Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't download anything. Security Centre & Windows firewall issues. Infected?


  • Please log in to reply
24 replies to this topic

#1 Chris Weeks

Chris Weeks

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 18 June 2013 - 05:49 PM

Hi. I'm using a Sony Vaio laptop running Vista Home Premium SP2

 

Yesterday I noticed I was no longer able to download any files.

The browsers (both firefox & IE) go through the motions of downloading, progress bar, completion of download, but then nothing appears in my designated saving place.

When trying to download anything in IE it states that '[filename] contained a virus and was deleted'. I am trying to download simple, small files, which I know are 'clean'.

 

I noticed some errant process in 'russian text' running in my processes, so I ran my anti-virus and malware programs.

Avira Antivirus found the Trojan: TR/Kazy.173253.7 Malwarebytes found something also, but after removing it, I stupidly deleted the log.

Neither program now shows any signs of 'infection'.

 

I tried a System Restore, it failed due to an 'unexpected error'. I tried it again, same response.

 

I checked my Windows Security Center and noticed it was turned 'off'. I tried to turn it on, but received the message "The Security Center service can't be started".

I ran services.msc and looked for Security Center, but it wasn't there!

 

I receive the message: Windows Firewall is not using the recommended settings to protect your computer. When I try to update the settings I get the message: Windows Firewall was unable to make the requested updates. If I click on the option 'Turn Windows Firewall on or off' I get the message: Due to an unidentified problem, Windows cannot display Windows Firewall settings.

 

Please bear in mind that I cannot download any programs directly to this machine.

I believe it is possible to download any required programs to an external flash stick via another machine, then put them onto this laptop. Is that correct?

 

Any help with this matter would be greatly appreciated. This is my primary work PC, and I use it extensively on a daily basis, please help so I can again feel safe using it!

 

Chris.


Edited by hamluis, 18 June 2013 - 06:11 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:17 PM

Posted 18 June 2013 - 07:03 PM

Hello, this is correct.

I believe it is possible to download any required programs to an external flash stick via another machine, then put them onto this laptop. Is that correct?

 
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.
 
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 05:23 AM

Thank you for the prompt response.

I ran MiniToolBox, TDSSKiller & AdwCleaner and will post the logs shortly.

I am currently running the ESET Online Scanner. However, you mentioned in your reply to:

As with the other programs, I had to download this from my other laptop and transfer it to my main laptop, as when I tried to download it directly onto that machine, following the steps you provided, it did not download. Will this be a problem; not running it directly from my main machine? (Only a PART file, which I now cannot remove, appeared in my saving location: Desktop)

This is the same issue I have with downloading anything; mentioned in my initial post.

 

I will post all logs once the ESET Scanner has finished.

 

Thanks again,

 

Chris.



#4 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 01:37 PM

I thought I could post the logs as attachments on this site, but it appears not. So the best thing I can do is copy & paste them all in here. I will put each log in a different reply, in the order asked.



MiniToolBox Scan Log:

 

MiniToolBox by Farbar  Version: 16-06-2013
Ran by admin (administrator) on 19-06-2013 at 10:52:31
Running from "C:\Users\admin\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : KINGBASTARD
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-21-4F-4D-2E-DB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-21-5D-D9-43-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c22:1fb:1b5e:b8d8%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.165(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 19 June 2013 10:44:58
   Lease Expires . . . . . . . . . . : 20 June 2013 10:44:58
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 318772970
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-53-08-C4-00-1D-BA-8D-8B-37
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-1D-BA-8D-8B-37
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{AD24F95D-5128-4662-897E-21DC78BCFF7F}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{461689BA-BFCD-4E0F-A71A-6E70DD15227B}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{A0BCE985-A0FB-4272-99D8-76C75DFFB3FE}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  WANADOO-A5B8
Address:  192.168.1.1

Name:    google.com
Addresses:  2a00:1450:4009:808::1002
      173.194.34.168
      173.194.34.167
      173.194.34.166
      173.194.34.165
      173.194.34.164
      173.194.34.163
      173.194.34.162
      173.194.34.161
      173.194.34.160
      173.194.34.174
      173.194.34.169



Pinging google.com [173.194.34.169] with 32 bytes of data:

Reply from 173.194.34.169: bytes=32 time=39ms TTL=54

Reply from 173.194.34.169: bytes=32 time=40ms TTL=54



Ping statistics for 173.194.34.169:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 39ms, Maximum = 40ms, Average = 39ms

Server:  WANADOO-A5B8
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=281ms TTL=41

Reply from 206.190.36.45: bytes=32 time=210ms TTL=41



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 210ms, Maximum = 281ms, Average = 245ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 21 4f 4d 2e db ...... Bluetooth Device (Personal Area Network)
 11 ...00 21 5d d9 43 42 ...... Intel® WiFi Link 5100 AGN
 10 ...00 1d ba 8d 8b 37 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{AD24F95D-5128-4662-897E-21DC78BCFF7F}
 19 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 18 ...00 00 00 00 00 00 00 e0  isatap.{461689BA-BFCD-4E0F-A71A-6E70DD15227B}
 15 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 17 ...00 00 00 00 00 00 00 e0  isatap.{A0BCE985-A0FB-4272-99D8-76C75DFFB3FE}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.165     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.165    281
    192.168.1.165  255.255.255.255         On-link     192.168.1.165    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.165    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.165    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.165    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::c22:1fb:1b5e:b8d8/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/19/2013 10:40:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2013 04:57:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 11:07:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 10:46:19 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: .

Error: (06/18/2013 10:32:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 09:50:36 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: .

Error: (06/18/2013 09:37:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 09:04:06 PM) (Source: Application Error) (User: )
Description: Faulting application YahooMessenger.exe, version 11.5.0.228, time stamp 0x4fbf6b79, faulting module Flash32_11_7_700_224.ocx_unloaded, version 0.0.0.0, time stamp 0x51a673ec, exception code 0xc0000005, fault offset 0x68a8df14,
process id 0x80c, application start time 0xYahooMessenger.exe0.

Error: (06/18/2013 03:34:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 10:43:58 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ADMIN\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\CHRIS WEEKS - THE LOST COSMONAUT [PROMOTIONAL COPY].LNK> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: cdrom
PxHelp20

Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (06/19/2013 10:40:56 AM) (Source: Service Control Manager) (User: )
Description: KorgBlkT.Sys KORG USB Bulk Driver%%1058

Error: (06/19/2013 10:39:02 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer EPSON SX210 Series with shared resource name EPSON SX210 Series. Error 1753. The printer cannot be used by others on the network.

Error: (06/19/2013 10:39:02 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Send To OneNote 2007 with shared resource name Send To OneNote 2007. Error 1753. The printer cannot be used by others on the network.

Error: (06/19/2013 10:38:02 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (06/19/2013 10:37:39 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (06/06/2011 02:07:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/18/2011 01:08:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/04/2011 09:44:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/27/2011 08:42:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/27/2011 07:16:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/27/2011 07:16:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/24/2011 08:02:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/24/2011 08:02:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/05/2011 04:20:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/26/2011 08:52:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-06-18 09:48:48.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:48.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:47.873
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:47.686
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:47.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:47.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:46.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:46.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:46.563
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-18 09:48:46.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
7-Zip 9.20
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Common File Installer (Version: 1.00.002)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Application Profiles (Version: 2.0.4292.33784)
ArcSoft WebCam Companion 2
Audacity 1.2.6
Auslogics BoostSpeed (Version: 5.5)
Avira Free Antivirus (Version: 13.0.0.3640)
Bonjour (Version: 3.0.0.10)
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
CanoScan Toolbox Ver4.1
CCleaner (Version: 4.01)
Click to Disc (Version: 1.2.73.04270)
Click to Disc Editor (Version: 2.0.02)
Click to Disc Editor (Version: 2.0.03.04150)
CodeMeter Runtime Kit v4.01 (Version: 4.1.169.500)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Convert AVI to MP4 1.3
CronoX 3
CronoX 3 Bonus Presets
Crysis WARHEAD®
Crysis WARHEAD® (Version: 1.0)
D3DX10 (Version: 15.4.2368.0902)
DirectVobSub (remove only)
Dolby Control Center (Version: 1.2.0702)
DSD Direct (Version: 2.0.01)
DSD Direct Player (Version: 1.1)
DSD Playback Plug-in (Version: 1.2)
Dual-Core Optimizer (Version: 1.1.4.0169)
EDIROL UA-25EX Driver
elysia niveau filter 1.1.3
Epson Easy Photo Print 2 (Version: 2.1.0.0)
Epson Event Manager (Version: 2.30.01)
EPSON Printer Software
Epson Printer Software Downloader
Epson Printer Software Downloader (Version: 2.0.0)
EPSON Scan
Epson Stylus SX210_SX410_TX210_TX410 Manual
EPSON SX210 Series Printer Uninstall
F1 2010 (Version: 1.0.0001.132)
F1 2011 (Version: 1.0.0001.129)
FileASSASSIN (Version: 1.06)
FlipShare (Version: 4.1.4.50640)
GameSpy Comrade (Version: 1.5.0.156)
Greenshot
HDAUDIO SoftV92 Data Fax Modem with SmartCP
iGetter v2.6.7 (Version: 2.6.7)
IK Multimedia Amplitube DX/VST/RTAS v2.0
ImgBurn (Version: 2.5.6.0)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version: 12.04.3000)
Intel® Matrix Storage Manager
Interlok driver setup x32 (Version: 5.8.13)
iTunes (Version: 11.0.1.12)
IZArc 3.81 (Version: 3.81 Build 1550)
iZotope Trash (Version: 1.05)
iZotope Vinyl (Version: 1.61)
Jasc Animation Shop 3 (Version: 3.11)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
JMicron JMB368 ExpressCard CF Adapter (Version: 1.01.04.07)
Junk Mail filter update (Version: 15.4.3502.0922)
Korg Kontrol Editor (Version: 1.00.0018)
KORG KP3 Editor (Version: 2.00.0007)
KORG M1 Le (Version: 1.0.4)
KORG USB-MIDI Driver Tools for Windows (Version: 1.11.0050)
Lernout & Hauspie TruVoice American English TTS Engine
Lexicon PSP 42 1.5.3 32bit (Version: 1.5.3 32bit)
Live 8.1.1
Lounge Lizard Session v3.1.4
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.0.0.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Accounting 2009 (Version: 4.0.3610.0)
Microsoft Office Accounting 2009 PayPal Addin (Version: 4.0.1930.0)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (Version: 8.00.761)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
minimoog-v Original 2.5.3 (Version: 2.5.3)
Mozilla Firefox 21.0 (x86 en-GB) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer (Version: 1.2.00.17290)
NanoStudio 1.12
NanoSync 1.2 (Version: 1.2)
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Abbey Road 60s Drums Vintage (Version: 1.0.0.001)
Native Instruments B4 II
Native Instruments Controller Editor (Version: 1.5.4.1182)
Native Instruments Dark Pressure
Native Instruments Dark Pressure (Version: 1.0.0.003)
Native Instruments Driver (Version: 1.0.1.288)
Native Instruments Drop Squad
Native Instruments Drop Squad (Version: 1.0.0.002)
Native Instruments Drop Squad Sounds
Native Instruments Drop Squad Sounds (Version: 1.0.0.002)
Native Instruments FM7
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 4 (Version: 4.2.2.2564)
Native Instruments Guitar Rig Mobile I/O
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Komplete Elements
Native Instruments Komplete Elements (Version: 7.0.0.001)
Native Instruments Kontakt 4
Native Instruments Kontakt 4 (Version: 4.2.4.5316)
Native Instruments Kontakt Elements Selection R2
Native Instruments Kontakt Elements Selection R2 (Version: 1.0.0.002)
Native Instruments Maschine
Native Instruments Maschine (Version: 1.8.2.247)
Native Instruments Maschine Controller
Native Instruments Maschine Controller (Version: 3.0.1.648)
Native Instruments Maschine Controller Driver
Native Instruments Maschine Controller MK2 Driver
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719)
Native Instruments Massive
Native Instruments Massive (Version: 1.3.1.129)
Native Instruments Mikro Prism
Native Instruments Mikro Prism (Version: 1.0.0.001)
Native Instruments Pulswerk
Native Instruments Pulswerk (Version: 1.0.4.001)
Native Instruments Raw Voltage
Native Instruments Raw Voltage (Version: 1.0.0.001)
Native Instruments Reaktor 5
Native Instruments Reaktor 5 (Version: 5.8.0.550)
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Elements Selection (Version: 1.0.0.002)
Native Instruments Reaktor Spark R2
Native Instruments Reaktor Spark R2 (Version: 1.2.0.001)
Native Instruments Rig Kontrol 3
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Skanner
Native Instruments Skanner (Version: 1.0.0.005)
Native Instruments The Finger R2
Native Instruments The Finger R2 (Version: 1.2.0.001)
Native Instruments Traktor
Native Instruments Traktor (Version: 1.2.1.7692)
Native Instruments Transistor Punch
Native Instruments Transistor Punch (Version: 1.0.0.001)
Native Instruments True School
Native Instruments True School (Version: 1.0.0.002)
Native Instruments Vintage Heat
Native Instruments Vintage Heat (Version: 1.0.0.002)
Nero 8 (Version: 8.10.293)
neroxml (Version: 1.0.0)
NVIDIA Drivers (Version: 1.3)
NVIDIA PhysX (Version: 9.10.0129)
OCTA-CAPTURE Driver
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
OpenMG Secure Module 5.4.00 (Version: 5.4.00.04020)
PDF Settings CS5 (Version: 10.0)
PowerISO
Primo (Version: 1.00.0000)
ProAudioDSP Dynamic Spectrum Mapper VST RTAS v1.3.2
Protector Suite QL 5.6 (Version: 5.6.2.4447)
PSP 608 MultiDelay 1.1.2 (Version: 1.1.2)
PSP 84 1.5.3 32bit (Version: 1.5.3 32bit)
PSP Audioware Xenon v1.0
PSP EasyVerb 1.6.0 32bit (Version: 1.6.0 32bit)
PSP MasterComp 1.5.4 (Version: 1.5.4)
PSP MasterQ 1.5.2 (Version: 1.5.2)
PSP MixPack2 2.0.3 (Version: 2.0.3)
PSP Neon 1.5.1 32bit (Version: 1.5.1 32bit)
PSP Nitro 1.1.2 (Version: 1.1.2)
PSP sQuad 1.5.2 32bit (Version: 1.5.2 32bit)
PSP StereoPack 1.9.0 (Version: 1.9.0)
PSP VintageWarmer 2.0.0 (Version: 2.0.0)
PunkBuster Services (Version: 0.986)
PVSonyDll (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Rapport (Version: 3.5.1201.94)
Rapture3D 2.4.11 Game
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
Reason 5.0 (Version: 5.0)
Roxio Central Audio (Version: 3.7.0)
Roxio Central Copy (Version: 3.7.0)
Roxio Central Core (Version: 3.7.0)
Roxio Central Data (Version: 3.7.0)
Roxio Central Tools (Version: 3.7.0)
Roxio Easy Media Creator 10 LJ (Version: 10.1)
Roxio Easy Media Creator Home (Version: 10.1.177)
Segoe UI (Version: 15.4.2271.0615)
Setting Utility Series (Version: 4.1.00.07170)
SH-01 Driver
Skype™ 6.1 (Version: 6.1.129)
Sonic Charge Synplant 1.0
SonicStage Mastering Studio (Version: 2.6)
SonicStage Mastering Studio Audio Filter (Version: 2.5)
SonicStage Mastering Studio Audio Filter Custom Preset (Version: 2.5)
SonicStage Mastering Studio Plugins (Version: 2.5)
Sonnox Oxford Inflator Native VST v1.5.1
Sony ACID Pro 6.0 (Version: 6.0.363)
Sony Media Manager 2.2 (Version: 2.2.136)
Sony Noise Reduction Plug-In 2.0e (Version: 2.0.444)
Sony Picture Utility (Version: 3.2.02.06170)
Sony Sound Forge 9.0 (Version: 9.0.297)
Sony Vegas 7.0 (Version: 7.0.216)
Sony Video Shared Library (Version: 3.4.00)
SoulSeek 157 NS 13e
Speakonia (Version: 1.0.3.5)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SPL Free Ranger 1.4.4
Spotify (Version: 0.9.1.53.g876fa9df)
Steam (Version: 1.0.0.0)
Steinberg Cubase SX v2.2.0.33
Strum Acoustic Session v1.0.2
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.2.0)
System Requirements Lab
TA RECsoprano VST (Version: 1.0)
TagScanner 5.1.625
ToCA Race Driver 3
T-RackS 3 Deluxe (Version: 1.0.0)
Trellian ImageMapper 1.0 (Version: 1.0)
Trellian LiveUpgrade v2.0
TruePianos 1.4.1
TruePianos: Amber Module 1.4.0
TruePianos: Diamond Module 1.4.0
TruePianos: Emerald Module 1.4.0
TruePianos: Sapphire Module 1.4.0
Ultra Analog Session v1.1.4
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO BD Menu Data (Version: 2.0.02.06230)
VAIO Content Folder Setting (Version: 2.0.00.17290)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.6.1.12010)
VAIO Content Metadata Manager Settings (Version: 3.6.0.09240)
VAIO Control Center (Version: 3.1.00.07110)
VAIO Data Restore Tool (Version: 1.0.04.01170)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Edit Components (Version: 6.6)
VAIO Edit Components 6.6 (Version: 6.6)
VAIO Entertainment Platform (Version: 3.4.1.15040)
VAIO Event Service (Version: 4.1.00.07150)
VAIO Guide (Version: 2.4.00.06190)
VAIO Launcher (Version: 2.1.00.06130)
VAIO Marketing Tools
VAIO Media plus (Version: 1.1.00.05240)
VAIO Movie Story (Version: 1.3.00.06240)
VAIO Movie Story (Version: 1.5.00.06191)
VAIO Movie Story 1.5 Upgrade (Version: 1.5.00.06191)
VAIO Original Function Settings (Version: 2.0.2.02240)
VAIO Power Management (Version: 3.1.00.06190)
VAIO Presentation Support (Version: 1.0.00.04240)
VAIO Smart Network (Version: 2.1.00.07300)
VAIO Update (Version: 5.1.1.04090)
VAIO Wallpaper Contents (Version: 1.2.00.05200)
VCRedistSetup (Version: 1.0.0)
Video Encoder 1.4
VirSyn BARK VST RTAS v1.1.0
VirSyn FDELAY VST RTAS v1.0.1
VirSyn KLON VST RTAS v1.0.2
VirSyn MATRIX VST RTAS v1.2.1
VirSyn PRISM VST RTAS v1.1.0
Virsyn REFLECT VST RTAS v2.0
VirSyn TDESIGN VST RTAS v1.0.1
VirSyn VTAPE VST RTAS v1.3.0
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.1.11 (Version: 1.1.11)
Waves API Collection (Version: 1.0)
Waves Diamond Bundle v5.0
Waves Diamond Bundle v5.2
Waves GTR 3 (Version: 1.0)
Waves IRx v5.2
Waves L3 Multimaximizer v1.0
Waves Mercury Bundle (Version: 5.0)
Waves Q-Clone v5.2
Waves SSL Collection v1.2
Waves Vocal Bundle v1.1
WIDCOMM Bluetooth Software 6.2.0.4100 (Version: 6.2.0.4100)
Winamp (Version: 5.56 )
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
WinDVD BD for VAIO (Version: 8.0-B20.185)
WinUndelete 3.50
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3038.33 MB
Available physical RAM: 1790.39 MB
Total Pagefile: 6281.46 MB
Available Pagefile: 5150.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.66 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:286.81 GB) (Free:16.57 GB) NTFS
2 Drive d: () (Fixed) (Total:298.08 GB) (Free:27.47 GB) NTFS
6 Drive h: (Transcend) (Removable) (Total:29.09 GB) (Free:2.54 GB) FAT32

========================= Users: ========================================

User accounts for \\KINGBASTARD

admin                    Administrator            ASPNET                   
Guest                    


**** End of log ****
 



#5 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 01:39 PM

TDSSKiller Log:

 

10:53:27.0347 4476  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:53:27.0659 4476  ============================================================
10:53:27.0659 4476  Current date / time: 2013/06/19 10:53:27.0659
10:53:27.0659 4476  SystemInfo:
10:53:27.0659 4476  
10:53:27.0659 4476  OS Version: 6.0.6002 ServicePack: 2.0
10:53:27.0659 4476  Product type: Workstation
10:53:27.0659 4476  ComputerName: KINGBASTARD
10:53:27.0659 4476  UserName: admin
10:53:27.0659 4476  Windows directory: C:\Windows
10:53:27.0659 4476  System windows directory: C:\Windows
10:53:27.0659 4476  Processor architecture: Intel x86
10:53:27.0659 4476  Number of processors: 2
10:53:27.0659 4476  Page size: 0x1000
10:53:27.0659 4476  Boot type: Normal boot
10:53:27.0659 4476  ============================================================
10:53:28.0408 4476  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:53:28.0751 4476  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:53:28.0798 4476  Drive \Device\Harddisk5\DR5 - Size: 0x746800000 (29.10 Gb), SectorSize: 0x200, Cylinders: 0xED6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:53:28.0798 4476  ============================================================
10:53:28.0798 4476  \Device\Harddisk0\DR0:
10:53:28.0798 4476  MBR partitions:
10:53:28.0798 4476  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1692000, BlocksNum 0x23D9C2B0
10:53:28.0798 4476  \Device\Harddisk1\DR1:
10:53:28.0798 4476  MBR partitions:
10:53:28.0798 4476  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x254297C1
10:53:28.0798 4476  \Device\Harddisk5\DR5:
10:53:28.0798 4476  MBR partitions:
10:53:28.0798 4476  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0xC68, BlocksNum 0x3A33398
10:53:28.0798 4476  ============================================================
10:53:28.0891 4476  C: <-> \Device\Harddisk0\DR0\Partition1
10:53:28.0907 4476  D: <-> \Device\Harddisk1\DR1\Partition1
10:53:28.0907 4476  ============================================================
10:53:28.0907 4476  Initialize success
10:53:28.0907 4476  ============================================================
10:53:48.0735 4680  ============================================================
10:53:48.0735 4680  Scan started
10:53:48.0735 4680  Mode: Manual; TDLFS;
10:53:48.0735 4680  ============================================================
10:53:49.0062 4680  ================ Scan system memory ========================
10:53:49.0062 4680  System memory - ok
10:53:49.0062 4680  ================ Scan services =============================
10:53:49.0858 4680  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:53:49.0858 4680  ACPI - ok
10:53:49.0983 4680  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:53:49.0983 4680  AdobeARMservice - ok
10:53:50.0061 4680  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:50.0061 4680  AdobeFlashPlayerUpdateSvc - ok
10:53:50.0154 4680  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:53:50.0154 4680  adp94xx - ok
10:53:50.0185 4680  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:53:50.0201 4680  adpahci - ok
10:53:50.0232 4680  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:53:50.0232 4680  adpu160m - ok
10:53:50.0248 4680  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:53:50.0263 4680  adpu320 - ok
10:53:50.0310 4680  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:53:50.0310 4680  AeLookupSvc - ok
10:53:50.0373 4680  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
10:53:50.0388 4680  AFD - ok
10:53:50.0419 4680  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:53:50.0419 4680  agp440 - ok
10:53:50.0451 4680  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:53:50.0451 4680  aic78xx - ok
10:53:50.0482 4680  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
10:53:50.0497 4680  ALG - ok
10:53:50.0513 4680  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:53:50.0513 4680  aliide - ok
10:53:50.0560 4680  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:53:50.0575 4680  amdagp - ok
10:53:50.0591 4680  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:53:50.0591 4680  amdide - ok
10:53:50.0638 4680  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:53:50.0638 4680  AmdK7 - ok
10:53:50.0653 4680  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:53:50.0653 4680  AmdK8 - ok
10:53:50.0700 4680  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys
10:53:50.0716 4680  AmdLLD - ok
10:53:50.0841 4680  [ C2170E010C9B6739A136211FC0427527 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:53:50.0841 4680  AntiVirSchedulerService - ok
10:53:50.0919 4680  [ 47EB3F0EF84E0AF8AE75DB98EEF34255 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:53:50.0919 4680  AntiVirService - ok
10:53:50.0965 4680  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
10:53:50.0965 4680  Appinfo - ok
10:53:51.0075 4680  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:53:51.0075 4680  Apple Mobile Device - ok
10:53:51.0153 4680  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
10:53:51.0153 4680  arc - ok
10:53:51.0215 4680  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:53:51.0215 4680  arcsas - ok
10:53:51.0324 4680  [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:53:51.0324 4680  aspnet_state - ok
10:53:51.0355 4680  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:51.0371 4680  AsyncMac - ok
10:53:51.0371 4680  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:53:51.0387 4680  atapi - ok
10:53:51.0433 4680  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:51.0449 4680  AudioEndpointBuilder - ok
10:53:51.0480 4680  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:53:51.0480 4680  Audiosrv - ok
10:53:51.0558 4680  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:53:51.0574 4680  avgntflt - ok
10:53:51.0605 4680  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:53:51.0605 4680  avipbb - ok
10:53:51.0652 4680  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:53:51.0652 4680  avkmgr - ok
10:53:51.0714 4680  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:53:51.0714 4680  Beep - ok
10:53:51.0808 4680  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\system32\qmgr.dll
10:53:51.0823 4680  BITS - ok
10:53:51.0855 4680  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:53:51.0855 4680  blbdrive - ok
10:53:51.0979 4680  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:53:51.0995 4680  Bonjour Service - ok
10:53:52.0026 4680  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:53:52.0026 4680  bowser - ok
10:53:52.0073 4680  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:53:52.0073 4680  BrFiltLo - ok
10:53:52.0089 4680  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:53:52.0089 4680  BrFiltUp - ok
10:53:52.0120 4680  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
10:53:52.0135 4680  Browser - ok
10:53:52.0182 4680  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:53:52.0182 4680  Brserid - ok
10:53:52.0213 4680  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:53:52.0213 4680  BrSerWdm - ok
10:53:52.0229 4680  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:53:52.0229 4680  BrUsbMdm - ok
10:53:52.0245 4680  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:53:52.0245 4680  BrUsbSer - ok
10:53:52.0291 4680  [ CCE53AFC28347CC18EA139972E5B5E5A ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:53:52.0307 4680  BthEnum - ok
10:53:52.0323 4680  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:53:52.0338 4680  BTHMODEM - ok
10:53:52.0385 4680  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:53:52.0385 4680  BthPan - ok
10:53:52.0432 4680  [ AC8A1689D5EFC4D214201155A78D8F4B ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:53:52.0432 4680  BTHPORT - ok
10:53:52.0479 4680  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
10:53:52.0494 4680  BthServ - ok
10:53:52.0510 4680  [ 288C1F74E3E2EED6C7B54EB3AAC70856 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:53:52.0510 4680  BTHUSB - ok
10:53:52.0541 4680  [ A7C9E9B312036EC0EAF2CED52C7FC66F ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
10:53:52.0541 4680  btwaudio - ok
10:53:52.0588 4680  [ C8D1ADEFD6D5FEAF95C6C7A2CC6B4B97 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
10:53:52.0588 4680  btwavdt - ok
10:53:52.0697 4680  [ 346B62198C40D6CF12A3FA8804247ADF ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
10:53:52.0744 4680  btwdins - ok
10:53:52.0775 4680  [ E26610D44609574E13BAAD367AB34967 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
10:53:52.0791 4680  btwl2cap - ok
10:53:52.0806 4680  [ C49CC9B5E06FBDC87137BA24018B6EDE ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
10:53:52.0822 4680  btwrchid - ok
10:53:52.0978 4680  catchme - ok
10:53:53.0025 4680  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:53:53.0025 4680  cdfs - ok
10:53:53.0071 4680  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:53:53.0071 4680  cdrom - ok
10:53:53.0118 4680  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:53:53.0134 4680  CertPropSvc - ok
10:53:53.0134 4680  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:53:53.0149 4680  circlass - ok
10:53:53.0165 4680  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
10:53:53.0181 4680  CLFS - ok
10:53:53.0212 4680  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:53.0259 4680  clr_optimization_v2.0.50727_32 - ok
10:53:53.0352 4680  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:53.0383 4680  clr_optimization_v4.0.30319_32 - ok
10:53:53.0430 4680  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:53:53.0430 4680  CmBatt - ok
10:53:53.0446 4680  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:53:53.0446 4680  cmdide - ok
10:53:53.0555 4680  [ 5DFBD6DCD0568F8CB2355F4B4ED68CB7 ] CodeMeter.exe   C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
10:53:53.0649 4680  CodeMeter.exe - ok
10:53:53.0664 4680  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:53:53.0664 4680  Compbatt - ok
10:53:53.0664 4680  COMSysApp - ok
10:53:53.0664 4680  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:53:53.0680 4680  crcdisk - ok
10:53:53.0695 4680  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:53:53.0695 4680  Crusoe - ok
10:53:53.0758 4680  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:53:53.0758 4680  CryptSvc - ok
10:53:53.0805 4680  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:53:53.0820 4680  DcomLaunch - ok
10:53:53.0867 4680  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:53:53.0867 4680  DfsC - ok
10:53:53.0929 4680  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:53:53.0929 4680  Dhcp - ok
10:53:53.0961 4680  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
10:53:53.0961 4680  disk - ok
10:53:54.0007 4680  [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall         C:\Windows\system32\DRIVERS\DMICall.sys
10:53:54.0023 4680  DMICall - ok
10:53:54.0070 4680  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:53:54.0070 4680  Dnscache - ok
10:53:54.0101 4680  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:53:54.0117 4680  dot3svc - ok
10:53:54.0132 4680  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
10:53:54.0132 4680  DPS - ok
10:53:54.0163 4680  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:53:54.0179 4680  drmkaud - ok
10:53:54.0226 4680  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:53:54.0241 4680  DXGKrnl - ok
10:53:54.0273 4680  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:53:54.0273 4680  E1G60 - ok
10:53:54.0319 4680  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
10:53:54.0319 4680  EapHost - ok
10:53:54.0382 4680  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:53:54.0397 4680  Ecache - ok
10:53:54.0429 4680  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:53:54.0444 4680  ehRecvr - ok
10:53:54.0460 4680  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
10:53:54.0475 4680  ehSched - ok
10:53:54.0507 4680  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
10:53:54.0507 4680  ehstart - ok
10:53:54.0553 4680  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:53:54.0553 4680  elxstor - ok
10:53:54.0600 4680  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:53:54.0616 4680  EMDMgmt - ok
10:53:54.0741 4680  [ EC6A73CD8413F68655E5E0B99C415A21 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
10:53:54.0756 4680  EPSON_EB_RPCV4_01 - ok
10:53:54.0803 4680  [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
10:53:54.0803 4680  EPSON_PM_RPCV4_01 - ok
10:53:54.0850 4680  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:53:54.0850 4680  ErrDev - ok
10:53:54.0897 4680  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
10:53:54.0897 4680  EventSystem - ok
10:53:54.0975 4680  [ 791464A9E9ADE063327A29F1B3F1A86C ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:53:55.0021 4680  EvtEng - ok
10:53:55.0053 4680  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
10:53:55.0068 4680  exfat - ok
10:53:55.0099 4680  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:53:55.0099 4680  fastfat - ok
10:53:55.0131 4680  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:53:55.0146 4680  fdc - ok
10:53:55.0162 4680  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:53:55.0162 4680  fdPHost - ok
10:53:55.0177 4680  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:53:55.0177 4680  FDResPub - ok
10:53:55.0193 4680  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:53:55.0193 4680  FileInfo - ok
10:53:55.0224 4680  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:53:55.0224 4680  Filetrace - ok
10:53:55.0318 4680  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:53:55.0365 4680  FLEXnet Licensing Service - ok
10:53:55.0458 4680  [ 89647F7EAF4A5FBEDF57836239A7E55C ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
10:53:55.0474 4680  FlipShare Service - ok
10:53:55.0505 4680  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:53:55.0505 4680  flpydisk - ok
10:53:55.0552 4680  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:53:55.0552 4680  FltMgr - ok
10:53:55.0630 4680  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
10:53:55.0645 4680  FontCache - ok
10:53:55.0708 4680  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:53:55.0708 4680  FontCache3.0.0.0 - ok
10:53:55.0755 4680  FreshIO - ok
10:53:55.0770 4680  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:53:55.0770 4680  Fs_Rec - ok
10:53:55.0817 4680  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:53:55.0817 4680  gagp30kx - ok
10:53:55.0864 4680  [ 0FB1D1D51FD50E4A43AA36167DAD2859 ] gbxavs          C:\Windows\system32\Drivers\gbxavs.sys
10:53:55.0864 4680  gbxavs - ok
10:53:55.0926 4680  [ 88FB5CF017EC62030D038FD3F6131AFA ] gbxusb_svc      C:\Windows\system32\Drivers\gbxusb.sys
10:53:55.0942 4680  gbxusb_svc - ok
10:53:55.0973 4680  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:53:55.0973 4680  GEARAspiWDM - ok
10:53:56.0020 4680  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:53:56.0067 4680  gpsvc - ok
10:53:56.0129 4680  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:56.0145 4680  HdAudAddService - ok
10:53:56.0191 4680  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:53:56.0191 4680  HDAudBus - ok
10:53:56.0223 4680  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:53:56.0223 4680  HidBth - ok
10:53:56.0238 4680  [ 5A87127718873BD7F3BD7AC42B951D8E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:53:56.0254 4680  HidIr - ok
10:53:56.0285 4680  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
10:53:56.0285 4680  hidserv - ok
10:53:56.0316 4680  [ E2B5BD48AFCC0F0974FB44641B223250 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:53:56.0316 4680  HidUsb - ok
10:53:56.0347 4680  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:53:56.0347 4680  hkmsvc - ok
10:53:56.0363 4680  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:53:56.0379 4680  HpCISSs - ok
10:53:56.0425 4680  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:53:56.0441 4680  HSFHWAZL - ok
10:53:56.0503 4680  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:53:56.0535 4680  HSF_DPV - ok
10:53:56.0581 4680  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:53:56.0581 4680  HSXHWAZL - ok
10:53:56.0644 4680  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:53:56.0659 4680  HTTP - ok
10:53:56.0691 4680  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:53:56.0691 4680  i2omp - ok
10:53:56.0737 4680  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:53:56.0753 4680  i8042prt - ok
10:53:56.0784 4680  [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:53:56.0784 4680  IAANTMON - ok
10:53:56.0815 4680  [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor          C:\Windows\system32\drivers\iastor.sys
10:53:56.0815 4680  iaStor - ok
10:53:56.0831 4680  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:53:56.0847 4680  iaStorV - ok
10:53:56.0956 4680  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:53:56.0956 4680  IDriverT - ok
10:53:57.0065 4680  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:53:57.0127 4680  idsvc - ok
10:53:57.0174 4680  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:53:57.0190 4680  iirsp - ok
10:53:57.0252 4680  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:53:57.0268 4680  IKEEXT - ok
10:53:57.0393 4680  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:53:57.0424 4680  IntcAzAudAddService - ok
10:53:57.0471 4680  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:53:57.0471 4680  intelide - ok
10:53:57.0486 4680  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:53:57.0486 4680  intelppm - ok
10:53:57.0517 4680  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:53:57.0517 4680  IPBusEnum - ok
10:53:57.0533 4680  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:57.0549 4680  IpFilterDriver - ok
10:53:57.0549 4680  IpInIp - ok
10:53:57.0595 4680  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:53:57.0595 4680  IPMIDRV - ok
10:53:57.0627 4680  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:53:57.0627 4680  IPNAT - ok
10:53:57.0720 4680  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:53:57.0751 4680  iPod Service - ok
10:53:57.0783 4680  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:53:57.0798 4680  IRENUM - ok
10:53:57.0814 4680  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:53:57.0814 4680  isapnp - ok
10:53:57.0876 4680  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:53:57.0876 4680  iScsiPrt - ok
10:53:57.0907 4680  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:53:57.0907 4680  iteatapi - ok
10:53:57.0954 4680  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:53:57.0954 4680  iteraid - ok
10:53:58.0017 4680  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:53:58.0017 4680  IviRegMgr - ok
10:53:58.0048 4680  [ 9D3824E189EE26C0AD54DB8A76985B39 ] JMCR_CFS        C:\Windows\system32\DRIVERS\jmcr_cfs.sys
10:53:58.0048 4680  JMCR_CFS - ok
10:53:58.0063 4680  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:58.0063 4680  kbdclass - ok
10:53:58.0110 4680  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:58.0110 4680  kbdhid - ok
10:53:58.0141 4680  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
10:53:58.0141 4680  KeyIso - ok
10:53:58.0173 4680  [ 87B1362E342B9D01E1BEEE4EA9DAB55C ] KorgBlkT        C:\Windows\system32\Drivers\korgblkt.sys
10:53:58.0173 4680  KorgBlkT - ok
10:53:58.0235 4680  [ CD2B7F4C57FF0D8422A3A7AA9995874A ] KORGUMDS        C:\Windows\system32\Drivers\KORGUMDS.SYS
10:53:58.0235 4680  KORGUMDS - ok
10:53:58.0282 4680  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:53:58.0313 4680  KSecDD - ok
10:53:58.0375 4680  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:53:58.0375 4680  KtmRm - ok
10:53:58.0422 4680  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:53:58.0438 4680  LanmanServer - ok
10:53:58.0469 4680  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:58.0469 4680  LanmanWorkstation - ok
10:53:58.0531 4680  [ 318B3D608FBEC44B7E0C23BF759DCED5 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:53:58.0531 4680  LHidFilt - ok
10:53:58.0547 4680  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:53:58.0563 4680  lltdio - ok
10:53:58.0594 4680  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:53:58.0594 4680  lltdsvc - ok
10:53:58.0625 4680  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:53:58.0625 4680  lmhosts - ok
10:53:58.0641 4680  [ 84AF069D219DF3C43DC6792B2BBD7BED ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:53:58.0656 4680  LMouFilt - ok
10:53:58.0687 4680  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:53:58.0687 4680  LSI_FC - ok
10:53:58.0719 4680  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:53:58.0719 4680  LSI_SAS - ok
10:53:58.0765 4680  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:53:58.0765 4680  LSI_SCSI - ok
10:53:58.0812 4680  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
10:53:58.0812 4680  luafv - ok
10:53:58.0828 4680  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:53:58.0843 4680  Mcx2Svc - ok
10:53:58.0875 4680  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:53:58.0875 4680  mdmxsdk - ok
10:53:58.0937 4680  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:53:58.0937 4680  megasas - ok
10:53:58.0968 4680  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:53:58.0984 4680  MegaSR - ok
10:53:59.0046 4680  [ BAFDD5E28BAEA99D7F4772AF2F5EC7EE ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
10:53:59.0062 4680  mfeavfk - ok
10:53:59.0093 4680  [ 1D003E3056A43D881597D6763E83B943 ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
10:53:59.0109 4680  mfebopk - ok
10:53:59.0171 4680  [ 41FE2F288E05A6C8AB85DD56770FFBAD ] mferkdk         C:\Windows\system32\drivers\mferkdk.sys
10:53:59.0171 4680  mferkdk - ok
10:53:59.0202 4680  [ 096B52EA918AA909BA5903D79E129005 ] mfesmfk         C:\Windows\system32\drivers\mfesmfk.sys
10:53:59.0202 4680  mfesmfk - ok
10:53:59.0233 4680  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
10:53:59.0233 4680  MMCSS - ok
10:53:59.0233 4680  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
10:53:59.0249 4680  Modem - ok
10:53:59.0296 4680  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:53:59.0296 4680  monitor - ok
10:53:59.0311 4680  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:53:59.0311 4680  mouclass - ok
10:53:59.0343 4680  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:53:59.0343 4680  mouhid - ok
10:53:59.0358 4680  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:53:59.0358 4680  MountMgr - ok
10:53:59.0452 4680  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:53:59.0467 4680  MozillaMaintenance - ok
10:53:59.0514 4680  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:53:59.0514 4680  mpio - ok
10:53:59.0545 4680  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:53:59.0545 4680  mpsdrv - ok
10:53:59.0577 4680  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:53:59.0608 4680  Mraid35x - ok
10:53:59.0655 4680  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:53:59.0655 4680  MRxDAV - ok
10:53:59.0686 4680  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:59.0701 4680  mrxsmb - ok
10:53:59.0733 4680  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:59.0748 4680  mrxsmb10 - ok
10:53:59.0764 4680  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:59.0779 4680  mrxsmb20 - ok
10:53:59.0795 4680  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
10:53:59.0795 4680  msahci - ok
10:53:59.0826 4680  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:53:59.0826 4680  msdsm - ok
10:53:59.0857 4680  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
10:53:59.0873 4680  MSDTC - ok
10:53:59.0889 4680  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:53:59.0889 4680  Msfs - ok
10:53:59.0889 4680  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:53:59.0904 4680  msisadrv - ok
10:53:59.0920 4680  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:53:59.0920 4680  MSiSCSI - ok
10:53:59.0935 4680  msiserver - ok
10:53:59.0982 4680  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:53:59.0982 4680  MSKSSRV - ok
10:54:00.0013 4680  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:54:00.0029 4680  MSPCLOCK - ok
10:54:00.0045 4680  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:54:00.0045 4680  MSPQM - ok
10:54:00.0076 4680  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:54:00.0076 4680  MsRPC - ok
10:54:00.0107 4680  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:54:00.0107 4680  mssmbios - ok
10:54:00.0154 4680  MSSQL$MSSMLBIZ - ok
10:54:00.0263 4680  MSSQL$SONY_MEDIAMGR - ok
10:54:00.0325 4680  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:54:00.0325 4680  MSSQLServerADHelper - ok
10:54:00.0372 4680  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:54:00.0372 4680  MSTEE - ok
10:54:00.0388 4680  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
10:54:00.0388 4680  Mup - ok
10:54:00.0419 4680  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
10:54:00.0419 4680  napagent - ok
10:54:00.0497 4680  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:54:00.0497 4680  NativeWifiP - ok
10:54:00.0513 4680  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:54:00.0528 4680  NDIS - ok
10:54:00.0559 4680  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:54:00.0559 4680  NdisTapi - ok
10:54:00.0575 4680  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:54:00.0575 4680  Ndisuio - ok
10:54:00.0591 4680  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:54:00.0591 4680  NdisWan - ok
10:54:00.0606 4680  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:54:00.0622 4680  NDProxy - ok
10:54:00.0747 4680  [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
10:54:00.0793 4680  Nero BackItUp Scheduler 3 - ok
10:54:00.0825 4680  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:54:00.0825 4680  NetBIOS - ok
10:54:00.0871 4680  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:54:00.0871 4680  netbt - ok
10:54:00.0903 4680  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
10:54:00.0903 4680  Netlogon - ok
10:54:00.0934 4680  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
10:54:00.0934 4680  Netman - ok
10:54:00.0949 4680  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
10:54:00.0965 4680  netprofm - ok
10:54:00.0996 4680  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:54:01.0012 4680  NetTcpPortSharing - ok
10:54:01.0152 4680  [ F0C42E0CDCE558D658FA53A222B4CCB1 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
10:54:01.0261 4680  NETw5v32 - ok
10:54:01.0464 4680  [ 383712AEC962B72BF6D368A4A64CFE09 ] NETwNv32        C:\Windows\system32\DRIVERS\NETwNv32.sys
10:54:01.0620 4680  NETwNv32 - ok
10:54:01.0667 4680  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:54:01.0683 4680  nfrd960 - ok
10:54:02.0041 4680  [ 815EF9EDE6869CFF730C1DD236E519EA ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
10:54:02.0338 4680  NIHardwareService - ok
10:54:02.0385 4680  [ EA7BB4CC7C9AB8A3B70F4F696E6B3DDB ] NIWinCDEmu      C:\Windows\system32\DRIVERS\NIWinCDEmu.sys
10:54:02.0385 4680  NIWinCDEmu - ok
10:54:02.0416 4680  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:54:02.0416 4680  NlaSvc - ok
10:54:02.0525 4680  [ FF4D73B16EA3A32D34CEB3A7BC3C3773 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
10:54:02.0541 4680  NMIndexingService - ok
10:54:02.0572 4680  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:54:02.0587 4680  Npfs - ok
10:54:02.0587 4680  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
10:54:02.0603 4680  nsi - ok
10:54:02.0603 4680  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:54:02.0619 4680  nsiproxy - ok
10:54:02.0681 4680  [ 080FC237D26F860E8996550566C8EBBF ] NSUService      C:\Program Files\Sony\Network Utility\NSUService.exe
10:54:02.0697 4680  NSUService - ok
10:54:02.0775 4680  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:54:02.0837 4680  Ntfs - ok
10:54:02.0853 4680  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:54:02.0853 4680  ntrigdigi - ok
10:54:02.0884 4680  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
10:54:02.0884 4680  Null - ok
10:54:02.0931 4680  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:54:02.0931 4680  NVHDA - ok
10:54:03.0165 4680  [ B6B0CE8024432D39E88694676D3C9937 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:54:03.0414 4680  nvlddmkm - ok
10:54:03.0445 4680  [ 8267B7F5AEF78B52D1DE30716921FCEF ] NvnUsbAudio     C:\Windows\system32\DRIVERS\nvnusbaudio.sys
10:54:03.0445 4680  NvnUsbAudio - ok
10:54:03.0492 4680  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:54:03.0492 4680  nvraid - ok
10:54:03.0523 4680  Nvsr_seabnt - ok
10:54:03.0539 4680  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:54:03.0555 4680  nvstor - ok
10:54:03.0586 4680  [ 1D392E0D053E6B86FDFC4324AF3018C5 ] nvsvc           C:\Windows\system32\nvvsvc.exe
10:54:03.0601 4680  nvsvc - ok
10:54:03.0617 4680  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:54:03.0617 4680  nv_agp - ok
10:54:03.0633 4680  NwlnkFlt - ok
10:54:03.0633 4680  NwlnkFwd - ok
10:54:03.0695 4680  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:54:03.0711 4680  odserv - ok
10:54:03.0757 4680  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:54:03.0757 4680  ohci1394 - ok
10:54:03.0804 4680  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:54:03.0820 4680  ose - ok
10:54:03.0851 4680  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:54:03.0882 4680  p2pimsvc - ok
10:54:03.0913 4680  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:54:03.0913 4680  p2psvc - ok
10:54:03.0976 4680  [ 5D43D0BA9E0C2F8782077F660DFE916F ] PACSPTISVR      C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
10:54:03.0991 4680  PACSPTISVR - ok
10:54:04.0038 4680  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
10:54:04.0038 4680  Parport - ok
10:54:04.0069 4680  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:54:04.0085 4680  partmgr - ok
10:54:04.0101 4680  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:54:04.0101 4680  Parvdm - ok
10:54:04.0132 4680  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:54:04.0132 4680  PcaSvc - ok
10:54:04.0163 4680  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
10:54:04.0179 4680  pci - ok
10:54:04.0210 4680  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
10:54:04.0210 4680  pciide - ok
10:54:04.0241 4680  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:54:04.0241 4680  pcmcia - ok
10:54:04.0288 4680  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:54:04.0335 4680  PEAUTH - ok
10:54:04.0381 4680  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
10:54:04.0428 4680  pla - ok
10:54:04.0459 4680  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:54:04.0475 4680  PlugPlay - ok
10:54:04.0537 4680  [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
10:54:04.0537 4680  PnkBstrA - ok
10:54:04.0569 4680  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:54:04.0569 4680  PNRPAutoReg - ok
10:54:04.0584 4680  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:54:04.0600 4680  PNRPsvc - ok
10:54:04.0631 4680  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:54:04.0647 4680  PolicyAgent - ok
10:54:04.0678 4680  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:54:04.0678 4680  PptpMiniport - ok
10:54:04.0693 4680  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
10:54:04.0709 4680  Processor - ok
10:54:04.0740 4680  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:54:04.0740 4680  ProfSvc - ok
10:54:04.0756 4680  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:54:04.0756 4680  ProtectedStorage - ok
10:54:04.0787 4680  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:54:04.0787 4680  PSched - ok
10:54:04.0818 4680  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
10:54:04.0818 4680  PxHelp20 - ok
10:54:04.0896 4680  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:54:04.0943 4680  ql2300 - ok
10:54:04.0974 4680  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:54:04.0974 4680  ql40xx - ok
10:54:05.0021 4680  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
10:54:05.0021 4680  QWAVE - ok
10:54:05.0052 4680  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:54:05.0052 4680  QWAVEdrv - ok
10:54:05.0208 4680  [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
10:54:05.0224 4680  RapportCerberus_43926 - ok
10:54:05.0302 4680  [ 093B6A040BCF3FD4A0FFF397BAF28330 ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
10:54:05.0302 4680  RapportEI - ok
10:54:05.0333 4680  [ 660436FBE447EBC73873EF2B0B2094B4 ] RapportKELL     C:\Windows\system32\Drivers\RapportKELL.sys
10:54:05.0333 4680  RapportKELL - ok
10:54:05.0411 4680  [ 61B37C0B3FD7DA7414C20D917469BFFF ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
10:54:05.0458 4680  RapportMgmtService - ok
10:54:05.0505 4680  [ 3DE33A522BB73E161F20D444687E978B ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
10:54:05.0505 4680  RapportPG - ok
10:54:05.0536 4680  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:54:05.0551 4680  RasAcd - ok
10:54:05.0567 4680  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
10:54:05.0583 4680  RasAuto - ok
10:54:05.0598 4680  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:54:05.0614 4680  Rasl2tp - ok
10:54:05.0645 4680  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
10:54:05.0661 4680  RasMan - ok
10:54:05.0692 4680  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:54:05.0692 4680  RasPppoe - ok
10:54:05.0707 4680  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:54:05.0707 4680  RasSstp - ok
10:54:05.0723 4680  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:54:05.0739 4680  rdbss - ok
10:54:05.0817 4680  [ B4A5CC586C2EF3135580BAB85F95DBEC ] RDID1079        C:\Windows\system32\Drivers\rdwm1079.sys
10:54:05.0817 4680  RDID1079 - ok
10:54:05.0879 4680  [ FA273C4E4E3BEE40B1CF1154577FE212 ] RDID1103        C:\Windows\system32\Drivers\rdwm1103.sys
10:54:05.0879 4680  RDID1103 - ok
10:54:05.0957 4680  [ 4D3331AAC59786843DCB3A672C99632B ] RDID1110        C:\Windows\system32\Drivers\rdwm1110.sys
10:54:05.0957 4680  RDID1110 - ok
10:54:05.0973 4680  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:54:05.0973 4680  RDPCDD - ok
10:54:06.0004 4680  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:54:06.0019 4680  rdpdr - ok
10:54:06.0019 4680  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:54:06.0035 4680  RDPENCDD - ok
10:54:06.0097 4680  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:54:06.0097 4680  RDPWD - ok
10:54:06.0144 4680  [ 001B4278407F4303EFC902A2B16F2453 ] regi            C:\Windows\system32\drivers\regi.sys
10:54:06.0160 4680  regi - ok
10:54:06.0222 4680  [ 636AAFAD77BEABE192D01E7E74F4A45B ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:54:06.0238 4680  RegSrvc - ok
10:54:06.0253 4680  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:54:06.0253 4680  RemoteAccess - ok
10:54:06.0285 4680  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:54:06.0300 4680  RemoteRegistry - ok
10:54:06.0316 4680  [ 23F486726DA7A9B2F3EC7326421A9C36 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:54:06.0331 4680  RFCOMM - ok
10:54:06.0363 4680  [ D0C2A0CE1091E08EFB7CCBA6CEA4C3F9 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
10:54:06.0363 4680  rimsptsk - ok
10:54:06.0378 4680  [ C22E4E27CCDF9AA5FE8143104F28CDE3 ] risdptsk        C:\Windows\system32\DRIVERS\risdptsk.sys
10:54:06.0378 4680  risdptsk - ok
10:54:06.0409 4680  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
10:54:06.0409 4680  RpcLocator - ok
10:54:06.0456 4680  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
10:54:06.0456 4680  RpcSs - ok
10:54:06.0487 4680  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:54:06.0503 4680  rspndr - ok
10:54:06.0550 4680  [ 93EB7F2F895952AC8FE100B5DFC3FE39 ] RtkAudioService C:\Windows\RtkAudioService.exe
10:54:06.0550 4680  RtkAudioService - ok
10:54:06.0643 4680  [ 5EE9AD410120BFBA6490F6447FCC815F ] SaiKF620        C:\Windows\system32\DRIVERS\SaiKF620.sys
10:54:06.0643 4680  SaiKF620 - ok
10:54:06.0659 4680  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
10:54:06.0659 4680  SamSs - ok
10:54:06.0690 4680  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:54:06.0690 4680  sbp2port - ok
10:54:06.0753 4680  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:54:06.0753 4680  SCardSvr - ok
10:54:06.0815 4680  [ C23DBD9BFBA8B1170706E0896B3CF7DA ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
10:54:06.0815 4680  SCDEmu - ok
10:54:06.0862 4680  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
10:54:06.0877 4680  Schedule - ok
10:54:06.0909 4680  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:54:06.0909 4680  SCPolicySvc - ok
10:54:06.0971 4680  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
10:54:06.0971 4680  sdbus - ok
10:54:07.0002 4680  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:54:07.0018 4680  SDRSVC - ok
10:54:07.0049 4680  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:54:07.0049 4680  secdrv - ok
10:54:07.0065 4680  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
10:54:07.0065 4680  seclogon - ok
10:54:07.0065 4680  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
10:54:07.0080 4680  SENS - ok
10:54:07.0096 4680  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:54:07.0096 4680  Serenum - ok
10:54:07.0127 4680  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
10:54:07.0127 4680  Serial - ok
10:54:07.0158 4680  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:54:07.0158 4680  sermouse - ok
10:54:07.0205 4680  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:54:07.0205 4680  SessionEnv - ok
10:54:07.0252 4680  [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
10:54:07.0252 4680  SFEP - ok
10:54:07.0267 4680  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:54:07.0267 4680  sffdisk - ok
10:54:07.0299 4680  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:54:07.0299 4680  sffp_mmc - ok
10:54:07.0299 4680  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:54:07.0314 4680  sffp_sd - ok
10:54:07.0345 4680  [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:54:07.0345 4680  sfloppy - ok
10:54:07.0392 4680  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:54:07.0408 4680  ShellHWDetection - ok
10:54:07.0439 4680  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:54:07.0439 4680  sisagp - ok
10:54:07.0455 4680  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:54:07.0455 4680  SiSRaid2 - ok
10:54:07.0486 4680  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:54:07.0501 4680  SiSRaid4 - ok
10:54:07.0564 4680  [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:54:07.0611 4680  SkypeUpdate - ok
10:54:07.0704 4680  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
10:54:07.0782 4680  slsvc - ok
10:54:07.0813 4680  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:54:07.0813 4680  SLUINotify - ok
10:54:07.0829 4680  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:54:07.0829 4680  Smb - ok
10:54:07.0891 4680  [ 944AB0BE19EAB08A9FCDA6F5BD99F62E ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
10:54:07.0891 4680  SmbDrvI - ok
10:54:07.0923 4680  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:54:07.0938 4680  SNMPTRAP - ok
10:54:07.0985 4680  [ DC826AFFA608F50C385BCA4C71EF1BDD ] SOHCImp         C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
10:54:08.0001 4680  SOHCImp - ok
10:54:08.0016 4680  [ 1EC739F65C51FA1C7AC4502464A3C3A8 ] SOHDms          C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
10:54:08.0032 4680  SOHDms - ok
10:54:08.0079 4680  [ EC8FAB4AC684445D6032AA5C6E77CA2E ] SOHDs           C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
10:54:08.0079 4680  SOHDs - ok
10:54:08.0110 4680  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
10:54:08.0110 4680  spldr - ok
10:54:08.0141 4680  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
10:54:08.0157 4680  Spooler - ok
10:54:08.0157 4680  SQLAgent$SONY_MEDIAMGR - ok
10:54:08.0188 4680  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:54:08.0188 4680  SQLBrowser - ok
10:54:08.0235 4680  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:54:08.0235 4680  SQLWriter - ok
10:54:08.0281 4680  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:54:08.0281 4680  srv - ok
10:54:08.0328 4680  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:54:08.0328 4680  srv2 - ok
10:54:08.0359 4680  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:54:08.0359 4680  srvnet - ok
10:54:08.0391 4680  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:54:08.0391 4680  SSDPSRV - ok
10:54:08.0406 4680  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:54:08.0422 4680  ssmdrv - ok
10:54:08.0437 4680  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:54:08.0437 4680  SstpSvc - ok
10:54:08.0469 4680  Steam Client Service - ok
10:54:08.0515 4680  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
10:54:08.0547 4680  stisvc - ok
10:54:08.0562 4680  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:54:08.0562 4680  swenum - ok
10:54:08.0640 4680  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:54:08.0687 4680  SwitchBoard - ok
10:54:08.0718 4680  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
10:54:08.0734 4680  swprv - ok
10:54:08.0749 4680  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:54:08.0765 4680  Symc8xx - ok
10:54:08.0796 4680  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:54:08.0796 4680  Sym_hi - ok
10:54:08.0827 4680  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:54:08.0827 4680  Sym_u3 - ok
10:54:08.0890 4680  [ 98E4625399A520C00144516D5E79668C ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
10:54:08.0905 4680  SynTP - ok
10:54:08.0937 4680  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
10:54:08.0968 4680  SysMain - ok
10:54:08.0999 4680  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:54:09.0015 4680  TabletInputService - ok
10:54:09.0061 4680  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:54:09.0077 4680  TapiSrv - ok
10:54:09.0093 4680  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
10:54:09.0093 4680  TBS - ok
10:54:09.0155 4680  [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:54:09.0171 4680  Tcpip - ok
10:54:09.0202 4680  [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:54:09.0217 4680  Tcpip6 - ok
10:54:09.0249 4680  [ 4C11A1820DDC37FA653913AD680ACCAE ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:54:09.0249 4680  tcpipreg - ok
10:54:09.0264 4680  [ 72B9E77565DA5FA564581976E000D29B ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
10:54:09.0280 4680  TcUsb - ok
10:54:09.0311 4680  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:54:09.0311 4680  TDPIPE - ok
10:54:09.0342 4680  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:54:09.0342 4680  TDTCP - ok
10:54:09.0373 4680  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:54:09.0373 4680  tdx - ok
10:54:09.0389 4680  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:54:09.0389 4680  TermDD - ok
10:54:09.0436 4680  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
10:54:09.0451 4680  TermService - ok
10:54:09.0467 4680  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
10:54:09.0467 4680  Themes - ok
10:54:09.0498 4680  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
10:54:09.0498 4680  THREADORDER - ok
10:54:09.0529 4680  [ 409A577FD5781C717E55A28717514C58 ] TPkd            C:\Windows\system32\drivers\TPkd.sys
10:54:09.0529 4680  TPkd - ok
10:54:09.0545 4680  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
10:54:09.0561 4680  TrkWks - ok
10:54:09.0592 4680  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:54:09.0592 4680  TrustedInstaller - ok
10:54:09.0623 4680  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:54:09.0623 4680  tssecsrv - ok
10:54:09.0639 4680  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:54:09.0639 4680  tunmp - ok
10:54:09.0670 4680  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:54:09.0685 4680  tunnel - ok
10:54:09.0701 4680  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:54:09.0701 4680  uagp35 - ok
10:54:09.0717 4680  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:54:09.0732 4680  udfs - ok
10:54:09.0763 4680  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:54:09.0779 4680  UI0Detect - ok
10:54:09.0779 4680  UIUSys - ok
10:54:09.0795 4680  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:54:09.0810 4680  uliagpkx - ok
10:54:09.0826 4680  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:54:09.0841 4680  uliahci - ok
10:54:09.0857 4680  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:54:09.0873 4680  UlSata - ok
10:54:09.0904 4680  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:54:09.0904 4680  ulsata2 - ok
10:54:09.0919 4680  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:54:09.0919 4680  umbus - ok
10:54:09.0951 4680  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
10:54:09.0966 4680  upnphost - ok
10:54:09.0997 4680  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
10:54:09.0997 4680  USBAAPL - ok
10:54:10.0044 4680  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:54:10.0044 4680  usbaudio - ok
10:54:10.0075 4680  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:54:10.0075 4680  usbccgp - ok
10:54:10.0107 4680  [ 47B9770EA21436DE4AD5AEA7926E0900 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
10:54:10.0107 4680  usbcir - ok
10:54:10.0169 4680  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:54:10.0169 4680  usbehci - ok
10:54:10.0185 4680  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:54:10.0200 4680  usbhub - ok
10:54:10.0216 4680  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:54:10.0231 4680  usbohci - ok
10:54:10.0263 4680  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:54:10.0263 4680  usbprint - ok
10:54:10.0309 4680  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:54:10.0325 4680  usbscan - ok
10:54:10.0356 4680  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:54:10.0356 4680  USBSTOR - ok
10:54:10.0372 4680  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:54:10.0372 4680  usbuhci - ok
10:54:10.0419 4680  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
10:54:10.0419 4680  usbvideo - ok
10:54:10.0450 4680  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
10:54:10.0450 4680  UxSms - ok
10:54:10.0512 4680  [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
10:54:10.0512 4680  VAIO Entertainment TV Device Arbitration Service - ok
10:54:10.0606 4680  [ 693A3FDD279C345105FFF9DDE277849B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
10:54:10.0606 4680  VAIO Event Service - ok
10:54:10.0668 4680  [ 43CEC9BF5A4F2917982AD01D92E0F44D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:54:10.0699 4680  VAIO Power Management - ok
10:54:10.0933 4680  [ 721A1677FD204AB065238504D9268D92 ] VCFw            C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:54:11.0183 4680  VCFw - ok
10:54:11.0261 4680  [ FD03AC6CD1571AA8B2FF56D3C600E26E ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:54:11.0308 4680  VcmIAlzMgr - ok
10:54:11.0308 4680  Vcsw - ok
10:54:11.0355 4680  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
10:54:11.0386 4680  vds - ok
10:54:11.0417 4680  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:54:11.0417 4680  vga - ok
10:54:11.0433 4680  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:54:11.0448 4680  VgaSave - ok
10:54:11.0464 4680  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:54:11.0464 4680  viaagp - ok
10:54:11.0479 4680  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:54:11.0495 4680  ViaC7 - ok
10:54:11.0511 4680  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
10:54:11.0511 4680  viaide - ok
10:54:11.0542 4680  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:54:11.0557 4680  volmgr - ok
10:54:11.0557 4680  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:54:11.0573 4680  volmgrx - ok
10:54:11.0604 4680  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:54:11.0620 4680  volsnap - ok
10:54:11.0651 4680  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:54:11.0667 4680  vsmraid - ok
10:54:11.0713 4680  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
10:54:11.0713 4680  VSS - ok
10:54:11.0823 4680  [ AD137204D107A60D563030145C3BE695 ] VUAgent         C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
10:54:11.0901 4680  VUAgent - ok
10:54:11.0994 4680  [ 79EB419F4A694B4514249E0D3DB16ECF ] VzCdbSvc        C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
10:54:11.0994 4680  VzCdbSvc - ok
10:54:12.0041 4680  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
10:54:12.0041 4680  W32Time - ok
10:54:12.0072 4680  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:54:12.0088 4680  WacomPen - ok
10:54:12.0103 4680  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:54:12.0103 4680  Wanarp - ok
10:54:12.0119 4680  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:54:12.0119 4680  Wanarpv6 - ok
10:54:12.0150 4680  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:54:12.0181 4680  wcncsvc - ok
10:54:12.0197 4680  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:54:12.0197 4680  WcsPlugInService - ok
10:54:12.0213 4680  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
10:54:12.0228 4680  Wd - ok
10:54:12.0275 4680  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:54:12.0306 4680  Wdf01000 - ok
10:54:12.0337 4680  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:54:12.0337 4680  WdiServiceHost - ok
10:54:12.0337 4680  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:54:12.0353 4680  WdiSystemHost - ok
10:54:12.0384 4680  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
10:54:12.0384 4680  WebClient - ok
10:54:12.0431 4680  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:54:12.0431 4680  Wecsvc - ok
10:54:12.0447 4680  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:54:12.0447 4680  wercplsupport - ok
10:54:12.0493 4680  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:54:12.0493 4680  WerSvc - ok
10:54:12.0556 4680  [ 090A2B8F055343815556A01F725F6C35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
10:54:12.0556 4680  WimFltr - ok
10:54:12.0587 4680  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:54:12.0618 4680  winachsf - ok
10:54:12.0618 4680  WinHttpAutoProxySvc - ok
10:54:12.0681 4680  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:54:12.0681 4680  Winmgmt - ok
10:54:12.0727 4680  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:54:12.0805 4680  WinRM - ok
10:54:12.0852 4680  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:54:12.0899 4680  Wlansvc - ok
10:54:12.0993 4680  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:13.0039 4680  wlidsvc - ok
10:54:13.0055 4680  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:54:13.0071 4680  WmiAcpi - ok
10:54:13.0102 4680  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:54:13.0102 4680  wmiApSrv - ok
10:54:13.0164 4680  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:54:13.0211 4680  WMPNetworkSvc - ok
10:54:13.0227 4680  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:54:13.0227 4680  WPCSvc - ok
10:54:13.0273 4680  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:54:13.0273 4680  WPDBusEnum - ok
10:54:13.0320 4680  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:54:13.0320 4680  WpdUsb - ok
10:54:13.0445 4680  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:54:13.0492 4680  WPFFontCache_v0400 - ok
10:54:13.0539 4680  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:54:13.0539 4680  ws2ifsl - ok
10:54:13.0570 4680  WSearch - ok
10:54:13.0663 4680  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
10:54:13.0710 4680  wuauserv - ok
10:54:13.0773 4680  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:54:13.0788 4680  WudfPf - ok
10:54:13.0804 4680  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:54:13.0804 4680  WUDFRd - ok
10:54:13.0835 4680  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:54:13.0851 4680  wudfsvc - ok
10:54:13.0866 4680  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
10:54:13.0882 4680  XAudio - ok
10:54:13.0897 4680  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
10:54:13.0913 4680  XAudioService - ok
10:54:13.0960 4680  [ E0E5150B5081A30AFEEA97CEC5F181AD ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
10:54:13.0975 4680  yukonwlh - ok
10:54:14.0038 4680  [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
10:54:14.0038 4680  ZTEusbmdm6k - ok
10:54:14.0069 4680  [ 453A60F8DC22FC296BC482CBF3EFF213 ] ZTEusbnet       C:\Windows\system32\DRIVERS\ZTEusbnet.sys
10:54:14.0085 4680  ZTEusbnet - ok
10:54:14.0131 4680  [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
10:54:14.0131 4680  ZTEusbnmea - ok
10:54:14.0163 4680  [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
10:54:14.0178 4680  ZTEusbser6k - ok
10:54:14.0225 4680  [ 2A6F72D2B6A549B1FC6A6522BC204159 ] ZTEusbvoice     C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
10:54:14.0225 4680  ZTEusbvoice - ok
10:54:14.0256 4680  ================ Scan global ===============================
10:54:14.0303 4680  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:54:14.0334 4680  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:54:14.0381 4680  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:54:14.0412 4680  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:54:14.0412 4680  [Global] - ok
10:54:14.0412 4680  ================ Scan MBR ==================================
10:54:14.0428 4680  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:54:14.0958 4680  \Device\Harddisk0\DR0 - ok
10:54:15.0317 4680  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:54:15.0442 4680  \Device\Harddisk1\DR1 - ok
10:54:15.0442 4680  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
10:54:17.0579 4680  \Device\Harddisk5\DR5 - ok
10:54:17.0579 4680  ================ Scan VBR ==================================
10:54:17.0579 4680  [ FD56B8035277ABA82B0FC0ADE11E2BE4 ] \Device\Harddisk0\DR0\Partition1
10:54:17.0579 4680  \Device\Harddisk0\DR0\Partition1 - ok
10:54:17.0579 4680  [ 5B46D7CD50B2CBDB090D0A47F8412ACB ] \Device\Harddisk1\DR1\Partition1
10:54:17.0579 4680  \Device\Harddisk1\DR1\Partition1 - ok
10:54:17.0579 4680  [ 79C398742E0102D372840DFA928DD868 ] \Device\Harddisk5\DR5\Partition1
10:54:17.0595 4680  \Device\Harddisk5\DR5\Partition1 - ok
10:54:17.0595 4680  ============================================================
10:54:17.0595 4680  Scan finished
10:54:17.0595 4680  ============================================================
10:54:17.0595 3476  Detected object count: 0
10:54:17.0595 3476  Actual detected object count: 0
10:54:54.0467 4528  Deinitialize success
 



AdwCleaner Log:

 

# AdwCleaner v2.303 - Logfile created 06/19/2013 at 10:55:17
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : admin - KINGBASTARD
# Boot Mode : Normal
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\bProtector_extensions.rdf
Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\admin\AppData\Local\APN
Folder Deleted : C:\Users\admin\AppData\Local\PackageAware
Folder Deleted : C:\Users\admin\AppData\Local\Wondershare
Folder Deleted : C:\Users\admin\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\admin\AppData\Roaming\Babylon
Folder Deleted : C:\Users\admin\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\StumbleUpon
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\530d7dcb43fe449
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com]
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-GB)

File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\prefs.js

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Deleted : user_pref("extensions.BabylonToolbar.id", "8695038800000000000000214f4d2edb");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15769");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "uninst");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.108:57:32");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=120297");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("vshare.install.date", "1284422400000");
Deleted : user_pref("vshare.install.finished", "1.0.0");
Deleted : user_pref("vshare.install.guid", "{c6588d62-4a52-4f2f-928c-4e9a4b957eb6}");
Deleted : user_pref("vshare.install.isHidden", true);
Deleted : user_pref("vshare.install.laststatreq", "1292371200000");
Deleted : user_pref("vshare.install.newtab", false);

*************************

AdwCleaner[S1].txt - [12087 octets] - [19/06/2013 10:55:17]

########## EOF - C:\AdwCleaner[S1].txt - [12148 octets] ##########
 



#6 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 01:40 PM

ESETScan report:

 

C:\Program Files\Avira\AntiVir Desktop\apnic.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Avira\AntiVir Desktop\apntoolbarinstaller.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\prefs.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\prefs.js.BAK    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\prefs.js.new    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Users\admin\Desktop\avira_free_antivirus_en.exe    a variant of Win32/Bundled.Toolbar.Ask application    deleted - quarantined
D:\PSP Audioware full PC VST RTAS.zip    a variant of Win32/Keygen.AD application    deleted - quarantined
 



#7 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 02:01 PM

While the scans have obviously done some good and rooted out some nasty bits of malware, viruses etc... I'm still experiencing all the same issues as previously.

I restarted my laptop after the final ESETScan and sadly all the problems remain. I cannot download, my Security Center will not turn on and I have no access to my firewall.

I noted in the scans that ESET found 'JS/SecurityDisabler.A.Gen application' & cleaned by deleting - quarantined. So I hoped that it would be fixed.

 

Any suggestions?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:17 PM

Posted 19 June 2013 - 07:48 PM

Lets look at the services.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
and a rootkit check.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 11:54 PM

Farbar Service Scanner Log:

 

Farbar Service Scanner Version: 16-06-2013
Ran by admin (administrator) on 20-06-2013 at 13:31:37
Running from "C:\Users\admin\Desktop\ANTI-VIRUS DOWNLOADS"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-06-13 08:36] - [2013-05-08 04:40] - 0914792 ____A (Microsoft Corporation) 078218D74C4EFC2CE7E4C6DF22A94F2F

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-06-13 08:35] - [2013-04-24 05:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB


ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll Reparse point on file detected.

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Edited by Chris Weeks, 20 June 2013 - 07:33 AM.


#10 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 19 June 2013 - 11:56 PM

aswMBR Log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-20 13:33:49
-----------------------------
13:33:49.643    OS Version: Windows 6.0.6002 Service Pack 2
13:33:49.643    Number of processors: 2 586 0x1706
13:33:49.644    ComputerName: KINGBASTARD  UserName: admin
13:33:52.150    Initialize success
13:33:56.641    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:33:56.643    Disk 0 Vendor: FUJITSU_ 0041 Size: 305245MB BusType: 3
13:33:56.646    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
13:33:56.648    Disk 1 Vendor: FUJITSU_ 0041 Size: 305245MB BusType: 3
13:33:56.651    Disk 2  \Device\Harddisk2\DR2 -> \Device\00000079
13:33:56.655    Disk 2 Vendor: RICOH 01 Size: 305245MB BusType: 0
13:33:56.659    Disk 3  \Device\Harddisk3\DR3 -> \Device\0000007a
13:33:56.663    Disk 3 Vendor: RICOH 02 Size: 305245MB BusType: 0
13:33:56.667    Disk 4  \Device\Harddisk4\DR4 -> \Device\Scsi\JMCR_CFS1Port1Path0Target0Lun0
13:33:56.672    Disk 4 Vendor: JMCR  Size: 305245MB BusType: 0
13:33:56.779    Disk 0 MBR read successfully
13:33:56.784    Disk 0 MBR scan
13:33:56.789    Disk 0 Windows VISTA default MBR code
13:33:56.805    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        11555 MB offset 2048
13:33:56.820    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       293688 MB offset 23666688
13:33:56.828    Disk 0 scanning sectors +625140400
13:33:56.900    Disk 0 scanning C:\Windows\system32\drivers
13:34:06.882    Service scanning
13:34:45.529    Modules scanning
13:35:03.159    Disk 0 trace - called modules:
13:35:03.185    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iastor.sys
13:35:03.192    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8d9904f8]
13:35:03.198    3 CLASSPNP.SYS[91baf8b3] -> nt!IofCallDriver -> [0x8cf11f08]
13:35:03.205    5 acpi.sys[8a4a46bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8cf2e028]
13:35:03.212    Scan finished successfully
13:35:11.052    Disk 0 MBR has been saved successfully to "C:\Users\admin\Desktop\MBR.dat"
13:35:11.058    The log file has been saved successfully to "C:\Users\admin\Desktop\aswMBR.txt"

 


Edited by Chris Weeks, 20 June 2013 - 07:35 AM.


#11 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 20 June 2013 - 03:17 AM

There has been another development. Every time I close my laptop lid; or put it into 'Sleep Mode', it restarts. I noticed a blue screen with white writing briefly flash up, just before it restarted to the 'start windows normally' screen. It was too quick for me to be able to read what it said.



#12 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 20 June 2013 - 08:44 AM

I hope you don't mind, but in order to try to get this issue fixed before I have to go away from home for a couple of days I investigated into other people's experiences of the virus I believe I have. From the looks of it, it is a ZeroAcess RootKit virus, which I guess you already knew. I'm currently running Mbam Anti-Rootkit and it has currently found 8 items of malware, the [Trojan.Siredef.C], a nasty one, hiding in the c:\$RECYCLEBIN\...

Here is the Log of the scan:

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1003

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.526000 GHz
Memory total: 3185922048, free: 1351671808

Downloaded database version: v2013.06.20.06
Downloaded database version: v2013.05.22.01
Initializing...
------------ Kernel report ------------
     06/20/2013 14:14:09
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iastor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\TPkd.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\RapportKELL.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk60x86.sys
\SystemRoot\system32\DRIVERS\NETwNv32.sys
\SystemRoot\system32\DRIVERS\jmcr_cfs.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\risdptsk.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\SFEP.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\NIWinCDEmu.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\AmdLLD.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\HSXHWAZL.sys
\SystemRoot\system32\DRIVERS\HSX_DPV.sys
\SystemRoot\system32\DRIVERS\HSX_CNXT.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\nvhda32v.sys
\??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
\SystemRoot\System32\Drivers\tcusb.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\ssmdrv.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
\SystemRoot\system32\DRIVERS\BthEnum.sys
\??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\DRIVERS\DMICall.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\regi.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\xaudio.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\??\C:\Users\admin\AppData\Local\Temp\aswMBR.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR7
Upper Device Object: 0xffffffff8db65ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\000000a2\
Lower Device Object: 0xffffffff8da0d3b8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xffffffff8fc31ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Scsi\JMCR_CFS1Port1Path0Target0Lun0\
Lower Device Object: 0xffffffff8e9bb2e0
Lower Device Driver Name: \Driver\JMCR_CFS\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xffffffff8e9c4ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000007a\
Lower Device Object: 0xffffffff8f9e2028
Lower Device Driver Name: \Driver\rimsptsk\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff8e9be220
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000079\
Lower Device Object: 0xffffffff8e9be968
Lower Device Driver Name: \Driver\risdptsk\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8d991030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xffffffff8cf12028
Lower Device Driver Name: \Driver\iaStor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8d9904f8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff8cf2e028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8d9904f8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8d9901e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8d9904f8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8cf11f08, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8cf2e028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D68C5698

Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 23664640

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 23666688  Numsec = 601473712
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8d991030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8d991d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8d991030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8cf11df0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8cf12028, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DD6C29C

Partition information:

    Partition 0 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 16065  Numsec = 625121280

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff8e9be220, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8e9c1d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8e9be220, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8e9be968, DeviceName: \Device\00000079\, DriverName: \Driver\risdptsk\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff8e9c4ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8e9c47b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8e9c4ac8, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8f9e2028, DeviceName: \Device\0000007a\, DriverName: \Driver\rimsptsk\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff8fc31ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8fc29020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8fc31ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8e9bb2e0, DeviceName: \Device\Scsi\JMCR_CFS1Port1Path0Target0Lun0\, DriverName: \Driver\JMCR_CFS\
------------ End ----------
Physical Sector Size: 512
Drive: 5, DevicePointer: 0xffffffff8db65ac8, DeviceName: \Device\Harddisk5\DR7\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8dc70c50, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8db65ac8, DeviceName: \Device\Harddisk5\DR7\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8da0d3b8, DeviceName: \Device\000000a2\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk5\DR7\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 5
Scanning MBR on drive 5...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

    Partition 0 type is Other (0xc)
    Partition is ACTIVE.
    Partition starts at LBA: 3176  Numsec = 61027224
    Partition file system is FAT32
    Partition is not bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 31247564800 bytes
Sector size: 512 bytes

Done!
Infected: c:\$RECYCLE.BIN\S-1-5-18\$511dcabcd08c367af017b139667f67d4\@ --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-21-2526120626-3347230282-2708207307-1000\$511dcabcd08c367af017b139667f67d4\@ --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-18\$511dcabcd08c367af017b139667f67d4\U --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-21-2526120626-3347230282-2708207307-1000\$511dcabcd08c367af017b139667f67d4\U --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-18\$511dcabcd08c367af017b139667f67d4\L --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-21-2526120626-3347230282-2708207307-1000\$511dcabcd08c367af017b139667f67d4\L --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-18\$511dcabcd08c367af017b139667f67d4 --> [Trojan.Siredef.C]
Infected: c:\$RECYCLE.BIN\S-1-5-21-2526120626-3347230282-2708207307-1000\$511dcabcd08c367af017b139667f67d4 --> [Trojan.Siredef.C]
Scan finished
 

.........................................................................

.........................................................................

 

I know that you usually don't like people to get ahead of themselves with these matters, but, we are busy people;)

As you are in the US and I am in the UK, our 'response times' are a bit out of sync, meaning that most of the time I am sitting around twiddling my thumbs waiting for help.

So, I thought a little bit of research and involvement at my end could do no harm to an already messy situation!

 

Hope you are cool with this, it's not that I don't appreciate your help in these matters, you are far more capable and experienced than I, but I need the matter resolved fast so I can get on with my work.

 

Best,

 

Chris.


Edited by Chris Weeks, 20 June 2013 - 08:48 AM.


#13 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 20 June 2013 - 09:10 AM

I also ran 'fixdamage.exe' and rebooted.

 

After reboot I checked Security Center: Firewall, Automatic Updating, Malware Protection, Other Security Settings are all now 'ON' and appear to be back to normal.

 

Here is my latest Farbar Service Scanner Log: If you could please check this for me and let me know if you think it's now safe to use my laptop again it would be greatly appreciated.

 

Farbar Service Scanner Version: 16-06-2013
Ran by admin (administrator) on 20-06-2013 at 15:07:25
Running from "C:\Users\admin\Desktop\ANTI-VIRUS DOWNLOADS"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-06-13 08:36] - [2013-05-08 04:40] - 0914792 ____A (Microsoft Corporation) 078218D74C4EFC2CE7E4C6DF22A94F2F

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2013-06-13 08:35] - [2013-04-24 05:00] - 0133120 ____A (Microsoft Corporation) 3EDE4C1F9672C972479201544969ADCB

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

Please let me know if there is anything else I should do now. Run some more scans, check my reg etc...



#14 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 20 June 2013 - 04:14 PM

I ran ESET Online Scanner again. Here is the result:

 

C:\Program Files\Avira\AntiVir Desktop\ApnIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Program Files\Avira\AntiVir Desktop\ApnToolbarInstaller.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting (after the next restart) - quarantined
C:\Users\admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\6ebe7504-38b63ec2    a variant of Java/Exploit.Agent.OQI trojan    cleaned by deleting - quarantined
 



#15 Chris Weeks

Chris Weeks
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:17 PM

Posted 20 June 2013 - 04:42 PM

I also did another AdwCleaner Scan: Here is the log:

 

# AdwCleaner v2.303 - Logfile created 06/20/2013 at 22:27:04
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : admin - KINGBASTARD
# Boot Mode : Normal
# Running from : C:\Users\admin\Desktop\ANTI-VIRUS DOWNLOADS\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-GB)

File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\he6py3vh.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12218 octets] - [19/06/2013 10:55:17]
AdwCleaner[S2].txt - [761 octets] - [20/06/2013 22:27:04]

########## EOF - C:\AdwCleaner[S2].txt - [820 octets] ##########
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users