Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kdcom.dll Driver Crash


  • Please log in to reply
18 replies to this topic

#1 ddavid006

ddavid006

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 23 December 2012 - 07:37 PM

Greetings All,

I have been unable to prevent constant random BSoD's after normal booting (occurs within 5-20 minutes of starting), problem does not exist in safe mode. Using BlueScreenView has identified kdcom.dll as the crashed driver.

System info:
Sony Vaio
Vista Home Premium SP2 64bit
287GB HD with 65.7GB free
4GB RAM
Norton 360


Steps Taken:
Installed CCleaner - used twice. Cleaned out junk from files. Registry. Uninstalled most recently installed software, prior to fault.

Installed DriverMax - found and updated 19 various drivers.

Installed latest updates from Windows.

Updated and ran MBAM - found and fixed 7 Trojans.

Used Windows Memory Diagnostics - no problems found.

Obviously BSoD still occurs.

Thanks, serious guidance needed.

Edited by hamluis, 25 December 2012 - 05:17 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Artrooks

Artrooks

  • Members
  • 1,463 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:49 PM

Posted 23 December 2012 - 09:31 PM

Hello ddavid006,

Installed CCleaner - used twice. Cleaned out junk from files. Registry. Uninstalled most recently installed software, prior to fault.

CCleaner by default will delete "Minidump" files. Please don't run CCleaner until your probelm has been solved.


We will try to help you with your computer BSOD problem. These problems are often not simple, so gathering as much information about your computer will be important.

Please follow this link: BSOD Posting Instructions Windows 8 - Windows 7 - Vista.
  • Follow all instructions with the exception of:
    • Creating a new thread HERE and attach the file(s) after step 4
  • Note: Both files of Step 1 need to be in the Documents folder.
Upload the zipped folder to a File Sharing website of your choosing because Bleeping Computer has a 512 K only upload limit and this file will be much larger.
In addition:

To help us get a better look at your computer's hardware, please download and install Speccy by Piriform. (mirror site)
  • Run Speccy and from the top menu, select File --> Publish Snapshot. Click "Yes" to proceed.
  • Click, Copy to Clipboard and paste this address into your next post.

Regards,
Brooks



 


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:49 PM

Posted 23 December 2012 - 10:08 PM

Updated and ran MBAM - found and fixed 7 Trojans.


KDCOM.dll crashes are usually caused by rootkits.Please post the malwarebytes log along with logs requested by Artrooks.

#4 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 24 December 2012 - 01:21 AM

Thank you Sir,...for replying.

Bear with me I'm a little slow, these terms etc; are over my head BUT I'm learning OJT.

When I typed in perfmon /report I received this error message:

An error occured while attempting to generate the report.

The system cannot find the path specified.


I was able to locat and open the "Reliability and Performance Monitor" and include what appears to be a couple reports, however, I could not find an option to save as HTML (hopefully HTML is autoloaded).

#5 Answers:
Vista Home Premium
64bit
Vista Home Premium
OEM Version
System is 3 years old
original OS, never re-installed
CPU - Intel Core2 Duo P8700@2.53 GHz
Video Card - ATI Mobility Radeon HD 4650
Motherboard - not sure where this info is
Power Supply - same as above
Manuf.- Sony VAIO
Model Number - VGN-FW490JEB

Link to ZIP file:
https://www.box.com/s/q4bqadev6ua5r406vjcm

I just tried to run Speccy 3 times and it would not load. Perhaps because I'm running in Safe Mode, I'll try restarting and see if I can generate the info needed. I'll attach it in another post.

#5 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 24 December 2012 - 02:35 AM

Great learning experience. So, I was able to boot in normal mode long enough to get the PERFMON and Speccy info. Also the MBAM logs were requested.

PERFMON and MBAM:
https://www.box.com/s/i3gtsdbmusmnrsgueup6

Interesting that the MBAM logs don't seem to show the 7 Trojans that were found and fixed a couple days ago.


Speccy:
http://speccy.piriform.com/results/Smq2YNR0P8XnFyEUaaBMZ31

Thanks all,
ddavid006

#6 Artrooks

Artrooks

  • Members
  • 1,463 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:02:49 PM

Posted 24 December 2012 - 09:14 AM

ddavid006,

If narenxp wants you to run any special malware removal tools, please follow his instructions.


I will be reviewing your minidump files and other info.

Thank you



Edited to remove request for data from jcgriff2 collection app. I found the folder attached.

Edited by Artrooks, 24 December 2012 - 09:21 AM.

Regards,
Brooks



 


#7 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 24 December 2012 - 12:06 PM

Understood and much appreciated.

Thank you Artrooks

and

Thank you narenxp

enjoy your Christmas.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:49 PM

Posted 25 December 2012 - 12:29 AM

Thankyou Artrooks

Hi ddavid006 Happy christmas :).Lets run some tools to see if you have a rootkit.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#9 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 25 December 2012 - 08:37 PM

Thanks for your patience narenxp,

8 hours of scans and reports:

TDSSkiller
09:23:47.0717 1896 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:23:48.0341 1896 ============================================================
09:23:48.0341 1896 Current date / time: 2012/12/25 09:23:48.0341
09:23:48.0341 1896 SystemInfo:
09:23:48.0341 1896
09:23:48.0341 1896 OS Version: 6.0.6002 ServicePack: 2.0
09:23:48.0341 1896 Product type: Workstation
09:23:48.0341 1896 ComputerName: MOBILEOFFICE
09:23:48.0341 1896 UserName: D. David Burroughs
09:23:48.0341 1896 Windows directory: C:\Windows
09:23:48.0341 1896 System windows directory: C:\Windows
09:23:48.0341 1896 Running under WOW64
09:23:48.0341 1896 Processor architecture: Intel x64
09:23:48.0341 1896 Number of processors: 2
09:23:48.0341 1896 Page size: 0x1000
09:23:48.0341 1896 Boot type: Safe boot with network
09:23:48.0341 1896 ============================================================
09:23:49.0308 1896 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x1080D9, SectorsPerTrack: 0x22, TracksPerCylinder: 0x11, Type 'K0', Flags 0x00000040
09:23:49.0323 1896 ============================================================
09:23:49.0323 1896 \Device\Harddisk0\DR0:
09:23:49.0323 1896 MBR partitions:
09:23:49.0323 1896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1613000, BlocksNum 0x23E1B2B0
09:23:49.0323 1896 ============================================================
09:23:49.0401 1896 C: <-> \Device\Harddisk0\DR0\Partition1
09:23:49.0401 1896 ============================================================
09:23:49.0401 1896 Initialize success
09:23:49.0401 1896 ============================================================
09:24:59.0929 1552 ============================================================
09:24:59.0929 1552 Scan started
09:24:59.0929 1552 Mode: Manual; TDLFS;
09:24:59.0929 1552 ============================================================
09:25:00.0693 1552 ================ Scan system memory ========================
09:25:00.0693 1552 System memory - ok
09:25:00.0693 1552 ================ Scan services =============================
09:25:00.0834 1552 [ 78E902FB660BD5003FE726B9BEF300B6 ] 61883 C:\Windows\system32\DRIVERS\61883.sys
09:25:00.0834 1552 61883 - ok
09:25:00.0974 1552 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:25:00.0974 1552 ACDaemon - ok
09:25:01.0021 1552 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:25:01.0021 1552 ACPI - ok
09:25:01.0099 1552 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:25:01.0099 1552 AdobeARMservice - ok
09:25:01.0146 1552 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:25:01.0161 1552 adp94xx - ok
09:25:01.0177 1552 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:25:01.0177 1552 adpahci - ok
09:25:01.0208 1552 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:25:01.0208 1552 adpu160m - ok
09:25:01.0239 1552 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:25:01.0239 1552 adpu320 - ok
09:25:01.0271 1552 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:25:01.0271 1552 AeLookupSvc - ok
09:25:01.0317 1552 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
09:25:01.0317 1552 AFD - ok
09:25:01.0349 1552 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:25:01.0349 1552 agp440 - ok
09:25:01.0380 1552 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:25:01.0380 1552 aic78xx - ok
09:25:01.0395 1552 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
09:25:01.0395 1552 ALG - ok
09:25:01.0442 1552 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
09:25:01.0442 1552 aliide - ok
09:25:01.0489 1552 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:25:01.0520 1552 AMD External Events Utility - ok
09:25:01.0567 1552 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
09:25:01.0567 1552 amdide - ok
09:25:01.0598 1552 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:25:01.0598 1552 AmdK8 - ok
09:25:01.0848 1552 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:25:02.0082 1552 amdkmdag - ok
09:25:02.0129 1552 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:25:02.0129 1552 amdkmdap - ok
09:25:02.0160 1552 [ 22FECB5B3DE1EB8B1B2761338922F681 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:25:02.0160 1552 ApfiltrService - ok
09:25:02.0191 1552 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
09:25:02.0191 1552 Appinfo - ok
09:25:02.0300 1552 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:25:02.0316 1552 Apple Mobile Device - ok
09:25:02.0409 1552 [ E9638D3E3B85DE683A0A1B795B3FF6EF ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
09:25:02.0425 1552 Application Updater - ok
09:25:02.0456 1552 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
09:25:02.0456 1552 arc - ok
09:25:02.0472 1552 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:25:02.0472 1552 arcsas - ok
09:25:02.0503 1552 [ 1CE3822B05A5E229286A15EA39369870 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:25:02.0503 1552 ArcSoftKsUFilter - ok
09:25:02.0628 1552 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:25:02.0675 1552 aspnet_state - ok
09:25:02.0721 1552 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:25:02.0721 1552 AsyncMac - ok
09:25:02.0768 1552 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
09:25:02.0768 1552 atapi - ok
09:25:02.0987 1552 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:25:03.0033 1552 atikmdag - ok
09:25:03.0080 1552 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:25:03.0096 1552 AudioEndpointBuilder - ok
09:25:03.0096 1552 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:25:03.0096 1552 AudioSrv - ok
09:25:03.0127 1552 [ 295FA2878FF499C0EDFA0EBCC8C6EC66 ] Avc C:\Windows\system32\DRIVERS\avc.sys
09:25:03.0143 1552 Avc - ok
09:25:03.0642 1552 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20121130.005_8e0\BHDrvx64.sys
09:25:03.0689 1552 BHDrvx64 - ok
09:25:03.0767 1552 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
09:25:03.0938 1552 BITS - ok
09:25:03.0969 1552 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:25:03.0969 1552 blbdrive - ok
09:25:04.0047 1552 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:25:04.0063 1552 Bonjour Service - ok
09:25:04.0110 1552 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:25:04.0110 1552 bowser - ok
09:25:04.0125 1552 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:25:04.0125 1552 BrFiltLo - ok
09:25:04.0157 1552 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:25:04.0157 1552 BrFiltUp - ok
09:25:04.0188 1552 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
09:25:04.0188 1552 Browser - ok
09:25:04.0203 1552 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
09:25:04.0203 1552 Brserid - ok
09:25:04.0219 1552 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:25:04.0219 1552 BrSerWdm - ok
09:25:04.0250 1552 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:25:04.0250 1552 BrUsbMdm - ok
09:25:04.0266 1552 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:25:04.0266 1552 BrUsbSer - ok
09:25:04.0313 1552 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:25:04.0328 1552 BthEnum - ok
09:25:04.0344 1552 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:25:04.0344 1552 BTHMODEM - ok
09:25:04.0359 1552 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:25:04.0359 1552 BthPan - ok
09:25:04.0453 1552 [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:25:04.0453 1552 BTHPORT - ok
09:25:04.0515 1552 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
09:25:04.0515 1552 BthServ - ok
09:25:04.0562 1552 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:25:04.0562 1552 BTHUSB - ok
09:25:04.0609 1552 [ 4E26C89D8941AE0AD3F12DE9C3DDDB5A ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:25:04.0609 1552 btwaudio - ok
09:25:04.0640 1552 [ 6B15769244A37B1FF4CA4EBA8693C7F3 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
09:25:04.0640 1552 btwavdt - ok
09:25:04.0703 1552 [ F28DAB823FCDA98F50DD677552A4DC52 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:25:04.0718 1552 btwdins - ok
09:25:04.0734 1552 [ 0037CB116097E8E0EA77F3B13C50FF1E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:25:04.0734 1552 btwl2cap - ok
09:25:04.0749 1552 [ 651154EE76EA31EEE050F3B66E5D086B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:25:04.0749 1552 btwrchid - ok
09:25:04.0796 1552 [ 1ED6C254A85D6139258551AA9EEC2570 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
09:25:04.0812 1552 CAXHWAZL - ok
09:25:04.0921 1552 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
09:25:04.0921 1552 ccSet_N360 - ok
09:25:04.0968 1552 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:25:04.0968 1552 cdfs - ok
09:25:04.0999 1552 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:25:05.0015 1552 cdrom - ok
09:25:05.0061 1552 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
09:25:05.0061 1552 CertPropSvc - ok
09:25:05.0077 1552 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
09:25:05.0077 1552 circlass - ok
09:25:05.0108 1552 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
09:25:05.0124 1552 CLFS - ok
09:25:05.0202 1552 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:25:05.0202 1552 clr_optimization_v2.0.50727_32 - ok
09:25:05.0264 1552 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:25:05.0264 1552 clr_optimization_v2.0.50727_64 - ok
09:25:05.0342 1552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:25:05.0529 1552 clr_optimization_v4.0.30319_32 - ok
09:25:05.0576 1552 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:25:05.0623 1552 clr_optimization_v4.0.30319_64 - ok
09:25:05.0670 1552 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:25:05.0670 1552 CmBatt - ok
09:25:05.0685 1552 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:25:05.0685 1552 cmdide - ok
09:25:05.0717 1552 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:25:05.0717 1552 Compbatt - ok
09:25:05.0732 1552 COMSysApp - ok
09:25:05.0732 1552 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:25:05.0732 1552 crcdisk - ok
09:25:05.0779 1552 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:25:05.0779 1552 CryptSvc - ok
09:25:05.0841 1552 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:25:05.0873 1552 DcomLaunch - ok
09:25:05.0904 1552 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:25:05.0904 1552 DfsC - ok
09:25:05.0997 1552 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
09:25:06.0060 1552 DFSR - ok
09:25:06.0091 1552 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:25:06.0091 1552 Dhcp - ok
09:25:06.0138 1552 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
09:25:06.0138 1552 disk - ok
09:25:06.0138 1552 DMICall - ok
09:25:06.0169 1552 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:25:06.0169 1552 Dnscache - ok
09:25:06.0216 1552 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
09:25:06.0216 1552 dot3svc - ok
09:25:06.0263 1552 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:25:06.0263 1552 Dot4 - ok
09:25:06.0278 1552 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:25:06.0278 1552 Dot4Print - ok
09:25:06.0309 1552 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:25:06.0309 1552 dot4usb - ok
09:25:06.0341 1552 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
09:25:06.0341 1552 DPS - ok
09:25:06.0372 1552 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:25:06.0372 1552 drmkaud - ok
09:25:06.0419 1552 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:25:06.0434 1552 DXGKrnl - ok
09:25:06.0465 1552 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
09:25:06.0465 1552 E1G60 - ok
09:25:06.0497 1552 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
09:25:06.0497 1552 EapHost - ok
09:25:06.0543 1552 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
09:25:06.0543 1552 Ecache - ok
09:25:06.0621 1552 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:25:06.0621 1552 ehRecvr - ok
09:25:06.0637 1552 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
09:25:06.0637 1552 ehSched - ok
09:25:06.0637 1552 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
09:25:06.0653 1552 ehstart - ok
09:25:06.0668 1552 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:25:06.0684 1552 elxstor - ok
09:25:06.0731 1552 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:25:06.0731 1552 EMDMgmt - ok
09:25:06.0746 1552 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:25:06.0746 1552 ErrDev - ok
09:25:06.0809 1552 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
09:25:06.0824 1552 EventSystem - ok
09:25:06.0887 1552 [ 2898EEC4FF1C8204222D266F48A35B7D ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:25:06.0902 1552 EvtEng - ok
09:25:06.0949 1552 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
09:25:06.0949 1552 exfat - ok
09:25:07.0589 1552 [ F54E9ADA8A6C8CAFE8F27791CBD52C4E ] ExpressAccountsService C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe
09:25:08.0181 1552 ExpressAccountsService - ok
09:25:08.0228 1552 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:25:08.0228 1552 fastfat - ok
09:25:08.0259 1552 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:25:08.0259 1552 fdc - ok
09:25:08.0275 1552 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
09:25:08.0275 1552 fdPHost - ok
09:25:08.0291 1552 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
09:25:08.0291 1552 FDResPub - ok
09:25:08.0306 1552 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:25:08.0306 1552 FileInfo - ok
09:25:08.0322 1552 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:25:08.0322 1552 Filetrace - ok
09:25:08.0337 1552 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:25:08.0337 1552 flpydisk - ok
09:25:08.0369 1552 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:25:08.0369 1552 FltMgr - ok
09:25:08.0431 1552 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
09:25:08.0462 1552 FontCache - ok
09:25:08.0540 1552 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:25:08.0540 1552 FontCache3.0.0.0 - ok
09:25:08.0649 1552 [ E163CF5D8F95C1D766603085E1D01C38 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
09:25:08.0665 1552 FreeAgentGoNext Service - ok
09:25:08.0712 1552 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:25:08.0712 1552 Fs_Rec - ok
09:25:08.0759 1552 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:25:08.0759 1552 gagp30kx - ok
09:25:08.0790 1552 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:25:08.0790 1552 GEARAspiWDM - ok
09:25:08.0852 1552 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
09:25:08.0868 1552 gpsvc - ok
09:25:08.0899 1552 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:25:08.0899 1552 HdAudAddService - ok
09:25:08.0946 1552 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:25:08.0961 1552 HDAudBus - ok
09:25:08.0993 1552 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:25:08.0993 1552 HidBth - ok
09:25:09.0024 1552 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:25:09.0024 1552 HidIr - ok
09:25:09.0039 1552 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
09:25:09.0039 1552 hidserv - ok
09:25:09.0071 1552 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:25:09.0086 1552 HidUsb - ok
09:25:09.0102 1552 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
09:25:09.0102 1552 hkmsvc - ok
09:25:09.0117 1552 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:25:09.0117 1552 HpCISSs - ok
09:25:09.0164 1552 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
09:25:09.0195 1552 HSFHWAZL - ok
09:25:09.0258 1552 [ 60F1D0EDE7AE2B92B3A8886E825B7147 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
09:25:09.0273 1552 HSF_DPV - ok
09:25:09.0336 1552 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:25:09.0336 1552 HTTP - ok
09:25:09.0383 1552 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:25:09.0383 1552 i2omp - ok
09:25:09.0398 1552 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:25:09.0398 1552 i8042prt - ok
09:25:09.0429 1552 [ 8D58627FEF3F8767665D9F4DC91CBD97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:25:09.0445 1552 iaStor - ok
09:25:09.0461 1552 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:25:09.0476 1552 iaStorV - ok
09:25:09.0539 1552 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:25:09.0554 1552 idsvc - ok
09:25:09.0773 1552 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20121222.001\IDSvia64.sys
09:25:09.0773 1552 IDSVia64 - ok
09:25:09.0788 1552 igfx - ok
09:25:09.0835 1552 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:25:09.0835 1552 iirsp - ok
09:25:09.0866 1552 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
09:25:09.0866 1552 IKEEXT - ok
09:25:10.0007 1552 [ CCDD9D55E9BD0806DAD6BAB4EE8DA1D0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:25:10.0069 1552 IntcAzAudAddService - ok
09:25:10.0069 1552 IntcHdmiAddService - ok
09:25:10.0116 1552 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
09:25:10.0116 1552 intelide - ok
09:25:10.0131 1552 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:25:10.0131 1552 intelppm - ok
09:25:10.0163 1552 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:25:10.0163 1552 IPBusEnum - ok
09:25:10.0194 1552 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:25:10.0194 1552 IpFilterDriver - ok
09:25:10.0209 1552 IpInIp - ok
09:25:10.0225 1552 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:25:10.0225 1552 IPMIDRV - ok
09:25:10.0241 1552 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:25:10.0241 1552 IPNAT - ok
09:25:10.0256 1552 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:25:10.0256 1552 IRENUM - ok
09:25:10.0272 1552 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:25:10.0272 1552 isapnp - ok
09:25:10.0303 1552 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:25:10.0303 1552 iScsiPrt - ok
09:25:10.0334 1552 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:25:10.0334 1552 iteatapi - ok
09:25:10.0334 1552 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:25:10.0334 1552 iteraid - ok
09:25:10.0365 1552 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:25:10.0365 1552 IviRegMgr - ok
09:25:10.0412 1552 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:25:10.0412 1552 kbdclass - ok
09:25:10.0428 1552 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:25:10.0428 1552 kbdhid - ok
09:25:10.0475 1552 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
09:25:10.0475 1552 KeyIso - ok
09:25:10.0506 1552 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:25:10.0521 1552 KSecDD - ok
09:25:10.0553 1552 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:25:10.0553 1552 ksthunk - ok
09:25:10.0584 1552 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
09:25:10.0599 1552 KtmRm - ok
09:25:10.0631 1552 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:25:10.0646 1552 LanmanServer - ok
09:25:10.0709 1552 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:25:10.0724 1552 LanmanWorkstation - ok
09:25:10.0724 1552 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:25:10.0740 1552 lltdio - ok
09:25:10.0755 1552 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:25:10.0771 1552 lltdsvc - ok
09:25:10.0787 1552 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:25:10.0787 1552 lmhosts - ok
09:25:10.0818 1552 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:25:10.0818 1552 LSI_FC - ok
09:25:10.0833 1552 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:25:10.0849 1552 LSI_SAS - ok
09:25:10.0849 1552 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:25:10.0865 1552 LSI_SCSI - ok
09:25:10.0880 1552 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
09:25:10.0880 1552 luafv - ok
09:25:10.0896 1552 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:25:10.0896 1552 Mcx2Svc - ok
09:25:10.0927 1552 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:25:10.0927 1552 mdmxsdk - ok
09:25:10.0943 1552 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
09:25:10.0943 1552 megasas - ok
09:25:10.0974 1552 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:25:10.0974 1552 MegaSR - ok
09:25:11.0005 1552 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
09:25:11.0005 1552 MMCSS - ok
09:25:11.0021 1552 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
09:25:11.0021 1552 Modem - ok
09:25:11.0021 1552 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:25:11.0021 1552 monitor - ok
09:25:11.0036 1552 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:25:11.0036 1552 mouclass - ok
09:25:11.0052 1552 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:25:11.0052 1552 mouhid - ok
09:25:11.0083 1552 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:25:11.0083 1552 MountMgr - ok
09:25:11.0114 1552 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
09:25:11.0114 1552 mpio - ok
09:25:11.0130 1552 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:25:11.0130 1552 mpsdrv - ok
09:25:11.0161 1552 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:25:11.0161 1552 Mraid35x - ok
09:25:11.0192 1552 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:25:11.0192 1552 MRxDAV - ok
09:25:11.0223 1552 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:25:11.0239 1552 mrxsmb - ok
09:25:11.0270 1552 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:25:11.0270 1552 mrxsmb10 - ok
09:25:11.0317 1552 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:25:11.0317 1552 mrxsmb20 - ok
09:25:11.0348 1552 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
09:25:11.0348 1552 msahci - ok
09:25:11.0364 1552 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:25:11.0364 1552 msdsm - ok
09:25:11.0395 1552 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
09:25:11.0395 1552 MSDTC - ok
09:25:11.0442 1552 [ DF674BA7DA5A4753D839A905B66D2FD9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
09:25:11.0442 1552 MSDV - ok
09:25:11.0473 1552 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:25:11.0489 1552 Msfs - ok
09:25:11.0504 1552 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:25:11.0504 1552 msisadrv - ok
09:25:11.0535 1552 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:25:11.0551 1552 MSiSCSI - ok
09:25:11.0551 1552 msiserver - ok
09:25:11.0582 1552 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:25:11.0582 1552 MSKSSRV - ok
09:25:11.0598 1552 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:25:11.0598 1552 MSPCLOCK - ok
09:25:11.0613 1552 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:25:11.0613 1552 MSPQM - ok
09:25:11.0645 1552 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:25:11.0645 1552 MsRPC - ok
09:25:11.0660 1552 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:25:11.0660 1552 mssmbios - ok
09:25:11.0707 1552 MSSQL$TRACKMAN - ok
09:25:11.0769 1552 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:25:11.0769 1552 MSSQLServerADHelper100 - ok
09:25:11.0785 1552 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:25:11.0785 1552 MSTEE - ok
09:25:11.0832 1552 [ 4883C5F0C6F8222A928DD35C3D287225 ] MtUsb C:\Windows\system32\Drivers\MtUsb.sys
09:25:11.0832 1552 MtUsb - ok
09:25:11.0847 1552 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
09:25:11.0847 1552 Mup - ok
09:25:11.0894 1552 [ 08835780CC6A5CFF5275101B5A9D17A4 ] MxEFUF C:\Windows\system32\DRIVERS\MxEFUF64.sys
09:25:11.0894 1552 MxEFUF - ok
09:25:12.0097 1552 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
09:25:12.0097 1552 N360 - ok
09:25:12.0175 1552 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
09:25:12.0175 1552 napagent - ok
09:25:12.0222 1552 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:25:12.0222 1552 NativeWifiP - ok
09:25:12.0315 1552 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121224.019\ENG64.SYS
09:25:12.0331 1552 NAVENG - ok
09:25:12.0378 1552 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121224.019\EX64.SYS
09:25:12.0409 1552 NAVEX15 - ok
09:25:12.0456 1552 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:25:12.0471 1552 NDIS - ok
09:25:12.0487 1552 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:25:12.0487 1552 NdisTapi - ok
09:25:12.0503 1552 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:25:12.0503 1552 Ndisuio - ok
09:25:12.0549 1552 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:25:12.0549 1552 NdisWan - ok
09:25:12.0596 1552 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:25:12.0596 1552 NDProxy - ok
09:25:12.0612 1552 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:25:12.0612 1552 NetBIOS - ok
09:25:12.0643 1552 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:25:12.0643 1552 netbt - ok
09:25:12.0674 1552 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
09:25:12.0674 1552 Netlogon - ok
09:25:12.0721 1552 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
09:25:12.0721 1552 Netman - ok
09:25:12.0768 1552 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:25:12.0846 1552 NetMsmqActivator - ok
09:25:12.0846 1552 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:25:12.0846 1552 NetPipeActivator - ok
09:25:12.0893 1552 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
09:25:12.0893 1552 netprofm - ok
09:25:12.0908 1552 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:25:12.0908 1552 NetTcpActivator - ok
09:25:12.0924 1552 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:25:12.0924 1552 NetTcpPortSharing - ok
09:25:13.0017 1552 [ BFBD278F8C9BCEC693345759AC278E14 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
09:25:13.0095 1552 NETw5v64 - ok
09:25:13.0314 1552 [ 6B138B65B531C3A2380BECABEF0B6157 ] NETwNv64 C:\Windows\system32\DRIVERS\NETwNv64.sys
09:25:13.0485 1552 NETwNv64 - ok
09:25:13.0532 1552 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:25:13.0532 1552 nfrd960 - ok
09:25:13.0563 1552 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
09:25:13.0563 1552 NlaSvc - ok
09:25:13.0626 1552 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:25:13.0626 1552 Npfs - ok
09:25:13.0626 1552 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
09:25:13.0626 1552 nsi - ok
09:25:13.0641 1552 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:25:13.0641 1552 nsiproxy - ok
09:25:13.0704 1552 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:25:13.0719 1552 Ntfs - ok
09:25:13.0735 1552 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
09:25:13.0735 1552 Null - ok
09:25:13.0766 1552 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:25:13.0782 1552 nvraid - ok
09:25:13.0797 1552 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:25:13.0797 1552 nvstor - ok
09:25:13.0813 1552 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:25:13.0829 1552 nv_agp - ok
09:25:13.0829 1552 NwlnkFlt - ok
09:25:13.0829 1552 NwlnkFwd - ok
09:25:13.0891 1552 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:25:13.0907 1552 odserv - ok
09:25:13.0938 1552 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:25:13.0938 1552 ohci1394 - ok
09:25:13.0969 1552 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:25:13.0969 1552 ose - ok
09:25:14.0016 1552 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:25:14.0031 1552 p2pimsvc - ok
09:25:14.0047 1552 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
09:25:14.0047 1552 p2psvc - ok
09:25:14.0078 1552 [ B8040C5C1FC1FBBBE5C78CB9EDA343EC ] PACSPTISVR C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
09:25:14.0109 1552 PACSPTISVR - ok
09:25:14.0141 1552 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
09:25:14.0141 1552 Parport - ok
09:25:14.0172 1552 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:25:14.0187 1552 partmgr - ok
09:25:14.0203 1552 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
09:25:14.0203 1552 PcaSvc - ok
09:25:14.0250 1552 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
09:25:14.0250 1552 pci - ok
09:25:14.0281 1552 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
09:25:14.0281 1552 pciide - ok
09:25:14.0297 1552 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:25:14.0297 1552 pcmcia - ok
09:25:14.0328 1552 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:25:14.0343 1552 PEAUTH - ok
09:25:14.0406 1552 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:25:14.0468 1552 PerfHost - ok
09:25:14.0531 1552 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
09:25:14.0546 1552 pla - ok
09:25:14.0593 1552 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:25:14.0593 1552 PlugPlay - ok
09:25:14.0640 1552 [ BDEA03A01DD58FF120C9D757A28DAA8B ] pmkbdfltr C:\Windows\system32\DRIVERS\pmkbdfltr.sys
09:25:14.0640 1552 pmkbdfltr - ok
09:25:14.0702 1552 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:25:14.0718 1552 PNRPAutoReg - ok
09:25:14.0733 1552 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:25:14.0733 1552 PNRPsvc - ok
09:25:14.0780 1552 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:25:14.0780 1552 PolicyAgent - ok
09:25:14.0827 1552 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:25:14.0827 1552 PptpMiniport - ok
09:25:14.0858 1552 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
09:25:14.0858 1552 Processor - ok
09:25:14.0905 1552 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
09:25:14.0905 1552 ProfSvc - ok
09:25:14.0921 1552 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
09:25:14.0936 1552 ProtectedStorage - ok
09:25:14.0983 1552 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:25:14.0983 1552 PSched - ok
09:25:15.0014 1552 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:25:15.0014 1552 PxHlpa64 - ok
09:25:15.0061 1552 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:25:15.0077 1552 ql2300 - ok
09:25:15.0108 1552 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:25:15.0108 1552 ql40xx - ok
09:25:15.0123 1552 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
09:25:15.0139 1552 QWAVE - ok
09:25:15.0155 1552 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:25:15.0155 1552 QWAVEdrv - ok
09:25:15.0170 1552 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:25:15.0170 1552 RasAcd - ok
09:25:15.0186 1552 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
09:25:15.0186 1552 RasAuto - ok
09:25:15.0201 1552 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:25:15.0201 1552 Rasl2tp - ok
09:25:15.0233 1552 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
09:25:15.0233 1552 RasMan - ok
09:25:15.0264 1552 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:25:15.0264 1552 RasPppoe - ok
09:25:15.0311 1552 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:25:15.0311 1552 RasSstp - ok
09:25:15.0357 1552 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:25:15.0357 1552 rdbss - ok
09:25:15.0389 1552 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:25:15.0389 1552 RDPCDD - ok
09:25:15.0420 1552 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:25:15.0420 1552 rdpdr - ok
09:25:15.0435 1552 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:25:15.0435 1552 RDPENCDD - ok
09:25:15.0482 1552 [ 5C141FC457F1AC833664789235ACA673 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:25:15.0482 1552 RDPWD - ok
09:25:15.0513 1552 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
09:25:15.0513 1552 regi - ok
09:25:15.0576 1552 [ 9600567E331F5AE87D31B0A60763E48C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:25:15.0591 1552 RegSrvc - ok
09:25:15.0623 1552 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:25:15.0623 1552 RemoteAccess - ok
09:25:15.0669 1552 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:25:15.0669 1552 RemoteRegistry - ok
09:25:15.0732 1552 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:25:15.0747 1552 RFCOMM - ok
09:25:15.0779 1552 [ EAC02ED935A9C1F2DDD8D985C465B854 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
09:25:15.0779 1552 rimsptsk - ok
09:25:15.0794 1552 [ 71E182A0DE1CECB3F912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
09:25:15.0810 1552 risdptsk - ok
09:25:15.0825 1552 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
09:25:15.0825 1552 RpcLocator - ok
09:25:15.0888 1552 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
09:25:15.0888 1552 RpcSs - ok
09:25:15.0935 1552 [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
09:25:15.0935 1552 RsFx0150 - ok
09:25:15.0966 1552 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:25:15.0966 1552 rspndr - ok
09:25:16.0013 1552 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
09:25:16.0013 1552 RTHDMIAzAudService - ok
09:25:16.0091 1552 [ 3BDBB0CBFB27FEF51B7574676D1C9F6A ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
09:25:16.0091 1552 RtkAudioService - ok
09:25:16.0122 1552 [ 9A5FB8DE6567BC86FCCDE2F0336857A3 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
09:25:16.0137 1552 SampleCollector - ok
09:25:16.0169 1552 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
09:25:16.0169 1552 SamSs - ok
09:25:16.0184 1552 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:25:16.0184 1552 sbp2port - ok
09:25:16.0231 1552 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:25:16.0231 1552 SCardSvr - ok
09:25:16.0293 1552 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
09:25:16.0309 1552 Schedule - ok
09:25:16.0340 1552 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:25:16.0340 1552 SCPolicySvc - ok
09:25:16.0371 1552 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:25:16.0371 1552 sdbus - ok
09:25:16.0403 1552 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:25:16.0403 1552 SDRSVC - ok
09:25:16.0418 1552 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:25:16.0418 1552 secdrv - ok
09:25:16.0434 1552 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
09:25:16.0434 1552 seclogon - ok
09:25:16.0449 1552 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
09:25:16.0449 1552 SENS - ok
09:25:16.0465 1552 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:25:16.0465 1552 Serenum - ok
09:25:16.0481 1552 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
09:25:16.0481 1552 Serial - ok
09:25:16.0496 1552 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:25:16.0496 1552 sermouse - ok
09:25:16.0527 1552 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
09:25:16.0527 1552 SessionEnv - ok
09:25:16.0559 1552 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
09:25:16.0559 1552 SFEP - ok
09:25:16.0574 1552 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:25:16.0590 1552 sffdisk - ok
09:25:16.0621 1552 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:25:16.0637 1552 sffp_mmc - ok
09:25:16.0652 1552 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:25:16.0652 1552 sffp_sd - ok
09:25:16.0668 1552 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:25:16.0668 1552 sfloppy - ok
09:25:16.0730 1552 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:25:16.0746 1552 ShellHWDetection - ok
09:25:16.0761 1552 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:25:16.0761 1552 SiSRaid2 - ok
09:25:16.0808 1552 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:25:16.0808 1552 SiSRaid4 - ok
09:25:16.0902 1552 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
09:25:16.0949 1552 slsvc - ok
09:25:16.0995 1552 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:25:16.0995 1552 SLUINotify - ok
09:25:17.0042 1552 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:25:17.0042 1552 Smb - ok
09:25:17.0089 1552 [ E11C9E13E92DA6747363924CFFCBD7EF ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
09:25:17.0089 1552 SmbDrvI - ok
09:25:17.0136 1552 [ 27F71F20E87FBF177C82AE924F9317F7 ] SMR250 C:\Windows\system32\drivers\SMR250.SYS
09:25:17.0136 1552 SMR250 - ok
09:25:17.0167 1552 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:25:17.0167 1552 SNMPTRAP - ok
09:25:17.0198 1552 [ 7B24EFA2A60BA7388FECDA63AB24560A ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:25:17.0198 1552 SOHCImp - ok
09:25:17.0214 1552 [ 140FCF5FFAE4EFBA9740A9FD8B49E0BF ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
09:25:17.0214 1552 SOHDBSvr - ok
09:25:17.0229 1552 [ D8C244121A06B581B097D9617D94CFF1 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
09:25:17.0245 1552 SOHDms - ok
09:25:17.0261 1552 [ 2DB561887EA122B946BBE2821473EDD8 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:25:17.0261 1552 SOHDs - ok
09:25:17.0276 1552 [ AB9EE246A1EB2C3C7C6CB16E0B9462F7 ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
09:25:17.0276 1552 SOHPlMgr - ok
09:25:17.0307 1552 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
09:25:17.0307 1552 spldr - ok
09:25:17.0339 1552 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
09:25:17.0354 1552 Spooler - ok
09:25:17.0448 1552 [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLAgent$TRACKMAN C:\Program Files\Microsoft SQL Server\MSSQL10_50.TRACKMAN\MSSQL\Binn\SQLAGENT.EXE
09:25:17.0479 1552 SQLAgent$TRACKMAN - ok
09:25:17.0573 1552 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:25:17.0588 1552 SQLBrowser - ok
09:25:17.0619 1552 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:25:17.0619 1552 SQLWriter - ok
09:25:17.0744 1552 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
09:25:17.0760 1552 SRTSP - ok
09:25:17.0791 1552 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
09:25:17.0791 1552 SRTSPX - ok
09:25:17.0838 1552 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
09:25:17.0838 1552 srv - ok
09:25:17.0885 1552 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:25:17.0885 1552 srv2 - ok
09:25:17.0931 1552 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:25:17.0931 1552 srvnet - ok
09:25:17.0978 1552 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:25:17.0978 1552 SSDPSRV - ok
09:25:18.0009 1552 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:25:18.0009 1552 SstpSvc - ok
09:25:18.0056 1552 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
09:25:18.0072 1552 stisvc - ok
09:25:18.0103 1552 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:25:18.0103 1552 swenum - ok
09:25:18.0134 1552 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
09:25:18.0150 1552 swprv - ok
09:25:18.0165 1552 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:25:18.0165 1552 Symc8xx - ok
09:25:18.0228 1552 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
09:25:18.0228 1552 SymDS - ok
09:25:18.0306 1552 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
09:25:18.0321 1552 SymEFA - ok
09:25:18.0368 1552 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:25:18.0368 1552 SymEvent - ok
09:25:18.0431 1552 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
09:25:18.0431 1552 SymIRON - ok
09:25:18.0477 1552 [ A25FEE245C78804601D83431386A0BEE ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0604000.009\SYMTDIV.SYS
09:25:18.0477 1552 SYMTDIv - ok
09:25:18.0524 1552 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:25:18.0524 1552 Sym_hi - ok
09:25:18.0540 1552 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:25:18.0540 1552 Sym_u3 - ok
09:25:18.0587 1552 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
09:25:18.0602 1552 SysMain - ok
09:25:18.0633 1552 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:25:18.0633 1552 TabletInputService - ok
09:25:18.0680 1552 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:25:18.0680 1552 TapiSrv - ok
09:25:18.0727 1552 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
09:25:18.0727 1552 TBS - ok
09:25:18.0774 1552 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:25:18.0805 1552 Tcpip - ok
09:25:18.0836 1552 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:25:18.0852 1552 Tcpip6 - ok
09:25:18.0883 1552 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:25:18.0883 1552 tcpipreg - ok
09:25:18.0914 1552 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:25:18.0914 1552 TDPIPE - ok
09:25:18.0945 1552 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:25:18.0945 1552 TDTCP - ok
09:25:18.0977 1552 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:25:18.0992 1552 tdx - ok
09:25:19.0023 1552 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:25:19.0023 1552 TermDD - ok
09:25:19.0070 1552 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
09:25:19.0086 1552 TermService - ok
09:25:19.0133 1552 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
09:25:19.0133 1552 Themes - ok
09:25:19.0164 1552 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
09:25:19.0164 1552 THREADORDER - ok
09:25:19.0211 1552 [ 4883C5F0C6F8222A928DD35C3D287225 ] TrackMan C:\Windows\system32\Drivers\TrackMan.sys
09:25:19.0211 1552 TrackMan - ok
09:25:19.0273 1552 [ 6A9849E43D4ED761BA55F5947F69A532 ] TrackManVideoManagement C:\Program Files (x86)\Common Files\TrackMan\VideoManagementService\VMSService.exe
09:25:19.0273 1552 TrackManVideoManagement - ok
09:25:19.0304 1552 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
09:25:19.0304 1552 TrkWks - ok
09:25:19.0351 1552 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:25:19.0351 1552 TrustedInstaller - ok
09:25:19.0382 1552 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:25:19.0382 1552 tssecsrv - ok
09:25:19.0398 1552 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:25:19.0413 1552 tunmp - ok
09:25:19.0429 1552 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:25:19.0429 1552 tunnel - ok
09:25:19.0460 1552 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:25:19.0460 1552 uagp35 - ok
09:25:19.0523 1552 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:25:19.0523 1552 uCamMonitor - ok
09:25:19.0569 1552 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:25:19.0569 1552 udfs - ok
09:25:19.0616 1552 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:25:19.0616 1552 UI0Detect - ok
09:25:19.0632 1552 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:25:19.0647 1552 uliagpkx - ok
09:25:19.0694 1552 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:25:19.0694 1552 uliahci - ok
09:25:19.0725 1552 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:25:19.0725 1552 UlSata - ok
09:25:19.0757 1552 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:25:19.0757 1552 ulsata2 - ok
09:25:19.0788 1552 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:25:19.0788 1552 umbus - ok
09:25:19.0803 1552 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
09:25:19.0803 1552 upnphost - ok
09:25:19.0866 1552 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:25:19.0866 1552 USBAAPL64 - ok
09:25:19.0897 1552 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:25:19.0897 1552 usbccgp - ok
09:25:19.0913 1552 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:25:19.0913 1552 usbcir - ok
09:25:19.0928 1552 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:25:19.0928 1552 usbehci - ok
09:25:19.0975 1552 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:25:19.0975 1552 usbhub - ok
09:25:20.0022 1552 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:25:20.0022 1552 usbohci - ok
09:25:20.0053 1552 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:25:20.0053 1552 usbprint - ok
09:25:20.0100 1552 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:25:20.0100 1552 usbscan - ok
09:25:20.0131 1552 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:25:20.0131 1552 USBSTOR - ok
09:25:20.0162 1552 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:25:20.0162 1552 usbuhci - ok
09:25:20.0178 1552 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:25:20.0178 1552 usbvideo - ok
09:25:20.0193 1552 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
09:25:20.0193 1552 UxSms - ok
09:25:20.0287 1552 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
09:25:20.0287 1552 VAIO Entertainment TV Device Arbitration Service - ok
09:25:20.0349 1552 [ 73328C784ECFE7072BD102F370076B50 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:25:20.0349 1552 VAIO Event Service - ok
09:25:20.0396 1552 [ B63F63960E7254D9D9ED28474B40EB31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:25:20.0396 1552 VAIO Power Management - ok
09:25:20.0521 1552 [ 0ED1D51DCEC67F96CC313D02A1741CF3 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:25:20.0615 1552 VCFw - ok
09:25:20.0693 1552 [ 7295A2B5795E7B8AA128E5DF5A29B656 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:25:20.0693 1552 VcmIAlzMgr - ok
09:25:20.0755 1552 [ 76DF898710495C5B1476719410D8B895 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:25:20.0755 1552 VcmXmlIfHelper - ok
09:25:20.0771 1552 Vcsw - ok
09:25:20.0817 1552 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
09:25:20.0817 1552 vds - ok
09:25:20.0849 1552 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:25:20.0849 1552 vga - ok
09:25:20.0864 1552 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:25:20.0880 1552 VgaSave - ok
09:25:20.0895 1552 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
09:25:20.0895 1552 viaide - ok
09:25:20.0927 1552 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:25:20.0927 1552 volmgr - ok
09:25:20.0973 1552 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:25:20.0973 1552 volmgrx - ok
09:25:21.0020 1552 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:25:21.0036 1552 volsnap - ok
09:25:21.0051 1552 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:25:21.0067 1552 vsmraid - ok
09:25:21.0145 1552 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
09:25:21.0161 1552 VSS - ok
09:25:21.0223 1552 [ 79EB419F4A694B4514249E0D3DB16ECF ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
09:25:21.0223 1552 VzCdbSvc - ok
09:25:21.0270 1552 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
09:25:21.0285 1552 W32Time - ok
09:25:21.0317 1552 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:25:21.0317 1552 WacomPen - ok
09:25:21.0348 1552 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:25:21.0348 1552 Wanarp - ok
09:25:21.0348 1552 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:25:21.0348 1552 Wanarpv6 - ok
09:25:21.0379 1552 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:25:21.0395 1552 wcncsvc - ok
09:25:21.0410 1552 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:25:21.0410 1552 WcsPlugInService - ok
09:25:21.0441 1552 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
09:25:21.0441 1552 Wd - ok
09:25:21.0488 1552 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:25:21.0504 1552 Wdf01000 - ok
09:25:21.0519 1552 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:25:21.0535 1552 WdiServiceHost - ok
09:25:21.0535 1552 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:25:21.0535 1552 WdiSystemHost - ok
09:25:21.0551 1552 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
09:25:21.0551 1552 WebClient - ok
09:25:21.0597 1552 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:25:21.0597 1552 Wecsvc - ok
09:25:21.0613 1552 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:25:21.0613 1552 wercplsupport - ok
09:25:21.0629 1552 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
09:25:21.0629 1552 WerSvc - ok
09:25:21.0707 1552 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:25:21.0707 1552 WimFltr - ok
09:25:21.0769 1552 [ A53CDE6BEEA165FE9B430476EEDE3C54 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
09:25:21.0785 1552 winachsf - ok
09:25:21.0816 1552 WinHttpAutoProxySvc - ok
09:25:21.0878 1552 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:25:21.0878 1552 Winmgmt - ok
09:25:21.0987 1552 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
09:25:22.0019 1552 WinRM - ok
09:25:22.0081 1552 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] winusb C:\Windows\system32\DRIVERS\WinUSB.SYS
09:25:22.0081 1552 winusb - ok
09:25:22.0128 1552 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:25:22.0128 1552 Wlansvc - ok
09:25:22.0175 1552 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:25:22.0175 1552 WmiAcpi - ok
09:25:22.0221 1552 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:25:22.0221 1552 wmiApSrv - ok
09:25:22.0237 1552 WMPNetworkSvc - ok
09:25:22.0268 1552 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:25:22.0268 1552 WPCSvc - ok
09:25:22.0315 1552 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:25:22.0315 1552 WPDBusEnum - ok
09:25:22.0346 1552 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:25:22.0346 1552 WpdUsb - ok
09:25:22.0487 1552 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:25:22.0518 1552 WPFFontCache_v0400 - ok
09:25:22.0533 1552 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:25:22.0533 1552 ws2ifsl - ok
09:25:22.0549 1552 WSearch - ok
09:25:22.0627 1552 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:25:22.0674 1552 wuauserv - ok
09:25:22.0705 1552 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:25:22.0705 1552 WudfPf - ok
09:25:22.0752 1552 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:25:22.0752 1552 wudfsvc - ok
09:25:22.0799 1552 [ F22E443518BC599D12888DAF292A56D8 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
09:25:22.0799 1552 XAudio - ok
09:25:22.0845 1552 [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
09:25:22.0861 1552 XAudioService - ok
09:25:22.0877 1552 [ 56F8D7F9FCFB7BE829DA229DC9DFDFC1 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
09:25:22.0892 1552 yukonx64 - ok
09:25:22.0908 1552 ================ Scan global ===============================
09:25:22.0970 1552 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
09:25:23.0017 1552 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
09:25:23.0033 1552 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
09:25:23.0079 1552 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
09:25:23.0095 1552 [Global] - ok
09:25:23.0095 1552 ================ Scan MBR ==================================
09:25:23.0111 1552 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:25:23.0157 1552 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
09:25:23.0157 1552 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
09:25:23.0220 1552 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
09:25:23.0220 1552 \Device\Harddisk0\DR0 - detected TDSS File System (1)
09:25:23.0220 1552 ================ Scan VBR ==================================
09:25:23.0220 1552 [ 876C6A67BCC48BAA9B79CC325E52CF1D ] \Device\Harddisk0\DR0\Partition1
09:25:23.0220 1552 \Device\Harddisk0\DR0\Partition1 - ok
09:25:23.0220 1552 ============================================================
09:25:23.0220 1552 Scan finished
09:25:23.0220 1552 ============================================================
09:25:23.0220 0776 Detected object count: 2
09:25:23.0220 0776 Actual detected object count: 2
09:35:21.0636 0776 \Device\Harddisk0\DR0\# - copied to quarantine
09:35:21.0636 0776 \Device\Harddisk0\DR0 - copied to quarantine
09:35:21.0683 0776 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
09:35:21.0683 0776 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
09:35:21.0714 0776 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
09:35:21.0714 0776 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
09:35:21.0714 0776 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
09:35:21.0745 0776 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
09:35:21.0745 0776 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
09:35:21.0745 0776 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
09:35:21.0745 0776 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
09:35:21.0761 0776 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
09:35:21.0807 0776 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
09:35:21.0901 0776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
09:35:21.0901 0776 \Device\Harddisk0\DR0 - ok
09:35:22.0197 0776 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
09:35:22.0197 0776 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
09:35:22.0197 0776 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
09:46:33.0871 2024 Deinitialize success


aswMBR[/u]
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-25 10:16:27
-----------------------------
10:16:27.146 OS Version: Windows x64 6.0.6002 Service Pack 2
10:16:27.146 Number of processors: 2 586 0x170A
10:16:27.146 ComputerName: MOBILEOFFICE UserName:
10:16:39.470 Initialize success
10:20:56.036 AVAST engine defs: 12122500
10:21:03.509 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:21:03.509 Disk 0 Vendor: Hitachi_HTS723232L9SA60 FC4OC30F Size: 305245MB BusType: 3
10:21:03.524 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006b
10:21:03.524 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
10:21:03.571 Disk 0 MBR read successfully
10:21:03.571 Disk 0 MBR scan
10:21:03.618 Disk 0 Windows VISTA default MBR code
10:21:03.649 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 11301 MB offset 2048
10:21:03.665 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 293942 MB offset 23146496
10:21:03.790 Disk 0 scanning C:\Windows\system32\drivers
10:21:47.672 Service scanning
10:22:58.184 Modules scanning
10:22:58.200 Disk 0 trace - called modules:
10:22:58.309 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:22:58.309 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e706e0]
10:22:58.325 3 CLASSPNP.SYS[fffffa60011ccc33] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004c4b060]
10:23:00.446 AVAST engine scan C:\Windows
10:23:13.082 AVAST engine scan C:\Windows\system32
10:36:57.974 AVAST engine scan C:\Windows\system32\drivers
10:37:48.674 AVAST engine scan C:\Users\D. David Burroughs
11:11:49.585 Disk 0 MBR has been saved successfully to "C:\Users\D. David Burroughs\Documents\MBR.dat"
11:11:49.601 The log file has been saved successfully to "C:\Users\D. David Burroughs\Documents\aswMBR.txt"

[u]ESET

C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan unable to clean
C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan unable to clean
C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan unable to clean
C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan unable to clean
C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan unable to clean
C:\Program Files (x86)\1ClickDownload\1ClickSettingsManager.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
C:\Program Files (x86)\1ClickDownload\mainpackfa.exe Win32/Adware.1ClickDownload.E application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.12.2012_09.23.48\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.RG trojan cleaned by deleting - quarantined

Standing by for more action(s), haven't yet deleted the quarantined files in ESET, also some trojans in ESET were "unable to clean."

Thanks.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:49 PM

Posted 26 December 2012 - 10:06 AM

Please restart the PC and run TDSSkiller again and post the new log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#11 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 26 December 2012 - 11:07 AM

Good morning narenxp,

Here's the current TDSSkiller log...and am running the other scan/reports now will post asap.

Thanks

09:58:59.0854 3328 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:59:00.0587 3328 ============================================================
09:59:00.0587 3328 Current date / time: 2012/12/26 09:59:00.0587
09:59:00.0587 3328 SystemInfo:
09:59:00.0587 3328
09:59:00.0587 3328 OS Version: 6.0.6002 ServicePack: 2.0
09:59:00.0587 3328 Product type: Workstation
09:59:00.0587 3328 ComputerName: MOBILEOFFICE
09:59:00.0587 3328 UserName: D. David Burroughs
09:59:00.0587 3328 Windows directory: C:\Windows
09:59:00.0587 3328 System windows directory: C:\Windows
09:59:00.0587 3328 Running under WOW64
09:59:00.0587 3328 Processor architecture: Intel x64
09:59:00.0587 3328 Number of processors: 2
09:59:00.0587 3328 Page size: 0x1000
09:59:00.0587 3328 Boot type: Normal boot
09:59:00.0587 3328 ============================================================
09:59:02.0662 3328 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:59:02.0677 3328 ============================================================
09:59:02.0677 3328 \Device\Harddisk0\DR0:
09:59:02.0677 3328 MBR partitions:
09:59:02.0677 3328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1613000, BlocksNum 0x23E1B2B0
09:59:02.0677 3328 ============================================================
09:59:02.0724 3328 C: <-> \Device\Harddisk0\DR0\Partition1
09:59:02.0724 3328 ============================================================
09:59:02.0724 3328 Initialize success
09:59:02.0724 3328 ============================================================
09:59:55.0012 3644 ============================================================
09:59:55.0012 3644 Scan started
09:59:55.0012 3644 Mode: Manual; TDLFS;
09:59:55.0012 3644 ============================================================
09:59:56.0276 3644 ================ Scan system memory ========================
09:59:56.0276 3644 System memory - ok
09:59:56.0276 3644 ================ Scan services =============================
09:59:56.0588 3644 [ 78E902FB660BD5003FE726B9BEF300B6 ] 61883 C:\Windows\system32\DRIVERS\61883.sys
09:59:56.0588 3644 61883 - ok
09:59:56.0728 3644 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:59:56.0728 3644 ACDaemon - ok
09:59:56.0806 3644 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:59:56.0806 3644 ACPI - ok
09:59:56.0884 3644 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:59:56.0884 3644 AdobeARMservice - ok
09:59:56.0962 3644 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:59:56.0978 3644 adp94xx - ok
09:59:56.0994 3644 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:59:57.0009 3644 adpahci - ok
09:59:57.0040 3644 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:59:57.0040 3644 adpu160m - ok
09:59:57.0072 3644 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:59:57.0087 3644 adpu320 - ok
09:59:57.0118 3644 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:59:57.0118 3644 AeLookupSvc - ok
09:59:57.0212 3644 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
09:59:57.0228 3644 AFD - ok
09:59:57.0259 3644 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:59:57.0259 3644 agp440 - ok
09:59:57.0337 3644 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:59:57.0337 3644 aic78xx - ok
09:59:57.0352 3644 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
09:59:57.0368 3644 ALG - ok
09:59:57.0384 3644 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
09:59:57.0384 3644 aliide - ok
09:59:57.0462 3644 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:59:57.0477 3644 AMD External Events Utility - ok
09:59:57.0508 3644 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
09:59:57.0524 3644 amdide - ok
09:59:57.0540 3644 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:59:57.0540 3644 AmdK8 - ok
09:59:57.0914 3644 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:59:58.0086 3644 amdkmdag - ok
09:59:58.0148 3644 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:59:58.0148 3644 amdkmdap - ok
09:59:58.0288 3644 [ 22FECB5B3DE1EB8B1B2761338922F681 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:59:58.0304 3644 ApfiltrService - ok
09:59:58.0335 3644 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
09:59:58.0335 3644 Appinfo - ok
09:59:58.0413 3644 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:59:58.0413 3644 Apple Mobile Device - ok
09:59:58.0491 3644 [ E9638D3E3B85DE683A0A1B795B3FF6EF ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
09:59:58.0507 3644 Application Updater - ok
09:59:58.0538 3644 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
09:59:58.0600 3644 arc - ok
09:59:58.0632 3644 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:59:58.0632 3644 arcsas - ok
09:59:58.0678 3644 [ 1CE3822B05A5E229286A15EA39369870 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:59:58.0678 3644 ArcSoftKsUFilter - ok
09:59:58.0772 3644 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:59:58.0772 3644 aspnet_state - ok
09:59:58.0788 3644 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:59:58.0788 3644 AsyncMac - ok
09:59:58.0834 3644 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
09:59:58.0834 3644 atapi - ok
09:59:59.0178 3644 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:59:59.0349 3644 atikmdag - ok
09:59:59.0427 3644 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:59:59.0427 3644 AudioEndpointBuilder - ok
09:59:59.0443 3644 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:59:59.0458 3644 AudioSrv - ok
09:59:59.0490 3644 [ 295FA2878FF499C0EDFA0EBCC8C6EC66 ] Avc C:\Windows\system32\DRIVERS\avc.sys
09:59:59.0490 3644 Avc - ok
10:00:00.0004 3644 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20121130.005_8e0\BHDrvx64.sys
10:00:00.0051 3644 BHDrvx64 - ok
10:00:00.0145 3644 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
10:00:00.0176 3644 BITS - ok
10:00:00.0207 3644 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:00:00.0207 3644 blbdrive - ok
10:00:00.0301 3644 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:00:00.0316 3644 Bonjour Service - ok
10:00:00.0363 3644 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:00:00.0394 3644 bowser - ok
10:00:00.0457 3644 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:00:00.0457 3644 BrFiltLo - ok
10:00:00.0519 3644 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:00:00.0519 3644 BrFiltUp - ok
10:00:00.0628 3644 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
10:00:00.0628 3644 Browser - ok
10:00:00.0691 3644 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
10:00:00.0691 3644 Brserid - ok
10:00:00.0722 3644 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:00:00.0722 3644 BrSerWdm - ok
10:00:00.0753 3644 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:00:00.0753 3644 BrUsbMdm - ok
10:00:00.0769 3644 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:00:00.0784 3644 BrUsbSer - ok
10:00:00.0831 3644 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:00:00.0831 3644 BthEnum - ok
10:00:00.0862 3644 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:00:00.0862 3644 BTHMODEM - ok
10:00:00.0909 3644 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:00:00.0909 3644 BthPan - ok
10:00:01.0003 3644 [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:00:01.0018 3644 BTHPORT - ok
10:00:01.0065 3644 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
10:00:01.0081 3644 BthServ - ok
10:00:01.0143 3644 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:00:01.0143 3644 BTHUSB - ok
10:00:01.0221 3644 [ 4E26C89D8941AE0AD3F12DE9C3DDDB5A ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:00:01.0221 3644 btwaudio - ok
10:00:01.0237 3644 [ 6B15769244A37B1FF4CA4EBA8693C7F3 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
10:00:01.0252 3644 btwavdt - ok
10:00:01.0315 3644 [ F28DAB823FCDA98F50DD677552A4DC52 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:00:01.0330 3644 btwdins - ok
10:00:01.0362 3644 [ 0037CB116097E8E0EA77F3B13C50FF1E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:00:01.0362 3644 btwl2cap - ok
10:00:01.0377 3644 [ 651154EE76EA31EEE050F3B66E5D086B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:00:01.0377 3644 btwrchid - ok
10:00:01.0440 3644 [ 1ED6C254A85D6139258551AA9EEC2570 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
10:00:01.0455 3644 CAXHWAZL - ok
10:00:01.0549 3644 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys
10:00:01.0549 3644 ccSet_N360 - ok
10:00:01.0596 3644 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:00:01.0596 3644 cdfs - ok
10:00:01.0642 3644 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:00:01.0642 3644 cdrom - ok
10:00:01.0689 3644 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
10:00:01.0689 3644 CertPropSvc - ok
10:00:01.0720 3644 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
10:00:01.0720 3644 circlass - ok
10:00:01.0767 3644 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
10:00:01.0783 3644 CLFS - ok
10:00:01.0908 3644 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:00:01.0970 3644 clr_optimization_v2.0.50727_32 - ok
10:00:02.0032 3644 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:00:02.0032 3644 clr_optimization_v2.0.50727_64 - ok
10:00:02.0126 3644 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:00:02.0142 3644 clr_optimization_v4.0.30319_32 - ok
10:00:02.0157 3644 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:00:02.0157 3644 clr_optimization_v4.0.30319_64 - ok
10:00:02.0188 3644 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:00:02.0188 3644 CmBatt - ok
10:00:02.0204 3644 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:00:02.0220 3644 cmdide - ok
10:00:02.0235 3644 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:00:02.0235 3644 Compbatt - ok
10:00:02.0251 3644 COMSysApp - ok
10:00:02.0266 3644 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:00:02.0266 3644 crcdisk - ok
10:00:02.0329 3644 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:00:02.0329 3644 CryptSvc - ok
10:00:02.0407 3644 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:00:02.0422 3644 DcomLaunch - ok
10:00:02.0469 3644 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:00:02.0469 3644 DfsC - ok
10:00:02.0594 3644 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
10:00:02.0672 3644 DFSR - ok
10:00:02.0734 3644 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:00:02.0734 3644 Dhcp - ok
10:00:02.0797 3644 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
10:00:02.0797 3644 disk - ok
10:00:02.0812 3644 DMICall - ok
10:00:02.0875 3644 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:00:02.0875 3644 Dnscache - ok
10:00:02.0937 3644 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
10:00:02.0937 3644 dot3svc - ok
10:00:02.0984 3644 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:00:02.0984 3644 Dot4 - ok
10:00:03.0031 3644 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:00:03.0031 3644 Dot4Print - ok
10:00:03.0078 3644 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:00:03.0078 3644 dot4usb - ok
10:00:03.0124 3644 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
10:00:03.0124 3644 DPS - ok
10:00:03.0171 3644 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:00:03.0171 3644 drmkaud - ok
10:00:03.0265 3644 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:00:03.0280 3644 DXGKrnl - ok
10:00:03.0343 3644 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
10:00:03.0343 3644 E1G60 - ok
10:00:03.0390 3644 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
10:00:03.0390 3644 EapHost - ok
10:00:03.0436 3644 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
10:00:03.0452 3644 Ecache - ok
10:00:03.0577 3644 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:00:03.0608 3644 eeCtrl - ok
10:00:03.0670 3644 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:00:03.0686 3644 ehRecvr - ok
10:00:03.0702 3644 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
10:00:03.0702 3644 ehSched - ok
10:00:03.0717 3644 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
10:00:03.0717 3644 ehstart - ok
10:00:03.0764 3644 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:00:03.0780 3644 elxstor - ok
10:00:03.0826 3644 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:00:03.0826 3644 EMDMgmt - ok
10:00:03.0842 3644 EraserUtilDrv11220 - ok
10:00:03.0889 3644 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:00:03.0904 3644 EraserUtilRebootDrv - ok
10:00:03.0936 3644 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:00:03.0936 3644 ErrDev - ok
10:00:04.0014 3644 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
10:00:04.0014 3644 EventSystem - ok
10:00:04.0092 3644 [ 2898EEC4FF1C8204222D266F48A35B7D ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:00:04.0138 3644 EvtEng - ok
10:00:04.0201 3644 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
10:00:04.0201 3644 exfat - ok
10:00:04.0372 3644 [ F54E9ADA8A6C8CAFE8F27791CBD52C4E ] ExpressAccountsService C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe
10:00:04.0404 3644 ExpressAccountsService - ok
10:00:04.0450 3644 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:00:04.0466 3644 fastfat - ok
10:00:04.0482 3644 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:00:04.0497 3644 fdc - ok
10:00:04.0528 3644 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
10:00:04.0528 3644 fdPHost - ok
10:00:04.0544 3644 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
10:00:04.0544 3644 FDResPub - ok
10:00:04.0560 3644 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:00:04.0560 3644 FileInfo - ok
10:00:04.0591 3644 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:00:04.0591 3644 Filetrace - ok
10:00:04.0606 3644 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:00:04.0606 3644 flpydisk - ok
10:00:04.0653 3644 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:00:04.0653 3644 FltMgr - ok
10:00:04.0731 3644 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
10:00:04.0762 3644 FontCache - ok
10:00:04.0856 3644 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:00:04.0856 3644 FontCache3.0.0.0 - ok
10:00:04.0965 3644 [ E163CF5D8F95C1D766603085E1D01C38 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
10:00:04.0965 3644 FreeAgentGoNext Service - ok
10:00:05.0012 3644 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:00:05.0012 3644 Fs_Rec - ok
10:00:05.0043 3644 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:00:05.0059 3644 gagp30kx - ok
10:00:05.0106 3644 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:00:05.0106 3644 GEARAspiWDM - ok
10:00:05.0184 3644 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
10:00:05.0199 3644 gpsvc - ok
10:00:05.0262 3644 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:00:05.0262 3644 HdAudAddService - ok
10:00:05.0371 3644 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:00:05.0371 3644 HDAudBus - ok
10:00:05.0402 3644 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:00:05.0402 3644 HidBth - ok
10:00:05.0433 3644 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:00:05.0433 3644 HidIr - ok
10:00:05.0464 3644 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
10:00:05.0464 3644 hidserv - ok
10:00:05.0496 3644 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:00:05.0496 3644 HidUsb - ok
10:00:05.0527 3644 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
10:00:05.0527 3644 hkmsvc - ok
10:00:05.0558 3644 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:00:05.0558 3644 HpCISSs - ok
10:00:05.0620 3644 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:00:05.0620 3644 HSFHWAZL - ok
10:00:05.0776 3644 [ 60F1D0EDE7AE2B92B3A8886E825B7147 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
10:00:05.0808 3644 HSF_DPV - ok
10:00:05.0870 3644 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:00:05.0870 3644 HTTP - ok
10:00:05.0901 3644 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:00:05.0901 3644 i2omp - ok
10:00:05.0932 3644 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:00:05.0932 3644 i8042prt - ok
10:00:05.0995 3644 [ 8D58627FEF3F8767665D9F4DC91CBD97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:00:05.0995 3644 iaStor - ok
10:00:06.0026 3644 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:00:06.0026 3644 iaStorV - ok
10:00:06.0104 3644 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:00:06.0135 3644 idsvc - ok
10:00:06.0276 3644 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20121225.001\IDSvia64.sys
10:00:06.0291 3644 IDSVia64 - ok
10:00:06.0307 3644 igfx - ok
10:00:06.0354 3644 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:00:06.0354 3644 iirsp - ok
10:00:06.0400 3644 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
10:00:06.0416 3644 IKEEXT - ok
10:00:06.0603 3644 [ CCDD9D55E9BD0806DAD6BAB4EE8DA1D0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:00:06.0712 3644 IntcAzAudAddService - ok
10:00:06.0712 3644 IntcHdmiAddService - ok
10:00:06.0775 3644 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
10:00:06.0775 3644 intelide - ok
10:00:06.0790 3644 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:00:06.0790 3644 intelppm - ok
10:00:06.0822 3644 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:00:06.0822 3644 IPBusEnum - ok
10:00:06.0868 3644 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:00:06.0884 3644 IpFilterDriver - ok
10:00:06.0884 3644 IpInIp - ok
10:00:06.0915 3644 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:00:06.0915 3644 IPMIDRV - ok
10:00:06.0946 3644 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:00:06.0946 3644 IPNAT - ok
10:00:06.0962 3644 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:00:06.0962 3644 IRENUM - ok
10:00:06.0978 3644 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:00:06.0978 3644 isapnp - ok
10:00:07.0024 3644 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:00:07.0024 3644 iScsiPrt - ok
10:00:07.0056 3644 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:00:07.0056 3644 iteatapi - ok
10:00:07.0087 3644 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:00:07.0087 3644 iteraid - ok
10:00:07.0134 3644 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:00:07.0134 3644 IviRegMgr - ok
10:00:07.0180 3644 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:00:07.0180 3644 kbdclass - ok
10:00:07.0212 3644 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:00:07.0212 3644 kbdhid - ok
10:00:07.0258 3644 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
10:00:07.0258 3644 KeyIso - ok
10:00:07.0321 3644 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:00:07.0321 3644 KSecDD - ok
10:00:07.0368 3644 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:00:07.0368 3644 ksthunk - ok
10:00:07.0399 3644 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
10:00:07.0414 3644 KtmRm - ok
10:00:07.0461 3644 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:00:07.0461 3644 LanmanServer - ok
10:00:07.0508 3644 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:00:07.0524 3644 LanmanWorkstation - ok
10:00:07.0539 3644 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:00:07.0539 3644 lltdio - ok
10:00:07.0586 3644 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:00:07.0586 3644 lltdsvc - ok
10:00:07.0617 3644 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:00:07.0617 3644 lmhosts - ok
10:00:07.0648 3644 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:00:07.0664 3644 LSI_FC - ok
10:00:07.0680 3644 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:00:07.0680 3644 LSI_SAS - ok
10:00:07.0695 3644 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:00:07.0711 3644 LSI_SCSI - ok
10:00:07.0726 3644 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
10:00:07.0726 3644 luafv - ok
10:00:07.0773 3644 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:00:07.0773 3644 Mcx2Svc - ok
10:00:07.0804 3644 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:00:07.0804 3644 mdmxsdk - ok
10:00:07.0836 3644 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
10:00:07.0851 3644 megasas - ok
10:00:07.0882 3644 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:00:07.0882 3644 MegaSR - ok
10:00:07.0914 3644 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
10:00:07.0914 3644 MMCSS - ok
10:00:07.0929 3644 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
10:00:07.0929 3644 Modem - ok
10:00:07.0960 3644 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:00:07.0960 3644 monitor - ok
10:00:07.0960 3644 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:00:07.0976 3644 mouclass - ok
10:00:07.0992 3644 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:00:07.0992 3644 mouhid - ok
10:00:08.0023 3644 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:00:08.0023 3644 MountMgr - ok
10:00:08.0038 3644 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
10:00:08.0054 3644 mpio - ok
10:00:08.0085 3644 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:00:08.0085 3644 mpsdrv - ok
10:00:08.0116 3644 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:00:08.0116 3644 Mraid35x - ok
10:00:08.0163 3644 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:00:08.0163 3644 MRxDAV - ok
10:00:08.0226 3644 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:00:08.0226 3644 mrxsmb - ok
10:00:08.0272 3644 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:00:08.0288 3644 mrxsmb10 - ok
10:00:08.0319 3644 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:00:08.0319 3644 mrxsmb20 - ok
10:00:08.0366 3644 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
10:00:08.0366 3644 msahci - ok
10:00:08.0413 3644 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:00:08.0428 3644 msdsm - ok
10:00:08.0444 3644 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
10:00:08.0460 3644 MSDTC - ok
10:00:08.0522 3644 [ DF674BA7DA5A4753D839A905B66D2FD9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
10:00:08.0522 3644 MSDV - ok
10:00:08.0553 3644 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:00:08.0553 3644 Msfs - ok
10:00:08.0584 3644 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:00:08.0584 3644 msisadrv - ok
10:00:08.0631 3644 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:00:08.0631 3644 MSiSCSI - ok
10:00:08.0647 3644 msiserver - ok
10:00:08.0678 3644 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:00:08.0678 3644 MSKSSRV - ok
10:00:08.0694 3644 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:00:08.0694 3644 MSPCLOCK - ok
10:00:08.0725 3644 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:00:08.0725 3644 MSPQM - ok
10:00:08.0772 3644 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:00:08.0772 3644 MsRPC - ok
10:00:08.0803 3644 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:00:08.0803 3644 mssmbios - ok
10:00:08.0850 3644 MSSQL$TRACKMAN - ok
10:00:08.0928 3644 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:00:08.0928 3644 MSSQLServerADHelper100 - ok
10:00:08.0959 3644 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:00:08.0959 3644 MSTEE - ok
10:00:08.0990 3644 [ 4883C5F0C6F8222A928DD35C3D287225 ] MtUsb C:\Windows\system32\Drivers\MtUsb.sys
10:00:08.0990 3644 MtUsb - ok
10:00:09.0021 3644 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
10:00:09.0021 3644 Mup - ok
10:00:09.0084 3644 [ 08835780CC6A5CFF5275101B5A9D17A4 ] MxEFUF C:\Windows\system32\DRIVERS\MxEFUF64.sys
10:00:09.0084 3644 MxEFUF - ok
10:00:09.0286 3644 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
10:00:09.0286 3644 N360 - ok
10:00:09.0380 3644 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
10:00:09.0396 3644 napagent - ok
10:00:09.0442 3644 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:00:09.0442 3644 NativeWifiP - ok
10:00:09.0536 3644 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121225.022\ENG64.SYS
10:00:09.0536 3644 NAVENG - ok
10:00:09.0645 3644 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121225.022\EX64.SYS
10:00:09.0708 3644 NAVEX15 - ok
10:00:09.0770 3644 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:00:09.0786 3644 NDIS - ok
10:00:09.0801 3644 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:00:09.0801 3644 NdisTapi - ok
10:00:09.0817 3644 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:00:09.0817 3644 Ndisuio - ok
10:00:09.0879 3644 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:00:09.0879 3644 NdisWan - ok
10:00:09.0895 3644 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:00:09.0895 3644 NDProxy - ok
10:00:09.0926 3644 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:00:09.0926 3644 NetBIOS - ok
10:00:09.0973 3644 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:00:09.0973 3644 netbt - ok
10:00:10.0020 3644 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
10:00:10.0020 3644 Netlogon - ok
10:00:10.0066 3644 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
10:00:10.0082 3644 Netman - ok
10:00:10.0129 3644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:00:10.0129 3644 NetMsmqActivator - ok
10:00:10.0144 3644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:00:10.0144 3644 NetPipeActivator - ok
10:00:10.0191 3644 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
10:00:10.0191 3644 netprofm - ok
10:00:10.0207 3644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:00:10.0207 3644 NetTcpActivator - ok
10:00:10.0222 3644 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:00:10.0222 3644 NetTcpPortSharing - ok
10:00:10.0378 3644 [ BFBD278F8C9BCEC693345759AC278E14 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
10:00:10.0456 3644 NETw5v64 - ok
10:00:10.0753 3644 [ 6B138B65B531C3A2380BECABEF0B6157 ] NETwNv64 C:\Windows\system32\DRIVERS\NETwNv64.sys
10:00:10.0987 3644 NETwNv64 - ok
10:00:11.0018 3644 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:00:11.0034 3644 nfrd960 - ok
10:00:11.0065 3644 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
10:00:11.0065 3644 NlaSvc - ok
10:00:11.0112 3644 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:00:11.0112 3644 Npfs - ok
10:00:11.0143 3644 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
10:00:11.0158 3644 nsi - ok
10:00:11.0190 3644 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:00:11.0190 3644 nsiproxy - ok
10:00:11.0268 3644 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:00:11.0299 3644 Ntfs - ok
10:00:11.0314 3644 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
10:00:11.0314 3644 Null - ok
10:00:11.0346 3644 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:00:11.0361 3644 nvraid - ok
10:00:11.0377 3644 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:00:11.0377 3644 nvstor - ok
10:00:11.0424 3644 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:00:11.0424 3644 nv_agp - ok
10:00:11.0439 3644 NwlnkFlt - ok
10:00:11.0455 3644 NwlnkFwd - ok
10:00:11.0533 3644 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:00:11.0548 3644 odserv - ok
10:00:11.0580 3644 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:00:11.0580 3644 ohci1394 - ok
10:00:11.0626 3644 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:00:11.0626 3644 ose - ok
10:00:11.0689 3644 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:00:11.0720 3644 p2pimsvc - ok
10:00:11.0751 3644 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
10:00:11.0767 3644 p2psvc - ok
10:00:11.0814 3644 [ B8040C5C1FC1FBBBE5C78CB9EDA343EC ] PACSPTISVR C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
10:00:11.0814 3644 PACSPTISVR - ok
10:00:11.0860 3644 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
10:00:11.0860 3644 Parport - ok
10:00:11.0892 3644 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:00:11.0907 3644 partmgr - ok
10:00:11.0938 3644 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
10:00:11.0938 3644 PcaSvc - ok
10:00:11.0985 3644 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
10:00:11.0985 3644 pci - ok
10:00:12.0001 3644 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
10:00:12.0001 3644 pciide - ok
10:00:12.0032 3644 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:00:12.0032 3644 pcmcia - ok
10:00:12.0079 3644 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:00:12.0079 3644 PEAUTH - ok
10:00:12.0188 3644 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:00:12.0188 3644 PerfHost - ok
10:00:12.0266 3644 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
10:00:12.0297 3644 pla - ok
10:00:12.0344 3644 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:00:12.0344 3644 PlugPlay - ok
10:00:12.0406 3644 [ BDEA03A01DD58FF120C9D757A28DAA8B ] pmkbdfltr C:\Windows\system32\DRIVERS\pmkbdfltr.sys
10:00:12.0406 3644 pmkbdfltr - ok
10:00:12.0453 3644 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:00:12.0469 3644 PNRPAutoReg - ok
10:00:12.0500 3644 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:00:12.0516 3644 PNRPsvc - ok
10:00:12.0562 3644 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:00:12.0578 3644 PolicyAgent - ok
10:00:12.0640 3644 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:00:12.0640 3644 PptpMiniport - ok
10:00:12.0672 3644 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
10:00:12.0687 3644 Processor - ok
10:00:12.0718 3644 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
10:00:12.0718 3644 ProfSvc - ok
10:00:12.0750 3644 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:00:12.0765 3644 ProtectedStorage - ok
10:00:12.0812 3644 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:00:12.0828 3644 PSched - ok
10:00:12.0843 3644 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
10:00:12.0843 3644 PxHlpa64 - ok
10:00:12.0921 3644 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:00:12.0937 3644 ql2300 - ok
10:00:12.0968 3644 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:00:12.0968 3644 ql40xx - ok
10:00:12.0999 3644 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
10:00:13.0015 3644 QWAVE - ok
10:00:13.0030 3644 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:00:13.0030 3644 QWAVEdrv - ok
10:00:13.0046 3644 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:00:13.0062 3644 RasAcd - ok
10:00:13.0077 3644 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
10:00:13.0077 3644 RasAuto - ok
10:00:13.0124 3644 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:00:13.0124 3644 Rasl2tp - ok
10:00:13.0155 3644 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
10:00:13.0186 3644 RasMan - ok
10:00:13.0233 3644 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:00:13.0233 3644 RasPppoe - ok
10:00:13.0280 3644 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:00:13.0280 3644 RasSstp - ok
10:00:13.0342 3644 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:00:13.0342 3644 rdbss - ok
10:00:13.0389 3644 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:00:13.0389 3644 RDPCDD - ok
10:00:13.0436 3644 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:00:13.0452 3644 rdpdr - ok
10:00:13.0467 3644 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:00:13.0467 3644 RDPENCDD - ok
10:00:13.0530 3644 [ 5C141FC457F1AC833664789235ACA673 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:00:13.0530 3644 RDPWD - ok
10:00:13.0576 3644 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
10:00:13.0576 3644 regi - ok
10:00:13.0654 3644 [ 9600567E331F5AE87D31B0A60763E48C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:00:13.0670 3644 RegSrvc - ok
10:00:13.0701 3644 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:00:13.0701 3644 RemoteAccess - ok
10:00:13.0748 3644 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:00:13.0764 3644 RemoteRegistry - ok
10:00:13.0810 3644 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:00:13.0810 3644 RFCOMM - ok
10:00:13.0857 3644 [ EAC02ED935A9C1F2DDD8D985C465B854 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
10:00:13.0857 3644 rimsptsk - ok
10:00:13.0888 3644 [ 71E182A0DE1CECB3F912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
10:00:13.0888 3644 risdptsk - ok
10:00:13.0920 3644 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
10:00:13.0920 3644 RpcLocator - ok
10:00:13.0998 3644 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
10:00:13.0998 3644 RpcSs - ok
10:00:14.0060 3644 [ EB1C539E621A35A49F7692B0EB565AB9 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
10:00:14.0060 3644 RsFx0150 - ok
10:00:14.0091 3644 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:00:14.0107 3644 rspndr - ok
10:00:14.0154 3644 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
10:00:14.0154 3644 RTHDMIAzAudService - ok
10:00:14.0232 3644 [ 3BDBB0CBFB27FEF51B7574676D1C9F6A ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
10:00:14.0232 3644 RtkAudioService - ok
10:00:14.0294 3644 [ 9A5FB8DE6567BC86FCCDE2F0336857A3 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
10:00:14.0310 3644 SampleCollector - ok
10:00:14.0341 3644 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
10:00:14.0341 3644 SamSs - ok
10:00:14.0372 3644 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:00:14.0388 3644 sbp2port - ok
10:00:14.0434 3644 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:00:14.0434 3644 SCardSvr - ok
10:00:14.0497 3644 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
10:00:14.0512 3644 Schedule - ok
10:00:14.0559 3644 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:00:14.0559 3644 SCPolicySvc - ok
10:00:14.0590 3644 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:00:14.0590 3644 sdbus - ok
10:00:14.0637 3644 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:00:14.0637 3644 SDRSVC - ok
10:00:14.0653 3644 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:00:14.0653 3644 secdrv - ok
10:00:14.0668 3644 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
10:00:14.0684 3644 seclogon - ok
10:00:14.0700 3644 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
10:00:14.0700 3644 SENS - ok
10:00:14.0731 3644 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:00:14.0731 3644 Serenum - ok
10:00:14.0746 3644 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
10:00:14.0746 3644 Serial - ok
10:00:14.0778 3644 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:00:14.0778 3644 sermouse - ok
10:00:14.0824 3644 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
10:00:14.0824 3644 SessionEnv - ok
10:00:14.0871 3644 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
10:00:14.0871 3644 SFEP - ok
10:00:14.0887 3644 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:00:14.0902 3644 sffdisk - ok
10:00:14.0918 3644 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:00:14.0934 3644 sffp_mmc - ok
10:00:14.0965 3644 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:00:14.0965 3644 sffp_sd - ok
10:00:14.0980 3644 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:00:14.0980 3644 sfloppy - ok
10:00:15.0043 3644 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:00:15.0043 3644 ShellHWDetection - ok
10:00:15.0074 3644 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:00:15.0090 3644 SiSRaid2 - ok
10:00:15.0105 3644 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:00:15.0105 3644 SiSRaid4 - ok
10:00:15.0230 3644 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
10:00:15.0292 3644 slsvc - ok
10:00:15.0339 3644 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:00:15.0339 3644 SLUINotify - ok
10:00:15.0386 3644 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:00:15.0386 3644 Smb - ok
10:00:15.0433 3644 [ E11C9E13E92DA6747363924CFFCBD7EF ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
10:00:15.0433 3644 SmbDrvI - ok
10:00:15.0480 3644 [ 27F71F20E87FBF177C82AE924F9317F7 ] SMR250 C:\Windows\system32\drivers\SMR250.SYS
10:00:15.0480 3644 SMR250 - ok
10:00:15.0542 3644 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:00:15.0542 3644 SNMPTRAP - ok
10:00:15.0573 3644 [ 7B24EFA2A60BA7388FECDA63AB24560A ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:00:15.0589 3644 SOHCImp - ok
10:00:15.0589 3644 [ 140FCF5FFAE4EFBA9740A9FD8B49E0BF ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
10:00:15.0604 3644 SOHDBSvr - ok
10:00:15.0620 3644 [ D8C244121A06B581B097D9617D94CFF1 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:00:15.0636 3644 SOHDms - ok
10:00:15.0651 3644 [ 2DB561887EA122B946BBE2821473EDD8 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:00:15.0651 3644 SOHDs - ok
10:00:15.0667 3644 [ AB9EE246A1EB2C3C7C6CB16E0B9462F7 ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
10:00:15.0667 3644 SOHPlMgr - ok
10:00:15.0714 3644 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
10:00:15.0714 3644 spldr - ok
10:00:15.0760 3644 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
10:00:15.0776 3644 Spooler - ok
10:00:15.0854 3644 [ BEA7FEA5BB31EB58D78971F821AE6844 ] SQLAgent$TRACKMAN C:\Program Files\Microsoft SQL Server\MSSQL10_50.TRACKMAN\MSSQL\Binn\SQLAGENT.EXE
10:00:15.0854 3644 SQLAgent$TRACKMAN - ok
10:00:15.0948 3644 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:00:15.0963 3644 SQLBrowser - ok
10:00:15.0994 3644 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:00:15.0994 3644 SQLWriter - ok
10:00:16.0119 3644 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0604000.009\SRTSP64.SYS
10:00:16.0135 3644 SRTSP - ok
10:00:16.0166 3644 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0604000.009\SRTSPX64.SYS
10:00:16.0182 3644 SRTSPX - ok
10:00:16.0244 3644 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
10:00:16.0260 3644 srv - ok
10:00:16.0322 3644 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:00:16.0322 3644 srv2 - ok
10:00:16.0369 3644 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:00:16.0369 3644 srvnet - ok
10:00:16.0431 3644 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:00:16.0431 3644 SSDPSRV - ok
10:00:16.0462 3644 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:00:16.0478 3644 SstpSvc - ok
10:00:16.0540 3644 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
10:00:16.0556 3644 stisvc - ok
10:00:16.0587 3644 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:00:16.0587 3644 swenum - ok
10:00:16.0634 3644 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
10:00:16.0650 3644 swprv - ok
10:00:16.0665 3644 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:00:16.0665 3644 Symc8xx - ok
10:00:16.0759 3644 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS
10:00:16.0774 3644 SymDS - ok
10:00:16.0852 3644 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS
10:00:16.0884 3644 SymEFA - ok
10:00:16.0946 3644 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:00:16.0946 3644 SymEvent - ok
10:00:17.0008 3644 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS
10:00:17.0008 3644 SymIRON - ok
10:00:17.0071 3644 [ A25FEE245C78804601D83431386A0BEE ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0604000.009\SYMTDIV.SYS
10:00:17.0086 3644 SYMTDIv - ok
10:00:17.0149 3644 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:00:17.0164 3644 Sym_hi - ok
10:00:17.0180 3644 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:00:17.0180 3644 Sym_u3 - ok
10:00:17.0242 3644 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
10:00:17.0258 3644 SysMain - ok
10:00:17.0305 3644 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:00:17.0320 3644 TabletInputService - ok
10:00:17.0367 3644 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:00:17.0383 3644 TapiSrv - ok
10:00:17.0398 3644 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
10:00:17.0398 3644 TBS - ok
10:00:17.0476 3644 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:00:17.0492 3644 Tcpip - ok
10:00:17.0539 3644 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:00:17.0554 3644 Tcpip6 - ok
10:00:17.0601 3644 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:00:17.0617 3644 tcpipreg - ok
10:00:17.0632 3644 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:00:17.0648 3644 TDPIPE - ok
10:00:17.0664 3644 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:00:17.0664 3644 TDTCP - ok
10:00:17.0726 3644 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:00:17.0726 3644 tdx - ok
10:00:17.0757 3644 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:00:17.0757 3644 TermDD - ok
10:00:17.0820 3644 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
10:00:17.0835 3644 TermService - ok
10:00:17.0898 3644 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
10:00:17.0898 3644 Themes - ok
10:00:17.0944 3644 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
10:00:17.0944 3644 THREADORDER - ok
10:00:18.0007 3644 [ 4883C5F0C6F8222A928DD35C3D287225 ] TrackMan C:\Windows\system32\Drivers\TrackMan.sys
10:00:18.0022 3644 TrackMan - ok
10:00:18.0069 3644 [ 6A9849E43D4ED761BA55F5947F69A532 ] TrackManVideoManagement C:\Program Files (x86)\Common Files\TrackMan\VideoManagementService\VMSService.exe
10:00:18.0069 3644 TrackManVideoManagement - ok
10:00:18.0100 3644 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
10:00:18.0100 3644 TrkWks - ok
10:00:18.0163 3644 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:00:18.0163 3644 TrustedInstaller - ok
10:00:18.0225 3644 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:00:18.0225 3644 tssecsrv - ok
10:00:18.0256 3644 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:00:18.0256 3644 tunmp - ok
10:00:18.0303 3644 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:00:18.0303 3644 tunnel - ok
10:00:18.0319 3644 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:00:18.0334 3644 uagp35 - ok
10:00:18.0397 3644 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:00:18.0397 3644 uCamMonitor - ok
10:00:18.0459 3644 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:00:18.0459 3644 udfs - ok
10:00:18.0522 3644 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:00:18.0522 3644 UI0Detect - ok
10:00:18.0553 3644 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:00:18.0553 3644 uliagpkx - ok
10:00:18.0600 3644 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:00:18.0615 3644 uliahci - ok
10:00:18.0646 3644 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:00:18.0662 3644 UlSata - ok
10:00:18.0662 3644 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:00:18.0678 3644 ulsata2 - ok
10:00:18.0709 3644 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:00:18.0709 3644 umbus - ok
10:00:18.0740 3644 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
10:00:18.0740 3644 upnphost - ok
10:00:18.0802 3644 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:00:18.0802 3644 USBAAPL64 - ok
10:00:18.0865 3644 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:00:18.0865 3644 usbccgp - ok
10:00:18.0896 3644 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:00:18.0896 3644 usbcir - ok
10:00:18.0927 3644 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:00:18.0927 3644 usbehci - ok
10:00:18.0974 3644 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:00:18.0990 3644 usbhub - ok
10:00:19.0021 3644 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:00:19.0021 3644 usbohci - ok
10:00:19.0068 3644 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:00:19.0068 3644 usbprint - ok
10:00:19.0114 3644 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:00:19.0114 3644 usbscan - ok
10:00:19.0146 3644 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:00:19.0161 3644 USBSTOR - ok
10:00:19.0192 3644 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:00:19.0192 3644 usbuhci - ok
10:00:19.0224 3644 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:00:19.0224 3644 usbvideo - ok
10:00:19.0270 3644 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
10:00:19.0286 3644 UxSms - ok
10:00:19.0395 3644 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
10:00:19.0395 3644 VAIO Entertainment TV Device Arbitration Service - ok
10:00:19.0489 3644 [ 73328C784ECFE7072BD102F370076B50 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
10:00:19.0504 3644 VAIO Event Service - ok
10:00:19.0551 3644 [ B63F63960E7254D9D9ED28474B40EB31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:00:19.0567 3644 VAIO Power Management - ok
10:00:19.0723 3644 [ 0ED1D51DCEC67F96CC313D02A1741CF3 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:00:19.0848 3644 VCFw - ok
10:00:19.0910 3644 [ 7295A2B5795E7B8AA128E5DF5A29B656 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:00:19.0910 3644 VcmIAlzMgr - ok
10:00:20.0004 3644 [ 76DF898710495C5B1476719410D8B895 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:00:20.0004 3644 VcmXmlIfHelper - ok
10:00:20.0019 3644 Vcsw - ok
10:00:20.0066 3644 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
10:00:20.0082 3644 vds - ok
10:00:20.0113 3644 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:00:20.0113 3644 vga - ok
10:00:20.0144 3644 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:00:20.0160 3644 VgaSave - ok
10:00:20.0175 3644 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
10:00:20.0175 3644 viaide - ok
10:00:20.0222 3644 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:00:20.0222 3644 volmgr - ok
10:00:20.0269 3644 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:00:20.0284 3644 volmgrx - ok
10:00:20.0331 3644 [ 582F710097B46140F5A89A19A6573D4B ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:00:20.0347 3644 volsnap - ok
10:00:20.0394 3644 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:00:20.0394 3644 vsmraid - ok
10:00:20.0456 3644 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
10:00:20.0503 3644 VSS - ok
10:00:20.0565 3644 [ 79EB419F4A694B4514249E0D3DB16ECF ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
10:00:20.0581 3644 VzCdbSvc - ok
10:00:20.0628 3644 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
10:00:20.0643 3644 W32Time - ok
10:00:20.0674 3644 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:00:20.0674 3644 WacomPen - ok
10:00:20.0721 3644 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:00:20.0721 3644 Wanarp - ok
10:00:20.0721 3644 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:00:20.0737 3644 Wanarpv6 - ok
10:00:20.0768 3644 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:00:20.0784 3644 wcncsvc - ok
10:00:20.0830 3644 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:00:20.0830 3644 WcsPlugInService - ok
10:00:20.0846 3644 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
10:00:20.0862 3644 Wd - ok
10:00:20.0940 3644 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:00:20.0940 3644 Wdf01000 - ok
10:00:20.0971 3644 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:00:20.0971 3644 WdiServiceHost - ok
10:00:20.0986 3644 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:00:20.0986 3644 WdiSystemHost - ok
10:00:21.0018 3644 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
10:00:21.0018 3644 WebClient - ok
10:00:21.0064 3644 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:00:21.0080 3644 Wecsvc - ok
10:00:21.0096 3644 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:00:21.0111 3644 wercplsupport - ok
10:00:21.0127 3644 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
10:00:21.0127 3644 WerSvc - ok
10:00:21.0174 3644 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:00:21.0189 3644 WimFltr - ok
10:00:21.0252 3644 [ A53CDE6BEEA165FE9B430476EEDE3C54 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
10:00:21.0283 3644 winachsf - ok
10:00:21.0314 3644 WinHttpAutoProxySvc - ok
10:00:21.0423 3644 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:00:21.0439 3644 Winmgmt - ok
10:00:21.0564 3644 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
10:00:21.0626 3644 WinRM - ok
10:00:21.0688 3644 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] winusb C:\Windows\system32\DRIVERS\WinUSB.SYS
10:00:21.0688 3644 winusb - ok
10:00:21.0751 3644 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:00:21.0782 3644 Wlansvc - ok
10:00:21.0813 3644 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:00:21.0813 3644 WmiAcpi - ok
10:00:21.0860 3644 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:00:21.0860 3644 wmiApSrv - ok
10:00:21.0907 3644 WMPNetworkSvc - ok
10:00:21.0954 3644 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:00:21.0954 3644 WPCSvc - ok
10:00:22.0000 3644 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:00:22.0016 3644 WPDBusEnum - ok
10:00:22.0047 3644 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:00:22.0047 3644 WpdUsb - ok
10:00:22.0219 3644 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:00:22.0250 3644 WPFFontCache_v0400 - ok
10:00:22.0266 3644 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:00:22.0266 3644 ws2ifsl - ok
10:00:22.0281 3644 WSearch - ok
10:00:22.0437 3644 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:00:22.0484 3644 wuauserv - ok
10:00:22.0531 3644 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:00:22.0531 3644 WudfPf - ok
10:00:22.0593 3644 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:00:22.0609 3644 wudfsvc - ok
10:00:22.0671 3644 [ F22E443518BC599D12888DAF292A56D8 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
10:00:22.0671 3644 XAudio - ok
10:00:22.0718 3644 [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
10:00:22.0718 3644 XAudioService - ok
10:00:22.0765 3644 [ 56F8D7F9FCFB7BE829DA229DC9DFDFC1 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
10:00:22.0765 3644 yukonx64 - ok
10:00:22.0812 3644 ================ Scan global ===============================
10:00:22.0858 3644 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
10:00:22.0921 3644 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
10:00:22.0952 3644 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
10:00:23.0014 3644 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
10:00:23.0014 3644 [Global] - ok
10:00:23.0014 3644 ================ Scan MBR ==================================
10:00:23.0046 3644 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:00:23.0935 3644 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:00:23.0935 3644 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:00:23.0935 3644 ================ Scan VBR ==================================
10:00:23.0935 3644 [ 876C6A67BCC48BAA9B79CC325E52CF1D ] \Device\Harddisk0\DR0\Partition1
10:00:23.0950 3644 \Device\Harddisk0\DR0\Partition1 - ok
10:00:23.0950 3644 ============================================================
10:00:23.0950 3644 Scan finished
10:00:23.0950 3644 ============================================================
10:00:23.0966 5452 Detected object count: 1
10:00:23.0966 5452 Actual detected object count: 1
10:01:49.0813 5452 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:01:49.0813 5452 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#12 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 26 December 2012 - 03:44 PM

Ok, narenxp here's the just completed MBAM scan:

MBAM
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.26.10

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
D. David Burroughs :: MOBILEOFFICE [administrator]

12/26/2012 10:12:28 AM
mbam-log-2012-12-26 (10-12-28).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 688733
Time elapsed: 3 hour(s), 55 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

More coming.

Thanks,

#13 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 26 December 2012 - 05:49 PM

Okay narenxp here's the rest of the scans and logs,

mini toolbox
MiniToolBox by Farbar Version: 25-11-2012
Ran by D. David Burroughs (administrator) on 26-12-2012 at 14:54:57
Running from "C:\Users\D. David Burroughs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1029ISB6"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MobileOffice
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FB-5A-84-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-BA-B8-1E-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d5df:10cd:fc5c:6a2b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, December 26, 2012 9:44:51 AM
Lease Expires . . . . . . . . . . : Wednesday, January 02, 2013 9:44:48 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 251665850
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-BF-06-E8-00-1D-BA-B8-1E-A5
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{4C76C449-2FDD-4C0E-A2A6-0E75D072568E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{EC02B360-351E-414A-93D1-98284FFC794E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A32E56F2-9E16-40B4-88B4-4470C0E225D8}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4000:800::1006
74.125.227.100
74.125.227.104
74.125.227.110
74.125.227.105
74.125.227.99
74.125.227.103
74.125.227.101
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.102



Pinging google.com [74.125.227.102] with 32 bytes of data:

Reply from 74.125.227.102: bytes=32 time=144ms TTL=52

Reply from 74.125.227.102: bytes=32 time=75ms TTL=52



Ping statistics for 74.125.227.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 75ms, Maximum = 144ms, Average = 109ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=153ms TTL=49

Reply from 98.138.253.109: bytes=32 time=117ms TTL=49



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 117ms, Maximum = 153ms, Average = 135ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 22 fb 5a 84 f8 ...... Intel® WiFi Link 5100 AGN
10 ...00 1d ba b8 1e a5 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
1 ........................... Software Loopback Interface 1
16 ...00 00 00 00 00 00 00 e0 isatap.{4C76C449-2FDD-4C0E-A2A6-0E75D072568E}
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
17 ...00 00 00 00 00 00 00 e0 isatap.{EC02B360-351E-414A-93D1-98284FFC794E}
18 ...00 00 00 00 00 00 00 e0 isatap.{A32E56F2-9E16-40B4-88B4-4470C0E225D8}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.105 276
192.168.0.105 255.255.255.255 On-link 192.168.0.105 276
192.168.0.255 255.255.255.255 On-link 192.168.0.105 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.105 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.105 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::d5df:10cd:fc5c:6a2b/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:50:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/26/2012 09:46:38 AM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (12/26/2012 09:46:35 AM) (Source: Service1) (User: )
Description: Service cannot be started. System.ServiceModel.AddressAlreadyInUseException: HTTP could not register URL http://+:8001/Sony/VPM/service/ because TCP port 8001 is being used by another application. ---> System.Net.HttpListenerException: The process cannot access the file because it is being used by another process
at System.Net.HttpListener.AddAll()
at System.Net.HttpListener.Start()
at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
--- End of inner exception stack trace ---
at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
at System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.DatagramChannelDemuxer`2.OnOuterList...

Error: (12/26/2012 09:46:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/26/2012 09:46:35 AM) (Source: Service Control Manager) (User: )
Description: DMICall

Error: (12/26/2012 09:46:34 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:8001

Error: (12/26/2012 09:46:19 AM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (12/26/2012 09:46:19 AM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (12/26/2012 09:46:19 AM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device%%1053

Error: (12/26/2012 09:46:19 AM) (Source: Service Control Manager) (User: )
Description: 30000Apple Mobile Device

Error: (12/26/2012 09:46:19 AM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (12/26/2012 09:43:45 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (12/26/2012 01:58:18 AM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (12/26/2012 01:57:48 AM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-12-26 13:23:37.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:36.663
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:36.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:35.571
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:35.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:34.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:33.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:33.278
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:32.295
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-26 13:23:31.749
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Alps Pointing-device for VAIO
Apple Mobile Device Support (Version: 5.2.0.6)
ATI Catalyst Install Manager (Version: 3.0.710.0)
Bonjour (Version: 3.0.0.10)
Canon MP500
ccc-utility64 (Version: 2009.0302.2147.39080)
CCleaner (Version: 3.26)
Dolby Control Center (Version: 1.2.0702)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (Version: 7.74.00)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version: 12.01.1000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.6.0)
Octoshape add-in for Adobe Flash Player
Regi (Version: 1.00.0000)
Speccy (Version: 1.19)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
TrackMan Driver Package (Version: 1.2.5)
VD64Inst (Version: 1.00.0000)
WIDCOMM Bluetooth Software (Version: 6.2.0.7600)

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 4062.11 MB
Available physical RAM: 1056.09 MB
Total Pagefile: 8327.46 MB
Available Pagefile: 4362.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3993.66 MB

========================= Partitions: =====================================

1 Drive c: (Vista) (Fixed) (Total:287.05 GB) (Free:54.29 GB) NTFS

========================= Users: ========================================

User accounts for \\MOBILEOFFICE

Administrator D. David Burroughs Guest

========================= Restore Points ==================================

22-12-2012 01:01:44 Windows Update
22-12-2012 02:00:47 Removed Windows 7 Upgrade Advisor
22-12-2012 07:03:14 Windows Update
22-12-2012 07:15:14 Removed Apple Application Support
22-12-2012 07:38:04 Windows Update
22-12-2012 09:29:34 Windows Update
22-12-2012 15:44:06 Windows Update
22-12-2012 16:03:26 Windows Update
22-12-2012 21:16:54 Removed My Memory Center.
22-12-2012 23:46:34 Windows Update
23-12-2012 00:15:55 Windows Update
23-12-2012 00:17:08 Removed Skype™ 5.5
23-12-2012 00:29:22 Removed Skype™ 5.5
23-12-2012 00:30:58 Removed Skype Click to Call
26-12-2012 15:02:27 Scheduled Checkpoint

**** End of log ****


Farber Serv. Scanner

Farbar Service Scanner Version: 23-12-2012
Ran by D. David Burroughs (administrator) on 26-12-2012 at 15:15:30
Running from "C:\Users\D. David Burroughs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9O2KN8C4"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-18 07:44] - [2012-01-03 08:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-12-21 18:48] - [2012-03-30 06:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-06-01 19:13] - [2011-03-02 10:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 08:13] - [2009-04-11 01:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 08:15] - [2009-04-11 01:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 08:13] - [2009-04-11 01:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-12-21 18:48] - [2012-06-01 18:20] - 0174592 ____A (Microsoft Corporation) CA78B312C44E4D52E842C2C8BD48E452

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****


adware cleaner
# AdwCleaner v2.103 - Logfile created 12/26/2012 at 15:38:05
# Updated 25/12/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : D. David Burroughs - MOBILEOFFICE
# Boot Mode : Normal
# Running from : C:\Users\D. David Burroughs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7TDUE54D\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Application Updater
Deleted on reboot : C:\Program Files (x86)\Common Files\spigot
Deleted on reboot : C:\Program Files (x86)\YouTube Downloader Toolbar
Deleted on reboot : C:\Users\D. David Burroughs\AppData\LocalLow\Search Settings
Deleted on reboot : C:\Users\D. David Burroughs\AppData\Roaming\Mozilla\Firefox\Profiles\l0cw6sge.default\extensions\OneClickDownload@OneClickDownload.com

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.vtc.SonyVtc.D5188E03315CA913E5343274F88EC3A0C3CECFF5.1
Key Deleted : HKLM\Software\SweetIM

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

File : C:\Users\D. David Burroughs\AppData\Roaming\Mozilla\Firefox\Profiles\l0cw6sge.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\D. David Burroughs\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2567 octets] - [26/12/2012 15:38:05]

########## EOF - C:\AdwCleaner[S1].txt - [2627 octets] ##########


Junkware removal tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.5 (12.24.2012:1)
OS: Windows ™ Vista Home Premium x64
Ran by D. David Burroughs on Wed 12/26/2012 at 15:58:10.03
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\D. David Burroughs\AppData\Roaming\mozilla\firefox\profiles\l0cw6sge.default\extensions\rpsoyvtvaf@rpsoyvtvaf.org.xpi [Tracur]
Failed to delete: [Folder] C:\Users\D. David Burroughs\AppData\Roaming\mozilla\firefox\profiles\l0cw6sge.default\extensions\wtxpcom@mybrowserbar.com
Failed to delete: [Folder] C:\Users\D. David Burroughs\AppData\Roaming\mozilla\firefox\profiles\l0cw6sge.default\extensions\youtubedownloader@mybrowserbar.com



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/26/2012 at 16:24:25.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks,

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:49 PM

Posted 26 December 2012 - 09:58 PM

Run TDSSkiller again and select DELETE for this

10:01:49.0813 5452 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#15 ddavid006

ddavid006
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 27 December 2012 - 03:05 AM

Okay narenxp here's the info.

I re-ran TDSSkiller and deleted the Device\Harddisk0\DR0 file.

I ran the Services repair tool.

I re-ran the FSS again:
Farbar Service Scanner Version: 23-12-2012
Ran by D. David Burroughs (administrator) on 27-12-2012 at 01:41:56
Running from "C:\Users\D. David Burroughs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OAMYGKI"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-18 07:44] - [2012-01-03 08:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-12-21 18:48] - [2012-03-30 06:45] - 1423744 ____A (Microsoft Corporation) 46D448E9117464E4D3BBF36D7E3FA48E

C:\Windows\System32\dnsrslvr.dll
[2011-06-01 19:13] - [2011-03-02 10:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 08:13] - [2009-04-11 01:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 08:15] - [2009-04-11 01:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 08:13] - [2009-04-11 01:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 08:14] - [2009-04-11 01:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-12-21 18:48] - [2012-06-01 18:20] - 0174592 ____A (Microsoft Corporation) CA78B312C44E4D52E842C2C8BD48E452

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 08:15] - [2009-04-11 01:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

I ran the rkill scan. It's a little late so I mistook the folder created on the desktop for the log and activated the file, hopefully no damage to the registry.

rkill scan:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/27/2012 01:44:16 AM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\D. David Burroughs\Desktop\rkill\rkill-12-27-2012-01-44-24.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 12/27/2012 01:44:45 AM
Execution time: 0 hours(s), 0 minute(s), and 29 seconds(s)


Lastly ran the autoruns scan:
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint\apoint.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AML" "AML" "Sony" "c:\program files (x86)\sony\vaio launcher\aml.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applesyncnotifier.exe"
+ "ISBMgr.exe" "" "Sony Corporation" "c:\program files (x86)\sony\isb utility\isbmgr.exe"
+ "MaxMenuMgr" "FreeAgent™ Launcher" "Seagate LLC" "c:\program files (x86)\seagate\seagatemanager\freeagent status\stxmenumgr.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SmartWiHelper" "SmartWi Helper" "Sony Electronics Corporation" "c:\program files\sony corporation\smartwi connection utility\smartwihelper.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
"C:\Users\D. David Burroughs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2007 Screen Clipper and Launcher.lnk" "Microsoft Office OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DriverMax" "DriverMax" "Innovative Solutions" "c:\program files (x86)\innovative solutions\drivermax\drivermax.exe"
+ "DriverMax_RESTART" "DriverMax" "Innovative Solutions" "c:\program files (x86)\innovative solutions\drivermax\drivermax.exe"
+ "VMpTtray.exe" "VMpTtray" "Sony Corporation" "c:\program files (x86)\sony\vaio media plus\vmpttray.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwizard.dll"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\navshext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "4shared_Desktop" "" "" "c:\program files (x86)\4shared desktop\cmenu.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "4shared_Desktop" "" "" "c:\program files (x86)\4shared desktop\cmenu.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Haali Column Provider" "" "" "c:\program files (x86)\haali\matroskasplitter\mmfinfo.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\6.4.0.9\bushell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\ips\ipsbho.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\Norton 360\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\symerr.exe"
+ "\Norton 360\Norton Error Processor" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\symerr.exe"
+ "\Norton WSC Integration" "WSCStub" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\wscstub.exe"
+ "\SONY\VAIO Update\VAIO Update" "VAIO Update" "Sony Corporation" "c:\program files\sony\vaio update 4\vaioupdt.exe"
+ "\VAIO Care" "VAIO Care" "Sony Electronics, Inc." "c:\program files\sony\vaio care\vcsystray.exe"
+ "\{BDFDC9DD-126A-4086-BF9B-389D0F21BF9A}" "" "" "File not found: C:\Program Files (x86)\Skype\Phone\Skype.exe"
+ "\{EA6DCA69-F632-422E-AE3E-48B92D93CBDD}" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "ExpressAccountsService" "Allows Express Accounts to run in the background if required." "NCH Software" "c:\program files (x86)\nch software\expressaccounts\expressaccounts.exe"
+ "FreeAgentGoNext Service" "Seagate Service" "Seagate Technology LLC" "c:\program files (x86)\seagate\seagatemanager\sync\freeagentservice.exe"
+ "IviRegMgr" "InterVideo Register Manager" "InterVideo" "c:\program files (x86)\common files\intervideo\regmgr\iviregmgr.exe"
+ "MSSQL$TRACKMAN" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10_50.trackman\mssql\binn\sqlservr.exe"
+ "N360" "Norton 360" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\6.4.0.9\ccsvchst.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PACSPTISVR" "PACSPTISVR Module" "Sony Corporation" "c:\program files (x86)\common files\sony shared\avlib\pacsptisvr.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RtkAudioService" "To check external HDMI device availability, HDMI device audio capability and update HDMI device capability into audio control panel" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkaudioservice64.exe"
+ "SampleCollector" "Collects samples that are used to measure system performance, to monitor running processes, and to detect DLL changes." "Intel Corporation" "c:\program files\sony\vaio care\collsvc.exe"
+ "SOHCImp" "VAIO Media plus Content Importer" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe"
+ "SOHDBSvr" "VAIO Media plus Database Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohdbsvr.exe"
+ "SOHDms" "VAIO Media plus Digital Media Server" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe"
+ "SOHDs" "VAIO Media plus Device Searcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohds.exe"
+ "SOHPlMgr" "VAIO Media plus Playlist Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohplmgr.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "TrackManVideoManagement" "Video Management Service for TrackMan applications" "TrackMan A/S" "c:\program files (x86)\common files\trackman\videomanagementservice\vmsservice.exe"
+ "uCamMonitor" "Monitor the status of the webcam on PC startup." "ArcSoft, Inc." "c:\program files (x86)\arcsoft\magic-i visual effects 2\ucammonitor.exe"
+ "VAIO Entertainment TV Device Arbitration Service" "Hardware Resource Manager" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio entertainment platform\vzhardwareresourcemanager\vzhardwareresourcemanager\vzhardwareresourcemanager.exe"
+ "VAIO Event Service" "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited." "Sony Corporation" "c:\program files (x86)\sony\vaio event service\vesmgr.exe"
+ "VAIO Power Management" "Provides power management service for VAIO. If this service is stopped or disabled, power management functions for VAIO will not be available." "Sony Corporation" "c:\program files\sony\vaio power management\spmservice.exe"
+ "VCFw" "VAIO Content Folder Watcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe"
+ "VcmIAlzMgr" "VAIO Content Metadata Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe"
+ "VcmXmlIfHelper" "VcmXml Helper Interface" "Sony Corporation" "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe"
+ "Vcsw" "VAIO Entertainment UPnP Client Adapter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio entertainment platform\vcsw\vcsw.exe"
+ "VzCdbSvc" "VAIO Entertainment Database Service" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio entertainment platform\vzcdb\vzcdbsvc.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "ArcSoftKsUFilter" "For X64" "ArcSoft, Inc." "c:\windows\system32\drivers\arcsoftksufilter.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\bashdefs\20121130.005_8e0\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "CAXHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\caxhwazl.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\ccsetx64.sys"
+ "DMICall" "" "" "File not found: system32\DRIVERS\DMICall.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "EraserUtilDrv11220" "" "" "File not found: C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_dpv.sys"
+ "HSFHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\ipsdefs\20121226.001\idsvia64.sys"
+ "igfx" "" "" "File not found: system32\DRIVERS\igdkmd64.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcHdmiAddService" "" "" "File not found: system32\drivers\IntcHdmi.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "mdmxsdk" "Diagnostic Interface x64 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MtUsb" "Cypress Generic USB Device Driver-Release 3.4.2" "Cypress Semiconductor" "c:\windows\system32\drivers\mtusb.sys"
+ "MxEFUF" "MxEFUF64.sys" "Matrox Graphics Inc." "c:\windows\system32\drivers\mxefuf64.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\virusdefs\20121226.033\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.0.9\definitions\virusdefs\20121226.033\ex64.sys"
+ "NETw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "NETwNv64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwnv64.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "pmkbdfltr" "PenMount Keyboard Device Filter Driver" "PenMount" "c:\windows\system32\drivers\pmkbdfltr.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "regi" "regi driver" "InterVideo" "c:\windows\system32\drivers\regi.sys"
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimspx64.sys"
+ "risdptsk" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\risdsn64.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmivx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SFEP" "Sony Firmware Extension Parser driver" "Sony Corporation" "c:\windows\system32\drivers\sfep.sys"
+ "SmbDrvI" "Synaptics SMBus Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\smb_driver_intel.sys"
+ "SMR250" "SMR" "Symantec Corporation" "c:\windows\system32\drivers\smr250.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\srtspx64.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\ironx64.sys"
+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\0604000.009\symtdiv.sys"
+ "TrackMan" "Cypress Generic USB Device Driver-Release 3.4.2" "Cypress Semiconductor" "c:\windows\system32\drivers\trackman.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.sys"
+ "yukonx64" "NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller" "Marvell" "c:\windows\system32\drivers\yk60x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.dvsd" "MainConcept DV Codec" "MainConcept" "c:\windows\syswow64\mcdvd_32.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.mjpg" "MainConcept MJPG Video Codec" "MainConcept" "c:\windows\syswow64\mcmjpg32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sony MPEG2 TS Splitter Ex" "" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\tssplt_s.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "BtwVdpCapFilter" "Bluetooth VDP DirectShow Filter" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwvdpcapfilter.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ArcGetDataSample" "ArcGetDataSample" "arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcgetdatasample.ax"
+ "ArcPutDataSample" "ArcGetDataSample" "arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcputdatasample.ax"
+ "ArcSoft MPEG Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter" "" "ArcSoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcmpegcodec.ax"
+ "ArcSoft MPEG Splitter" "MPGSplitter Filter" "ArcSoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcspl.ax"
+ "ArcSoft MPEG Video Decoder" "ArcSoft Mpeg Video Decoder Filter" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\mpgvideo.ax"
+ "ArcSoft Null Render" "NULL Render" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcnullrender.ax"
+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files (x86)\common files\arcsoft\mpeg engine\arccaptureencoder.ax"
+ "ArcSoft Time Stamp" "ArcSoft Time Stamp" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arctimestamp.ax"
+ "ArcSoft TimeShift2.0 Client Filter" "Timeshift2.0 Filter" "Arcsoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\timeshift2.ax"
+ "ArcSoft TimeShift2.0 Server Filter" "Timeshift2.0 Filter" "Arcsoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\timeshift2.ax"
+ "ArcSoft VideoEffect" "Arcsoft Video Effect Filter 1.0" "Arcsoft Corporation" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcvideoeffect.ax"
+ "Arcsoft WMV/ASF Splitter" "ArcWmvSpl" "Arcsoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\arcwmvspl.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CDDA Reader" "CDDA Reader Filter" "Gabest" "c:\program files (x86)\cd audio reader filter\cddareader.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\dsp-worx\dc-bass source\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\directvobsub\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\directvobsub\vsfilter.dll"
+ "DScaler Mpeg2 Video Decoder" "MpegVideo Module" "DScaler Team" "c:\program files (x86)\dscaler5\mpegvideo.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "File Dump" "FileDump DLL" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\filedump.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files (x86)\opensource flash video splitter\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files (x86)\opensource flash video splitter\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files (x86)\opensource flash video splitter\flvsplitter.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\haali\matroskasplitter\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\haali\matroskasplitter\splitter.ax"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.74595" "InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.74595" " InterVideo Inc." "c:\program files (x86)\intervideo\common\bin\ivivideo.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\monogram amr splitterdecoder\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\monogram amr splitterdecoder\mmamr.ax"
+ "MPC - DTS/AC3/DD+ Source" "DTS/AC3 Source Filter" "Gabest" "c:\program files (x86)\opensource dtsac3dd+ source filter\dtsac3source.ax"
+ "MpegAudio Filter" "MpegAudio Module" "DScaler Team" "c:\program files (x86)\dscaler5\mpegaudio.dll"
+ "OMG TRANSFORM" "OmgTransform Filter " "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgtrans.ax"
+ "OmgDsee Filter" "OmgDseeFilter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgdseefilter.ax"
+ "OmgGenericSrcFilter" "OmgGenericSrcFilter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omggenericsrcfilter.ax"
+ "OmgMP4Decoder2" "OmgMP4Decoder2" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgmp4decoder2.ax"
+ "OmgPushSrc" "OmgPushSrc" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgpushsrc.ax"
+ "OpenMG Async. File Source" "OpenMG Async. File Source" "Sony Corporation" "c:\program files (x86)\common files\sony shared\avlib\omgafs.ax"
+ "OpenMG Audio Decrypt" "OpenMG Decrypt Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgdec.ax"
+ "OpenMG OmgSource Filter" "OpenMG OmgSource Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgsrc.ax"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\realmedia\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\realmedia\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\realmedia\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\realmedia\realmediasplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "SaEnvelope" "Sony Sa Envelope Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\omgsaenvelope.ax"
+ "SAL Input Converter" "SAL Input Converter Source Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\saliconv.ax"
+ "SAL Output Converter" "SAL Output Converter RendererFilter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\saloconv.ax"
+ "Seamless Play" "Seamless-Play Filter (Sample)" "Sony Corporation" "c:\program files (x86)\common files\sony shared\openmg\seamlessfilter.ax"
+ "ShoutcastSource" "Shoutcast Source Filter" "Gabest" "c:\program files (x86)\shoutcast source\shoutcastsource.ax"
+ "Snapshot" "Arcsoft Snapshot Filter 1.0" "Arcsoft Corporation" "c:\program files (x86)\common files\arcsoft\mpeg engine\arcsnap.ax"
+ "Sony Audio CD Source Filter" "OpenMG CdSource Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\avlib\cdsrc.ax"
+ "Sony AVC Decoder" "Sony AVC Decoder Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\sjvtdl.ax"
+ "SONY DV Video Decoder" "Sony DV Video Decoder" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\sdvvd.ax"
+ "Sony LPCM Decoder" "Sony LPCM Decode Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\slpcmd.ax"
+ "Sony MP4 File Source" "Sony MP4 File Source Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\mp4filesource.ax"
+ "Sony MPEG Audio Decoder" "Sony MPEG Audio Decoder" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\smad.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG4 Video Decoder" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\sm4spvd.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG Video Decoder" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\smvd.ax"
+ "Sony MPEG-TS Parser" "Sony MPEG Parser Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\smparse.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\avlib\sonycdsrcwriter.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\avlib\sonymsaconverter3.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "VAIO Content Metadata Univ Filter" "DirectShow Filter for VCM Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax"
+ "VaioAacDecFilter" "Sony MPEG4 AAC Decoder" "Sony Corporation" "c:\program files (x86)\common files\sony shared\videolib\saaclcd.ax"
+ "VcmIAlzGPDFilter" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter.ax"
+ "VcmIAlzGPDFilter2" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter2.ax"
+ "Video MotionDetect" "Video motiondetect Filter (Sample)" "ArcSoft, Inc." "c:\program files (x86)\common files\arcsoft\mpeg engine\motiondetect.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "" "" "File not found: igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP500" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm7l.dll"
"C:\Users\D. David Burroughs\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "" "" "" "C:\Program Files\Windows Sidebar\Shared Gadgets\marketing.Gadget"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "My eBay Gadget" "eBay gadget for Vista sidebar" "eBay Inc." "C:\Program Files (x86)\Windows Sidebar\Gadgets\eBayGadget.Gadget\en-US\Gadget.xml"
+ "Norton 360" "Protect your computer against digital dangers." "Symantec Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"

Thanks, standing by.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users