:34.0930 7732 ProtectedStorage - ok
01:00:35.0010 7732 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:00:35.0010 7732 Psched - ok
01:00:35.0050 7732 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
01:00:35.0050 7732 PxHlpa64 - ok
01:00:35.0430 7732 [ 56A6210ACA051227EAFEEFA628BB5A9B ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
01:00:35.0430 7732 QBCFMonitorService - ok
01:00:35.0741 7732 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
01:00:35.0749 7732 QBFCService - ok
01:00:35.0908 7732 [ D4FF4102640685C69BDC63F1674CE724 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
01:00:35.0968 7732 QBVSS - ok
01:00:36.0048 7732 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:00:36.0128 7732 ql2300 - ok
01:00:36.0178 7732 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:00:36.0178 7732 ql40xx - ok
01:00:36.0218 7732 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:00:36.0218 7732 QWAVE - ok
01:00:36.0268 7732 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:00:36.0268 7732 QWAVEdrv - ok
01:00:36.0348 7732 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
01:00:36.0348 7732 RapiMgr - ok
01:00:36.0388 7732 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:00:36.0388 7732 RasAcd - ok
01:00:36.0418 7732 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:00:36.0418 7732 RasAgileVpn - ok
01:00:36.0448 7732 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:00:36.0458 7732 RasAuto - ok
01:00:36.0558 7732 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:00:36.0558 7732 Rasl2tp - ok
01:00:36.0658 7732 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:00:36.0668 7732 RasMan - ok
01:00:36.0688 7732 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:00:36.0688 7732 RasPppoe - ok
01:00:36.0718 7732 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:00:36.0718 7732 RasSstp - ok
01:00:36.0808 7732 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:00:36.0808 7732 rdbss - ok
01:00:36.0848 7732 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:00:36.0848 7732 rdpbus - ok
01:00:36.0868 7732 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:00:36.0868 7732 RDPCDD - ok
01:00:36.0888 7732 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:00:36.0888 7732 RDPENCDD - ok
01:00:36.0908 7732 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:00:36.0908 7732 RDPREFMP - ok
01:00:36.0978 7732 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:00:36.0978 7732 RDPWD - ok
01:00:37.0138 7732 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:00:37.0138 7732 rdyboost - ok
01:00:37.0228 7732 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:00:37.0228 7732 RemoteAccess - ok
01:00:37.0278 7732 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:00:37.0288 7732 RemoteRegistry - ok
01:00:37.0318 7732 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:00:37.0318 7732 RFCOMM - ok
01:00:37.0388 7732 [ 258AADB43E3F3468B5CF8CB0F84872C2 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
01:00:37.0388 7732 rimsptsk - ok
01:00:37.0438 7732 [ 71E182A0DE1CECB3F912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
01:00:37.0448 7732 risdptsk - ok
01:00:37.0489 7732 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
01:00:37.0499 7732 Roxio UPnP Renderer 10 - ok
01:00:37.0519 7732 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
01:00:37.0529 7732 Roxio Upnp Server 10 - ok
01:00:37.0559 7732 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
01:00:37.0569 7732 rpcapd - ok
01:00:37.0589 7732 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:00:37.0599 7732 RpcEptMapper - ok
01:00:37.0619 7732 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:00:37.0629 7732 RpcLocator - ok
01:00:37.0689 7732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:00:37.0699 7732 RpcSs - ok
01:00:37.0749 7732 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:00:37.0749 7732 rspndr - ok
01:00:37.0859 7732 rssasnt - ok
01:00:37.0909 7732 [ 34F05C417F038FFA3BEF69B798D7D7DD ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
01:00:37.0919 7732 RTHDMIAzAudService - ok
01:00:38.0049 7732 [ 01E6A1E53E39A0B1E2B6AE62BF52E8EC ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
01:00:38.0049 7732 RtkAudioService - ok
01:00:38.0229 7732 [ 9A5FB8DE6567BC86FCCDE2F0336857A3 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
01:00:38.0229 7732 SampleCollector - ok
01:00:38.0249 7732 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:00:38.0259 7732 SamSs - ok
01:00:38.0969 7732 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:00:38.0969 7732 SASDIFSV - ok
01:00:39.0059 7732 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:00:39.0069 7732 SASKUTIL - ok
01:00:39.0149 7732 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:00:39.0159 7732 sbp2port - ok
01:00:39.0329 7732 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
01:00:39.0359 7732 SBSDWSCService - ok
01:00:39.0409 7732 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:00:39.0409 7732 SCardSvr - ok
01:00:39.0479 7732 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:00:39.0489 7732 scfilter - ok
01:00:39.0679 7732 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:00:39.0719 7732 Schedule - ok
01:00:39.0779 7732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:00:39.0779 7732 SCPolicySvc - ok
01:00:39.0829 7732 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
01:00:39.0829 7732 sdbus - ok
01:00:39.0919 7732 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:00:39.0929 7732 SDRSVC - ok
01:00:40.0219 7732 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
01:00:40.0229 7732 SeaPort - ok
01:00:40.0259 7732 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:00:40.0259 7732 secdrv - ok
01:00:40.0439 7732 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:00:40.0449 7732 seclogon - ok
01:00:40.0499 7732 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
01:00:40.0499 7732 SENS - ok
01:00:40.0535 7732 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:00:40.0539 7732 SensrSvc - ok
01:00:40.0599 7732 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:00:40.0600 7732 Serenum - ok
01:00:40.0622 7732 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:00:40.0624 7732 Serial - ok
01:00:40.0714 7732 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:00:40.0715 7732 sermouse - ok
01:00:40.0802 7732 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:00:40.0802 7732 SessionEnv - ok
01:00:40.0842 7732 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
01:00:40.0852 7732 SFEP - ok
01:00:40.0912 7732 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:00:40.0912 7732 sffdisk - ok
01:00:40.0922 7732 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:00:40.0932 7732 sffp_mmc - ok
01:00:40.0952 7732 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:00:40.0952 7732 sffp_sd - ok
01:00:40.0992 7732 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:00:40.0992 7732 sfloppy - ok
01:00:41.0052 7732 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:00:41.0062 7732 SharedAccess - ok
01:00:41.0212 7732 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:00:41.0222 7732 ShellHWDetection - ok
01:00:41.0262 7732 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:00:41.0262 7732 SiSRaid2 - ok
01:00:41.0302 7732 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:00:41.0302 7732 SiSRaid4 - ok
01:00:41.0472 7732 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:00:41.0472 7732 SkypeUpdate - ok
01:00:41.0512 7732 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:00:41.0512 7732 Smb - ok
01:00:41.0562 7732 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:00:41.0562 7732 SNMPTRAP - ok
01:00:41.0902 7732 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
01:00:41.0952 7732 SOHCImp - ok
01:00:41.0992 7732 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
01:00:42.0002 7732 SOHDBSvr - ok
01:00:42.0052 7732 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
01:00:42.0062 7732 SOHDms - ok
01:00:42.0092 7732 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
01:00:42.0102 7732 SOHDs - ok
01:00:42.0112 7732 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
01:00:42.0112 7732 SOHPlMgr - ok
01:00:42.0152 7732 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:00:42.0152 7732 spldr - ok
01:00:42.0222 7732 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:00:42.0262 7732 Spooler - ok
01:00:42.0462 7732 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:00:42.0573 7732 sppsvc - ok
01:00:42.0603 7732 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:00:42.0603 7732 sppuinotify - ok
01:00:42.0683 7732 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:00:42.0693 7732 srv - ok
01:00:42.0933 7732 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:00:42.0943 7732 srv2 - ok
01:00:42.0963 7732 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
01:00:42.0973 7732 SrvHsfHDA - ok
01:00:43.0063 7732 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
01:00:43.0123 7732 SrvHsfV92 - ok
01:00:43.0273 7732 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
01:00:43.0293 7732 SrvHsfWinac - ok
01:00:43.0363 7732 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:00:43.0363 7732 srvnet - ok
01:00:43.0423 7732 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:00:43.0433 7732 SSDPSRV - ok
01:00:43.0443 7732 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:00:43.0443 7732 SstpSvc - ok
01:00:43.0473 7732 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:00:43.0473 7732 stexstor - ok
01:00:43.0543 7732 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
01:00:43.0553 7732 StillCam - ok
01:00:43.0653 7732 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:00:43.0683 7732 stisvc - ok
01:00:43.0893 7732 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:00:43.0903 7732 swenum - ok
01:00:43.0943 7732 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:00:43.0963 7732 swprv - ok
01:00:44.0073 7732 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:00:44.0133 7732 SysMain - ok
01:00:44.0323 7732 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:00:44.0333 7732 TabletInputService - ok
01:00:44.0413 7732 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:00:44.0423 7732 TapiSrv - ok
01:00:44.0463 7732 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:00:44.0463 7732 TBS - ok
01:00:44.0633 7732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:00:44.0703 7732 Tcpip - ok
01:00:44.0760 7732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:00:44.0771 7732 TCPIP6 - ok
01:00:45.0000 7732 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:00:45.0003 7732 tcpipreg - ok
01:00:45.0069 7732 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:00:45.0069 7732 TDPIPE - ok
01:00:45.0609 7732 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:00:45.0609 7732 TDTCP - ok
01:00:45.0689 7732 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:00:45.0689 7732 tdx - ok
01:00:45.0879 7732 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
01:00:45.0969 7732 TeamViewer7 - ok
01:00:46.0039 7732 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:00:46.0049 7732 TermDD - ok
01:00:46.0129 7732 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:00:46.0149 7732 TermService - ok
01:00:46.0179 7732 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:00:46.0179 7732 Themes - ok
01:00:46.0239 7732 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:00:46.0239 7732 THREADORDER - ok
01:00:46.0249 7732 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:00:46.0259 7732 TrkWks - ok
01:00:46.0369 7732 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:00:46.0379 7732 TrustedInstaller - ok
01:00:46.0449 7732 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:00:46.0449 7732 tssecsrv - ok
01:00:46.0529 7732 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:00:46.0539 7732 TsUsbFlt - ok
01:00:46.0619 7732 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:00:46.0619 7732 tunnel - ok
01:00:46.0659 7732 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:00:46.0669 7732 uagp35 - ok
01:00:46.0719 7732 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
01:00:46.0719 7732 uCamMonitor - ok
01:00:46.0799 7732 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:00:46.0809 7732 udfs - ok
01:00:46.0849 7732 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:00:46.0849 7732 UI0Detect - ok
01:00:46.0909 7732 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:00:46.0909 7732 uliagpkx - ok
01:00:46.0989 7732 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:00:46.0999 7732 umbus - ok
01:00:47.0049 7732 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:00:47.0049 7732 UmPass - ok
01:00:47.0079 7732 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:00:47.0089 7732 upnphost - ok
01:00:47.0159 7732 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:00:47.0159 7732 USBAAPL64 - ok
01:00:47.0179 7732 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:00:47.0179 7732 usbccgp - ok
01:00:47.0249 7732 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:00:47.0249 7732 usbcir - ok
01:00:47.0279 7732 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:00:47.0289 7732 usbehci - ok
01:00:47.0379 7732 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:00:47.0389 7732 usbhub - ok
01:00:47.0429 7732 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:00:47.0429 7732 usbohci - ok
01:00:47.0469 7732 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:00:47.0469 7732 usbprint - ok
01:00:47.0529 7732 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:00:47.0529 7732 usbscan - ok
01:00:47.0582 7732 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:00:47.0584 7732 USBSTOR - ok
01:00:47.0602 7732 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:00:47.0604 7732 usbuhci - ok
01:00:47.0701 7732 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:00:47.0705 7732 usbvideo - ok
01:00:47.0726 7732 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:00:47.0729 7732 UxSms - ok
01:00:47.0825 7732 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
01:00:47.0827 7732 VAIO Entertainment TV Device Arbitration Service - ok
01:00:47.0896 7732 [ D4197CF0C8567046FD4AF28FF47AF528 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
01:00:47.0896 7732 VAIO Event Service - ok
01:00:47.0946 7732 [ 2D6605C1F0BBD0F71A4CB3A5B1E07240 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
01:00:47.0956 7732 VAIO Power Management - ok
01:00:48.0006 7732 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:00:48.0006 7732 VaultSvc - ok
01:00:48.0086 7732 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
01:00:48.0106 7732 VCFw - ok
01:00:48.0216 7732 [ 34063C0B842E73662067F9B03947C55C ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
01:00:48.0226 7732 VcmIAlzMgr - ok
01:00:48.0256 7732 [ A8F5D1651A324ABC6C308891A1252EE3 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
01:00:48.0266 7732 VcmINSMgr - ok
01:00:48.0316 7732 [ DB544B487F360128DC1C383E0A6FCC2F ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
01:00:48.0316 7732 VcmXmlIfHelper - ok
01:00:48.0326 7732 Vcsw - ok
01:00:48.0446 7732 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:00:48.0446 7732 vdrvroot - ok
01:00:48.0536 7732 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:00:48.0576 7732 vds - ok
01:00:48.0606 7732 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:00:48.0606 7732 vga - ok
01:00:48.0626 7732 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:00:48.0636 7732 VgaSave - ok
01:00:48.0686 7732 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:00:48.0686 7732 vhdmp - ok
01:00:48.0766 7732 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:00:48.0766 7732 viaide - ok
01:00:48.0856 7732 [ 93F279A2C172562050700A18FA84BE2E ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
01:00:48.0866 7732 vncmirror - ok
01:00:48.0916 7732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] Volfinchdr C:\Windows\system32\drivers\wimmount.sys
01:00:48.0916 7732 Volfinchdr - ok
01:00:49.0004 7732 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:00:49.0007 7732 volmgr - ok
01:00:49.0118 7732 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:00:49.0127 7732 volmgrx - ok
01:00:49.0152 7732 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:00:49.0158 7732 volsnap - ok
01:00:49.0244 7732 [ DDF7522FBEF8D50E015E743813595801 ] vrvd5 C:\Windows\system32\DRIVERS\vrvd5.sys
01:00:49.0246 7732 vrvd5 - ok
01:00:49.0286 7732 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:00:49.0286 7732 vsmraid - ok
01:00:49.0396 7732 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:00:49.0476 7732 VSS - ok
01:00:49.0496 7732 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:00:49.0496 7732 vwifibus - ok
01:00:49.0526 7732 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:00:49.0536 7732 vwififlt - ok
01:00:49.0566 7732 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:00:49.0566 7732 vwifimp - ok
01:00:49.0586 7732 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
01:00:49.0586 7732 VzCdbSvc - ok
01:00:49.0626 7732 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:00:49.0636 7732 W32Time - ok
01:00:49.0716 7732 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:00:49.0726 7732 WacomPen - ok
01:00:49.0846 7732 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:00:49.0846 7732 WANARP - ok
01:00:49.0866 7732 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:00:49.0866 7732 Wanarpv6 - ok
01:00:49.0986 7732 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:00:50.0026 7732 WatAdminSvc - ok
01:00:50.0146 7732 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:00:50.0216 7732 wbengine - ok
01:00:50.0246 7732 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:00:50.0256 7732 WbioSrvc - ok
01:00:50.0356 7732 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
01:00:50.0376 7732 WcesComm - ok
01:00:50.0456 7732 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:00:50.0476 7732 wcncsvc - ok
01:00:50.0496 7732 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:00:50.0496 7732 WcsPlugInService - ok
01:00:50.0536 7732 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:00:50.0536 7732 Wd - ok
01:00:50.0586 7732 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
01:00:50.0586 7732 WDC_SAM - ok
01:00:50.0626 7732 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:00:50.0656 7732 Wdf01000 - ok
01:00:50.0706 7732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:00:50.0716 7732 WdiServiceHost - ok
01:00:50.0726 7732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:00:50.0726 7732 WdiSystemHost - ok
01:00:50.0796 7732 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:00:50.0806 7732 WebClient - ok
01:00:50.0836 7732 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:00:50.0846 7732 Wecsvc - ok
01:00:50.0896 7732 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:00:50.0906 7732 wercplsupport - ok
01:00:50.0946 7732 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:00:50.0956 7732 WerSvc - ok
01:00:50.0986 7732 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:00:50.0986 7732 WfpLwf - ok
01:00:51.0006 7732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:00:51.0006 7732 WIMMount - ok
01:00:51.0036 7732 WinDefend - ok
01:00:51.0046 7732 WinHttpAutoProxySvc - ok
01:00:51.0176 7732 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:00:51.0176 7732 Winmgmt - ok
01:00:51.0306 7732 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:00:51.0376 7732 WinRM - ok
01:00:51.0456 7732 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:00:51.0456 7732 WinUsb - ok
01:00:51.0587 7732 [ CA1DC75686AB0D8A1E5E3850969BBAA3 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
01:00:51.0657 7732 WinVNC4 - ok
01:00:51.0767 7732 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:00:51.0814 7732 Wlansvc - ok
01:00:51.0971 7732 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:00:52.0039 7732 wlidsvc - ok
01:00:52.0132 7732 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:00:52.0132 7732 WmiAcpi - ok
01:00:52.0182 7732 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:00:52.0192 7732 wmiApSrv - ok
01:00:52.0202 7732 WMPNetworkSvc - ok
01:00:52.0232 7732 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:00:52.0232 7732 WPCSvc - ok
01:00:52.0312 7732 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:00:52.0322 7732 WPDBusEnum - ok
01:00:52.0392 7732 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:00:52.0392 7732 ws2ifsl - ok
01:00:52.0422 7732 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
01:00:52.0432 7732 wscsvc - ok
01:00:52.0462 7732 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:00:52.0462 7732 WSDPrintDevice - ok
01:00:52.0472 7732 WSearch - ok
01:00:52.0602 7732 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:00:52.0732 7732 wuauserv - ok
01:00:52.0772 7732 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:00:52.0782 7732 WudfPf - ok
01:00:52.0862 7732 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:00:52.0862 7732 WUDFRd - ok
01:00:52.0922 7732 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:00:52.0932 7732 wudfsvc - ok
01:00:53.0022 7732 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:00:53.0032 7732 WwanSvc - ok
01:00:53.0102 7732 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
01:00:53.0102 7732 XAudio - ok
01:00:53.0262 7732 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
01:00:53.0272 7732 YahooAUService - ok
01:00:53.0312 7732 [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
01:00:53.0312 7732 yukonw7 - ok
01:00:53.0379 7732 ================ Scan global ===============================
01:00:53.0450 7732 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:00:53.0510 7732 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:00:53.0530 7732 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:00:53.0560 7732 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:00:53.0590 7732 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:00:53.0600 7732 [Global] - ok
01:00:53.0600 7732 ================ Scan MBR ==================================
01:00:53.0610 7732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:00:53.0860 7732 \Device\Harddisk0\DR0 - ok
01:00:53.0870 7732 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR12
01:00:53.0870 7732 \Device\Harddisk3\DR12 - ok
01:00:53.0870 7732 ================ Scan VBR ==================================
01:00:53.0880 7732 [ 81D9E2C1C9224F67070B8540996BBD5F ] \Device\Harddisk0\DR0\Partition1
01:00:53.0880 7732 \Device\Harddisk0\DR0\Partition1 - ok
01:00:53.0890 7732 [ 42172032A0DC9166778AFC77F7FB58CF ] \Device\Harddisk0\DR0\Partition2
01:00:53.0890 7732 \Device\Harddisk0\DR0\Partition2 - ok
01:00:53.0900 7732 [ 3262A4E003AC7195DB5D0C4E9C4E1F36 ] \Device\Harddisk3\DR12\Partition1
01:00:53.0900 7732 \Device\Harddisk3\DR12\Partition1 - ok
01:00:53.0910 7732 [ 508F4615EE0BE0D78D0FAF97B90679FC ] \Device\Harddisk3\DR12\Partition2
01:00:53.0910 7732 \Device\Harddisk3\DR12\Partition2 - ok
01:00:53.0910 7732 ============================================================
01:00:53.0910 7732 Scan finished
01:00:53.0910 7732 ============================================================
01:00:53.0930 8132 Detected object count: 0
01:00:53.0930 8132 Actual detected object count: 0
01:01:10.0231 8404 ============================================================
01:01:10.0231 8404 Scan started
01:01:10.0231 8404 Mode: Manual;
01:01:10.0231 8404 ============================================================
01:01:10.0418 8404 ================ Scan system memory ========================
01:01:10.0418 8404 System memory - ok
01:01:10.0418 8404 ================ Scan services =============================
01:01:10.0543 8404 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:01:10.0543 8404 !SASCORE - ok
01:01:10.0730 8404 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:01:10.0746 8404 1394ohci - ok
01:01:10.0855 8404 [ D5934C8B21C2BBBDD259B691DEFE33BA ] ABBYY.Licensing.FineReader.Corporate.10.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
01:01:10.0871 8404 ABBYY.Licensing.FineReader.Corporate.10.0 - ok
01:01:10.0949 8404 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
01:01:10.0964 8404 ACDaemon - ok
01:01:11.0027 8404 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:01:11.0027 8404 ACPI - ok
01:01:11.0089 8404 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:01:11.0089 8404 AcpiPmi - ok
01:01:11.0151 8404 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
01:01:11.0151 8404 Adobe LM Service - ok
01:01:11.0245 8404 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:01:11.0245 8404 AdobeARMservice - ok
01:01:11.0385 8404 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:01:11.0385 8404 AdobeFlashPlayerUpdateSvc - ok
01:01:11.0432 8404 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:01:11.0432 8404 adp94xx - ok
01:01:11.0505 8404 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:01:11.0505 8404 adpahci - ok
01:01:11.0545 8404 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:01:11.0545 8404 adpu320 - ok
01:01:11.0585 8404 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:01:11.0585 8404 AeLookupSvc - ok
01:01:11.0655 8404 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:01:11.0665 8404 AFD - ok
01:01:11.0735 8404 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:01:11.0735 8404 agp440 - ok
01:01:11.0755 8404 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:01:11.0755 8404 ALG - ok
01:01:11.0785 8404 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:01:11.0785 8404 aliide - ok
01:01:11.0805 8404 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:01:11.0805 8404 amdide - ok
01:01:11.0845 8404 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:01:11.0855 8404 AmdK8 - ok
01:01:11.0865 8404 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:01:11.0875 8404 AmdPPM - ok
01:01:11.0925 8404 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:01:11.0925 8404 amdsata - ok
01:01:11.0965 8404 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:01:11.0965 8404 amdsbs - ok
01:01:11.0985 8404 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:01:11.0985 8404 amdxata - ok
01:01:12.0015 8404 [ 56BD886820C4AEDF493CFCDF1CCFB004 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
01:01:12.0025 8404 ApfiltrService - ok
01:01:12.0075 8404 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:01:12.0085 8404 AppID - ok
01:01:12.0105 8404 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:01:12.0115 8404 AppIDSvc - ok
01:01:12.0175 8404 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:01:12.0176 8404 Appinfo - ok
01:01:12.0269 8404 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:01:12.0270 8404 Apple Mobile Device - ok
01:01:12.0307 8404 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:01:12.0308 8404 arc - ok
01:01:12.0341 8404 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:01:12.0341 8404 arcsas - ok
01:01:12.0363 8404 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:01:12.0363 8404 ArcSoftKsUFilter - ok
01:01:12.0394 8404 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:01:12.0395 8404 AsyncMac - ok
01:01:12.0448 8404 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:01:12.0448 8404 atapi - ok
01:01:12.0508 8404 [ 5D4529AC4156E16BEDB01441AE0CF984 ] athr C:\Windows\system32\DRIVERS\athrx.sys
01:01:12.0518 8404 athr - ok
01:01:12.0688 8404 [ DE0EDE41BC530F1759C6FFFCB8C7A0CF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
01:01:12.0718 8404 atikmdag - ok
01:01:12.0798 8404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:01:12.0808 8404 AudioEndpointBuilder - ok
01:01:12.0838 8404 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:01:12.0838 8404 AudioSrv - ok
01:01:12.0898 8404 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:01:12.0898 8404 AxInstSV - ok
01:01:12.0938 8404 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:01:12.0948 8404 b06bdrv - ok
01:01:12.0998 8404 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:01:13.0008 8404 b57nd60a - ok
01:01:13.0118 8404 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
01:01:13.0118 8404 BBSvc - ok
01:01:13.0148 8404 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:01:13.0158 8404 BDESVC - ok
01:01:13.0168 8404 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:01:13.0168 8404 Beep - ok
01:01:13.0248 8404 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:01:13.0248 8404 BFE - ok
01:01:13.0298 8404 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
01:01:13.0298 8404 BITS - ok
01:01:13.0328 8404 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:01:13.0328 8404 blbdrive - ok
01:01:13.0398 8404 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:01:13.0408 8404 Bonjour Service - ok
01:01:13.0468 8404 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:01:13.0468 8404 bowser - ok
01:01:13.0498 8404 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:01:13.0508 8404 BrFiltLo - ok
01:01:13.0518 8404 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:01:13.0518 8404 BrFiltUp - ok
01:01:13.0538 8404 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:01:13.0538 8404 BridgeMP - ok
01:01:13.0608 8404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
01:01:13.0610 8404 Browser - ok
01:01:13.0653 8404 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:01:13.0656 8404 Brserid - ok
01:01:13.0676 8404 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:01:13.0677 8404 BrSerWdm - ok
01:01:13.0700 8404 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:01:13.0701 8404 BrUsbMdm - ok
01:01:13.0718 8404 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:01:13.0719 8404 BrUsbSer - ok
01:01:13.0786 8404 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
01:01:13.0786 8404 BthEnum - ok
01:01:13.0800 8404 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:01:13.0801 8404 BTHMODEM - ok
01:01:13.0833 8404 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
01:01:13.0834 8404 BthPan - ok
01:01:13.0907 8404 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
01:01:13.0907 8404 BTHPORT - ok
01:01:13.0947 8404 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:01:13.0957 8404 bthserv - ok
01:01:13.0977 8404 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
01:01:13.0977 8404 BTHUSB - ok
01:01:14.0037 8404 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
01:01:14.0037 8404 BVRPMPR5a64 - ok
01:01:14.0037 8404 catchme - ok
01:01:14.0057 8404 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:01:14.0057 8404 cdfs - ok
01:01:14.0117 8404 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:01:14.0117 8404 cdrom - ok
01:01:14.0177 8404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:01:14.0187 8404 CertPropSvc - ok
01:01:14.0217 8404 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:01:14.0217 8404 circlass - ok
01:01:14.0257 8404 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:01:14.0267 8404 CLFS - ok
01:01:14.0342 8404 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:01:14.0342 8404 clr_optimization_v2.0.50727_32 - ok
01:01:14.0368 8404 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:01:14.0369 8404 clr_optimization_v2.0.50727_64 - ok
01:01:14.0497 8404 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:01:14.0499 8404 clr_optimization_v4.0.30319_32 - ok
01:01:14.0629 8404 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:01:14.0629 8404 clr_optimization_v4.0.30319_64 - ok
01:01:14.0649 8404 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:01:14.0649 8404 CmBatt - ok
01:01:14.0709 8404 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:01:14.0709 8404 cmdide - ok
01:01:14.0779 8404 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:01:14.0779 8404 CNG - ok
01:01:14.0819 8404 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:01:14.0819 8404 Compbatt - ok
01:01:14.0869 8404 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:01:14.0869 8404 CompositeBus - ok
01:01:14.0879 8404 COMSysApp - ok
01:01:14.0889 8404 [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x64.sys
01:01:14.0889 8404 cpuz134 - ok
01:01:14.0919 8404 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:01:14.0919 8404 crcdisk - ok
01:01:14.0998 8404 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:01:15.0001 8404 CryptSvc - ok
01:01:15.0074 8404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:01:15.0079 8404 DcomLaunch - ok
01:01:15.0110 8404 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:01:15.0113 8404 defragsvc - ok
01:01:15.0182 8404 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:01:15.0183 8404 DfsC - ok
01:01:15.0258 8404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:01:15.0261 8404 Dhcp - ok
01:01:15.0288 8404 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:01:15.0288 8404 discache - ok
01:01:15.0338 8404 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:01:15.0338 8404 Disk - ok
01:01:15.0398 8404 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:01:15.0398 8404 Dnscache - ok
01:01:15.0448 8404 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:01:15.0458 8404 dot3svc - ok
01:01:15.0518 8404 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
01:01:15.0518 8404 Dot4 - ok
01:01:15.0568 8404 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
01:01:15.0568 8404 Dot4Print - ok
01:01:15.0638 8404 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
01:01:15.0638 8404 dot4usb - ok
01:01:15.0711 8404 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:01:15.0712 8404 DPS - ok
01:01:15.0727 8404 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:01:15.0727 8404 drmkaud - ok
01:01:15.0804 8404 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:01:15.0814 8404 DXGKrnl - ok
01:01:15.0895 8404 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:01:15.0897 8404 EapHost - ok
01:01:16.0008 8404 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:01:16.0028 8404 ebdrv - ok
01:01:16.0078 8404 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:01:16.0078 8404 EFS - ok
01:01:16.0138 8404 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:01:16.0138 8404 ehRecvr - ok
01:01:16.0168 8404 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:01:16.0168 8404 ehSched - ok
01:01:16.0228 8404 [ 594F6168A9658B20FC89B02F897BBD25 ] elagopro C:\Windows\system32\DRIVERS\elagop64.sys
01:01:16.0228 8404 elagopro - ok
01:01:16.0248 8404 [ 5D47A65314942C5125E603A3316E9B09 ] elaunidr C:\Windows\system32\DRIVERS\elauni64.sys
01:01:16.0248 8404 elaunidr - ok
01:01:16.0278 8404 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:01:16.0278 8404 elxstor - ok
01:01:16.0358 8404 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
01:01:16.0358 8404 epmntdrv - ok
01:01:16.0378 8404 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:01:16.0378 8404 ErrDev - ok
01:01:16.0428 8404 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
01:01:16.0428 8404 EuGdiDrv - ok
01:01:16.0518 8404 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:01:16.0518 8404 EventSystem - ok
01:01:16.0548 8404 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:01:16.0548 8404 exfat - ok
01:01:16.0568 8404 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:01:16.0578 8404 fastfat - ok
01:01:16.0648 8404 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:01:16.0658 8404 Fax - ok
01:01:16.0688 8404 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:01:16.0688 8404 fdc - ok
01:01:16.0708 8404 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:01:16.0708 8404 fdPHost - ok
01:01:16.0718 8404 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:01:16.0728 8404 FDResPub - ok
01:01:16.0738 8404 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:01:16.0748 8404 FileInfo - ok
01:01:16.0759 8404 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:01:16.0759 8404 Filetrace - ok
01:01:16.0769 8404 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:01:16.0769 8404 flpydisk - ok
01:01:16.0839 8404 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:01:16.0839 8404 FltMgr - ok
01:01:16.0869 8404 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
01:01:16.0869 8404 FlyUsb - ok
01:01:16.0949 8404 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:01:16.0959 8404 FontCache - ok
01:01:17.0049 8404 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:01:17.0049 8404 FontCache3.0.0.0 - ok
01:01:17.0079 8404 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:01:17.0079 8404 FsDepends - ok
01:01:17.0139 8404 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
01:01:17.0139 8404 fssfltr - ok
01:01:17.0199 8404 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:01:17.0209 8404 Fs_Rec - ok
01:01:17.0269 8404 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:01:17.0269 8404 fvevol - ok
01:01:17.0299 8404 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:01:17.0299 8404 gagp30kx - ok
01:01:17.0369 8404 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:01:17.0369 8404 GEARAspiWDM - ok
01:01:17.0439 8404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:01:17.0449 8404 gpsvc - ok
01:01:17.0499 8404 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
01:01:17.0499 8404 grmnusb - ok
01:01:17.0679 8404 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:01:17.0679 8404 gupdate - ok
01:01:17.0689 8404 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:01:17.0689 8404 gupdatem - ok
01:01:17.0770 8404 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:01:17.0770 8404 gusvc - ok
01:01:17.0811 8404 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:01:17.0812 8404 hcw85cir - ok
01:01:17.0878 8404 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:01:17.0881 8404 HdAudAddService - ok
01:01:17.0899 8404 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:01:17.0900 8404 HDAudBus - ok
01:01:17.0933 8404 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:01:17.0934 8404 HidBatt - ok
01:01:17.0955 8404 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:01:17.0956 8404 HidBth - ok
01:01:17.0990 8404 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:01:17.0991 8404 HidIr - ok
01:01:18.0017 8404 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
01:01:18.0018 8404 hidserv - ok
01:01:18.0073 8404 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
01:01:18.0074 8404 HidUsb - ok
01:01:18.0120 8404 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:01:18.0120 8404 hkmsvc - ok
01:01:18.0180 8404 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:01:18.0190 8404 HomeGroupListener - ok
01:01:18.0270 8404 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:01:18.0280 8404 HomeGroupProvider - ok
01:01:18.0510 8404 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
01:01:18.0510 8404 hpqcxs08 - ok
01:01:18.0584 8404 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
01:01:18.0586 8404 hpqddsvc - ok
01:01:18.0609 8404 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:01:18.0611 8404 HpSAMD - ok
01:01:18.0682 8404 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
01:01:18.0690 8404 HPSLPSVC - ok
01:01:18.0799 8404 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
01:01:18.0803 8404 HsfXAudioService - ok
01:01:18.0883 8404 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:01:18.0883 8404 HTTP - ok
01:01:18.0943 8404 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:01:18.0943 8404 hwpolicy - ok
01:01:18.0993 8404 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:01:18.0993 8404 i8042prt - ok
01:01:19.0053 8404 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
01:01:19.0063 8404 IAANTMON - ok
01:01:19.0123 8404 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:01:19.0123 8404 iaStor - ok
01:01:19.0203 8404 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:01:19.0203 8404 iaStorV - ok
01:01:19.0303 8404 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:01:19.0313 8404 idsvc - ok
01:01:19.0533 8404 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:01:19.0573 8404 igfx - ok
01:01:19.0643 8404 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:01:19.0643 8404 iirsp - ok
01:01:19.0733 8404 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:01:19.0743 8404 IKEEXT - ok
01:01:19.0813 8404 [ B16FC828CE7A76A8F1CE682E6EAD2627 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:01:19.0823 8404 IntcAzAudAddService - ok
01:01:19.0863 8404 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
01:01:19.0863 8404 IntcHdmiAddService - ok
01:01:19.0883 8404 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:01:19.0883 8404 intelide - ok
01:01:19.0933 8404 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:01:19.0933 8404 intelppm - ok
01:01:19.0973 8404 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:01:19.0973 8404 IPBusEnum - ok
01:01:20.0033 8404 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:01:20.0033 8404 IpFilterDriver - ok
01:01:20.0103 8404 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:01:20.0113 8404 iphlpsvc - ok
01:01:20.0173 8404 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:01:20.0173 8404 IPMIDRV - ok
01:01:20.0203 8404 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:01:20.0213 8404 IPNAT - ok
01:01:20.0323 8404 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:01:20.0333 8404 iPod Service - ok
01:01:20.0353 8404 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:01:20.0353 8404 IRENUM - ok
01:01:20.0403 8404 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:01:20.0403 8404 isapnp - ok
01:01:20.0473 8404 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:01:20.0473 8404 iScsiPrt - ok
01:01:20.0493 8404 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
01:01:20.0493 8404 kbdclass - ok
01:01:20.0553 8404 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:01:20.0553 8404 kbdhid - ok
01:01:20.0573 8404 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:01:20.0573 8404 KeyIso - ok
01:01:20.0640 8404 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:01:20.0642 8404 KSecDD - ok
01:01:20.0704 8404 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:01:20.0706 8404 KSecPkg - ok
01:01:20.0730 8404 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:01:20.0731 8404 ksthunk - ok
01:01:20.0759 8404 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:01:20.0763 8404 KtmRm - ok
01:01:20.0816 8404 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:01:20.0819 8404 LanmanServer - ok
01:01:20.0877 8404 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:01:20.0879 8404 LanmanWorkstation - ok
01:01:21.0078 8404 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
01:01:21.0118 8404 LeapFrog Connect Device Service - ok
01:01:21.0188 8404 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
01:01:21.0188 8404 libusb0 - ok
01:01:21.0198 8404 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:01:21.0198 8404 lltdio - ok
01:01:21.0238 8404 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:01:21.0238 8404 lltdsvc - ok
01:01:21.0258 8404 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:01:21.0268 8404 lmhosts - ok
01:01:21.0298 8404 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:01:21.0298 8404 LSI_FC - ok
01:01:21.0318 8404 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:01:21.0318 8404 LSI_SAS - ok
01:01:21.0348 8404 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:01:21.0348 8404 LSI_SAS2 - ok
01:01:21.0378 8404 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:01:21.0378 8404 LSI_SCSI - ok
01:01:21.0418 8404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:01:21.0418 8404 luafv - ok
01:01:21.0438 8404 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
01:01:21.0448 8404 ManyCam - ok
01:01:21.0508 8404 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
01:01:21.0508 8404 MBAMProtector - ok
01:01:21.0628 8404 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
01:01:21.0628 8404 MBAMScheduler - ok
01:01:21.0698 8404 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:01:21.0708 8404 MBAMService - ok
01:01:21.0728 8404 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
01:01:21.0728 8404 mcaudrv_simple - ok
01:01:21.0788 8404 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
01:01:21.0798 8404 McComponentHostService - ok
01:01:21.0858 8404 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:01:21.0868 8404 Mcx2Svc - ok
01:01:21.0898 8404 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
01:01:21.0898 8404 mdmxsdk - ok
01:01:21.0928 8404 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:01:21.0928 8404 megasas - ok
01:01:21.0978 8404 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:01:21.0978 8404 MegaSR - ok
01:01:22.0078 8404 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
01:01:22.0078 8404 Microsoft Office Groove Audit Service - ok
01:01:22.0108 8404 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:01:22.0108 8404 MMCSS - ok
01:01:22.0128 8404 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:01:22.0128 8404 Modem - ok
01:01:22.0148 8404 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:01:22.0148 8404 monitor - ok
01:01:22.0208 8404 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
01:01:22.0208 8404 mouclass - ok
01:01:22.0268 8404 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:01:22.0268 8404 mouhid - ok
01:01:22.0318 8404 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:01:22.0318 8404 mountmgr - ok
01:01:22.0428 8404 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:01:22.0428 8404 MozillaMaintenance - ok
01:01:22.0488 8404 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:01:22.0488 8404 mpio - ok
01:01:22.0518 8404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:01:22.0518 8404 mpsdrv - ok
01:01:22.0598 8404 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:01:22.0598 8404 MpsSvc - ok
01:01:22.0668 8404 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:01:22.0668 8404 MRxDAV - ok
01:01:22.0728 8404 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:01:22.0728 8404 mrxsmb - ok
01:01:22.0798 8404 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:01:22.0798 8404 mrxsmb10 - ok
01:01:22.0858 8404 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:01:22.0858 8404 mrxsmb20 - ok
01:01:22.0918 8404 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:01:22.0918 8404 msahci - ok
01:01:22.0968 8404 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:01:22.0978 8404 msdsm - ok
01:01:22.0998 8404 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:01:22.0998 8404 MSDTC - ok
01:01:23.0028 8404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:01:23.0028 8404 Msfs - ok
01:01:23.0038 8404 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:01:23.0048 8404 mshidkmdf - ok
01:01:23.0098 8404 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:01:23.0098 8404 msisadrv - ok
01:01:23.0148 8404 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:01:23.0148 8404 MSiSCSI - ok
01:01:23.0158 8404 msiserver - ok
01:01:23.0178 8404 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:01:23.0178 8404 MSKSSRV - ok
01:01:23.0188 8404 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:01:23.0188 8404 MSPCLOCK - ok
01:01:23.0198 8404 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:01:23.0198 8404 MSPQM - ok
01:01:23.0258 8404 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:01:23.0258 8404 MsRPC - ok
01:01:23.0278 8404 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:01:23.0278 8404 mssmbios - ok
01:01:23.0298 8404 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:01:23.0298 8404 MSTEE - ok
01:01:23.0328 8404 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:01:23.0328 8404 MTConfig - ok
01:01:23.0348 8404 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:01:23.0358 8404 Mup - ok
01:01:23.0428 8404 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:01:23.0428 8404 napagent - ok
01:01:23.0458 8404 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:01:23.0458 8404 NativeWifiP - ok
01:01:23.0528 8404 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:01:23.0538 8404 NDIS - ok
01:01:23.0548 8404 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:01:23.0558 8404 NdisCap - ok
01:01:23.0568 8404 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:01:23.0568 8404 NdisTapi - ok
01:01:23.0638 8404 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:01:23.0638 8404 Ndisuio - ok
01:01:23.0708 8404 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:01:23.0708 8404 NdisWan - ok
01:01:23.0768 8404 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:01:23.0768 8404 NDProxy - ok
01:01:23.0958 8404 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
01:01:23.0968 8404 Nero BackItUp Scheduler 4.0 - ok
01:01:24.0018 8404 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:01:24.0018 8404 Net Driver HPZ12 - ok
01:01:24.0078 8404 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
01:01:24.0078 8404 Netaapl - ok
01:01:24.0098 8404 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:01:24.0098 8404 NetBIOS - ok
01:01:24.0161 8404 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:01:24.0163 8404 NetBT - ok
01:01:24.0169 8404 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:01:24.0171 8404 Netlogon - ok
01:01:24.0201 8404 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:01:24.0204 8404 Netman - ok
01:01:24.0225 8404 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:01:24.0229 8404 netprofm - ok
01:01:24.0258 8404 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:01:24.0259 8404 NetTcpPortSharing - ok
01:01:24.0407 8404 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
01:01:24.0439 8404 netw5v64 - ok
01:01:24.0469 8404 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:01:24.0469 8404 nfrd960 - ok
01:01:24.0529 8404 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:01:24.0529 8404 NlaSvc - ok
01:01:24.0549 8404 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
01:01:24.0549 8404 NPF - ok
01:01:24.0569 8404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:01:24.0569 8404 Npfs - ok
01:01:24.0579 8404 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:01:24.0579 8404 nsi - ok
01:01:24.0599 8404 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:01:24.0599 8404 nsiproxy - ok
01:01:24.0699 8404 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:01:24.0719 8404 Ntfs - ok
01:01:24.0739 8404 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:01:24.0739 8404 Null - ok
01:01:24.0809 8404 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:01:24.0809 8404 nvraid - ok
01:01:24.0869 8404 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:01:24.0869 8404 nvstor - ok
01:01:24.0929 8404 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:01:24.0929 8404 nv_agp - ok
01:01:25.0039 8404 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:01:25.0049 8404 odserv - ok
01:01:25.0109 8404 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:01:25.0109 8404 ohci1394 - ok
01:01:25.0129 8404 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:01:25.0129 8404 ose - ok
01:01:25.0169 8404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:01:25.0169 8404 p2pimsvc - ok
01:01:25.0209 8404 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:01:25.0209 8404 p2psvc - ok
01:01:25.0249 8404 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:01:25.0249 8404 Parport - ok
01:01:25.0319 8404 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:01:25.0319 8404 partmgr - ok
01:01:25.0339 8404 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:01:25.0339 8404 PcaSvc - ok
01:01:25.0359 8404 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:01:25.0359 8404 pci - ok
01:01:25.0409 8404 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:01:25.0409 8404 pciide - ok
01:01:25.0449 8404 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:01:25.0449 8404 pcmcia - ok
01:01:25.0469 8404 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:01:25.0469 8404 pcw - ok
01:01:25.0509 8404 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:01:25.0509 8404 PEAUTH - ok
01:01:25.0539 8404 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:01:25.0539 8404 PerfHost - ok
01:01:25.0549 8404 pfc - ok
01:01:25.0639 8404 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:01:25.0649 8404 pla - ok
01:01:25.0719 8404 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:01:25.0719 8404 PlugPlay - ok
01:01:25.0739 8404 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:01:25.0739 8404 Pml Driver HPZ12 - ok
01:01:25.0749 8404 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:01:25.0759 8404 PNRPAutoReg - ok
01:01:25.0779 8404 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:01:25.0779 8404 PNRPsvc - ok
01:01:25.0839 8404 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:01:25.0849 8404 PolicyAgent - ok
01:01:25.0889 8404 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:01:25.0889 8404 Power - ok
01:01:25.0959 8404 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:01:25.0959 8404 PptpMiniport - ok
01:01:25.0989 8404 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:01:25.0989 8404 Processor - ok
01:01:26.0049 8404 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:01:26.0049 8404 ProfSvc - ok
01:01:26.0059 8404 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:01:26.0069 8404 ProtectedStorage - ok
01:01:26.0129 8404 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:01:26.0129 8404 Psched - ok
01:01:26.0159 8404 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
01:01:26.0159 8404 PxHlpa64 - ok
01:01:26.0292 8404 [ 56A6210ACA051227EAFEEFA628BB5A9B ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
01:01:26.0293 8404 QBCFMonitorService - ok
01:01:26.0397 8404 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
01:01:26.0398 8404 QBFCService - ok
01:01:26.0535 8404 [ D4FF4102640685C69BDC63F1674CE724 ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
01:01:26.0545 8404 QBVSS - ok
01:01:26.0625 8404 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:01:26.0625 8404 ql2300 - ok
01:01:26.0675 8404 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:01:26.0675 8404 ql40xx - ok
01:01:26.0715 8404 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:01:26.0725 8404 QWAVE - ok
01:01:26.0755 8404 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:01:26.0755 8404 QWAVEdrv - ok
01:01:26.0785 8404 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
01:01:26.0785 8404 RapiMgr - ok
01:01:26.0805 8404 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:01:26.0805 8404 RasAcd - ok
01:01:26.0845 8404 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:01:26.0845 8404 RasAgileVpn - ok
01:01:26.0855 8404 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:01:26.0855 8404 RasAuto - ok
01:01:26.0915 8404 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:01:26.0915 8404 Rasl2tp - ok
01:01:27.0005 8404 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:01:27.0005 8404 RasMan - ok
01:01:27.0025 8404 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:01:27.0025 8404 RasPppoe - ok
01:01:27.0045 8404 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:01:27.0045 8404 RasSstp - ok
01:01:27.0115 8404 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:01:27.0115 8404 rdbss - ok
01:01:27.0135 8404 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:01:27.0135 8404 rdpbus - ok
01:01:27.0165 8404 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:01:27.0165 8404 RDPCDD - ok
01:01:27.0175 8404 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:01:27.0175 8404 RDPENCDD - ok
01:01:27.0215 8404 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:01:27.0215 8404 RDPREFMP - ok
01:01:27.0305 8404 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:01:27.0305 8404 RDPWD - ok
01:01:27.0375 8404 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:01:27.0375 8404 rdyboost - ok
01:01:27.0405 8404 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:01:27.0405 8404 RemoteAccess - ok
01:01:27.0435 8404 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:01:27.0435 8404 RemoteRegistry - ok
01:01:27.0465 8404 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
01:01:27.0465 8404 RFCOMM - ok
01:01:27.0485 8404 [ 258AADB43E3F3468B5CF8CB0F84872C2 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
01:01:27.0485 8404 rimsptsk - ok
01:01:27.0505 8404 [ 71E182A0DE1CECB3F912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
01:01:27.0505 8404 risdptsk - ok
01:01:27.0555 8404 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
01:01:27.0565 8404 Roxio UPnP Renderer 10 - ok
01:01:27.0585 8404 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
01:01:27.0595 8404 Roxio Upnp Server 10 - ok
01:01:27.0615 8404 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
01:01:27.0615 8404 rpcapd - ok
01:01:27.0645 8404 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:01:27.0645 8404 RpcEptMapper - ok
01:01:27.0675 8404 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:01:27.0685 8404 RpcLocator - ok
01:01:27.0745 8404 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:01:27.0755 8404 RpcSs - ok
01:01:27.0835 8404 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:01:27.0835 8404 rspndr - ok
01:01:27.0925 8404 rssasnt - ok
01:01:27.0955 8404 [ 34F05C417F038FFA3BEF69B798D7D7DD ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
01:01:27.0965 8404 RTHDMIAzAudService - ok
01:01:28.0025 8404 [ 01E6A1E53E39A0B1E2B6AE62BF52E8EC ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
01:01:28.0025 8404 RtkAudioService - ok
01:01:28.0105 8404 [ 9A5FB8DE6567BC86FCCDE2F0336857A3 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
01:01:28.0105 8404 SampleCollector - ok
01:01:28.0135 8404 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:01:28.0135 8404 SamSs - ok
01:01:28.0255 8404 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:01:28.0255 8404 SASDIFSV - ok
01:01:28.0265 8404 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:01:28.0265 8404 SASKUTIL - ok
01:01:28.0325 8404 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:01:28.0335 8404 sbp2port - ok
01:01:28.0441 8404 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
01:01:28.0453 8404 SBSDWSCService - ok
01:01:28.0491 8404 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:01:28.0493 8404 SCardSvr - ok
01:01:28.0543 8404 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:01:28.0544 8404 scfilter - ok
01:01:28.0619 8404 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:01:28.0632 8404 Schedule - ok
01:01:28.0676 8404 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:01:28.0676 8404 SCPolicySvc - ok
01:01:28.0726 8404 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
01:01:28.0726 8404 sdbus - ok
01:01:28.0786 8404 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:01:28.0796 8404 SDRSVC - ok
01:01:28.0896 8404 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
01:01:28.0906 8404 SeaPort - ok
01:01:28.0936 8404 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:01:28.0936 8404 secdrv - ok
01:01:28.0996 8404 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:01:28.0996 8404 seclogon - ok
01:01:29.0016 8404 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
01:01:29.0026 8404 SENS - ok
01:01:29.0036 8404 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:01:29.0046 8404 SensrSvc - ok
01:01:29.0086 8404 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:01:29.0086 8404 Serenum - ok
01:01:29.0106 8404 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:01:29.0106 8404 Serial - ok
01:01:29.0166 8404 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:01:29.0166 8404 sermouse - ok
01:01:29.0226 8404 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:01:29.0236 8404 SessionEnv - ok
01:01:29.0266 8404 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
01:01:29.0266 8404 SFEP - ok
01:01:29.0336 8404 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:01:29.0336 8404 sffdisk - ok
01:01:29.0356 8404 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:01:29.0356 8404 sffp_mmc - ok
01:01:29.0376 8404 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:01:29.0386 8404 sffp_sd - ok
01:01:29.0396 8404 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:01:29.0396 8404 sfloppy - ok
01:01:29.0436 8404 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:01:29.0446 8404 SharedAccess - ok
01:01:29.0496 8404 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:01:29.0496 8404 ShellHWDetection - ok
01:01:29.0526 8404 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:01:29.0526 8404 SiSRaid2 - ok
01:01:29.0556 8404 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:01:29.0556 8404 SiSRaid4 - ok
01:01:29.0696 8404 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:01:29.0696 8404 SkypeUpdate - ok
01:01:29.0726 8404 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:01:29.0726 8404 Smb - ok
01:01:29.0761 8404 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:01:29.0763 8404 SNMPTRAP - ok
01:01:29.0813 8404 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
01:01:29.0814 8404 SOHCImp - ok
01:01:29.0833 8404 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
01:01:29.0833 8404 SOHDBSvr - ok
01:01:29.0867 8404 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
01:01:29.0870 8404 SOHDms - ok
01:01:29.0888 8404 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
01:01:29.0889 8404 SOHDs - ok
01:01:29.0906 8404 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
01:01:29.0907 8404 SOHPlMgr - ok
01:01:29.0931 8404 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:01:29.0931 8404 spldr - ok
01:01:30.0005 8404 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
01:01:30.0014 8404 Spooler - ok
01:01:30.0153 8404 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:01:30.0183 8404 sppsvc - ok
01:01:30.0253 8404 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:01:30.0263 8404 sppuinotify - ok
01:01:30.0333 8404 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:01:30.0343 8404 srv - ok
01:01:30.0573 8404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:01:30.0573 8404 srv2 - ok
01:01:30.0623 8404 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
01:01:30.0623 8404 SrvHsfHDA - ok
01:01:30.0713 8404 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
01:01:30.0723 8404 SrvHsfV92 - ok
01:01:30.0933 8404 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
01:01:30.0943 8404 SrvHsfWinac - ok
01:01:31.0073 8404 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:01:31.0073 8404 srvnet - ok
01:01:31.0123 8404 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:01:31.0123 8404 SSDPSRV - ok
01:01:31.0163 8404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:01:31.0163 8404 SstpSvc - ok
01:01:31.0263 8404 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:01:31.0263 8404 stexstor - ok
01:01:31.0383 8404 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
01:01:31.0383 8404 StillCam - ok
01:01:31.0463 8404 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:01:31.0473 8404 stisvc - ok
01:01:31.0633 8404 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:01:31.0643 8404 swenum - ok
01:01:31.0693 8404 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:01:31.0703 8404 swprv - ok
01:01:31.0803 8404 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:01:31.0823 8404 SysMain - ok
01:01:31.0907 8404 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:01:31.0909 8404 TabletInputService - ok
01:01:32.0025 8404 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:01:32.0028 8404 TapiSrv - ok
01:01:32.0062 8404 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:01:32.0064 8404 TBS - ok
01:01:32.0187 8404 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:01:32.0197 8404 Tcpip - ok
01:01:32.0257 8404 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:01:32.0277 8404 TCPIP6 - ok
01:01:32.0347 8404 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:01:32.0347 8404 tcpipreg - ok
01:01:32.0387 8404 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:01:32.0387 8404 TDPIPE - ok
01:01:32.0447 8404 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:01:32.0447 8404 TDTCP - ok
01:01:32.0547 8404 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:01:32.0547 8404 tdx - ok
01:01:32.0697 8404 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
01:01:32.0717 8404 TeamViewer7 - ok
01:01:32.0817 8404 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:01:32.0817 8404 TermDD - ok
01:01:32.0907 8404 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:01:32.0917 8404 TermService - ok
01:01:32.0987 8404 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:01:32.0987 8404 Themes - ok
01:01:33.0057 8404 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:01:33.0057 8404 THREADORDER - ok
01:01:33.0087 8404 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:01:33.0087 8404 TrkWks - ok
01:01:33.0317 8404 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:01:33.0457 8404 TrustedInstaller - ok
01:01:33.0577 8404 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:01:33.0577 8404 tssecsrv - ok
01:01:33.0657 8404 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:01:33.0657 8404 TsUsbFlt - ok
01:01:33.0727 8404 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:01:33.0727 8404 tunnel - ok
01:01:33.0757 8404 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:01:33.0757 8404 uagp35 - ok
01:01:33.0817 8404 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
01:01:33.0817 8404 uCamMonitor - ok
01:01:33.0887 8404 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:01:33.0887 8404 udfs - ok
01:01:33.0927 8404 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:01:33.0937 8404 UI0Detect - ok
01:01:34.0021 8404 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:01:34.0022 8404 uliagpkx - ok
01:01:34.0107 8404 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:01:34.0108 8404 umbus - ok
01:01:34.0138 8404 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:01:34.0139 8404 UmPass - ok
01:01:34.0203 8404 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:01:34.0207 8404 upnphost - ok
01:01:34.0302 8404 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
01:01:34.0302 8404 USBAAPL64 - ok
01:01:34.0392 8404 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:01:34.0402 8404 usbccgp - ok
01:01:34.0462 8404 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:01:34.0462 8404 usbcir - ok
01:01:34.0512 8404 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:01:34.0512 8404 usbehci - ok
01:01:34.0632 8404 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:01:34.0632 8404 usbhub - ok
01:01:34.0682 8404 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:01:34.0682 8404 usbohci - ok
01:01:34.0722 8404 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:01:34.0722 8404 usbprint - ok
01:01:34.0782 8404 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:01:34.0782 8404 usbscan - ok
01:01:34.0872 8404 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:01:34.0882 8404 USBSTOR - ok
01:01:34.0952 8404 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:01:34.0952 8404 usbuhci - ok
01:01:35.0032 8404 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:01:35.0032 8404 usbvideo - ok
01:01:35.0102 8404 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:01:35.0102 8404 UxSms - ok
01:01:35.0413 8404 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
01:01:35.0414 8404 VAIO Entertainment TV Device Arbitration Service - ok
01:01:35.0530 8404 [ D4197CF0C8567046FD4AF28FF47AF528 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
01:01:35.0532 8404 VAIO Event Service - ok
01:01:35.0586 8404 [ 2D6605C1F0BBD0F71A4CB3A5B1E07240 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
01:01:35.0590 8404 VAIO Power Management - ok
01:01:35.0691 8404 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:01:35.0691 8404 VaultSvc - ok
01:01:37.0296 8404 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
01:01:37.0306 8404 VCFw - ok
01:01:37.0416 8404 [ 34063C0B842E73662067F9B03947C55C ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
01:01:37.0426 8404 VcmIAlzMgr - ok
01:01:37.0446 8404 [ A8F5D1651A324ABC6C308891A1252EE3 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
01:01:37.0446 8404 VcmINSMgr - ok
01:01:37.0516 8404 [ DB544B487F360128DC1C383E0A6FCC2F ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
01:01:37.0516 8404 VcmXmlIfHelper - ok
01:01:37.0526 8404 Vcsw - ok
01:01:37.0636 8404 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:01:37.0636 8404 vdrvroot - ok
01:01:37.0726 8404 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:01:37.0736 8404 vds - ok
01:01:37.0796 8404 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:01:37.0796 8404 vga - ok
01:01:37.0826 8404 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:01:37.0826 8404 VgaSave - ok
01:01:37.0896 8404 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:01:37.0896 8404 vhdmp - ok
01:01:37.0956 8404 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:01:37.0966 8404 viaide - ok
01:01:38.0016 8404 [ 93F279A2C172562050700A18FA84BE2E ] vncmirror C:\Windows\system32\DRIVERS\vncmirror.sys
01:01:38.0016 8404 vncmirror - ok
01:01:38.0046 8404 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] Volfinchdr C:\Windows\system32\drivers\wimmount.sys
01:01:38.0046 8404 Volfinchdr - ok
01:01:38.0106 8404 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:01:38.0106 8404 volmgr - ok
01:01:38.0196 8404 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:01:38.0206 8404 volmgrx - ok
01:01:38.0276 8404 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:01:38.0286 8404 volsnap - ok
01:01:38.0346 8404 [ DDF7522FBEF8D50E015E743813595801 ] vrvd5 C:\Windows\system32\DRIVERS\vrvd5.sys
01:01:38.0346 8404 vrvd5 - ok
01:01:38.0386 8404 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:01:38.0386 8404 vsmraid - ok
01:01:38.0486 8404 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:01:38.0496 8404 VSS - ok
01:01:38.0526 8404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:01:38.0536 8404 vwifibus - ok
01:01:38.0566 8404 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:01:38.0566 8404 vwififlt - ok
01:01:38.0586 8404 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:01:38.0586 8404 vwifimp - ok
01:01:38.0606 8404 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
01:01:38.0616 8404 VzCdbSvc - ok
01:01:38.0656 8404 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:01:38.0666 8404 W32Time - ok
01:01:38.0706 8404 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:01:38.0716 8404 WacomPen - ok
01:01:38.0776 8404 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:01:38.0776 8404 WANARP - ok
01:01:38.0786 8404 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:01:38.0786 8404 Wanarpv6 - ok
01:01:38.0897 8404 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:01:38.0907 8404 WatAdminSvc - ok
01:01:39.0047 8404 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:01:39.0057 8404 wbengine - ok
01:01:39.0107 8404 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:01:39.0107 8404 WbioSrvc - ok
01:01:39.0177 8404 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
01:01:39.0177 8404 WcesComm - ok
01:01:39.0247 8404 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:01:39.0257 8404 wcncsvc - ok
01:01:39.0307 8404 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:01:39.0307 8404 WcsPlugInService - ok
01:01:39.0357 8404 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:01:39.0357 8404 Wd - ok
01:01:39.0407 8404 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
01:01:39.0407 8404 WDC_SAM - ok
01:01:39.0457 8404 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:01:39.0467 8404 Wdf01000 - ok
01:01:39.0497 8404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:01:39.0497 8404 WdiServiceHost - ok
01:01:39.0507 8404 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:01:39.0517 8404 WdiSystemHost - ok
01:01:39.0587 8404 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:01:39.0597 8404 WebClient - ok
01:01:39.0627 8404 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:01:39.0627 8404 Wecsvc - ok
01:01:39.0647 8404 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:01:39.0657 8404 wercplsupport - ok
01:01:39.0707 8404 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:01:39.0707 8404 WerSvc - ok
01:01:39.0777 8404 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:01:39.0777 8404 WfpLwf - ok
01:01:39.0847 8404 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:01:39.0847 8404 WIMMount - ok
01:01:39.0927 8404 WinDefend - ok
01:01:39.0947 8404 WinHttpAutoProxySvc - ok
01:01:40.0047 8404 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:01:40.0047 8404 Winmgmt - ok
01:01:40.0167 8404 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:01:40.0187 8404 WinRM - ok
01:01:40.0257 8404 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:01:40.0257 8404 WinUsb - ok
01:01:40.0397 8404 [ CA1DC75686AB0D8A1E5E3850969BBAA3 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
01:01:40.0417 8404 WinVNC4 - ok
01:01:40.0497 8404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:01:40.0497 8404 Wlansvc - ok
01:01:40.0657 8404 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:01:40.0667 8404 wlidsvc - ok
01:01:40.0727 8404 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:01:40.0727 8404 WmiAcpi - ok
01:01:40.0777 8404 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:01:40.0777 8404 wmiApSrv - ok
01:01:40.0807 8404 WMPNetworkSvc - ok
01:01:40.0817 8404 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:01:40.0817 8404 WPCSvc - ok
01:01:40.0887 8404 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:01:40.0887 8404 WPDBusEnum - ok
01:01:40.0927 8404 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:01:40.0927 8404 ws2ifsl - ok
01:01:41.0007 8404 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
01:01:41.0007 8404 wscsvc - ok
01:01:41.0037 8404 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:01:41.0037 8404 WSDPrintDevice - ok
01:01:41.0047 8404 WSearch - ok
01:01:41.0167 8404 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:01:41.0187 8404 wuauserv - ok
01:01:41.0207 8404 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:01:41.0207 8404 WudfPf - ok
01:01:41.0277 8404 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:01:41.0277 8404 WUDFRd - ok
01:01:41.0337 8404 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:01:41.0337 8404 wudfsvc - ok
01:01:41.0357 8404 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:01:41.0357 8404 WwanSvc - ok
01:01:41.0377 8404 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
01:01:41.0377 8404 XAudio - ok
01:01:41.0517 8404 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
01:01:41.0517 8404 YahooAUService - ok
01:01:41.0537 8404 [ 6AFFD75C6807B3DD3AB018E27B88EF95 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
01:01:41.0547 8404 yukonw7 - ok
01:01:41.0567 8404 ================ Scan global ===============================
01:01:41.0587 8404 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:01:41.0647 8404 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:01:41.0667 8404 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:01:41.0707 8404 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:01:41.0747 8404 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:01:41.0747 8404 [Global] - ok
01:01:41.0747 8404 ================ Scan MBR ==================================
01:01:41.0767 8404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:01:41.0973 8404 \Device\Harddisk0\DR0 - ok
01:01:41.0982 8404 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR12
01:01:41.0988 8404 \Device\Harddisk3\DR12 - ok
01:01:41.0992 8404 ================ Scan VBR ==================================
01:01:41.0996 8404 [ 81D9E2C1C9224F67070B8540996BBD5F ] \Device\Harddisk0\DR0\Partition1
01:01:41.0997 8404 \Device\Harddisk0\DR0\Partition1 - ok
01:01:42.0019 8404 [ 42172032A0DC9166778AFC77F7FB58CF ] \Device\Harddisk0\DR0\Partition2
01:01:42.0020 8404 \Device\Harddisk0\DR0\Partition2 - ok
01:01:42.0028 8404 [ 3262A4E003AC7195DB5D0C4E9C4E1F36 ] \Device\Harddisk3\DR12\Partition1
01:01:42.0029 8404 \Device\Harddisk3\DR12\Partition1 - ok
01:01:42.0040 8404 [ 508F4615EE0BE0D78D0FAF97B90679FC ] \Device\Harddisk3\DR12\Partition2
01:01:42.0041 8404 \Device\Harddisk3\DR12\Partition2 - ok
01:01:42.0045 8404 ============================================================
01:01:42.0045 8404 Scan finished
01:01:42.0045 8404 ============================================================
01:01:42.0061 3912 Detected object count: 0
01:01:42.0061 3912 Actual detected object count: 0


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-12 01:01:33
-----------------------------
01:01:33.277 OS Version: Windows x64 6.1.7601 Service Pack 1
01:01:33.277 Number of processors: 2 586 0x170A
01:01:33.287 ComputerName: MAIER1-VAIO UserName: Afe
01:01:35.122 Initialize success
01:03:29.372 AVAST engine defs: 12111101
01:04:43.731 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:04:43.731 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
01:04:43.731 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000081
01:04:43.731 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
01:04:43.747 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000082
01:04:43.747 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
01:04:43.747 Disk 3 \Device\Harddisk3\DR12 -> \Device\000000b0
01:04:43.762 Disk 3 Vendor: Size: 305245MB BusType: 0
01:04:43.778 Disk 0 MBR read successfully
01:04:43.793 Disk 0 MBR scan
01:04:43.793 Disk 0 Windows 7 default MBR code
01:04:43.887 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7530 MB offset 2048
01:04:43.903 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 15423488
01:04:43.918 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297613 MB offset 15628288
01:04:43.965 Disk 0 scanning C:\Windows\system32\drivers
01:05:03.237 Service scanning
01:05:37.005 Service Volfinchdr C:\Windows\C:\Windows\system32\drivers\wimmount.sys **LOCKED** 123
01:05:42.362 Modules scanning
01:05:42.362 Disk 0 trace - called modules:
01:05:42.425 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
01:05:42.425 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c21060]
01:05:42.440 3 CLASSPNP.SYS[fffff8800143b43f] -> nt!IofCallDriver -> [0xfffffa80046f8480]
01:05:42.440 5 ACPI.sys[fffff88000f787a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046fb050]
01:05:43.542 AVAST engine scan C:\Windows
01:05:49.060 AVAST engine scan C:\Windows\system32
01:09:42.382 AVAST engine scan C:\Windows\system32\drivers
01:10:02.356 AVAST engine scan C:\Users\Afe
01:11:47.805 Disk 0 MBR has been saved successfully to "C:\Users\Afe\Desktop\MBR.dat"
01:11:47.805 The log file has been saved successfully to "C:\Users\Afe\Desktop\aswMBR.txt"

Please advise. Thank you.

:)

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 12 November 2012 - 06:40 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 13 November 2012 - 01:45 AM

I have run the script without a problem, but then the computer rebooted and continued to run. I am sorry, but I don't know which is the log file. Where would it be? Or should I run it again to find the log file?

Thanks.

#13 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 13 November 2012 - 02:06 AM

I am still experiencing livesearch now and scour redirects.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:57 PM

Posted 13 November 2012 - 03:11 PM

In which browser does this happen in


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 afe16rugby

afe16rugby
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:57 PM

Posted 14 November 2012 - 10:49 AM

Firefox for sure. Livesearch now and other redirects.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users