Solved Help, svchost.exe trojan

Q

Quincy A

Posts: 33   +0
I apologize if this issue has been previously posted or resolved, I just need assistance. I have an svchost.exe trojan that is giving me serious issues. Malwarebytes detects and quarantines the trojan, but it re-appears on every restart. Norton did not detect it at all, and has recently all of a sudden 'expired', I would assume as part of this trojan. The computer sometimes shuts down on its own and the overall performance is below average. Any assistance would be greatly appreciated.
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Quincy :: QUINCY-PC [administrator]

11/4/2012 12:59:45 PM
mbam-log-2012-11-04 (12-59-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 251984
Time elapsed: 7 minute(s), 44 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 7068 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)
 
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-04 14:09:35
Windows 6.1.7601 Service Pack 1
Running: jypb9fdf.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00243388d590
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x71 0x25 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x60 0xB3 0x3D 0x88 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x07 0x81 0x0F 0x60 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x09 0x37 0x3A 0x2D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00243388d590 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x71 0x25 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x60 0xB3 0x3D 0x88 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x07 0x81 0x0F 0x60 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x09 0x37 0x3A 0x2D ...

---- EOF - GMER 1.0.15 ----
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/27/2009 8:23:22 AM
System Uptime: 11/4/2012 1:13:54 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz | N/A | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 59.072 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0005
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0005
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0006
Manufacturer: HP
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0006
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0007
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0007
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0008
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0008
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0009
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0009
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0010
Manufacturer: HP
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0010
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6300 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Officejet 6300 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID:
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer:
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C8100 series
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: HP
Name: Photosmart C8100 series
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
==== System Restore Points ===================
.
RP336: 11/1/2012 3:00:15 AM - Windows Update
RP337: 11/2/2012 3:00:12 AM - Windows Update
RP338: 11/2/2012 6:57:28 PM - Windows Update
RP339: 11/3/2012 3:00:14 AM - Windows Update
RP340: 11/4/2012 9:25:11 AM - Windows Update
RP341: 11/4/2012 11:03:37 AM - Windows Update
.
==== Installed Programs ======================
.
3DVIA player 5.0.0.20
64 Bit HP CIO Components Installer
7-Zip 4.57 (x64 edition)
Acrobat.com
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe Acrobat 9 Pro Extended 64-bit Add-On
Adobe Acrobat 9.4.5 - CPSID_83708
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX 64-bit
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader XI
AIM 7
AIM Toolbar
AIO_Scan
Amazon Kindle For PC
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-I Visual Effects 2
ArcSoft MediaImpression 2
ArcSoft Panorama Maker 4
ArcSoft Photo Book Screen Saver
ArcSoft PhotoStudio Darkroom 2
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Brochures & Flyers
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Funhouse II
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Photo Prints
ArcSoft Print Creations - Poster Creator
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft RAW Thumbnail Viewer
ArcSoft Scan-n-Stitch Deluxe
ArcSoft Video Downloader
ArcSoft WebCam Companion 2
ArcSoft WebCam Companion 3
ATI Catalyst Install Manager
BlackBerry Desktop Software 6.0
Bonjour
BufferChm
C8100
C8100_Help
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CinemaNow Media Manager
ClubWPT
ClubWPTBuddy
Copy
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DirectX 9 Runtime
DocProc
Download Updater (AOL LLC)
DVDFab 7.0.3.0 (26/03/2010)
Express Burn
Fax
Feedback Tool
Full Tilt Poker
Google Apps Migration For Microsoft Outlook® 2.3.12.34
Google Update Helper
GPBaseService2
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart All-In-One Driver Software 13.0 Rel. 2
HP Photosmart Essential 3.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotosmartEssential
HPProductAssistant
HPSSupply
iCloud
iSEEK AnswerWorks English Runtime
Isohunt-vuze Toolbar
iTunes
Java 2 Runtime Environment, SE v1.4.2_11
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 24
JavaFX 2.1.1
JSWPFCom
JSWPFGrade1
JumpStart 3D Ages 5-7
Kim
LeapFrog Connect
LeapFrog Tag Plugin
LightScribe System Software
LightScribe Template Labeler
LinkedIn Outlook Connector
Malwarebytes Anti-Malware version 1.65.1.1000
MarketResearch
Math Blaster Ages 6-8
MediaBar
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Facebook 32-bit
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
MioNet
MobileMe Control Panel
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network64
Norton Internet Security
OCR Software by I.R.I.S. 13.0
Pantech USB Driver for Android phones ver1
PDF Settings CS5
pdfFactory Pro
PokerStars
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_Min
QuickTime
Reading Blaster Ages 5-7
RealNetworks - Microsoft Visual C++ 2005 Runtime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Regi
Registry Mechanic 10.0
Roller Coaster Tycoon 3 Platinum - CarlesNeo !
Rosetta Stone Version 3
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Burn Manager
Roxio Burn Manager CDB
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2010 Pro
Roxio Disaster Recovery
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Roxio File Backup
Roxio PhotoShow
Roxio Venue
Roxio Video Capture USB
Safari
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Setting Utility Series
Shipping Assistant 3.7
Shop for HP Supplies
Skype Click to Call
Skype™ 5.10
SmartSound Quicktracks Plugin
SmartWebPrinting
SolutionCenter
Sony Home Network Library
Spelling Blaster Ages 6-9
Status
Symantec Technical Support Web Controls
TeamViewer 7
Toolbox
TrayApp
TuneUp Companion 2.2.7
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnciper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnciper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnciper
TurboTax 2011 wrapper
TWC Customer Controls
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
VAIO Care
VAIO Control Center
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Launcher
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story
VAIO Original Function Settings
VD64Inst
VLC media player 1.1.11
VLC Setup Helper
Vuze
WavePad Sound Editor
WebReg
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
Windows Mobile Update KB958639
WinDVD BD for VAIO
WinRAR archiver
Yahoo! Messenger
Yahoo! Toolbar
Yontoo 1.10.02
.
==== Event Viewer Messages From Past Week ========
.
11/4/2012 11:04:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2724197).
11/4/2012 1:16:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
11/4/2012 1:16:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
11/4/2012 1:14:35 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
11/2/2012 9:58:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/2/2012 9:58:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/2/2012 9:58:54 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/29/2012 6:02:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
10/29/2012 6:02:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
10/29/2012 6:01:11 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
10/29/2012 5:50:17 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/29/2012 5:50:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/29/2012 5:50:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/29/2012 5:50:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/29/2012 5:50:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/29/2012 5:49:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 c2scsi64 discache eeCtrl IDSVia64 SaibVdAd64 spldr sptd SRTSP SRTSPX SymIRON SymNetS Wanarpv6
10/29/2012 5:49:12 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
.
==== End Of File ===========================
 
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2
Run by Quincy at 14:16:06 on 2012-11-04
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4063.1912 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\MioNet\MioNetManager.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\MioNet\jvm\bin\MioNet.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\conhost.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\real\realplayer\Update\realsched.exe
C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\PX Storage Engine\VxBlockServer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files (x86)\MioNet\jvm\bin\MioNet.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Users\Quincy\Downloads\jypb9fdf.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
mURLSearchHooks: isoHunt-Vuze Toolbar: {6c3a1de1-94ca-4ad6-acdf-c1324adc487b} - C:\Program Files (x86)\Isohunt-vuze\tbIso1.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: IEPlugin Class: {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: isoHunt-Vuze Toolbar: {6c3a1de1-94ca-4ad6-acdf-c1324adc487b} - C:\Program Files (x86)\Isohunt-vuze\tbIso1.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\IEBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: ToolbarBHO Class: {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: isoHunt-Vuze Toolbar: {6C3A1DE1-94CA-4AD6-ACDF-C1324ADC487B} - C:\Program Files (x86)\Isohunt-vuze\tbIso1.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: AIM Toolbar: {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: isoHunt-Vuze Toolbar: {6c3a1de1-94ca-4ad6-acdf-c1324adc487b} - C:\Program Files (x86)\Isohunt-vuze\tbIso1.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll
TB: RAW Thumbnail Viewer: {F301665A-12F8-4331-804A-5BCBD379668C} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\bsdtxmltbpi.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [MioNet] C:\Program Files (x86)\MioNet\MioNetLauncher.exe /p
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot
mRun: [DATAMNGR] C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
StartupFolder: C:\Users\Quincy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICH~1.LNK - C:\MagicHoldem\MagicHoldem.exe
StartupFolder: C:\Users\Quincy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
Trusted Zone: qflix.com
Trusted Zone: roxio.com
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxps://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{A95A1A88-DB8E-4A56-BA85-BFF8B1C27544} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{A95A1A88-DB8E-4A56-BA85-BFF8B1C27544}\0586F656E6968787023597374756D637 : DHCPNameServer = 10.10.1.100
TCP: Interfaces\{A95A1A88-DB8E-4A56-BA85-BFF8B1C27544}\44166756723702E4564777F627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{A95A1A88-DB8E-4A56-BA85-BFF8B1C27544}\7427163656C616E646 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: UrlHelper Class: {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\System32\spool\DRIVERS\x64\3\fppdis3a.exe" /source=HKLM
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Quincy\AppData\Roaming\Mozilla\Firefox\Profiles\fc1zqtky.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Quincy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-29 18:04; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF - ExtSQL: 2012-10-31 22:02; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - ExtSQL: !HIDDEN! 2009-12-24 14:28; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-27 55280]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2010-7-23 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2010-7-23 19952]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-6-11 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-6-11 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-5 1385632]
R1 c2scsi64;c2scsi64;C:\Windows\System32\drivers\C2SCSI64.SYS [2009-7-24 167920]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121102.001\IDSviA64.sys [2012-11-2 513184]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2010-7-23 27632]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-6-11 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-6-11 386168]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-6-2 457200]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-9-23 65192]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-10-27 203264]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2009-6-23 127352]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-16 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-16 676936]
R2 MioNet;MioNet;C:\Program Files (x86)\MioNet\MioNetManager.exe [2010-2-9 139264]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-3-15 583640]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2007-4-16 14112]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-2 3064000]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-27 3027840]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [2009-10-27 104960]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2009-10-27 19968]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-16 25928]
R3 Ndisrd;WinpkFilter Service;C:\Windows\System32\drivers\ndisrd.sys [2009-9-14 32096]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2007-8-3 11392]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-17 116648]
S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-7-24 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-26 250808]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-17 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-28 115168]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PTAPCBUS;Pantech Android USB Composite Device (PTAPC);C:\Windows\System32\drivers\PTAPCBUS.sys [2012-4-7 103040]
S3 PTAPCMDM;Pantech Android USB Modem Drivers (PTAPC);C:\Windows\System32\drivers\PTAPCMDM.sys [2012-4-7 183424]
S3 PTAPCVSP;Pantech Android USB Serial Port (PTAPC);C:\Windows\System32\drivers\PTAPCVSP.sys [2012-4-7 183424]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
S3 RoxMediaDB12;RoxMediaDB12;C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-7-24 1116656]
S3 SampleCollector;Intel(R) Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-1-25 167424]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-27 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-27 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-27 427304]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-27 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-27 91432]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-17 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-10 1255736]
.
=============== File Associations ===============
.
.txt: <filetype is not registered>
.
=============== Created Last 30 ================
.
2012-11-04 18:16:00 20480 ----a-w- C:\Windows\svchost.exe
2012-11-03 02:15:55 -------- d-----w- C:\Users\Quincy\AppData\Local\Macromedia
2012-10-24 19:55:48 -------- d-----w- C:\ProgramData\Leapfrog
2012-10-24 19:55:48 -------- d-----w- C:\Program Files (x86)\LeapFrog
2012-10-17 14:43:29 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-16 20:52:35 -------- d-----w- C:\Users\Quincy\AppData\Roaming\Malwarebytes
2012-10-16 20:52:06 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-16 20:52:05 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-16 20:52:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-10 10:09:01 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-10 10:07:58 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 10:07:57 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 10:07:57 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 10:07:57 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 10:07:57 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 10:07:57 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M ====================
.
2012-11-02 11:05:23 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-02 11:05:23 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-17 14:43:16 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-17 14:43:16 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 18:05:06 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 16:57:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 15:59:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 15:20:39 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-21 17:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:56:03 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:56:14 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
.
============= FINISH: 14:18:03.55 ===============
 
Yes. Never attach any logs.

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
This is the scan before restart.

14:56:49.0560 0488 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:56:50.0740 0488 ============================================================
14:56:50.0740 0488 Current date / time: 2012/11/04 14:56:50.0740
14:56:50.0740 0488 SystemInfo:
14:56:50.0740 0488
14:56:50.0740 0488 OS Version: 6.1.7601 ServicePack: 1.0
14:56:50.0740 0488 Product type: Workstation
14:56:50.0740 0488 ComputerName: QUINCY-PC
14:56:50.0740 0488 UserName: Quincy
14:56:50.0740 0488 Windows directory: C:\Windows
14:56:50.0740 0488 System windows directory: C:\Windows
14:56:50.0740 0488 Running under WOW64
14:56:50.0740 0488 Processor architecture: Intel x64
14:56:50.0740 0488 Number of processors: 2
14:56:50.0740 0488 Page size: 0x1000
14:56:50.0740 0488 Boot type: Normal boot
14:56:50.0740 0488 ============================================================
14:56:52.0890 0488 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x1080D9, SectorsPerTrack: 0x22, TracksPerCylinder: 0x11, Type 'K0', Flags 0x00000040
14:56:52.0900 0488 ============================================================
14:56:52.0900 0488 \Device\Harddisk0\DR0:
14:56:52.0910 0488 MBR partitions:
14:56:52.0910 0488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14C0000, BlocksNum 0x23F6E2B0
14:56:52.0910 0488 ============================================================
14:56:52.0930 0488 C: <-> \Device\Harddisk0\DR0\Partition1
14:56:52.0930 0488 ============================================================
14:56:52.0930 0488 Initialize success
14:56:52.0930 0488 ============================================================
14:57:03.0161 8672 ============================================================
14:57:03.0161 8672 Scan started
14:57:03.0161 8672 Mode: Manual;
14:57:03.0161 8672 ============================================================
14:57:04.0641 8672 ================ Scan system memory ========================
14:57:04.0641 8672 System memory - ok
14:57:04.0641 8672 ================ Scan services =============================
14:57:04.0891 8672 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:57:04.0911 8672 1394ohci - ok
14:57:05.0072 8672 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
14:57:05.0082 8672 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
14:57:05.0172 8672 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:57:05.0182 8672 ACDaemon - ok
14:57:05.0202 8672 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:57:05.0227 8672 ACPI - ok
14:57:05.0244 8672 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:57:05.0254 8672 AcpiPmi - ok
14:57:05.0314 8672 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
14:57:05.0334 8672 adfs - ok
14:57:05.0424 8672 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:57:05.0424 8672 AdobeARMservice - ok
14:57:05.0604 8672 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:05.0614 8672 AdobeFlashPlayerUpdateSvc - ok
14:57:05.0664 8672 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:05.0684 8672 adp94xx - ok
14:57:05.0714 8672 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:57:05.0724 8672 adpahci - ok
14:57:05.0794 8672 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:57:05.0824 8672 adpu320 - ok
14:57:05.0904 8672 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:57:05.0904 8672 AeLookupSvc - ok
14:57:06.0024 8672 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:57:06.0054 8672 AFD - ok
14:57:06.0084 8672 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:57:06.0094 8672 agp440 - ok
14:57:06.0134 8672 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:57:06.0154 8672 ALG - ok
14:57:06.0174 8672 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:57:06.0194 8672 aliide - ok
14:57:06.0244 8672 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:57:06.0244 8672 AMD External Events Utility - ok
14:57:06.0264 8672 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:57:06.0264 8672 amdide - ok
14:57:06.0304 8672 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:57:06.0324 8672 AmdK8 - ok
14:57:06.0334 8672 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:57:06.0344 8672 AmdPPM - ok
14:57:06.0354 8672 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:57:06.0374 8672 amdsata - ok
14:57:06.0404 8672 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:06.0404 8672 amdsbs - ok
14:57:06.0424 8672 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:57:06.0424 8672 amdxata - ok
14:57:06.0464 8672 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:57:06.0474 8672 AppID - ok
14:57:06.0504 8672 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:57:06.0504 8672 AppIDSvc - ok
14:57:06.0544 8672 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:57:06.0554 8672 Appinfo - ok
14:57:06.0664 8672 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:06.0664 8672 Apple Mobile Device - ok
14:57:06.0704 8672 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:57:06.0724 8672 AppMgmt - ok
14:57:06.0754 8672 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:57:06.0754 8672 arc - ok
14:57:06.0774 8672 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:57:06.0794 8672 arcsas - ok
14:57:06.0884 8672 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:57:06.0904 8672 ArcSoftKsUFilter - ok
14:57:06.0924 8672 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:06.0924 8672 AsyncMac - ok
14:57:07.0024 8672 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:57:07.0024 8672 atapi - ok
14:57:07.0244 8672 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:57:07.0344 8672 atikmdag - ok
14:57:07.0404 8672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:07.0424 8672 AudioEndpointBuilder - ok
14:57:07.0434 8672 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:57:07.0444 8672 AudioSrv - ok
14:57:07.0484 8672 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:57:07.0504 8672 AxInstSV - ok
14:57:07.0544 8672 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:07.0564 8672 b06bdrv - ok
14:57:07.0604 8672 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:07.0604 8672 b57nd60a - ok
14:57:07.0654 8672 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:57:07.0674 8672 BDESVC - ok
14:57:07.0694 8672 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:57:07.0694 8672 Beep - ok
14:57:07.0754 8672 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:57:07.0764 8672 BFE - ok
14:57:08.0005 8672 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
14:57:08.0035 8672 BHDrvx64 - ok
14:57:08.0095 8672 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:57:08.0115 8672 BITS - ok
14:57:08.0165 8672 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:08.0165 8672 blbdrive - ok
14:57:08.0305 8672 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:57:08.0315 8672 Bonjour Service - ok
14:57:08.0355 8672 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:57:08.0375 8672 bowser - ok
14:57:08.0395 8672 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:08.0415 8672 BrFiltLo - ok
14:57:08.0445 8672 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:08.0445 8672 BrFiltUp - ok
14:57:08.0485 8672 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:57:08.0485 8672 Browser - ok
14:57:08.0515 8672 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:57:08.0525 8672 Brserid - ok
14:57:08.0545 8672 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:08.0545 8672 BrSerWdm - ok
14:57:08.0565 8672 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:08.0565 8672 BrUsbMdm - ok
14:57:08.0585 8672 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:08.0585 8672 BrUsbSer - ok
14:57:08.0635 8672 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:57:08.0655 8672 BthEnum - ok
14:57:08.0675 8672 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:08.0685 8672 BTHMODEM - ok
14:57:08.0725 8672 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:57:08.0745 8672 BthPan - ok
14:57:08.0795 8672 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:57:08.0825 8672 BTHPORT - ok
14:57:08.0865 8672 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:57:08.0865 8672 bthserv - ok
14:57:08.0915 8672 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:57:08.0915 8672 BTHUSB - ok
14:57:08.0985 8672 [ 59626AB5920F316BDBFDC8B47521A882 ] c2scsi64 C:\Windows\system32\DRIVERS\c2scsi64.sys
14:57:09.0005 8672 c2scsi64 - ok
14:57:09.0035 8672 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:57:09.0035 8672 cdfs - ok
14:57:09.0095 8672 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:57:09.0095 8672 cdrom - ok
14:57:09.0145 8672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:57:09.0145 8672 CertPropSvc - ok
14:57:09.0245 8672 [ 127D4D0E9F78834FFD1EEEA3FCFB47C1 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
14:57:09.0245 8672 CinemaNow Service - ok
14:57:09.0285 8672 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:57:09.0285 8672 circlass - ok
14:57:09.0325 8672 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:57:09.0325 8672 CLFS - ok
14:57:09.0425 8672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:09.0445 8672 clr_optimization_v2.0.50727_32 - ok
14:57:09.0525 8672 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:09.0545 8672 clr_optimization_v2.0.50727_64 - ok
14:57:09.0655 8672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:09.0675 8672 clr_optimization_v4.0.30319_32 - ok
14:57:09.0715 8672 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:09.0735 8672 clr_optimization_v4.0.30319_64 - ok
14:57:09.0785 8672 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:09.0785 8672 CmBatt - ok
14:57:09.0825 8672 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:57:09.0835 8672 cmdide - ok
14:57:09.0885 8672 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:57:09.0905 8672 CNG - ok
14:57:09.0925 8672 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:57:09.0935 8672 Compbatt - ok
14:57:09.0965 8672 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:57:09.0975 8672 CompositeBus - ok
14:57:09.0975 8672 COMSysApp - ok
14:57:09.0995 8672 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:10.0015 8672 crcdisk - ok
14:57:10.0065 8672 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:57:10.0065 8672 CryptSvc - ok
14:57:10.0115 8672 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:57:10.0145 8672 CSC - ok
14:57:10.0175 8672 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:57:10.0185 8672 CscService - ok
14:57:10.0215 8672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:57:10.0225 8672 DcomLaunch - ok
14:57:10.0265 8672 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:57:10.0285 8672 defragsvc - ok
14:57:10.0325 8672 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:57:10.0325 8672 DfsC - ok
14:57:10.0355 8672 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:57:10.0355 8672 Dhcp - ok
14:57:10.0395 8672 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:57:10.0395 8672 discache - ok
14:57:10.0415 8672 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:57:10.0415 8672 Disk - ok
14:57:10.0465 8672 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:57:10.0465 8672 Dnscache - ok
14:57:10.0505 8672 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:57:10.0525 8672 dot3svc - ok
14:57:10.0575 8672 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:57:10.0595 8672 Dot4 - ok
14:57:10.0645 8672 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:57:10.0655 8672 Dot4Print - ok
14:57:10.0685 8672 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:57:10.0705 8672 dot4usb - ok
14:57:10.0765 8672 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:57:10.0765 8672 DPS - ok
14:57:10.0805 8672 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:57:10.0805 8672 drmkaud - ok
14:57:10.0865 8672 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:57:10.0885 8672 DXGKrnl - ok
14:57:10.0955 8672 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:57:10.0955 8672 EapHost - ok
14:57:11.0095 8672 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:57:11.0165 8672 ebdrv - ok
14:57:11.0275 8672 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:57:11.0275 8672 eeCtrl - ok
14:57:11.0325 8672 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:57:11.0335 8672 EFS - ok
14:57:11.0405 8672 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:57:11.0415 8672 ehRecvr - ok
14:57:11.0465 8672 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:57:11.0465 8672 ehSched - ok
14:57:11.0515 8672 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:57:11.0525 8672 elxstor - ok
14:57:11.0595 8672 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:57:11.0615 8672 EraserUtilRebootDrv - ok
14:57:11.0655 8672 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:57:11.0655 8672 ErrDev - ok
14:57:11.0725 8672 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:57:11.0725 8672 EventSystem - ok
14:57:11.0755 8672 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:57:11.0755 8672 exfat - ok
14:57:11.0775 8672 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:57:11.0775 8672 fastfat - ok
14:57:11.0835 8672 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:57:11.0845 8672 Fax - ok
14:57:11.0865 8672 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:57:11.0865 8672 fdc - ok
14:57:11.0885 8672 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:57:11.0885 8672 fdPHost - ok
14:57:11.0895 8672 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:57:11.0895 8672 FDResPub - ok
14:57:11.0915 8672 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:57:11.0915 8672 FileInfo - ok
14:57:11.0935 8672 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:57:11.0935 8672 Filetrace - ok
14:57:12.0015 8672 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:57:12.0045 8672 FLEXnet Licensing Service - ok
14:57:12.0085 8672 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:12.0085 8672 flpydisk - ok
14:57:12.0145 8672 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:57:12.0165 8672 FltMgr - ok
14:57:12.0235 8672 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:57:12.0255 8672 FontCache - ok
14:57:12.0335 8672 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:12.0335 8672 FontCache3.0.0.0 - ok
14:57:12.0345 8672 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:57:12.0345 8672 FsDepends - ok
14:57:12.0385 8672 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:57:12.0385 8672 Fs_Rec - ok
14:57:12.0435 8672 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:57:12.0455 8672 fvevol - ok
14:57:12.0485 8672 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:12.0505 8672 gagp30kx - ok
14:57:12.0555 8672 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:12.0575 8672 GEARAspiWDM - ok
14:57:12.0635 8672 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:57:12.0645 8672 gpsvc - ok
14:57:12.0735 8672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:12.0755 8672 gupdate - ok
14:57:12.0785 8672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:12.0785 8672 gupdatem - ok
14:57:12.0825 8672 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:57:12.0825 8672 hcw85cir - ok
14:57:12.0875 8672 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:57:12.0895 8672 HdAudAddService - ok
14:57:12.0935 8672 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:57:12.0935 8672 HDAudBus - ok
14:57:12.0955 8672 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:12.0955 8672 HidBatt - ok
14:57:12.0965 8672 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:57:12.0975 8672 HidBth - ok
14:57:12.0985 8672 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:57:12.0985 8672 HidIr - ok
14:57:13.0025 8672 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:57:13.0025 8672 hidserv - ok
14:57:13.0065 8672 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:57:13.0085 8672 HidUsb - ok
14:57:13.0145 8672 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:57:13.0145 8672 hkmsvc - ok
14:57:13.0195 8672 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:13.0215 8672 HomeGroupListener - ok
14:57:13.0255 8672 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:13.0255 8672 HomeGroupProvider - ok
14:57:13.0375 8672 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:57:13.0375 8672 hpqcxs08 - ok
14:57:13.0395 8672 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:57:13.0395 8672 hpqddsvc - ok
14:57:13.0415 8672 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:57:13.0415 8672 HpSAMD - ok
14:57:13.0455 8672 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:57:13.0465 8672 HPSLPSVC - ok
14:57:13.0515 8672 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:57:13.0525 8672 HTTP - ok
14:57:13.0565 8672 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:57:13.0565 8672 hwpolicy - ok
14:57:13.0605 8672 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:57:13.0615 8672 i8042prt - ok
14:57:13.0655 8672 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:57:13.0665 8672 iaStorV - ok
14:57:13.0745 8672 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:57:13.0765 8672 IDriverT - ok
14:57:13.0835 8672 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:13.0865 8672 idsvc - ok
14:57:13.0985 8672 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121102.001\IDSvia64.sys
14:57:14.0005 8672 IDSVia64 - ok
14:57:14.0055 8672 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:57:14.0075 8672 iirsp - ok
14:57:14.0135 8672 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:57:14.0155 8672 IKEEXT - ok
14:57:14.0175 8672 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:57:14.0175 8672 intelide - ok
14:57:14.0185 8672 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:57:14.0185 8672 intelppm - ok
14:57:14.0295 8672 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
14:57:14.0295 8672 IntuitUpdateService - ok
14:57:14.0385 8672 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
14:57:14.0385 8672 IntuitUpdateServiceV4 - ok
14:57:14.0435 8672 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:57:14.0455 8672 IPBusEnum - ok
14:57:14.0505 8672 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:14.0515 8672 IpFilterDriver - ok
14:57:14.0555 8672 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:57:14.0565 8672 iphlpsvc - ok
14:57:14.0605 8672 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:57:14.0605 8672 IPMIDRV - ok
14:57:14.0635 8672 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:57:14.0645 8672 IPNAT - ok
14:57:14.0735 8672 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:57:14.0755 8672 iPod Service - ok
14:57:14.0765 8672 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:57:14.0765 8672 IRENUM - ok
14:57:14.0805 8672 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:57:14.0805 8672 isapnp - ok
14:57:14.0825 8672 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:57:14.0825 8672 iScsiPrt - ok
14:57:14.0875 8672 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:57:14.0875 8672 IviRegMgr - ok
14:57:14.0895 8672 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:57:14.0895 8672 kbdclass - ok
14:57:14.0915 8672 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:57:14.0915 8672 kbdhid - ok
14:57:14.0935 8672 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:57:14.0935 8672 KeyIso - ok
14:57:14.0975 8672 KMService - ok
14:57:15.0025 8672 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:57:15.0045 8672 KSecDD - ok
14:57:15.0085 8672 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:57:15.0105 8672 KSecPkg - ok
14:57:15.0155 8672 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:57:15.0165 8672 ksthunk - ok
14:57:15.0215 8672 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:57:15.0245 8672 KtmRm - ok
14:57:15.0285 8672 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:57:15.0295 8672 LanmanServer - ok
14:57:15.0345 8672 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:15.0345 8672 LanmanWorkstation - ok
14:57:15.0615 8672 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
14:57:15.0735 8672 LeapFrog Connect Device Service - ok
14:57:15.0835 8672 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:57:15.0835 8672 LightScribeService - ok
14:57:15.0855 8672 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:57:15.0855 8672 lltdio - ok
14:57:15.0925 8672 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:57:15.0935 8672 lltdsvc - ok
14:57:15.0955 8672 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:57:15.0955 8672 lmhosts - ok
14:57:16.0015 8672 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:16.0015 8672 LSI_FC - ok
14:57:16.0025 8672 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:16.0035 8672 LSI_SAS - ok
14:57:16.0045 8672 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:16.0055 8672 LSI_SAS2 - ok
14:57:16.0065 8672 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:16.0085 8672 LSI_SCSI - ok
14:57:16.0115 8672 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:57:16.0115 8672 luafv - ok
14:57:16.0205 8672 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:57:16.0215 8672 MBAMProtector - ok
14:57:16.0265 8672 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:57:16.0275 8672 MBAMScheduler - ok
14:57:16.0345 8672 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:57:16.0355 8672 MBAMService - ok
14:57:16.0395 8672 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:57:16.0435 8672 Mcx2Svc - ok
14:57:16.0535 8672 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
14:57:16.0535 8672 MDM - ok
14:57:16.0575 8672 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:57:16.0575 8672 megasas - ok
14:57:16.0595 8672 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:16.0605 8672 MegaSR - ok
14:57:16.0695 8672 Microsoft SharePoint Workspace Audit Service - ok
14:57:16.0795 8672 [ 99119316D505EE8192D5D1A0485BF110 ] MioNet C:\Program Files (x86)\MioNet\MioNetManager.exe
14:57:16.0805 8672 MioNet - ok
14:57:16.0855 8672 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:57:16.0855 8672 MMCSS - ok
14:57:16.0865 8672 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:57:16.0865 8672 Modem - ok
14:57:16.0875 8672 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:57:16.0875 8672 monitor - ok
14:57:16.0935 8672 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:57:16.0976 8672 mouclass - ok
14:57:17.0016 8672 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:57:17.0026 8672 mouhid - ok
14:57:17.0076 8672 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:57:17.0096 8672 mountmgr - ok
14:57:17.0176 8672 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:57:17.0176 8672 MozillaMaintenance - ok
14:57:17.0216 8672 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:57:17.0226 8672 mpio - ok
14:57:17.0256 8672 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:57:17.0256 8672 mpsdrv - ok
14:57:17.0316 8672 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:57:17.0326 8672 MpsSvc - ok
14:57:17.0366 8672 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:57:17.0376 8672 MRxDAV - ok
14:57:17.0426 8672 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:17.0436 8672 mrxsmb - ok
14:57:17.0486 8672 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:17.0506 8672 mrxsmb10 - ok
14:57:17.0536 8672 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:17.0536 8672 mrxsmb20 - ok
14:57:17.0576 8672 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:57:17.0586 8672 msahci - ok
14:57:17.0606 8672 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:57:17.0616 8672 msdsm - ok
14:57:17.0636 8672 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:57:17.0636 8672 MSDTC - ok
14:57:17.0676 8672 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:57:17.0686 8672 Msfs - ok
14:57:17.0696 8672 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:57:17.0696 8672 mshidkmdf - ok
14:57:17.0716 8672 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:57:17.0736 8672 msisadrv - ok
14:57:17.0776 8672 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:57:17.0806 8672 MSiSCSI - ok
14:57:17.0816 8672 msiserver - ok
14:57:17.0836 8672 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:57:17.0856 8672 MSKSSRV - ok
14:57:17.0876 8672 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:17.0876 8672 MSPCLOCK - ok
14:57:17.0896 8672 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:57:17.0896 8672 MSPQM - ok
14:57:17.0946 8672 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:57:17.0966 8672 MsRPC - ok
14:57:17.0986 8672 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:57:17.0986 8672 mssmbios - ok
14:57:17.0996 8672 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:57:18.0006 8672 MSTEE - ok
14:57:18.0026 8672 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:18.0026 8672 MTConfig - ok
14:57:18.0046 8672 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:57:18.0066 8672 Mup - ok
14:57:18.0116 8672 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:57:18.0126 8672 napagent - ok
14:57:18.0186 8672 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:57:18.0206 8672 NativeWifiP - ok
14:57:18.0316 8672 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121102.001\ENG64.SYS
14:57:18.0316 8672 NAVENG - ok
14:57:18.0376 8672 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121102.001\EX64.SYS
14:57:18.0406 8672 NAVEX15 - ok
14:57:18.0476 8672 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:57:18.0496 8672 NDIS - ok
14:57:18.0516 8672 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:18.0516 8672 NdisCap - ok
14:57:18.0556 8672 [ C8BB39E8767F01C94D76327B8262662B ] Ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
14:57:18.0576 8672 Ndisrd - ok
14:57:18.0596 8672 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:18.0596 8672 NdisTapi - ok
14:57:18.0646 8672 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:18.0646 8672 Ndisuio - ok
14:57:18.0686 8672 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:18.0716 8672 NdisWan - ok
14:57:18.0746 8672 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:57:18.0746 8672 NDProxy - ok
14:57:18.0796 8672 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:57:18.0816 8672 Net Driver HPZ12 - ok
14:57:18.0856 8672 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:57:18.0856 8672 NetBIOS - ok
14:57:18.0916 8672 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:57:18.0936 8672 NetBT - ok
14:57:18.0966 8672 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:57:18.0966 8672 Netlogon - ok
14:57:19.0016 8672 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:57:19.0026 8672 Netman - ok
14:57:19.0056 8672 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:57:19.0056 8672 netprofm - ok
14:57:19.0096 8672 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:57:19.0116 8672 NetTcpPortSharing - ok
14:57:19.0616 8672 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:57:19.0746 8672 netw5v64 - ok
14:57:19.0786 8672 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:19.0786 8672 nfrd960 - ok
14:57:19.0876 8672 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
14:57:19.0876 8672 NIS - ok
14:57:19.0926 8672 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:57:19.0926 8672 NlaSvc - ok
14:57:19.0946 8672 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:57:19.0946 8672 Npfs - ok
14:57:20.0006 8672 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:57:20.0006 8672 nsi - ok
14:57:20.0026 8672 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:57:20.0026 8672 nsiproxy - ok
14:57:20.0116 8672 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:57:20.0156 8672 Ntfs - ok
14:57:20.0186 8672 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:57:20.0186 8672 Null - ok
14:57:20.0216 8672 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:57:20.0216 8672 nvraid - ok
14:57:20.0256 8672 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:57:20.0256 8672 nvstor - ok
14:57:20.0296 8672 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:57:20.0306 8672 nv_agp - ok
14:57:20.0346 8672 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:57:20.0346 8672 ohci1394 - ok
14:57:20.0426 8672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:20.0426 8672 ose - ok
14:57:20.0616 8672 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:20.0696 8672 osppsvc - ok
14:57:20.0766 8672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:57:20.0786 8672 p2pimsvc - ok
14:57:20.0816 8672 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:57:20.0826 8672 p2psvc - ok
14:57:20.0866 8672 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:57:20.0866 8672 Parport - ok
14:57:20.0916 8672 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:57:20.0936 8672 partmgr - ok
14:57:20.0966 8672 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:57:20.0966 8672 PcaSvc - ok
14:57:20.0986 8672 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:57:20.0986 8672 pci - ok
14:57:21.0036 8672 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
 
14:57:21.0036 8672 pciide - ok
14:57:21.0066 8672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:21.0086 8672 pcmcia - ok
14:57:21.0126 8672 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
14:57:21.0126 8672 pcouffin - ok
14:57:21.0236 8672 [ E6E503845208A148A9E3E7FAA63B97A4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
14:57:21.0246 8672 PCToolsSSDMonitorSvc - ok
14:57:21.0266 8672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:57:21.0266 8672 pcw - ok
14:57:21.0296 8672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:57:21.0306 8672 PEAUTH - ok
14:57:21.0376 8672 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:57:21.0406 8672 PeerDistSvc - ok
14:57:21.0516 8672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:57:21.0536 8672 PerfHost - ok
14:57:21.0618 8672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:57:21.0658 8672 pla - ok
14:57:21.0718 8672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:57:21.0728 8672 PlugPlay - ok
14:57:21.0748 8672 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:57:21.0768 8672 Pml Driver HPZ12 - ok
14:57:21.0798 8672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:57:21.0808 8672 PNRPAutoReg - ok
14:57:21.0828 8672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:57:21.0828 8672 PNRPsvc - ok
14:57:21.0878 8672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:57:21.0888 8672 PolicyAgent - ok
14:57:21.0948 8672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:57:21.0948 8672 Power - ok
14:57:21.0998 8672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:57:21.0998 8672 PptpMiniport - ok
14:57:22.0018 8672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:57:22.0018 8672 Processor - ok
14:57:22.0078 8672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:57:22.0078 8672 ProfSvc - ok
14:57:22.0098 8672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:22.0098 8672 ProtectedStorage - ok
14:57:22.0148 8672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:57:22.0168 8672 Psched - ok
14:57:22.0218 8672 [ 475A16F67798A9FFE9366F20551EEF95 ] PTAPCBUS C:\Windows\system32\DRIVERS\PTAPCBUS.sys
14:57:22.0248 8672 PTAPCBUS - ok
14:57:22.0308 8672 [ 3954BDF96E224C590B8F6A3730E3F9A6 ] PTAPCMDM C:\Windows\system32\DRIVERS\PTAPCMDM.sys
14:57:22.0318 8672 PTAPCMDM - ok
14:57:22.0368 8672 [ 784A2938956EAEEF4582278D6EAE99E7 ] PTAPCVSP C:\Windows\system32\DRIVERS\PTAPCVSP.sys
14:57:22.0378 8672 PTAPCVSP - ok
14:57:22.0428 8672 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:57:22.0448 8672 PxHlpa64 - ok
14:57:22.0518 8672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:57:22.0538 8672 ql2300 - ok
14:57:22.0558 8672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:22.0558 8672 ql40xx - ok
14:57:22.0608 8672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:57:22.0628 8672 QWAVE - ok
14:57:22.0658 8672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:57:22.0668 8672 QWAVEdrv - ok
14:57:22.0748 8672 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:57:22.0758 8672 RapiMgr - ok
14:57:22.0788 8672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:57:22.0788 8672 RasAcd - ok
14:57:22.0838 8672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:22.0838 8672 RasAgileVpn - ok
14:57:22.0858 8672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:57:22.0878 8672 RasAuto - ok
14:57:22.0918 8672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:22.0938 8672 Rasl2tp - ok
14:57:22.0978 8672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:57:23.0008 8672 RasMan - ok
14:57:23.0028 8672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:23.0028 8672 RasPppoe - ok
14:57:23.0050 8672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:57:23.0053 8672 RasSstp - ok
14:57:23.0090 8672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:57:23.0100 8672 rdbss - ok
14:57:23.0120 8672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:23.0120 8672 rdpbus - ok
14:57:23.0140 8672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:23.0140 8672 RDPCDD - ok
14:57:23.0190 8672 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:57:23.0190 8672 RDPDR - ok
14:57:23.0210 8672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:57:23.0210 8672 RDPENCDD - ok
14:57:23.0240 8672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:57:23.0240 8672 RDPREFMP - ok
14:57:23.0290 8672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:57:23.0320 8672 RDPWD - ok
14:57:23.0370 8672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:57:23.0400 8672 rdyboost - ok
14:57:23.0450 8672 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
14:57:23.0470 8672 regi - ok
14:57:23.0510 8672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:57:23.0530 8672 RemoteAccess - ok
14:57:23.0590 8672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:57:23.0610 8672 RemoteRegistry - ok
14:57:23.0660 8672 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:57:23.0660 8672 RFCOMM - ok
14:57:23.0700 8672 [ 7EAE3999B94A8CE60BFBAA83462B89A1 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
14:57:23.0720 8672 rimsptsk - ok
14:57:23.0770 8672 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:57:23.0790 8672 RimUsb - ok
14:57:23.0860 8672 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:57:23.0860 8672 RimVSerPort - ok
14:57:23.0900 8672 [ FA6D7CD63AD08A01D9259F58E0C5C09E ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
14:57:23.0920 8672 risdptsk - ok
14:57:23.0970 8672 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:57:23.0990 8672 ROOTMODEM - ok
14:57:24.0050 8672 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
14:57:24.0070 8672 Roxio UPnP Renderer 10 - ok
14:57:24.0110 8672 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
14:57:24.0110 8672 Roxio Upnp Server 10 - ok
14:57:24.0260 8672 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
14:57:24.0300 8672 RoxMediaDB12 - ok
14:57:24.0340 8672 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
14:57:24.0360 8672 RoxWatch12 - ok
14:57:24.0400 8672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:57:24.0400 8672 RpcEptMapper - ok
14:57:24.0450 8672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:57:24.0460 8672 RpcLocator - ok
14:57:24.0510 8672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:57:24.0520 8672 RpcSs - ok
14:57:24.0580 8672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:57:24.0580 8672 rspndr - ok
14:57:24.0630 8672 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:57:24.0630 8672 s3cap - ok
14:57:24.0690 8672 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
14:57:24.0690 8672 Sahdad64 - ok
14:57:24.0700 8672 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
14:57:24.0700 8672 Saibad64 - ok
14:57:24.0740 8672 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
14:57:24.0760 8672 SaibVdAd64 - ok
14:57:24.0840 8672 [ 6B318F9443740A907D1C8F3460C19009 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
14:57:24.0860 8672 SampleCollector - ok
14:57:24.0900 8672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:57:24.0900 8672 SamSs - ok
14:57:24.0920 8672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:57:24.0930 8672 sbp2port - ok
14:57:24.0970 8672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:57:24.0990 8672 SCardSvr - ok
14:57:25.0030 8672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:57:25.0050 8672 scfilter - ok
14:57:25.0110 8672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:57:25.0130 8672 Schedule - ok
14:57:25.0180 8672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:57:25.0180 8672 SCPolicySvc - ok
14:57:25.0240 8672 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:57:25.0240 8672 sdbus - ok
14:57:25.0280 8672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:57:25.0310 8672 SDRSVC - ok
14:57:25.0360 8672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:57:25.0370 8672 secdrv - ok
14:57:25.0430 8672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:57:25.0440 8672 seclogon - ok
14:57:25.0460 8672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:57:25.0470 8672 SENS - ok
14:57:25.0490 8672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:57:25.0510 8672 SensrSvc - ok
14:57:25.0530 8672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:57:25.0530 8672 Serenum - ok
14:57:25.0550 8672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:57:25.0560 8672 Serial - ok
14:57:25.0600 8672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:57:25.0600 8672 sermouse - ok
14:57:25.0668 8672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:57:25.0672 8672 SessionEnv - ok
14:57:25.0712 8672 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
14:57:25.0732 8672 SFEP - ok
14:57:25.0762 8672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:57:25.0772 8672 sffdisk - ok
14:57:25.0822 8672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:57:25.0842 8672 sffp_mmc - ok
14:57:25.0872 8672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:57:25.0872 8672 sffp_sd - ok
14:57:25.0902 8672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:25.0912 8672 sfloppy - ok
14:57:25.0982 8672 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:57:25.0992 8672 SharedAccess - ok
14:57:26.0052 8672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:26.0062 8672 ShellHWDetection - ok
14:57:26.0102 8672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:26.0102 8672 SiSRaid2 - ok
14:57:26.0122 8672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:26.0122 8672 SiSRaid4 - ok
14:57:26.0362 8672 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:57:26.0402 8672 Skype C2C Service - ok
14:57:26.0472 8672 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:57:26.0502 8672 SkypeUpdate - ok
14:57:26.0522 8672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:57:26.0532 8672 Smb - ok
14:57:26.0592 8672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:57:26.0612 8672 SNMPTRAP - ok
14:57:26.0722 8672 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:57:26.0732 8672 SOHCImp - ok
14:57:26.0762 8672 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
14:57:26.0762 8672 SOHDBSvr - ok
14:57:26.0792 8672 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:57:26.0802 8672 SOHDms - ok
14:57:26.0822 8672 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:57:26.0822 8672 SOHDs - ok
14:57:26.0872 8672 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
14:57:26.0892 8672 SOHPlMgr - ok
14:57:26.0922 8672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:57:26.0922 8672 spldr - ok
14:57:26.0972 8672 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:57:26.0982 8672 Spooler - ok
14:57:27.0102 8672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:57:27.0172 8672 sppsvc - ok
14:57:27.0222 8672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:57:27.0242 8672 sppuinotify - ok
14:57:27.0342 8672 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
14:57:27.0342 8672 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
14:57:27.0372 8672 sptd ( LockedFile.Multi.Generic ) - warning
14:57:27.0372 8672 sptd - detected LockedFile.Multi.Generic (1)
14:57:27.0472 8672 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
14:57:27.0492 8672 SRTSP - ok
14:57:27.0512 8672 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
14:57:27.0512 8672 SRTSPX - ok
14:57:27.0562 8672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:57:27.0582 8672 srv - ok
14:57:27.0622 8672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:57:27.0632 8672 srv2 - ok
14:57:27.0692 8672 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:57:27.0712 8672 SrvHsfHDA - ok
14:57:27.0792 8672 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:57:27.0822 8672 SrvHsfV92 - ok
14:57:27.0852 8672 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:57:27.0862 8672 SrvHsfWinac - ok
14:57:27.0882 8672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:57:27.0902 8672 srvnet - ok
14:57:27.0962 8672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:57:27.0972 8672 SSDPSRV - ok
14:57:27.0982 8672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:57:28.0002 8672 SstpSvc - ok
14:57:28.0042 8672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:57:28.0062 8672 stexstor - ok
14:57:28.0112 8672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:57:28.0122 8672 stisvc - ok
14:57:28.0172 8672 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:57:28.0172 8672 storflt - ok
14:57:28.0222 8672 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:57:28.0222 8672 StorSvc - ok
14:57:28.0242 8672 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:57:28.0262 8672 storvsc - ok
14:57:28.0352 8672 [ 42FEF84684D217870F3C8813B6F58276 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
14:57:28.0352 8672 SupportSoft RemoteAssist - ok
14:57:28.0382 8672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:57:28.0382 8672 swenum - ok
14:57:28.0502 8672 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:57:28.0522 8672 SwitchBoard - ok
14:57:28.0582 8672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:57:28.0592 8672 swprv - ok
14:57:28.0702 8672 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
14:57:28.0722 8672 Symantec RemoteAssist - ok
14:57:28.0762 8672 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
14:57:28.0782 8672 SymDS - ok
14:57:28.0852 8672 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
14:57:28.0882 8672 SymEFA - ok
14:57:28.0932 8672 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:57:28.0932 8672 SymEvent - ok
14:57:28.0962 8672 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
14:57:28.0972 8672 SymIRON - ok
14:57:29.0032 8672 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
14:57:29.0052 8672 SymNetS - ok
14:57:29.0132 8672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:57:29.0162 8672 SysMain - ok
14:57:29.0202 8672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:29.0212 8672 TabletInputService - ok
14:57:29.0262 8672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:57:29.0292 8672 TapiSrv - ok
14:57:29.0322 8672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:57:29.0352 8672 TBS - ok
14:57:29.0432 8672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:57:29.0482 8672 Tcpip - ok
14:57:29.0522 8672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:57:29.0532 8672 TCPIP6 - ok
14:57:29.0742 8672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:57:29.0812 8672 tcpipreg - ok
14:57:29.0882 8672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:57:29.0882 8672 TDPIPE - ok
14:57:29.0932 8672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:57:29.0942 8672 TDTCP - ok
14:57:29.0996 8672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:57:30.0014 8672 tdx - ok
14:57:30.0194 8672 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:57:30.0234 8672 TeamViewer7 - ok
14:57:30.0284 8672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:57:30.0284 8672 TermDD - ok
14:57:30.0314 8672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:57:30.0324 8672 TermService - ok
14:57:30.0374 8672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:57:30.0374 8672 Themes - ok
14:57:30.0424 8672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:57:30.0424 8672 THREADORDER - ok
14:57:30.0444 8672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:57:30.0454 8672 TrkWks - ok
14:57:30.0524 8672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:30.0534 8672 TrustedInstaller - ok
14:57:30.0587 8672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:30.0603 8672 tssecsrv - ok
14:57:30.0656 8672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:57:30.0676 8672 TsUsbFlt - ok
14:57:30.0706 8672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:57:30.0726 8672 tunnel - ok
14:57:30.0776 8672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:57:30.0776 8672 uagp35 - ok
14:57:30.0826 8672 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
14:57:30.0836 8672 uCamMonitor - ok
14:57:30.0876 8672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:57:30.0906 8672 udfs - ok
14:57:30.0966 8672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:57:30.0966 8672 UI0Detect - ok
14:57:30.0996 8672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:57:30.0996 8672 uliagpkx - ok
14:57:31.0046 8672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:57:31.0046 8672 umbus - ok
14:57:31.0066 8672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:57:31.0086 8672 UmPass - ok
14:57:31.0126 8672 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:57:31.0136 8672 UmRdpService - ok
14:57:31.0166 8672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:57:31.0166 8672 upnphost - ok
14:57:31.0226 8672 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:57:31.0246 8672 USBAAPL64 - ok
14:57:31.0276 8672 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:31.0276 8672 usbccgp - ok
14:57:31.0296 8672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:57:31.0296 8672 usbcir - ok
14:57:31.0316 8672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:57:31.0316 8672 usbehci - ok
14:57:31.0346 8672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:57:31.0346 8672 usbhub - ok
14:57:31.0366 8672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:57:31.0376 8672 usbohci - ok
14:57:31.0416 8672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:57:31.0416 8672 usbprint - ok
14:57:31.0456 8672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:57:31.0476 8672 usbscan - ok
14:57:31.0496 8672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:31.0496 8672 USBSTOR - ok
14:57:31.0536 8672 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:57:31.0536 8672 usbuhci - ok
14:57:31.0586 8672 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:57:31.0596 8672 usbvideo - ok
14:57:31.0646 8672 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:57:31.0666 8672 usb_rndisx - ok
14:57:31.0706 8672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:57:31.0716 8672 UxSms - ok
14:57:31.0806 8672 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
14:57:31.0826 8672 VAIO Entertainment TV Device Arbitration Service - ok
14:57:31.0846 8672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:57:31.0846 8672 VaultSvc - ok
14:57:31.0916 8672 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:57:31.0926 8672 VCFw - ok
14:57:31.0936 8672 Vcsw - ok
14:57:31.0986 8672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:57:31.0986 8672 vdrvroot - ok
14:57:32.0046 8672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:57:32.0076 8672 vds - ok
14:57:32.0116 8672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:32.0116 8672 vga - ok
14:57:32.0136 8672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:57:32.0136 8672 VgaSave - ok
14:57:32.0196 8672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:57:32.0196 8672 vhdmp - ok
14:57:32.0216 8672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:57:32.0216 8672 viaide - ok
14:57:32.0236 8672 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:57:32.0246 8672 vmbus - ok
14:57:32.0266 8672 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:57:32.0266 8672 VMBusHID - ok
14:57:32.0286 8672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:57:32.0286 8672 volmgr - ok
14:57:32.0336 8672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:57:32.0346 8672 volmgrx - ok
14:57:32.0376 8672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:57:32.0386 8672 volsnap - ok
14:57:32.0406 8672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:32.0426 8672 vsmraid - ok
14:57:32.0506 8672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:57:32.0536 8672 VSS - ok
14:57:32.0556 8672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:57:32.0556 8672 vwifibus - ok
14:57:32.0616 8672 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
14:57:32.0616 8672 VzCdbSvc - ok
14:57:32.0685 8672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:57:32.0688 8672 W32Time - ok
14:57:32.0748 8672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:57:32.0748 8672 WacomPen - ok
14:57:32.0768 8672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:57:32.0768 8672 WANARP - ok
14:57:32.0778 8672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:57:32.0778 8672 Wanarpv6 - ok
14:57:32.0888 8672 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:32.0908 8672 WatAdminSvc - ok
14:57:32.0978 8672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:57:33.0018 8672 wbengine - ok
14:57:33.0038 8672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:57:33.0068 8672 WbioSrvc - ok
14:57:33.0118 8672 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:57:33.0128 8672 WcesComm - ok
14:57:33.0178 8672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:57:33.0188 8672 wcncsvc - ok
14:57:33.0238 8672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:33.0268 8672 WcsPlugInService - ok
14:57:33.0298 8672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:57:33.0318 8672 Wd - ok
14:57:33.0378 8672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:57:33.0398 8672 Wdf01000 - ok
14:57:33.0438 8672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:57:33.0438 8672 WdiServiceHost - ok
14:57:33.0448 8672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:57:33.0448 8672 WdiSystemHost - ok
14:57:33.0498 8672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:57:33.0508 8672 WebClient - ok
14:57:33.0538 8672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:57:33.0568 8672 Wecsvc - ok
14:57:33.0598 8672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:57:33.0598 8672 wercplsupport - ok
14:57:33.0628 8672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:57:33.0638 8672 WerSvc - ok
14:57:33.0668 8672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:33.0678 8672 WfpLwf - ok
14:57:33.0708 8672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:57:33.0708 8672 WIMMount - ok
14:57:33.0738 8672 WinDefend - ok
14:57:33.0748 8672 WinHttpAutoProxySvc - ok
14:57:33.0828 8672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:57:33.0828 8672 Winmgmt - ok
14:57:33.0908 8672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:57:33.0948 8672 WinRM - ok
14:57:34.0039 8672 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
14:57:34.0039 8672 WinUsb - ok
14:57:34.0129 8672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:57:34.0149 8672 Wlansvc - ok
14:57:34.0329 8672 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:34.0369 8672 wlidsvc - ok
14:57:34.0389 8672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:57:34.0389 8672 WmiAcpi - ok
14:57:34.0439 8672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:57:34.0459 8672 wmiApSrv - ok
14:57:34.0499 8672 WMPNetworkSvc - ok
14:57:34.0529 8672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:57:34.0549 8672 WPCSvc - ok
14:57:34.0589 8672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:57:34.0589 8672 WPDBusEnum - ok
14:57:34.0639 8672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:57:34.0639 8672 ws2ifsl - ok
14:57:34.0689 8672 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:57:34.0689 8672 wscsvc - ok
14:57:34.0699 8672 WSearch - ok
14:57:34.0819 8672 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:57:34.0859 8672 wuauserv - ok
14:57:34.0959 8672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:57:35.0009 8672 WudfPf - ok
14:57:35.0109 8672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:35.0109 8672 WUDFRd - ok
14:57:35.0159 8672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:57:35.0159 8672 wudfsvc - ok
14:57:35.0199 8672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:57:35.0219 8672 WwanSvc - ok
14:57:35.0279 8672 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:57:35.0289 8672 yukonw7 - ok
14:57:35.0383 8672 ================ Scan global ===============================
14:57:35.0491 8672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:57:35.0531 8672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:35.0541 8672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:35.0591 8672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:57:35.0631 8672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:57:35.0641 8672 [Global] - ok
14:57:35.0641 8672 ================ Scan MBR ==================================
14:57:35.0641 8672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:57:35.0641 8672 Suspicious mbr (Forged): \Device\Harddisk0\DR0
14:57:35.0691 8672 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
14:57:35.0691 8672 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
14:57:35.0691 8672 ================ Scan VBR ==================================
14:57:35.0701 8672 [ 49778CE1E942A0B2BC691B713CDA9C51 ] \Device\Harddisk0\DR0\Partition1
14:57:35.0701 8672 \Device\Harddisk0\DR0\Partition1 - ok
14:57:35.0701 8672 ============================================================
14:57:35.0701 8672 Scan finished
14:57:35.0701 8672 ============================================================
14:57:35.0721 7824 Detected object count: 2
14:57:35.0721 7824 Actual detected object count: 2
14:58:09.0414 7824 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:58:09.0414 7824 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:58:10.0174 7824 \Device\Harddisk0\DR0\# - copied to quarantine
14:58:10.0174 7824 \Device\Harddisk0\DR0 - copied to quarantine
14:58:10.0214 7824 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
14:58:10.0214 7824 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
14:58:10.0224 7824 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
14:58:10.0224 7824 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
14:58:10.0244 7824 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
14:58:10.0274 7824 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
14:58:10.0284 7824 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:58:10.0304 7824 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
14:58:10.0314 7824 \Device\Harddisk0\DR0 - ok
14:58:10.0664 7824 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
14:58:26.0355 8228 Deinitialize success
 
14:57:21.0036 8672 pciide - ok
14:57:21.0066 8672 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:21.0086 8672 pcmcia - ok
14:57:21.0126 8672 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
14:57:21.0126 8672 pcouffin - ok
14:57:21.0236 8672 [ E6E503845208A148A9E3E7FAA63B97A4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
14:57:21.0246 8672 PCToolsSSDMonitorSvc - ok
14:57:21.0266 8672 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:57:21.0266 8672 pcw - ok
14:57:21.0296 8672 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:57:21.0306 8672 PEAUTH - ok
14:57:21.0376 8672 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:57:21.0406 8672 PeerDistSvc - ok
14:57:21.0516 8672 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:57:21.0536 8672 PerfHost - ok
14:57:21.0618 8672 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:57:21.0658 8672 pla - ok
14:57:21.0718 8672 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:57:21.0728 8672 PlugPlay - ok
14:57:21.0748 8672 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:57:21.0768 8672 Pml Driver HPZ12 - ok
14:57:21.0798 8672 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:57:21.0808 8672 PNRPAutoReg - ok
14:57:21.0828 8672 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:57:21.0828 8672 PNRPsvc - ok
14:57:21.0878 8672 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:57:21.0888 8672 PolicyAgent - ok
14:57:21.0948 8672 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:57:21.0948 8672 Power - ok
14:57:21.0998 8672 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:57:21.0998 8672 PptpMiniport - ok
14:57:22.0018 8672 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:57:22.0018 8672 Processor - ok
14:57:22.0078 8672 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:57:22.0078 8672 ProfSvc - ok
14:57:22.0098 8672 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:22.0098 8672 ProtectedStorage - ok
14:57:22.0148 8672 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:57:22.0168 8672 Psched - ok
14:57:22.0218 8672 [ 475A16F67798A9FFE9366F20551EEF95 ] PTAPCBUS C:\Windows\system32\DRIVERS\PTAPCBUS.sys
14:57:22.0248 8672 PTAPCBUS - ok
14:57:22.0308 8672 [ 3954BDF96E224C590B8F6A3730E3F9A6 ] PTAPCMDM C:\Windows\system32\DRIVERS\PTAPCMDM.sys
14:57:22.0318 8672 PTAPCMDM - ok
14:57:22.0368 8672 [ 784A2938956EAEEF4582278D6EAE99E7 ] PTAPCVSP C:\Windows\system32\DRIVERS\PTAPCVSP.sys
14:57:22.0378 8672 PTAPCVSP - ok
14:57:22.0428 8672 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:57:22.0448 8672 PxHlpa64 - ok
14:57:22.0518 8672 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:57:22.0538 8672 ql2300 - ok
14:57:22.0558 8672 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:22.0558 8672 ql40xx - ok
14:57:22.0608 8672 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:57:22.0628 8672 QWAVE - ok
14:57:22.0658 8672 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:57:22.0668 8672 QWAVEdrv - ok
14:57:22.0748 8672 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:57:22.0758 8672 RapiMgr - ok
14:57:22.0788 8672 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:57:22.0788 8672 RasAcd - ok
14:57:22.0838 8672 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:22.0838 8672 RasAgileVpn - ok
14:57:22.0858 8672 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:57:22.0878 8672 RasAuto - ok
14:57:22.0918 8672 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:22.0938 8672 Rasl2tp - ok
14:57:22.0978 8672 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:57:23.0008 8672 RasMan - ok
14:57:23.0028 8672 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:23.0028 8672 RasPppoe - ok
14:57:23.0050 8672 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:57:23.0053 8672 RasSstp - ok
14:57:23.0090 8672 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:57:23.0100 8672 rdbss - ok
14:57:23.0120 8672 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:23.0120 8672 rdpbus - ok
14:57:23.0140 8672 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:23.0140 8672 RDPCDD - ok
14:57:23.0190 8672 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:57:23.0190 8672 RDPDR - ok
14:57:23.0210 8672 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:57:23.0210 8672 RDPENCDD - ok
14:57:23.0240 8672 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:57:23.0240 8672 RDPREFMP - ok
14:57:23.0290 8672 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:57:23.0320 8672 RDPWD - ok
14:57:23.0370 8672 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:57:23.0400 8672 rdyboost - ok
14:57:23.0450 8672 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
14:57:23.0470 8672 regi - ok
14:57:23.0510 8672 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:57:23.0530 8672 RemoteAccess - ok
14:57:23.0590 8672 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:57:23.0610 8672 RemoteRegistry - ok
14:57:23.0660 8672 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:57:23.0660 8672 RFCOMM - ok
14:57:23.0700 8672 [ 7EAE3999B94A8CE60BFBAA83462B89A1 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
14:57:23.0720 8672 rimsptsk - ok
14:57:23.0770 8672 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:57:23.0790 8672 RimUsb - ok
14:57:23.0860 8672 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:57:23.0860 8672 RimVSerPort - ok
14:57:23.0900 8672 [ FA6D7CD63AD08A01D9259F58E0C5C09E ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
14:57:23.0920 8672 risdptsk - ok
14:57:23.0970 8672 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:57:23.0990 8672 ROOTMODEM - ok
14:57:24.0050 8672 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
14:57:24.0070 8672 Roxio UPnP Renderer 10 - ok
14:57:24.0110 8672 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
14:57:24.0110 8672 Roxio Upnp Server 10 - ok
14:57:24.0260 8672 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
14:57:24.0300 8672 RoxMediaDB12 - ok
14:57:24.0340 8672 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
14:57:24.0360 8672 RoxWatch12 - ok
14:57:24.0400 8672 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:57:24.0400 8672 RpcEptMapper - ok
14:57:24.0450 8672 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:57:24.0460 8672 RpcLocator - ok
14:57:24.0510 8672 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:57:24.0520 8672 RpcSs - ok
14:57:24.0580 8672 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:57:24.0580 8672 rspndr - ok
14:57:24.0630 8672 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:57:24.0630 8672 s3cap - ok
14:57:24.0690 8672 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
14:57:24.0690 8672 Sahdad64 - ok
14:57:24.0700 8672 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
14:57:24.0700 8672 Saibad64 - ok
14:57:24.0740 8672 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
14:57:24.0760 8672 SaibVdAd64 - ok
14:57:24.0840 8672 [ 6B318F9443740A907D1C8F3460C19009 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
14:57:24.0860 8672 SampleCollector - ok
14:57:24.0900 8672 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:57:24.0900 8672 SamSs - ok
14:57:24.0920 8672 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:57:24.0930 8672 sbp2port - ok
14:57:24.0970 8672 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:57:24.0990 8672 SCardSvr - ok
14:57:25.0030 8672 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:57:25.0050 8672 scfilter - ok
14:57:25.0110 8672 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:57:25.0130 8672 Schedule - ok
14:57:25.0180 8672 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:57:25.0180 8672 SCPolicySvc - ok
14:57:25.0240 8672 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:57:25.0240 8672 sdbus - ok
14:57:25.0280 8672 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:57:25.0310 8672 SDRSVC - ok
14:57:25.0360 8672 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:57:25.0370 8672 secdrv - ok
14:57:25.0430 8672 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:57:25.0440 8672 seclogon - ok
14:57:25.0460 8672 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:57:25.0470 8672 SENS - ok
14:57:25.0490 8672 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:57:25.0510 8672 SensrSvc - ok
14:57:25.0530 8672 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:57:25.0530 8672 Serenum - ok
14:57:25.0550 8672 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:57:25.0560 8672 Serial - ok
14:57:25.0600 8672 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:57:25.0600 8672 sermouse - ok
14:57:25.0668 8672 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:57:25.0672 8672 SessionEnv - ok
14:57:25.0712 8672 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
14:57:25.0732 8672 SFEP - ok
14:57:25.0762 8672 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:57:25.0772 8672 sffdisk - ok
14:57:25.0822 8672 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:57:25.0842 8672 sffp_mmc - ok
14:57:25.0872 8672 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:57:25.0872 8672 sffp_sd - ok
14:57:25.0902 8672 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:25.0912 8672 sfloppy - ok
14:57:25.0982 8672 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:57:25.0992 8672 SharedAccess - ok
14:57:26.0052 8672 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:26.0062 8672 ShellHWDetection - ok
14:57:26.0102 8672 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:26.0102 8672 SiSRaid2 - ok
14:57:26.0122 8672 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:26.0122 8672 SiSRaid4 - ok
14:57:26.0362 8672 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:57:26.0402 8672 Skype C2C Service - ok
14:57:26.0472 8672 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:57:26.0502 8672 SkypeUpdate - ok
14:57:26.0522 8672 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:57:26.0532 8672 Smb - ok
14:57:26.0592 8672 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:57:26.0612 8672 SNMPTRAP - ok
14:57:26.0722 8672 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:57:26.0732 8672 SOHCImp - ok
14:57:26.0762 8672 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
14:57:26.0762 8672 SOHDBSvr - ok
14:57:26.0792 8672 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:57:26.0802 8672 SOHDms - ok
14:57:26.0822 8672 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:57:26.0822 8672 SOHDs - ok
14:57:26.0872 8672 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
14:57:26.0892 8672 SOHPlMgr - ok
14:57:26.0922 8672 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:57:26.0922 8672 spldr - ok
14:57:26.0972 8672 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:57:26.0982 8672 Spooler - ok
14:57:27.0102 8672 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:57:27.0172 8672 sppsvc - ok
14:57:27.0222 8672 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:57:27.0242 8672 sppuinotify - ok
14:57:27.0342 8672 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
14:57:27.0342 8672 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
14:57:27.0372 8672 sptd ( LockedFile.Multi.Generic ) - warning
14:57:27.0372 8672 sptd - detected LockedFile.Multi.Generic (1)
14:57:27.0472 8672 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
14:57:27.0492 8672 SRTSP - ok
14:57:27.0512 8672 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
14:57:27.0512 8672 SRTSPX - ok
14:57:27.0562 8672 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:57:27.0582 8672 srv - ok
14:57:27.0622 8672 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:57:27.0632 8672 srv2 - ok
14:57:27.0692 8672 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:57:27.0712 8672 SrvHsfHDA - ok
14:57:27.0792 8672 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:57:27.0822 8672 SrvHsfV92 - ok
14:57:27.0852 8672 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:57:27.0862 8672 SrvHsfWinac - ok
14:57:27.0882 8672 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:57:27.0902 8672 srvnet - ok
14:57:27.0962 8672 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:57:27.0972 8672 SSDPSRV - ok
14:57:27.0982 8672 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:57:28.0002 8672 SstpSvc - ok
14:57:28.0042 8672 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:57:28.0062 8672 stexstor - ok
14:57:28.0112 8672 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:57:28.0122 8672 stisvc - ok
14:57:28.0172 8672 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:57:28.0172 8672 storflt - ok
14:57:28.0222 8672 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:57:28.0222 8672 StorSvc - ok
14:57:28.0242 8672 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:57:28.0262 8672 storvsc - ok
14:57:28.0352 8672 [ 42FEF84684D217870F3C8813B6F58276 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
14:57:28.0352 8672 SupportSoft RemoteAssist - ok
14:57:28.0382 8672 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:57:28.0382 8672 swenum - ok
14:57:28.0502 8672 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:57:28.0522 8672 SwitchBoard - ok
14:57:28.0582 8672 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:57:28.0592 8672 swprv - ok
14:57:28.0702 8672 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
14:57:28.0722 8672 Symantec RemoteAssist - ok
14:57:28.0762 8672 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
14:57:28.0782 8672 SymDS - ok
14:57:28.0852 8672 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
14:57:28.0882 8672 SymEFA - ok
14:57:28.0932 8672 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:57:28.0932 8672 SymEvent - ok
14:57:28.0962 8672 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
14:57:28.0972 8672 SymIRON - ok
14:57:29.0032 8672 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
14:57:29.0052 8672 SymNetS - ok
14:57:29.0132 8672 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:57:29.0162 8672 SysMain - ok
14:57:29.0202 8672 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:29.0212 8672 TabletInputService - ok
14:57:29.0262 8672 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:57:29.0292 8672 TapiSrv - ok
14:57:29.0322 8672 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:57:29.0352 8672 TBS - ok
14:57:29.0432 8672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:57:29.0482 8672 Tcpip - ok
14:57:29.0522 8672 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:57:29.0532 8672 TCPIP6 - ok
14:57:29.0742 8672 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:57:29.0812 8672 tcpipreg - ok
14:57:29.0882 8672 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:57:29.0882 8672 TDPIPE - ok
14:57:29.0932 8672 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:57:29.0942 8672 TDTCP - ok
14:57:29.0996 8672 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:57:30.0014 8672 tdx - ok
14:57:30.0194 8672 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:57:30.0234 8672 TeamViewer7 - ok
14:57:30.0284 8672 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:57:30.0284 8672 TermDD - ok
14:57:30.0314 8672 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:57:30.0324 8672 TermService - ok
14:57:30.0374 8672 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:57:30.0374 8672 Themes - ok
14:57:30.0424 8672 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:57:30.0424 8672 THREADORDER - ok
14:57:30.0444 8672 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:57:30.0454 8672 TrkWks - ok
14:57:30.0524 8672 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:30.0534 8672 TrustedInstaller - ok
14:57:30.0587 8672 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:30.0603 8672 tssecsrv - ok
14:57:30.0656 8672 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:57:30.0676 8672 TsUsbFlt - ok
14:57:30.0706 8672 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:57:30.0726 8672 tunnel - ok
14:57:30.0776 8672 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:57:30.0776 8672 uagp35 - ok
14:57:30.0826 8672 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
14:57:30.0836 8672 uCamMonitor - ok
14:57:30.0876 8672 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:57:30.0906 8672 udfs - ok
14:57:30.0966 8672 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:57:30.0966 8672 UI0Detect - ok
14:57:30.0996 8672 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:57:30.0996 8672 uliagpkx - ok
14:57:31.0046 8672 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:57:31.0046 8672 umbus - ok
14:57:31.0066 8672 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:57:31.0086 8672 UmPass - ok
14:57:31.0126 8672 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:57:31.0136 8672 UmRdpService - ok
14:57:31.0166 8672 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:57:31.0166 8672 upnphost - ok
14:57:31.0226 8672 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:57:31.0246 8672 USBAAPL64 - ok
14:57:31.0276 8672 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:31.0276 8672 usbccgp - ok
14:57:31.0296 8672 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:57:31.0296 8672 usbcir - ok
14:57:31.0316 8672 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:57:31.0316 8672 usbehci - ok
14:57:31.0346 8672 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:57:31.0346 8672 usbhub - ok
14:57:31.0366 8672 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:57:31.0376 8672 usbohci - ok
14:57:31.0416 8672 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:57:31.0416 8672 usbprint - ok
14:57:31.0456 8672 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:57:31.0476 8672 usbscan - ok
14:57:31.0496 8672 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:31.0496 8672 USBSTOR - ok
14:57:31.0536 8672 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:57:31.0536 8672 usbuhci - ok
14:57:31.0586 8672 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:57:31.0596 8672 usbvideo - ok
14:57:31.0646 8672 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:57:31.0666 8672 usb_rndisx - ok
14:57:31.0706 8672 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:57:31.0716 8672 UxSms - ok
14:57:31.0806 8672 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
14:57:31.0826 8672 VAIO Entertainment TV Device Arbitration Service - ok
14:57:31.0846 8672 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:57:31.0846 8672 VaultSvc - ok
14:57:31.0916 8672 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:57:31.0926 8672 VCFw - ok
14:57:31.0936 8672 Vcsw - ok
14:57:31.0986 8672 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:57:31.0986 8672 vdrvroot - ok
14:57:32.0046 8672 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:57:32.0076 8672 vds - ok
14:57:32.0116 8672 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:32.0116 8672 vga - ok
14:57:32.0136 8672 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:57:32.0136 8672 VgaSave - ok
14:57:32.0196 8672 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:57:32.0196 8672 vhdmp - ok
14:57:32.0216 8672 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:57:32.0216 8672 viaide - ok
14:57:32.0236 8672 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:57:32.0246 8672 vmbus - ok
14:57:32.0266 8672 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:57:32.0266 8672 VMBusHID - ok
14:57:32.0286 8672 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:57:32.0286 8672 volmgr - ok
14:57:32.0336 8672 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:57:32.0346 8672 volmgrx - ok
14:57:32.0376 8672 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:57:32.0386 8672 volsnap - ok
14:57:32.0406 8672 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:32.0426 8672 vsmraid - ok
14:57:32.0506 8672 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:57:32.0536 8672 VSS - ok
14:57:32.0556 8672 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:57:32.0556 8672 vwifibus - ok
14:57:32.0616 8672 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
14:57:32.0616 8672 VzCdbSvc - ok
14:57:32.0685 8672 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:57:32.0688 8672 W32Time - ok
14:57:32.0748 8672 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:57:32.0748 8672 WacomPen - ok
14:57:32.0768 8672 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:57:32.0768 8672 WANARP - ok
14:57:32.0778 8672 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:57:32.0778 8672 Wanarpv6 - ok
14:57:32.0888 8672 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:57:32.0908 8672 WatAdminSvc - ok
14:57:32.0978 8672 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:57:33.0018 8672 wbengine - ok
14:57:33.0038 8672 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:57:33.0068 8672 WbioSrvc - ok
14:57:33.0118 8672 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:57:33.0128 8672 WcesComm - ok
14:57:33.0178 8672 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:57:33.0188 8672 wcncsvc - ok
14:57:33.0238 8672 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:33.0268 8672 WcsPlugInService - ok
14:57:33.0298 8672 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:57:33.0318 8672 Wd - ok
14:57:33.0378 8672 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:57:33.0398 8672 Wdf01000 - ok
14:57:33.0438 8672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:57:33.0438 8672 WdiServiceHost - ok
14:57:33.0448 8672 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:57:33.0448 8672 WdiSystemHost - ok
14:57:33.0498 8672 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:57:33.0508 8672 WebClient - ok
14:57:33.0538 8672 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:57:33.0568 8672 Wecsvc - ok
14:57:33.0598 8672 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:57:33.0598 8672 wercplsupport - ok
14:57:33.0628 8672 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:57:33.0638 8672 WerSvc - ok
14:57:33.0668 8672 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:33.0678 8672 WfpLwf - ok
14:57:33.0708 8672 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:57:33.0708 8672 WIMMount - ok
14:57:33.0738 8672 WinDefend - ok
14:57:33.0748 8672 WinHttpAutoProxySvc - ok
14:57:33.0828 8672 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:57:33.0828 8672 Winmgmt - ok
14:57:33.0908 8672 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:57:33.0948 8672 WinRM - ok
14:57:34.0039 8672 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
14:57:34.0039 8672 WinUsb - ok
14:57:34.0129 8672 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:57:34.0149 8672 Wlansvc - ok
14:57:34.0329 8672 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:34.0369 8672 wlidsvc - ok
14:57:34.0389 8672 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:57:34.0389 8672 WmiAcpi - ok
14:57:34.0439 8672 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:57:34.0459 8672 wmiApSrv - ok
14:57:34.0499 8672 WMPNetworkSvc - ok
14:57:34.0529 8672 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:57:34.0549 8672 WPCSvc - ok
14:57:34.0589 8672 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:57:34.0589 8672 WPDBusEnum - ok
14:57:34.0639 8672 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:57:34.0639 8672 ws2ifsl - ok
14:57:34.0689 8672 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:57:34.0689 8672 wscsvc - ok
14:57:34.0699 8672 WSearch - ok
14:57:34.0819 8672 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:57:34.0859 8672 wuauserv - ok
14:57:34.0959 8672 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:57:35.0009 8672 WudfPf - ok
14:57:35.0109 8672 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:35.0109 8672 WUDFRd - ok
14:57:35.0159 8672 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:57:35.0159 8672 wudfsvc - ok
14:57:35.0199 8672 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:57:35.0219 8672 WwanSvc - ok
14:57:35.0279 8672 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:57:35.0289 8672 yukonw7 - ok
14:57:35.0383 8672 ================ Scan global ===============================
14:57:35.0491 8672 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:57:35.0531 8672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:35.0541 8672 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:35.0591 8672 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:57:35.0631 8672 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:57:35.0641 8672 [Global] - ok
14:57:35.0641 8672 ================ Scan MBR ==================================
14:57:35.0641 8672 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:57:35.0641 8672 Suspicious mbr (Forged): \Device\Harddisk0\DR0
14:57:35.0691 8672 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
14:57:35.0691 8672 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
14:57:35.0691 8672 ================ Scan VBR ==================================
14:57:35.0701 8672 [ 49778CE1E942A0B2BC691B713CDA9C51 ] \Device\Harddisk0\DR0\Partition1
14:57:35.0701 8672 \Device\Harddisk0\DR0\Partition1 - ok
14:57:35.0701 8672 ============================================================
14:57:35.0701 8672 Scan finished
14:57:35.0701 8672 ============================================================
14:57:35.0721 7824 Detected object count: 2
14:57:35.0721 7824 Actual detected object count: 2
14:58:09.0414 7824 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:58:09.0414 7824 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:58:10.0174 7824 \Device\Harddisk0\DR0\# - copied to quarantine
14:58:10.0174 7824 \Device\Harddisk0\DR0 - copied to quarantine
14:58:10.0214 7824 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
14:58:10.0214 7824 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
14:58:10.0224 7824 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
14:58:10.0224 7824 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
14:58:10.0244 7824 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
14:58:10.0254 7824 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
14:58:10.0264 7824 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
14:58:10.0274 7824 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
14:58:10.0284 7824 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:58:10.0304 7824 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
14:58:10.0314 7824 \Device\Harddisk0\DR0 - ok
14:58:10.0664 7824 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
14:58:26.0355 8228 Deinitialize success
 
After restart

15:02:05.0033 1884 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:02:06.0281 1884 ============================================================
15:02:06.0281 1884 Current date / time: 2012/11/04 15:02:06.0281
15:02:06.0281 1884 SystemInfo:
15:02:06.0281 1884
15:02:06.0281 1884 OS Version: 6.1.7601 ServicePack: 1.0
15:02:06.0281 1884 Product type: Workstation
15:02:06.0281 1884 ComputerName: QUINCY-PC
15:02:06.0281 1884 UserName: Quincy
15:02:06.0281 1884 Windows directory: C:\Windows
15:02:06.0281 1884 System windows directory: C:\Windows
15:02:06.0281 1884 Running under WOW64
15:02:06.0281 1884 Processor architecture: Intel x64
15:02:06.0281 1884 Number of processors: 2
15:02:06.0281 1884 Page size: 0x1000
15:02:06.0281 1884 Boot type: Normal boot
15:02:06.0281 1884 ============================================================
15:02:17.0076 1884 BG loaded
15:02:18.0449 1884 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:02:18.0465 1884 ============================================================
15:02:18.0465 1884 \Device\Harddisk0\DR0:
15:02:18.0465 1884 MBR partitions:
15:02:18.0465 1884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14C0000, BlocksNum 0x23F6E2B0
15:02:18.0465 1884 ============================================================
15:02:18.0496 1884 C: <-> \Device\Harddisk0\DR0\Partition1
15:02:18.0496 1884 ============================================================
15:02:18.0496 1884 Initialize success
15:02:18.0496 1884 ============================================================
15:02:40.0829 5020 ============================================================
15:02:40.0829 5020 Scan started
15:02:40.0829 5020 Mode: Manual;
15:02:40.0829 5020 ============================================================
15:02:45.0711 5020 ================ Scan system memory ========================
15:02:45.0711 5020 System memory - ok
15:02:45.0727 5020 ================ Scan services =============================
15:02:47.0006 5020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:02:47.0006 5020 1394ohci - ok
15:02:48.0660 5020 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
15:02:48.0675 5020 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
15:02:49.0221 5020 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:02:49.0221 5020 ACDaemon - ok
15:02:49.0643 5020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:02:49.0658 5020 ACPI - ok
15:02:50.0001 5020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:02:50.0001 5020 AcpiPmi - ok
15:02:50.0251 5020 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
15:02:50.0251 5020 adfs - ok
15:02:50.0813 5020 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:02:50.0813 5020 AdobeARMservice - ok
15:02:53.0559 5020 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:53.0559 5020 AdobeFlashPlayerUpdateSvc - ok
15:02:53.0653 5020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:02:53.0668 5020 adp94xx - ok
15:02:53.0778 5020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:02:53.0778 5020 adpahci - ok
15:02:53.0824 5020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:02:53.0824 5020 adpu320 - ok
15:02:53.0934 5020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:02:53.0934 5020 AeLookupSvc - ok
15:02:54.0105 5020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:02:54.0121 5020 AFD - ok
15:02:54.0214 5020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:02:54.0324 5020 agp440 - ok
15:02:54.0573 5020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:02:54.0651 5020 ALG - ok
15:02:54.0854 5020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:02:54.0932 5020 aliide - ok
15:02:55.0010 5020 [ BCC32BF5EBB5DFD4380FA053D3651949 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:02:55.0010 5020 AMD External Events Utility - ok
15:02:55.0026 5020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:02:55.0026 5020 amdide - ok
15:02:55.0088 5020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:02:55.0088 5020 AmdK8 - ok
15:02:55.0182 5020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:02:55.0556 5020 AmdPPM - ok
15:02:55.0696 5020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:02:55.0696 5020 amdsata - ok
15:02:56.0071 5020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:02:56.0320 5020 amdsbs - ok
15:02:56.0367 5020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:02:56.0367 5020 amdxata - ok
15:02:56.0508 5020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:02:56.0788 5020 AppID - ok
15:02:57.0038 5020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:02:57.0147 5020 AppIDSvc - ok
15:02:57.0303 5020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:02:57.0303 5020 Appinfo - ok
15:02:57.0849 5020 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:02:57.0849 5020 Apple Mobile Device - ok
15:02:58.0255 5020 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:02:58.0380 5020 AppMgmt - ok
15:02:58.0442 5020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:02:58.0442 5020 arc - ok
15:02:58.0536 5020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:02:58.0536 5020 arcsas - ok
15:02:58.0723 5020 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:02:58.0723 5020 ArcSoftKsUFilter - ok
15:02:58.0832 5020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:58.0832 5020 AsyncMac - ok
15:02:58.0910 5020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:02:58.0910 5020 atapi - ok
15:02:59.0846 5020 [ A29087680A1C3B049E3C05438E8FF2B8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:02:59.0893 5020 atikmdag - ok
15:03:00.0252 5020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:03:00.0252 5020 AudioEndpointBuilder - ok
15:03:00.0267 5020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:03:00.0267 5020 AudioSrv - ok
15:03:00.0314 5020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:03:00.0314 5020 AxInstSV - ok
15:03:00.0423 5020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:03:00.0439 5020 b06bdrv - ok
15:03:00.0470 5020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:03:00.0470 5020 b57nd60a - ok
15:03:00.0579 5020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:03:00.0579 5020 BDESVC - ok
15:03:00.0595 5020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:03:00.0595 5020 Beep - ok
15:03:00.0766 5020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:03:00.0782 5020 BFE - ok
15:03:01.0921 5020 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys
15:03:01.0921 5020 BHDrvx64 - ok
15:03:02.0030 5020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:03:02.0030 5020 BITS - ok
15:03:02.0092 5020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:03:02.0092 5020 blbdrive - ok
15:03:02.0420 5020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:03:02.0420 5020 Bonjour Service - ok
15:03:02.0545 5020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:03:02.0545 5020 bowser - ok
15:03:02.0670 5020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:03:02.0670 5020 BrFiltLo - ok
15:03:02.0732 5020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:03:02.0748 5020 BrFiltUp - ok
15:03:02.0794 5020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:03:02.0794 5020 Browser - ok
15:03:03.0044 5020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:03:03.0138 5020 Brserid - ok
15:03:03.0262 5020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:03:03.0465 5020 BrSerWdm - ok
15:03:03.0559 5020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:03:03.0559 5020 BrUsbMdm - ok
15:03:03.0637 5020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:03:03.0637 5020 BrUsbSer - ok
15:03:03.0746 5020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:03:03.0746 5020 BthEnum - ok
15:03:03.0777 5020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:03:03.0777 5020 BTHMODEM - ok
15:03:03.0824 5020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:03:03.0824 5020 BthPan - ok
15:03:04.0292 5020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:03:04.0292 5020 BTHPORT - ok
15:03:04.0448 5020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:03:04.0448 5020 bthserv - ok
15:03:04.0666 5020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:03:04.0666 5020 BTHUSB - ok
15:03:04.0900 5020 [ 59626AB5920F316BDBFDC8B47521A882 ] c2scsi64 C:\Windows\system32\DRIVERS\c2scsi64.sys
15:03:04.0900 5020 c2scsi64 - ok
15:03:04.0916 5020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:03:04.0916 5020 cdfs - ok
15:03:05.0275 5020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:03:05.0306 5020 cdrom - ok
15:03:05.0384 5020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:03:05.0384 5020 CertPropSvc - ok
15:03:05.0992 5020 [ 127D4D0E9F78834FFD1EEEA3FCFB47C1 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
15:03:05.0992 5020 CinemaNow Service - ok
15:03:06.0570 5020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:03:06.0913 5020 circlass - ok
15:03:07.0490 5020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:03:07.0646 5020 CLFS - ok
15:03:08.0520 5020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:08.0910 5020 clr_optimization_v2.0.50727_32 - ok
15:03:09.0675 5020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:03:09.0706 5020 clr_optimization_v2.0.50727_64 - ok
15:03:13.0622 5020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:03:15.0135 5020 clr_optimization_v4.0.30319_32 - ok
15:03:16.0149 5020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:03:16.0290 5020 clr_optimization_v4.0.30319_64 - ok
15:03:16.0790 5020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:03:16.0790 5020 CmBatt - ok
15:03:17.0039 5020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:03:17.0242 5020 cmdide - ok
15:03:17.0570 5020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:03:17.0570 5020 CNG - ok
15:03:17.0866 5020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:03:18.0085 5020 Compbatt - ok
15:03:18.0334 5020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:03:18.0334 5020 CompositeBus - ok
15:03:18.0350 5020 COMSysApp - ok
15:03:18.0787 5020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:03:18.0818 5020 crcdisk - ok
15:03:18.0911 5020 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:03:18.0911 5020 CryptSvc - ok
15:03:19.0192 5020 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:03:19.0208 5020 CSC - ok
15:03:19.0489 5020 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:03:19.0489 5020 CscService - ok
15:03:20.0456 5020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:03:20.0487 5020 DcomLaunch - ok
15:03:20.0877 5020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:03:20.0877 5020 defragsvc - ok
15:03:21.0080 5020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:03:21.0080 5020 DfsC - ok
15:03:21.0548 5020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:03:21.0563 5020 Dhcp - ok
15:03:21.0751 5020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:03:21.0751 5020 discache - ok
15:03:21.0860 5020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:03:21.0860 5020 Disk - ok
15:03:22.0094 5020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:03:22.0094 5020 Dnscache - ok
15:03:22.0484 5020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:03:22.0484 5020 dot3svc - ok
15:03:22.0624 5020 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:03:22.0624 5020 Dot4 - ok
15:03:23.0077 5020 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
15:03:23.0092 5020 Dot4Print - ok
15:03:23.0123 5020 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:03:23.0123 5020 dot4usb - ok
15:03:23.0295 5020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:03:23.0295 5020 DPS - ok
15:03:23.0607 5020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:03:23.0607 5020 drmkaud - ok
15:03:24.0044 5020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:03:24.0059 5020 DXGKrnl - ok
15:03:24.0512 5020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:03:24.0621 5020 EapHost - ok
15:03:27.0195 5020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:03:27.0601 5020 ebdrv - ok
15:03:28.0147 5020 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:03:28.0162 5020 eeCtrl - ok
15:03:28.0334 5020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:03:28.0349 5020 EFS - ok
15:03:28.0646 5020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:03:28.0661 5020 ehRecvr - ok
15:03:29.0254 5020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:03:29.0270 5020 ehSched - ok
15:03:29.0379 5020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:03:29.0395 5020 elxstor - ok
15:03:30.0081 5020 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:03:30.0081 5020 EraserUtilRebootDrv - ok
15:03:30.0736 5020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:03:30.0861 5020 ErrDev - ok
15:03:32.0390 5020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:03:32.0390 5020 EventSystem - ok
15:03:32.0499 5020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:03:32.0515 5020 exfat - ok
15:03:33.0248 5020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:03:33.0263 5020 fastfat - ok
15:03:34.0574 5020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:03:34.0589 5020 Fax - ok
15:03:34.0621 5020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:03:34.0636 5020 fdc - ok
15:03:35.0541 5020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:03:35.0541 5020 fdPHost - ok
15:03:36.0087 5020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:03:36.0087 5020 FDResPub - ok
15:03:36.0461 5020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:03:36.0461 5020 FileInfo - ok
15:03:36.0539 5020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:03:36.0695 5020 Filetrace - ok
15:03:38.0084 5020 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:03:38.0084 5020 FLEXnet Licensing Service - ok
15:03:38.0443 5020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:03:38.0895 5020 flpydisk - ok
15:03:39.0800 5020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:03:39.0800 5020 FltMgr - ok
15:03:40.0346 5020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:03:40.0361 5020 FontCache - ok
15:03:40.0876 5020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:03:40.0985 5020 FontCache3.0.0.0 - ok
15:03:41.0126 5020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:03:41.0126 5020 FsDepends - ok
15:03:41.0173 5020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:03:41.0173 5020 Fs_Rec - ok
15:03:41.0656 5020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:03:41.0656 5020 fvevol - ok
15:03:41.0968 5020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:03:41.0968 5020 gagp30kx - ok
15:03:42.0249 5020 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:03:42.0249 5020 GEARAspiWDM - ok
15:03:42.0436 5020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:03:42.0467 5020 gpsvc - ok
15:03:42.0733 5020 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:42.0733 5020 gupdate - ok
15:03:42.0857 5020 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:42.0857 5020 gupdatem - ok
15:03:42.0967 5020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:03:42.0967 5020 hcw85cir - ok
15:03:43.0123 5020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:03:43.0123 5020 HdAudAddService - ok
15:03:43.0481 5020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:03:43.0497 5020 HDAudBus - ok
15:03:43.0669 5020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:03:43.0684 5020 HidBatt - ok
15:03:43.0825 5020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:03:43.0825 5020 HidBth - ok
15:03:43.0840 5020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:03:43.0887 5020 HidIr - ok
15:03:44.0027 5020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:03:44.0027 5020 hidserv - ok
15:03:44.0152 5020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:03:44.0152 5020 HidUsb - ok
15:03:44.0277 5020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:03:44.0277 5020 hkmsvc - ok
15:03:44.0371 5020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:03:44.0371 5020 HomeGroupListener - ok
15:03:44.0542 5020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:03:44.0558 5020 HomeGroupProvider - ok
15:03:44.0979 5020 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:03:44.0979 5020 hpqcxs08 - ok
15:03:45.0010 5020 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:03:45.0010 5020 hpqddsvc - ok
15:03:45.0182 5020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:03:45.0197 5020 HpSAMD - ok
15:03:45.0275 5020 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:03:45.0291 5020 HPSLPSVC - ok
15:03:45.0853 5020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:03:45.0853 5020 HTTP - ok
15:03:45.0915 5020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:03:45.0915 5020 hwpolicy - ok
15:03:46.0087 5020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:03:46.0087 5020 i8042prt - ok
15:03:46.0492 5020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:03:46.0679 5020 iaStorV - ok
15:03:47.0272 5020 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:03:47.0272 5020 IDriverT - ok
15:03:47.0569 5020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:03:47.0584 5020 idsvc - ok
15:03:48.0255 5020 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121102.001\IDSvia64.sys
15:03:48.0271 5020 IDSVia64 - ok
15:03:48.0333 5020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:03:48.0333 5020 iirsp - ok
15:03:48.0520 5020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:03:48.0520 5020 IKEEXT - ok
15:03:48.0583 5020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:03:48.0676 5020 intelide - ok
15:03:48.0941 5020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:03:48.0941 5020 intelppm - ok
15:03:49.0425 5020 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:03:49.0425 5020 IntuitUpdateService - ok
15:03:50.0080 5020 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:03:50.0548 5020 IntuitUpdateServiceV4 - ok
15:03:50.0626 5020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:03:50.0626 5020 IPBusEnum - ok
15:03:50.0720 5020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:03:50.0720 5020 IpFilterDriver - ok
15:03:51.0063 5020 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:03:51.0063 5020 iphlpsvc - ok
15:03:51.0235 5020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:03:51.0235 5020 IPMIDRV - ok
15:03:51.0406 5020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:03:51.0406 5020 IPNAT - ok
15:03:51.0827 5020 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:03:51.0827 5020 iPod Service - ok
15:03:51.0969 5020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:03:51.0969 5020 IRENUM - ok
15:03:52.0078 5020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:03:52.0078 5020 isapnp - ok
15:03:52.0499 5020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:03:52.0499 5020 iScsiPrt - ok
15:03:52.0624 5020 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:03:52.0624 5020 IviRegMgr - ok
15:03:52.0718 5020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:03:52.0718 5020 kbdclass - ok
15:03:52.0764 5020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:03:52.0764 5020 kbdhid - ok
15:03:52.0780 5020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:03:52.0780 5020 KeyIso - ok
15:03:52.0842 5020 KMService - ok
15:03:52.0936 5020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:03:52.0936 5020 KSecDD - ok
15:03:53.0030 5020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:03:53.0030 5020 KSecPkg - ok
15:03:53.0092 5020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:03:53.0092 5020 ksthunk - ok
15:03:53.0248 5020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:03:53.0248 5020 KtmRm - ok
15:03:53.0310 5020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:03:53.0326 5020 LanmanServer - ok
15:03:53.0404 5020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:03:53.0404 5020 LanmanWorkstation - ok
15:03:53.0934 5020 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
15:03:53.0981 5020 LeapFrog Connect Device Service - ok
15:03:54.0886 5020 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:03:54.0886 5020 LightScribeService - ok
15:03:54.0995 5020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:03:54.0995 5020 lltdio - ok
15:03:55.0775 5020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:03:55.0962 5020 lltdsvc - ok
15:03:56.0259 5020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:03:56.0259 5020 lmhosts - ok
15:03:56.0508 5020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:03:56.0836 5020 LSI_FC - ok
15:03:56.0898 5020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:03:56.0898 5020 LSI_SAS - ok
15:03:57.0366 5020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:03:57.0741 5020 LSI_SAS2 - ok
15:03:57.0866 5020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:03:57.0975 5020 LSI_SCSI - ok
15:03:58.0271 5020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:03:58.0271 5020 luafv - ok
15:03:59.0550 5020 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:03:59.0550 5020 MBAMProtector - ok
15:04:00.0284 5020 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:04:00.0284 5020 MBAMScheduler - ok
15:04:01.0828 5020 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:04:01.0828 5020 MBAMService - ok
15:04:02.0109 5020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:04:02.0374 5020 Mcx2Svc - ok
15:04:03.0575 5020 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:04:03.0575 5020 MDM - ok
15:04:03.0887 5020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:04:04.0121 5020 megasas - ok
15:04:04.0355 5020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:04:04.0371 5020 MegaSR - ok
15:04:05.0136 5020 Microsoft SharePoint Workspace Audit Service - ok
15:04:06.0150 5020 [ 99119316D505EE8192D5D1A0485BF110 ] MioNet C:\Program Files (x86)\MioNet\MioNetManager.exe
15:04:06.0150 5020 MioNet - ok
15:04:06.0525 5020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:04:06.0525 5020 MMCSS - ok
15:04:07.0024 5020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:04:07.0024 5020 Modem - ok
15:04:07.0055 5020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:04:07.0055 5020 monitor - ok
15:04:07.0071 5020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:04:07.0071 5020 mouclass - ok
15:04:07.0741 5020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:04:07.0741 5020 mouhid - ok
15:04:08.0069 5020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:04:08.0209 5020 mountmgr - ok
15:04:09.0723 5020 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:04:09.0738 5020 MozillaMaintenance - ok
15:04:09.0785 5020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:04:09.0785 5020 mpio - ok
15:04:09.0910 5020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:04:09.0910 5020 mpsdrv - ok
15:04:10.0269 5020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:04:10.0284 5020 MpsSvc - ok
15:04:10.0331 5020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:04:10.0331 5020 MRxDAV - ok
15:04:10.0627 5020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:04:10.0627 5020 mrxsmb - ok
15:04:11.0501 5020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:04:11.0501 5020 mrxsmb10 - ok
15:04:11.0860 5020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:04:11.0860 5020 mrxsmb20 - ok
15:04:12.0172 5020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:04:12.0172 5020 msahci - ok
15:04:12.0546 5020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:04:12.0687 5020 msdsm - ok
15:04:12.0733 5020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:04:12.0733 5020 MSDTC - ok
15:04:12.0921 5020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:04:12.0921 5020 Msfs - ok
15:04:13.0108 5020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:04:13.0108 5020 mshidkmdf - ok
15:04:13.0373 5020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:04:13.0373 5020 msisadrv - ok
15:04:13.0482 5020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:04:13.0498 5020 MSiSCSI - ok
15:04:13.0498 5020 msiserver - ok
15:04:13.0794 5020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:04:13.0794 5020 MSKSSRV - ok
15:04:14.0371 5020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:04:14.0730 5020 MSPCLOCK - ok
15:04:14.0793 5020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:04:14.0793 5020 MSPQM - ok
15:04:15.0463 5020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:04:15.0651 5020 MsRPC - ok
15:04:15.0931 5020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:04:15.0931 5020 mssmbios - ok
15:04:16.0446 5020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:04:16.0587 5020 MSTEE - ok
15:04:16.0602 5020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:04:16.0602 5020 MTConfig - ok
15:04:16.0618 5020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:04:16.0618 5020 Mup - ok
15:04:16.0883 5020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:04:16.0883 5020 napagent - ok
15:04:17.0304 5020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:04:17.0304 5020 NativeWifiP - ok
15:04:17.0881 5020 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121102.001\ENG64.SYS
15:04:17.0881 5020 NAVENG - ok
15:04:18.0037 5020 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20121102.001\EX64.SYS
15:04:18.0053 5020 NAVEX15 - ok
15:04:18.0162 5020 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:04:18.0209 5020 NDIS - ok
15:04:18.0287 5020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:04:18.0287 5020 NdisCap - ok
15:04:18.0552 5020 [ C8BB39E8767F01C94D76327B8262662B ] Ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
15:04:18.0552 5020 Ndisrd - ok
15:04:18.0630 5020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:04:18.0630 5020 NdisTapi - ok
15:04:18.0786 5020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:04:18.0786 5020 Ndisuio - ok
15:04:18.0989 5020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:04:18.0989 5020 NdisWan - ok
15:04:19.0129 5020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:04:19.0129 5020 NDProxy - ok
15:04:19.0410 5020 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:04:19.0410 5020 Net Driver HPZ12 - ok
15:04:20.0159 5020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:04:20.0159 5020 NetBIOS - ok
15:04:20.0752 5020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:04:20.0752 5020 NetBT - ok
15:04:20.0799 5020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:04:20.0799 5020 Netlogon - ok
15:04:21.0220 5020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:04:21.0220 5020 Netman - ok
15:04:21.0407 5020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:04:21.0407 5020 netprofm - ok
15:04:21.0672 5020 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:04:21.0688 5020 NetTcpPortSharing - ok
15:04:22.0343 5020 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:04:22.0405 5020 netw5v64 - ok
15:04:22.0530 5020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:04:22.0827 5020 nfrd960 - ok
15:04:24.0028 5020 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
15:04:24.0028 5020 NIS - ok
15:04:24.0215 5020 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:04:24.0215 5020 NlaSvc - ok
15:04:24.0402 5020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:04:24.0418 5020 Npfs - ok
15:04:25.0479 5020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:04:25.0479 5020 nsi - ok
15:04:25.0510 5020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:04:25.0510 5020 nsiproxy - ok
15:04:26.0056 5020 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:04:26.0103 5020 Ntfs - ok
15:04:26.0227 5020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:04:26.0227 5020 Null - ok
15:04:26.0446 5020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:04:26.0446 5020 nvraid - ok
15:04:26.0586 5020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:04:26.0602 5020 nvstor - ok
15:04:26.0633 5020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:04:26.0649 5020 nv_agp - ok
15:04:27.0085 5020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:04:27.0101 5020 ohci1394 - ok
15:04:27.0725 5020 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:04:27.0772 5020 ose - ok
15:04:29.0737 5020 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:04:30.0252 5020 osppsvc - ok
15:04:30.0736 5020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:04:30.0736 5020 p2pimsvc - ok
15:04:31.0219 5020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:04:31.0329 5020 p2psvc - ok
15:04:31.0797 5020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:04:32.0265 5020 Parport - ok
15:04:32.0764 5020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:04:32.0779 5020 partmgr - ok
15:04:32.0982 5020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:04:32.0982 5020 PcaSvc - ok
15:04:33.0123 5020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:04:33.0123 5020 pci - ok
 
15:04:33.0419 5020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:04:33.0419 5020 pciide - ok
15:04:33.0606 5020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:04:33.0606 5020 pcmcia - ok
15:04:33.0762 5020 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
15:04:33.0762 5020 pcouffin - ok
15:04:34.0277 5020 [ E6E503845208A148A9E3E7FAA63B97A4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
15:04:34.0277 5020 PCToolsSSDMonitorSvc - ok
15:04:34.0417 5020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:04:34.0417 5020 pcw - ok
15:04:34.0495 5020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:04:34.0495 5020 PEAUTH - ok
15:04:34.0995 5020 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:04:35.0041 5020 PeerDistSvc - ok
15:04:35.0634 5020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:04:35.0634 5020 PerfHost - ok
15:04:35.0884 5020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:04:35.0899 5020 pla - ok
15:04:36.0055 5020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:04:36.0055 5020 PlugPlay - ok
15:04:36.0102 5020 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:04:36.0102 5020 Pml Driver HPZ12 - ok
15:04:36.0196 5020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:04:36.0196 5020 PNRPAutoReg - ok
15:04:36.0289 5020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:04:36.0305 5020 PNRPsvc - ok
15:04:36.0804 5020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:04:36.0804 5020 PolicyAgent - ok
15:04:36.0991 5020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:04:36.0991 5020 Power - ok
15:04:37.0210 5020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:04:37.0210 5020 PptpMiniport - ok
15:04:37.0319 5020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:04:37.0319 5020 Processor - ok
15:04:37.0912 5020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:04:37.0912 5020 ProfSvc - ok
15:04:38.0037 5020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:04:38.0037 5020 ProtectedStorage - ok
15:04:38.0411 5020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:04:38.0411 5020 Psched - ok
15:04:39.0051 5020 [ 475A16F67798A9FFE9366F20551EEF95 ] PTAPCBUS C:\Windows\system32\DRIVERS\PTAPCBUS.sys
15:04:39.0347 5020 PTAPCBUS - ok
15:04:39.0612 5020 [ 3954BDF96E224C590B8F6A3730E3F9A6 ] PTAPCMDM C:\Windows\system32\DRIVERS\PTAPCMDM.sys
15:04:39.0612 5020 PTAPCMDM - ok
15:04:39.0768 5020 [ 784A2938956EAEEF4582278D6EAE99E7 ] PTAPCVSP C:\Windows\system32\DRIVERS\PTAPCVSP.sys
15:04:39.0768 5020 PTAPCVSP - ok
15:04:40.0501 5020 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:04:40.0501 5020 PxHlpa64 - ok
15:04:40.0907 5020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:04:40.0954 5020 ql2300 - ok
15:04:41.0079 5020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:04:41.0079 5020 ql40xx - ok
15:04:41.0188 5020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:04:41.0188 5020 QWAVE - ok
15:04:41.0484 5020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:04:41.0484 5020 QWAVEdrv - ok
15:04:42.0576 5020 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:04:42.0576 5020 RapiMgr - ok
15:04:42.0607 5020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:04:42.0607 5020 RasAcd - ok
15:04:42.0748 5020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:04:42.0748 5020 RasAgileVpn - ok
15:04:42.0966 5020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:04:42.0982 5020 RasAuto - ok
15:04:43.0122 5020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:04:43.0122 5020 Rasl2tp - ok
15:04:43.0637 5020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:04:43.0637 5020 RasMan - ok
15:04:43.0731 5020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:04:43.0731 5020 RasPppoe - ok
15:04:43.0777 5020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:04:43.0777 5020 RasSstp - ok
15:04:44.0041 5020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:04:44.0041 5020 rdbss - ok
15:04:44.0182 5020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:04:44.0182 5020 rdpbus - ok
15:04:44.0213 5020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:04:44.0213 5020 RDPCDD - ok
15:04:44.0712 5020 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:04:44.0868 5020 RDPDR - ok
15:04:45.0055 5020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:04:45.0055 5020 RDPENCDD - ok
15:04:45.0259 5020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:04:45.0259 5020 RDPREFMP - ok
15:04:45.0868 5020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:04:45.0992 5020 RDPWD - ok
15:04:46.0226 5020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:04:46.0352 5020 rdyboost - ok
15:04:46.0571 5020 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
15:04:46.0571 5020 regi - ok
15:04:47.0070 5020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:04:47.0195 5020 RemoteAccess - ok
15:04:48.0920 5020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:04:49.0050 5020 RemoteRegistry - ok
15:04:49.0570 5020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:04:49.0570 5020 RFCOMM - ok
15:04:49.0870 5020 [ 7EAE3999B94A8CE60BFBAA83462B89A1 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
15:04:49.0880 5020 rimsptsk - ok
15:04:50.0365 5020 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:04:50.0583 5020 RimUsb - ok
15:04:51.0535 5020 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:04:51.0535 5020 RimVSerPort - ok
15:04:52.0003 5020 [ FA6D7CD63AD08A01D9259F58E0C5C09E ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
15:04:52.0003 5020 risdptsk - ok
15:04:52.0939 5020 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:04:52.0939 5020 ROOTMODEM - ok
15:04:53.0267 5020 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:04:53.0267 5020 Roxio UPnP Renderer 10 - ok
15:04:53.0360 5020 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:04:53.0376 5020 Roxio Upnp Server 10 - ok
15:04:54.0952 5020 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
15:04:54.0968 5020 RoxMediaDB12 - ok
15:04:55.0093 5020 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
15:04:55.0093 5020 RoxWatch12 - ok
15:04:55.0296 5020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:04:55.0311 5020 RpcEptMapper - ok
15:04:55.0657 5020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:04:55.0657 5020 RpcLocator - ok
15:04:55.0777 5020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:04:55.0777 5020 RpcSs - ok
15:04:55.0977 5020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:04:56.0007 5020 rspndr - ok
15:04:56.0127 5020 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:04:56.0127 5020 s3cap - ok
15:04:56.0368 5020 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
15:04:56.0368 5020 Sahdad64 - ok
15:04:56.0388 5020 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
15:04:56.0398 5020 Saibad64 - ok
15:04:56.0568 5020 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
15:04:56.0568 5020 SaibVdAd64 - ok
15:04:57.0118 5020 [ 6B318F9443740A907D1C8F3460C19009 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
15:04:57.0118 5020 SampleCollector - ok
15:04:57.0138 5020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:04:57.0148 5020 SamSs - ok
15:04:57.0658 5020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:04:57.0798 5020 sbp2port - ok
15:04:57.0908 5020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:04:57.0908 5020 SCardSvr - ok
15:04:58.0558 5020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:04:58.0558 5020 scfilter - ok
15:04:59.0008 5020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:04:59.0018 5020 Schedule - ok
15:04:59.0178 5020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:04:59.0218 5020 SCPolicySvc - ok
15:04:59.0438 5020 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:04:59.0448 5020 sdbus - ok
15:04:59.0508 5020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:04:59.0508 5020 SDRSVC - ok
15:04:59.0858 5020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:04:59.0858 5020 secdrv - ok
15:05:00.0078 5020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:05:00.0078 5020 seclogon - ok
15:05:00.0298 5020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:05:00.0298 5020 SENS - ok
15:05:00.0338 5020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:05:00.0338 5020 SensrSvc - ok
15:05:00.0388 5020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:05:00.0388 5020 Serenum - ok
15:05:00.0438 5020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:05:00.0448 5020 Serial - ok
15:05:00.0518 5020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:05:00.0768 5020 sermouse - ok
15:05:01.0218 5020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:05:01.0338 5020 SessionEnv - ok
15:05:01.0788 5020 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
15:05:01.0788 5020 SFEP - ok
15:05:01.0898 5020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:05:01.0898 5020 sffdisk - ok
15:05:02.0108 5020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:05:02.0108 5020 sffp_mmc - ok
15:05:02.0138 5020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:05:02.0138 5020 sffp_sd - ok
15:05:02.0228 5020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:05:02.0228 5020 sfloppy - ok
15:05:02.0579 5020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:05:02.0589 5020 SharedAccess - ok
15:05:02.0749 5020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:02.0759 5020 ShellHWDetection - ok
15:05:02.0809 5020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:05:02.0809 5020 SiSRaid2 - ok
15:05:02.0919 5020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:05:02.0919 5020 SiSRaid4 - ok
15:05:03.0639 5020 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:05:03.0659 5020 Skype C2C Service - ok
15:05:03.0789 5020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:05:03.0789 5020 SkypeUpdate - ok
15:05:03.0879 5020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:05:03.0879 5020 Smb - ok
15:05:03.0989 5020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:05:03.0989 5020 SNMPTRAP - ok
15:05:04.0269 5020 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:05:04.0279 5020 SOHCImp - ok
15:05:04.0389 5020 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:05:04.0679 5020 SOHDBSvr - ok
15:05:04.0739 5020 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:05:04.0749 5020 SOHDms - ok
15:05:04.0879 5020 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:05:04.0879 5020 SOHDs - ok
15:05:04.0909 5020 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:05:04.0919 5020 SOHPlMgr - ok
15:05:04.0939 5020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:05:04.0939 5020 spldr - ok
15:05:04.0999 5020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:05:04.0999 5020 Spooler - ok
15:05:05.0929 5020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:05:06.0023 5020 sppsvc - ok
15:05:06.0101 5020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:05:06.0101 5020 sppuinotify - ok
15:05:06.0913 5020 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:05:06.0913 5020 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
15:05:07.0063 5020 sptd ( LockedFile.Multi.Generic ) - warning
15:05:07.0063 5020 sptd - detected LockedFile.Multi.Generic (1)
15:05:07.0335 5020 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
15:05:07.0335 5020 SRTSP - ok
15:05:07.0397 5020 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
15:05:07.0413 5020 SRTSPX - ok
15:05:07.0491 5020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:05:07.0506 5020 srv - ok
15:05:07.0647 5020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:05:07.0647 5020 srv2 - ok
15:05:08.0099 5020 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:05:08.0099 5020 SrvHsfHDA - ok
15:05:08.0239 5020 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:05:08.0255 5020 SrvHsfV92 - ok
15:05:08.0349 5020 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:05:08.0364 5020 SrvHsfWinac - ok
15:05:08.0505 5020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:05:08.0505 5020 srvnet - ok
15:05:08.0645 5020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:05:08.0645 5020 SSDPSRV - ok
15:05:08.0739 5020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:05:08.0739 5020 SstpSvc - ok
15:05:08.0897 5020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:05:08.0897 5020 stexstor - ok
15:05:09.0411 5020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:05:09.0427 5020 stisvc - ok
15:05:09.0505 5020 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:05:09.0505 5020 storflt - ok
15:05:09.0583 5020 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:05:09.0583 5020 StorSvc - ok
15:05:09.0723 5020 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:05:09.0723 5020 storvsc - ok
15:05:09.0926 5020 [ 42FEF84684D217870F3C8813B6F58276 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
15:05:09.0942 5020 SupportSoft RemoteAssist - ok
15:05:10.0145 5020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:05:10.0146 5020 swenum - ok
15:05:10.0477 5020 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:05:10.0481 5020 SwitchBoard - ok
15:05:10.0750 5020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:05:10.0762 5020 swprv - ok
15:05:10.0981 5020 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
15:05:10.0987 5020 Symantec RemoteAssist - ok
15:05:11.0073 5020 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
15:05:11.0080 5020 SymDS - ok
15:05:11.0256 5020 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
15:05:11.0269 5020 SymEFA - ok
15:05:11.0363 5020 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:05:11.0364 5020 SymEvent - ok
15:05:11.0825 5020 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
15:05:11.0826 5020 SymIRON - ok
15:05:12.0246 5020 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
15:05:12.0248 5020 SymNetS - ok
15:05:12.0774 5020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:05:12.0857 5020 SysMain - ok
15:05:12.0928 5020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:05:12.0931 5020 TabletInputService - ok
15:05:12.0945 5020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:05:12.0960 5020 TapiSrv - ok
15:05:13.0279 5020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:05:13.0282 5020 TBS - ok
15:05:13.0711 5020 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:05:14.0210 5020 Tcpip - ok
15:05:16.0027 5020 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:05:16.0037 5020 TCPIP6 - ok
15:05:16.0187 5020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:05:16.0187 5020 tcpipreg - ok
15:05:16.0327 5020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:05:16.0327 5020 TDPIPE - ok
15:05:16.0357 5020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:05:16.0357 5020 TDTCP - ok
15:05:16.0447 5020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:05:16.0447 5020 tdx - ok
15:05:17.0187 5020 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:05:17.0207 5020 TeamViewer7 - ok
15:05:17.0537 5020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:05:17.0547 5020 TermDD - ok
15:05:17.0697 5020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:05:17.0707 5020 TermService - ok
15:05:17.0847 5020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:05:17.0847 5020 Themes - ok
15:05:17.0997 5020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:05:17.0997 5020 THREADORDER - ok
15:05:18.0027 5020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:05:18.0027 5020 TrkWks - ok
15:05:18.0136 5020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:05:18.0136 5020 TrustedInstaller - ok
15:05:18.0261 5020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:05:18.0277 5020 tssecsrv - ok
15:05:18.0417 5020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:05:18.0417 5020 TsUsbFlt - ok
15:05:18.0574 5020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:05:18.0574 5020 tunnel - ok
15:05:18.0634 5020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:05:18.0634 5020 uagp35 - ok
15:05:18.0854 5020 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
15:05:18.0854 5020 uCamMonitor - ok
15:05:18.0934 5020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:05:18.0944 5020 udfs - ok
15:05:19.0134 5020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:05:19.0134 5020 UI0Detect - ok
15:05:19.0164 5020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:05:19.0164 5020 uliagpkx - ok
15:05:19.0344 5020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:05:19.0344 5020 umbus - ok
15:05:19.0424 5020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:05:19.0424 5020 UmPass - ok
15:05:19.0515 5020 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:05:19.0545 5020 UmRdpService - ok
15:05:19.0645 5020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:05:19.0645 5020 upnphost - ok
15:05:19.0735 5020 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:05:19.0735 5020 USBAAPL64 - ok
15:05:19.0815 5020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:05:19.0825 5020 usbccgp - ok
15:05:19.0915 5020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:05:19.0915 5020 usbcir - ok
15:05:19.0985 5020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:05:19.0985 5020 usbehci - ok
15:05:20.0035 5020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:05:20.0045 5020 usbhub - ok
15:05:20.0145 5020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:05:20.0155 5020 usbohci - ok
15:05:20.0195 5020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:05:20.0195 5020 usbprint - ok
15:05:20.0245 5020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:05:20.0245 5020 usbscan - ok
15:05:20.0305 5020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:05:20.0305 5020 USBSTOR - ok
15:05:20.0365 5020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:05:20.0365 5020 usbuhci - ok
15:05:20.0445 5020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:05:20.0445 5020 usbvideo - ok
15:05:20.0515 5020 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
15:05:20.0515 5020 usb_rndisx - ok
15:05:20.0565 5020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:05:20.0565 5020 UxSms - ok
15:05:20.0775 5020 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:05:20.0785 5020 VAIO Entertainment TV Device Arbitration Service - ok
15:05:20.0825 5020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:05:20.0825 5020 VaultSvc - ok
15:05:20.0955 5020 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:05:20.0965 5020 VCFw - ok
15:05:20.0985 5020 Vcsw - ok
15:05:21.0105 5020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:05:21.0105 5020 vdrvroot - ok
15:05:21.0185 5020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:05:21.0195 5020 vds - ok
15:05:21.0285 5020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:05:21.0285 5020 vga - ok
15:05:21.0345 5020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:05:21.0345 5020 VgaSave - ok
15:05:21.0385 5020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:05:21.0395 5020 vhdmp - ok
15:05:21.0445 5020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:05:21.0785 5020 viaide - ok
15:05:22.0045 5020 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:05:22.0075 5020 vmbus - ok
15:05:22.0155 5020 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:05:22.0155 5020 VMBusHID - ok
15:05:22.0195 5020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:05:22.0195 5020 volmgr - ok
15:05:22.0235 5020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:05:22.0245 5020 volmgrx - ok
15:05:22.0345 5020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:05:22.0345 5020 volsnap - ok
15:05:22.0495 5020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:05:22.0505 5020 vsmraid - ok
15:05:22.0665 5020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:05:22.0695 5020 VSS - ok
15:05:22.0715 5020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:05:22.0715 5020 vwifibus - ok
15:05:22.0785 5020 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
15:05:22.0785 5020 VzCdbSvc - ok
15:05:22.0875 5020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:05:22.0885 5020 W32Time - ok
15:05:23.0065 5020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:05:23.0065 5020 WacomPen - ok
15:05:23.0145 5020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:05:23.0145 5020 WANARP - ok
15:05:23.0155 5020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:05:23.0155 5020 Wanarpv6 - ok
15:05:23.0445 5020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:05:23.0465 5020 WatAdminSvc - ok
15:05:23.0705 5020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:05:23.0735 5020 wbengine - ok
15:05:23.0795 5020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:05:23.0805 5020 WbioSrvc - ok
15:05:23.0965 5020 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:05:23.0965 5020 WcesComm - ok
15:05:24.0315 5020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:05:24.0395 5020 wcncsvc - ok
15:05:24.0595 5020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:05:24.0705 5020 WcsPlugInService - ok
15:05:24.0943 5020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:05:25.0037 5020 Wd - ok
15:05:25.0754 5020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:05:25.0848 5020 Wdf01000 - ok
15:05:26.0051 5020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:05:26.0066 5020 WdiServiceHost - ok
15:05:26.0191 5020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:05:26.0191 5020 WdiSystemHost - ok
15:05:26.0269 5020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:05:26.0285 5020 WebClient - ok
15:05:26.0417 5020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:05:26.0417 5020 Wecsvc - ok
15:05:26.0547 5020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:05:26.0557 5020 wercplsupport - ok
15:05:26.0617 5020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:05:26.0617 5020 WerSvc - ok
15:05:26.0717 5020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:05:26.0717 5020 WfpLwf - ok
15:05:26.0747 5020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:05:26.0747 5020 WIMMount - ok
15:05:26.0787 5020 WinDefend - ok
15:05:26.0797 5020 WinHttpAutoProxySvc - ok
15:05:26.0937 5020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:05:26.0937 5020 Winmgmt - ok
15:05:27.0167 5020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:05:27.0207 5020 WinRM - ok
15:05:27.0377 5020 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
15:05:27.0377 5020 WinUsb - ok
15:05:27.0638 5020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:05:27.0648 5020 Wlansvc - ok
15:05:28.0048 5020 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:05:28.0068 5020 wlidsvc - ok
15:05:28.0178 5020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:05:28.0178 5020 WmiAcpi - ok
15:05:28.0248 5020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:05:28.0248 5020 wmiApSrv - ok
15:05:28.0378 5020 WMPNetworkSvc - ok
15:05:28.0428 5020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:05:28.0468 5020 WPCSvc - ok
15:05:28.0628 5020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:05:28.0638 5020 WPDBusEnum - ok
15:05:28.0758 5020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:05:28.0758 5020 ws2ifsl - ok
15:05:28.0818 5020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:05:28.0818 5020 wscsvc - ok
15:05:28.0828 5020 WSearch - ok
15:05:28.0968 5020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:05:28.0998 5020 wuauserv - ok
15:05:29.0048 5020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:05:29.0048 5020 WudfPf - ok
15:05:29.0078 5020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:05:29.0078 5020 WUDFRd - ok
15:05:29.0168 5020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:05:29.0208 5020 wudfsvc - ok
15:05:29.0428 5020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:05:29.0478 5020 WwanSvc - ok
15:05:29.0568 5020 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:05:29.0568 5020 yukonw7 - ok
15:05:29.0668 5020 ================ Scan global ===============================
15:05:29.0738 5020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:05:29.0818 5020 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:05:29.0838 5020 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:05:29.0898 5020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:05:29.0968 5020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:05:29.0968 5020 [Global] - ok
15:05:29.0968 5020 ================ Scan MBR ==================================
15:05:29.0978 5020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:05:30.0198 5020 \Device\Harddisk0\DR0 - ok
15:05:30.0198 5020 ================ Scan VBR ==================================
15:05:30.0198 5020 [ 49778CE1E942A0B2BC691B713CDA9C51 ] \Device\Harddisk0\DR0\Partition1
15:05:30.0198 5020 \Device\Harddisk0\DR0\Partition1 - ok
15:05:30.0198 5020 ============================================================
15:05:30.0198 5020 Scan finished
15:05:30.0198 5020 ============================================================
15:05:30.0218 4804 Detected object count: 1
15:05:30.0218 4804 Actual detected object count: 1
15:05:35.0873 4804 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:05:35.0873 4804 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:08:53.0996 3304 Deinitialize success
 
15:04:33.0419 5020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:04:33.0419 5020 pciide - ok
15:04:33.0606 5020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:04:33.0606 5020 pcmcia - ok
15:04:33.0762 5020 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
15:04:33.0762 5020 pcouffin - ok
15:04:34.0277 5020 [ E6E503845208A148A9E3E7FAA63B97A4 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
15:04:34.0277 5020 PCToolsSSDMonitorSvc - ok
15:04:34.0417 5020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:04:34.0417 5020 pcw - ok
15:04:34.0495 5020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:04:34.0495 5020 PEAUTH - ok
15:04:34.0995 5020 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:04:35.0041 5020 PeerDistSvc - ok
15:04:35.0634 5020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:04:35.0634 5020 PerfHost - ok
15:04:35.0884 5020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:04:35.0899 5020 pla - ok
15:04:36.0055 5020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:04:36.0055 5020 PlugPlay - ok
15:04:36.0102 5020 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:04:36.0102 5020 Pml Driver HPZ12 - ok
15:04:36.0196 5020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:04:36.0196 5020 PNRPAutoReg - ok
15:04:36.0289 5020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:04:36.0305 5020 PNRPsvc - ok
15:04:36.0804 5020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:04:36.0804 5020 PolicyAgent - ok
15:04:36.0991 5020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:04:36.0991 5020 Power - ok
15:04:37.0210 5020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:04:37.0210 5020 PptpMiniport - ok
15:04:37.0319 5020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:04:37.0319 5020 Processor - ok
15:04:37.0912 5020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:04:37.0912 5020 ProfSvc - ok
15:04:38.0037 5020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:04:38.0037 5020 ProtectedStorage - ok
15:04:38.0411 5020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:04:38.0411 5020 Psched - ok
15:04:39.0051 5020 [ 475A16F67798A9FFE9366F20551EEF95 ] PTAPCBUS C:\Windows\system32\DRIVERS\PTAPCBUS.sys
15:04:39.0347 5020 PTAPCBUS - ok
15:04:39.0612 5020 [ 3954BDF96E224C590B8F6A3730E3F9A6 ] PTAPCMDM C:\Windows\system32\DRIVERS\PTAPCMDM.sys
15:04:39.0612 5020 PTAPCMDM - ok
15:04:39.0768 5020 [ 784A2938956EAEEF4582278D6EAE99E7 ] PTAPCVSP C:\Windows\system32\DRIVERS\PTAPCVSP.sys
15:04:39.0768 5020 PTAPCVSP - ok
15:04:40.0501 5020 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:04:40.0501 5020 PxHlpa64 - ok
15:04:40.0907 5020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:04:40.0954 5020 ql2300 - ok
15:04:41.0079 5020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:04:41.0079 5020 ql40xx - ok
15:04:41.0188 5020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:04:41.0188 5020 QWAVE - ok
15:04:41.0484 5020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:04:41.0484 5020 QWAVEdrv - ok
15:04:42.0576 5020 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:04:42.0576 5020 RapiMgr - ok
15:04:42.0607 5020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:04:42.0607 5020 RasAcd - ok
15:04:42.0748 5020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:04:42.0748 5020 RasAgileVpn - ok
15:04:42.0966 5020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:04:42.0982 5020 RasAuto - ok
15:04:43.0122 5020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:04:43.0122 5020 Rasl2tp - ok
15:04:43.0637 5020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:04:43.0637 5020 RasMan - ok
15:04:43.0731 5020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:04:43.0731 5020 RasPppoe - ok
15:04:43.0777 5020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:04:43.0777 5020 RasSstp - ok
15:04:44.0041 5020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:04:44.0041 5020 rdbss - ok
15:04:44.0182 5020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:04:44.0182 5020 rdpbus - ok
15:04:44.0213 5020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:04:44.0213 5020 RDPCDD - ok
15:04:44.0712 5020 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:04:44.0868 5020 RDPDR - ok
15:04:45.0055 5020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:04:45.0055 5020 RDPENCDD - ok
15:04:45.0259 5020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:04:45.0259 5020 RDPREFMP - ok
15:04:45.0868 5020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:04:45.0992 5020 RDPWD - ok
15:04:46.0226 5020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:04:46.0352 5020 rdyboost - ok
15:04:46.0571 5020 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
15:04:46.0571 5020 regi - ok
15:04:47.0070 5020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:04:47.0195 5020 RemoteAccess - ok
15:04:48.0920 5020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:04:49.0050 5020 RemoteRegistry - ok
15:04:49.0570 5020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:04:49.0570 5020 RFCOMM - ok
15:04:49.0870 5020 [ 7EAE3999B94A8CE60BFBAA83462B89A1 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
15:04:49.0880 5020 rimsptsk - ok
15:04:50.0365 5020 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:04:50.0583 5020 RimUsb - ok
15:04:51.0535 5020 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:04:51.0535 5020 RimVSerPort - ok
15:04:52.0003 5020 [ FA6D7CD63AD08A01D9259F58E0C5C09E ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
15:04:52.0003 5020 risdptsk - ok
15:04:52.0939 5020 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:04:52.0939 5020 ROOTMODEM - ok
15:04:53.0267 5020 [ D02E5A46F77C182CA1964080BCD586F7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:04:53.0267 5020 Roxio UPnP Renderer 10 - ok
15:04:53.0360 5020 [ E5809597278802D09273EE07B5FC56E1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:04:53.0376 5020 Roxio Upnp Server 10 - ok
15:04:54.0952 5020 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
15:04:54.0968 5020 RoxMediaDB12 - ok
15:04:55.0093 5020 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
15:04:55.0093 5020 RoxWatch12 - ok
15:04:55.0296 5020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:04:55.0311 5020 RpcEptMapper - ok
15:04:55.0657 5020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:04:55.0657 5020 RpcLocator - ok
15:04:55.0777 5020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:04:55.0777 5020 RpcSs - ok
15:04:55.0977 5020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:04:56.0007 5020 rspndr - ok
15:04:56.0127 5020 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:04:56.0127 5020 s3cap - ok
15:04:56.0368 5020 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
15:04:56.0368 5020 Sahdad64 - ok
15:04:56.0388 5020 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
15:04:56.0398 5020 Saibad64 - ok
15:04:56.0568 5020 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
15:04:56.0568 5020 SaibVdAd64 - ok
15:04:57.0118 5020 [ 6B318F9443740A907D1C8F3460C19009 ] SampleCollector C:\Program Files\Sony\VAIO Care\collsvc.exe
15:04:57.0118 5020 SampleCollector - ok
15:04:57.0138 5020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:04:57.0148 5020 SamSs - ok
15:04:57.0658 5020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:04:57.0798 5020 sbp2port - ok
15:04:57.0908 5020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:04:57.0908 5020 SCardSvr - ok
15:04:58.0558 5020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:04:58.0558 5020 scfilter - ok
15:04:59.0008 5020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:04:59.0018 5020 Schedule - ok
15:04:59.0178 5020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:04:59.0218 5020 SCPolicySvc - ok
15:04:59.0438 5020 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:04:59.0448 5020 sdbus - ok
15:04:59.0508 5020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:04:59.0508 5020 SDRSVC - ok
15:04:59.0858 5020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:04:59.0858 5020 secdrv - ok
15:05:00.0078 5020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:05:00.0078 5020 seclogon - ok
15:05:00.0298 5020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:05:00.0298 5020 SENS - ok
15:05:00.0338 5020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:05:00.0338 5020 SensrSvc - ok
15:05:00.0388 5020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:05:00.0388 5020 Serenum - ok
15:05:00.0438 5020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:05:00.0448 5020 Serial - ok
15:05:00.0518 5020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:05:00.0768 5020 sermouse - ok
15:05:01.0218 5020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:05:01.0338 5020 SessionEnv - ok
15:05:01.0788 5020 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
15:05:01.0788 5020 SFEP - ok
15:05:01.0898 5020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:05:01.0898 5020 sffdisk - ok
15:05:02.0108 5020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:05:02.0108 5020 sffp_mmc - ok
15:05:02.0138 5020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:05:02.0138 5020 sffp_sd - ok
15:05:02.0228 5020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:05:02.0228 5020 sfloppy - ok
15:05:02.0579 5020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:05:02.0589 5020 SharedAccess - ok
15:05:02.0749 5020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:02.0759 5020 ShellHWDetection - ok
15:05:02.0809 5020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:05:02.0809 5020 SiSRaid2 - ok
15:05:02.0919 5020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:05:02.0919 5020 SiSRaid4 - ok
15:05:03.0639 5020 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:05:03.0659 5020 Skype C2C Service - ok
15:05:03.0789 5020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:05:03.0789 5020 SkypeUpdate - ok
15:05:03.0879 5020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:05:03.0879 5020 Smb - ok
15:05:03.0989 5020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:05:03.0989 5020 SNMPTRAP - ok
15:05:04.0269 5020 [ 98886C88A1CB13D61672AE2C638B7E1C ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:05:04.0279 5020 SOHCImp - ok
15:05:04.0389 5020 [ 442A13F395546F4564C377296D43B564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:05:04.0679 5020 SOHDBSvr - ok
15:05:04.0739 5020 [ 556681BE668D71DC162391A45422B52C ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:05:04.0749 5020 SOHDms - ok
15:05:04.0879 5020 [ 72B46103E4111439109ACF5882627C24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:05:04.0879 5020 SOHDs - ok
15:05:04.0909 5020 [ 725B6E9CD1959271AC993DC035E1606D ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:05:04.0919 5020 SOHPlMgr - ok
15:05:04.0939 5020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:05:04.0939 5020 spldr - ok
15:05:04.0999 5020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:05:04.0999 5020 Spooler - ok
15:05:05.0929 5020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:05:06.0023 5020 sppsvc - ok
15:05:06.0101 5020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:05:06.0101 5020 sppuinotify - ok
15:05:06.0913 5020 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:05:06.0913 5020 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
15:05:07.0063 5020 sptd ( LockedFile.Multi.Generic ) - warning
15:05:07.0063 5020 sptd - detected LockedFile.Multi.Generic (1)
15:05:07.0335 5020 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
15:05:07.0335 5020 SRTSP - ok
15:05:07.0397 5020 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
15:05:07.0413 5020 SRTSPX - ok
15:05:07.0491 5020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:05:07.0506 5020 srv - ok
15:05:07.0647 5020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:05:07.0647 5020 srv2 - ok
15:05:08.0099 5020 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:05:08.0099 5020 SrvHsfHDA - ok
15:05:08.0239 5020 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:05:08.0255 5020 SrvHsfV92 - ok
15:05:08.0349 5020 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:05:08.0364 5020 SrvHsfWinac - ok
15:05:08.0505 5020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:05:08.0505 5020 srvnet - ok
15:05:08.0645 5020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:05:08.0645 5020 SSDPSRV - ok
15:05:08.0739 5020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:05:08.0739 5020 SstpSvc - ok
15:05:08.0897 5020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:05:08.0897 5020 stexstor - ok
15:05:09.0411 5020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:05:09.0427 5020 stisvc - ok
15:05:09.0505 5020 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:05:09.0505 5020 storflt - ok
15:05:09.0583 5020 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:05:09.0583 5020 StorSvc - ok
15:05:09.0723 5020 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:05:09.0723 5020 storvsc - ok
15:05:09.0926 5020 [ 42FEF84684D217870F3C8813B6F58276 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
15:05:09.0942 5020 SupportSoft RemoteAssist - ok
15:05:10.0145 5020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:05:10.0146 5020 swenum - ok
15:05:10.0477 5020 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:05:10.0481 5020 SwitchBoard - ok
15:05:10.0750 5020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:05:10.0762 5020 swprv - ok
15:05:10.0981 5020 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe
15:05:10.0987 5020 Symantec RemoteAssist - ok
15:05:11.0073 5020 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
15:05:11.0080 5020 SymDS - ok
15:05:11.0256 5020 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
15:05:11.0269 5020 SymEFA - ok
15:05:11.0363 5020 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:05:11.0364 5020 SymEvent - ok
15:05:11.0825 5020 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
15:05:11.0826 5020 SymIRON - ok
15:05:12.0246 5020 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
15:05:12.0248 5020 SymNetS - ok
15:05:12.0774 5020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:05:12.0857 5020 SysMain - ok
15:05:12.0928 5020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:05:12.0931 5020 TabletInputService - ok
15:05:12.0945 5020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:05:12.0960 5020 TapiSrv - ok
15:05:13.0279 5020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:05:13.0282 5020 TBS - ok
15:05:13.0711 5020 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:05:14.0210 5020 Tcpip - ok
15:05:16.0027 5020 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:05:16.0037 5020 TCPIP6 - ok
15:05:16.0187 5020 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:05:16.0187 5020 tcpipreg - ok
15:05:16.0327 5020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:05:16.0327 5020 TDPIPE - ok
15:05:16.0357 5020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:05:16.0357 5020 TDTCP - ok
15:05:16.0447 5020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:05:16.0447 5020 tdx - ok
15:05:17.0187 5020 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:05:17.0207 5020 TeamViewer7 - ok
15:05:17.0537 5020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:05:17.0547 5020 TermDD - ok
15:05:17.0697 5020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:05:17.0707 5020 TermService - ok
15:05:17.0847 5020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:05:17.0847 5020 Themes - ok
15:05:17.0997 5020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:05:17.0997 5020 THREADORDER - ok
15:05:18.0027 5020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:05:18.0027 5020 TrkWks - ok
15:05:18.0136 5020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:05:18.0136 5020 TrustedInstaller - ok
15:05:18.0261 5020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:05:18.0277 5020 tssecsrv - ok
15:05:18.0417 5020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:05:18.0417 5020 TsUsbFlt - ok
15:05:18.0574 5020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:05:18.0574 5020 tunnel - ok
15:05:18.0634 5020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:05:18.0634 5020 uagp35 - ok
15:05:18.0854 5020 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
15:05:18.0854 5020 uCamMonitor - ok
15:05:18.0934 5020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:05:18.0944 5020 udfs - ok
15:05:19.0134 5020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:05:19.0134 5020 UI0Detect - ok
15:05:19.0164 5020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:05:19.0164 5020 uliagpkx - ok
15:05:19.0344 5020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:05:19.0344 5020 umbus - ok
15:05:19.0424 5020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:05:19.0424 5020 UmPass - ok
15:05:19.0515 5020 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:05:19.0545 5020 UmRdpService - ok
15:05:19.0645 5020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:05:19.0645 5020 upnphost - ok
15:05:19.0735 5020 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:05:19.0735 5020 USBAAPL64 - ok
15:05:19.0815 5020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:05:19.0825 5020 usbccgp - ok
15:05:19.0915 5020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:05:19.0915 5020 usbcir - ok
15:05:19.0985 5020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:05:19.0985 5020 usbehci - ok
15:05:20.0035 5020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:05:20.0045 5020 usbhub - ok
15:05:20.0145 5020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:05:20.0155 5020 usbohci - ok
15:05:20.0195 5020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:05:20.0195 5020 usbprint - ok
15:05:20.0245 5020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:05:20.0245 5020 usbscan - ok
15:05:20.0305 5020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:05:20.0305 5020 USBSTOR - ok
15:05:20.0365 5020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:05:20.0365 5020 usbuhci - ok
15:05:20.0445 5020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:05:20.0445 5020 usbvideo - ok
15:05:20.0515 5020 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
15:05:20.0515 5020 usb_rndisx - ok
15:05:20.0565 5020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:05:20.0565 5020 UxSms - ok
15:05:20.0775 5020 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
15:05:20.0785 5020 VAIO Entertainment TV Device Arbitration Service - ok
15:05:20.0825 5020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:05:20.0825 5020 VaultSvc - ok
15:05:20.0955 5020 [ 06FE5BEDDADB158D84E6DE33CBE19F3E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:05:20.0965 5020 VCFw - ok
15:05:20.0985 5020 Vcsw - ok
15:05:21.0105 5020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:05:21.0105 5020 vdrvroot - ok
15:05:21.0185 5020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:05:21.0195 5020 vds - ok
15:05:21.0285 5020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:05:21.0285 5020 vga - ok
15:05:21.0345 5020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:05:21.0345 5020 VgaSave - ok
15:05:21.0385 5020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:05:21.0395 5020 vhdmp - ok
15:05:21.0445 5020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:05:21.0785 5020 viaide - ok
15:05:22.0045 5020 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:05:22.0075 5020 vmbus - ok
15:05:22.0155 5020 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:05:22.0155 5020 VMBusHID - ok
15:05:22.0195 5020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:05:22.0195 5020 volmgr - ok
15:05:22.0235 5020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:05:22.0245 5020 volmgrx - ok
15:05:22.0345 5020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:05:22.0345 5020 volsnap - ok
15:05:22.0495 5020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:05:22.0505 5020 vsmraid - ok
15:05:22.0665 5020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:05:22.0695 5020 VSS - ok
15:05:22.0715 5020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:05:22.0715 5020 vwifibus - ok
15:05:22.0785 5020 [ D8BEF4AC1EAC809DBDBD441D6CFF6C4C ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
15:05:22.0785 5020 VzCdbSvc - ok
15:05:22.0875 5020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:05:22.0885 5020 W32Time - ok
15:05:23.0065 5020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:05:23.0065 5020 WacomPen - ok
15:05:23.0145 5020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:05:23.0145 5020 WANARP - ok
15:05:23.0155 5020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:05:23.0155 5020 Wanarpv6 - ok
15:05:23.0445 5020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:05:23.0465 5020 WatAdminSvc - ok
15:05:23.0705 5020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:05:23.0735 5020 wbengine - ok
15:05:23.0795 5020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:05:23.0805 5020 WbioSrvc - ok
15:05:23.0965 5020 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:05:23.0965 5020 WcesComm - ok
15:05:24.0315 5020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:05:24.0395 5020 wcncsvc - ok
15:05:24.0595 5020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:05:24.0705 5020 WcsPlugInService - ok
15:05:24.0943 5020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:05:25.0037 5020 Wd - ok
15:05:25.0754 5020 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:05:25.0848 5020 Wdf01000 - ok
15:05:26.0051 5020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:05:26.0066 5020 WdiServiceHost - ok
15:05:26.0191 5020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:05:26.0191 5020 WdiSystemHost - ok
15:05:26.0269 5020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:05:26.0285 5020 WebClient - ok
15:05:26.0417 5020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:05:26.0417 5020 Wecsvc - ok
15:05:26.0547 5020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:05:26.0557 5020 wercplsupport - ok
15:05:26.0617 5020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:05:26.0617 5020 WerSvc - ok
15:05:26.0717 5020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:05:26.0717 5020 WfpLwf - ok
15:05:26.0747 5020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:05:26.0747 5020 WIMMount - ok
15:05:26.0787 5020 WinDefend - ok
15:05:26.0797 5020 WinHttpAutoProxySvc - ok
15:05:26.0937 5020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:05:26.0937 5020 Winmgmt - ok
15:05:27.0167 5020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:05:27.0207 5020 WinRM - ok
15:05:27.0377 5020 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
15:05:27.0377 5020 WinUsb - ok
15:05:27.0638 5020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:05:27.0648 5020 Wlansvc - ok
15:05:28.0048 5020 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:05:28.0068 5020 wlidsvc - ok
15:05:28.0178 5020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:05:28.0178 5020 WmiAcpi - ok
15:05:28.0248 5020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:05:28.0248 5020 wmiApSrv - ok
15:05:28.0378 5020 WMPNetworkSvc - ok
15:05:28.0428 5020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:05:28.0468 5020 WPCSvc - ok
15:05:28.0628 5020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:05:28.0638 5020 WPDBusEnum - ok
15:05:28.0758 5020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:05:28.0758 5020 ws2ifsl - ok
15:05:28.0818 5020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:05:28.0818 5020 wscsvc - ok
15:05:28.0828 5020 WSearch - ok
15:05:28.0968 5020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:05:28.0998 5020 wuauserv - ok
15:05:29.0048 5020 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:05:29.0048 5020 WudfPf - ok
15:05:29.0078 5020 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:05:29.0078 5020 WUDFRd - ok
15:05:29.0168 5020 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:05:29.0208 5020 wudfsvc - ok
15:05:29.0428 5020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:05:29.0478 5020 WwanSvc - ok
15:05:29.0568 5020 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:05:29.0568 5020 yukonw7 - ok
15:05:29.0668 5020 ================ Scan global ===============================
15:05:29.0738 5020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:05:29.0818 5020 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:05:29.0838 5020 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:05:29.0898 5020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:05:29.0968 5020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:05:29.0968 5020 [Global] - ok
15:05:29.0968 5020 ================ Scan MBR ==================================
15:05:29.0978 5020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:05:30.0198 5020 \Device\Harddisk0\DR0 - ok
15:05:30.0198 5020 ================ Scan VBR ==================================
15:05:30.0198 5020 [ 49778CE1E942A0B2BC691B713CDA9C51 ] \Device\Harddisk0\DR0\Partition1
15:05:30.0198 5020 \Device\Harddisk0\DR0\Partition1 - ok
15:05:30.0198 5020 ============================================================
15:05:30.0198 5020 Scan finished
15:05:30.0198 5020 ============================================================
15:05:30.0218 4804 Detected object count: 1
15:05:30.0218 4804 Actual detected object count: 1
15:05:35.0873 4804 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:05:35.0873 4804 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:08:53.0996 3304 Deinitialize success
 
Good :)

Re-run MBAM one more time and post new log.

Next...

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

============================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Quincy :: QUINCY-PC [administrator]

11/4/2012 3:35:09 PM
mbam-log-2012-11-04 (15-43-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 251249
Time elapsed: 7 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)
 
RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Quincy [Admin rights]
Mode : Remove -- Date : 11/04/2012 15:53:15

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : AIM Toolbar (rundll32.exe "C:\Users\Quincy\AppData\Local\Amazon\AIM Toolbar\rkisymc.dll",DllRegisterServerW) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : AIM Toolbar (rundll32.exe "C:\Users\Quincy\AppData\Local\Amazon\AIM Toolbar\rkisymc.dll",DllRegisterServerW) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3254GSY ATA Device +++++
--- User ---
[MBR] 533a42400bf0188e6e0c498745908057
[BSP] d56731d11f94089101e5de1658a45635 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10623 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21757952 | Size: 294620 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11042012_02d1553.txt >>
RKreport[1]_S_11042012_02d1552.txt ; RKreport[2]_D_11042012_02d1553.txt
 
RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Quincy [Admin rights]
Mode : Remove -- Date : 11/04/2012 15:53:15

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : AIM Toolbar (rundll32.exe "C:\Users\Quincy\AppData\Local\Amazon\AIM Toolbar\rkisymc.dll",DllRegisterServerW) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : AIM Toolbar (rundll32.exe "C:\Users\Quincy\AppData\Local\Amazon\AIM Toolbar\rkisymc.dll",DllRegisterServerW) -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3254GSY ATA Device +++++
--- User ---
[MBR] 533a42400bf0188e6e0c498745908057
[BSP] d56731d11f94089101e5de1658a45635 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10623 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21757952 | Size: 294620 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11042012_02d1553.txt >>
RKreport[1]_S_11042012_02d1552.txt ; RKreport[2]_D_11042012_02d1553.txt
 
Your MBAM log says "No action taken".
When done with aswMBR, re-run MBAM, fix all issues and post new log.
 
This aswMBR scan has been running for about an hour. Is that normal? Some of these file scans are taking about 10 to 15 minutes individually.
 
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-04 15:57:38
-----------------------------
15:57:38.515 OS Version: Windows x64 6.1.7601 Service Pack 1
15:57:38.525 Number of processors: 2 586 0x170A
15:57:38.525 ComputerName: QUINCY-PC UserName: Quincy
15:57:41.406 Initialize success
16:01:12.681 AVAST engine defs: 12110400
16:01:50.721 The log file has been saved successfully to "C:\Users\Quincy\Desktop\aswMBR.txt"
16:03:08.065 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:03:08.070 Disk 0 Vendor: TOSHIBA_MK3254GSY LE001A Size: 305245MB BusType: 11
16:03:08.075 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000100
16:03:08.080 Disk 1 Vendor: RICOH 01 Size: 305245MB BusType: 0
16:03:08.086 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000101
16:03:08.091 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
16:03:08.143 Disk 0 MBR read successfully
16:03:08.147 Disk 0 MBR scan
16:03:08.152 Disk 0 Windows 7 default MBR code
16:03:08.163 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10623 MB offset 2048
16:03:08.178 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 294620 MB offset 21757952
16:03:08.205 Disk 0 scanning C:\Windows\system32\drivers
16:03:23.047 Service scanning
16:04:03.310 Modules scanning
16:04:03.321 Disk 0 trace - called modules:
16:04:03.348 ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys >>UNKNOWN [0xfffffa8003cb02c0]<<spsh.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:04:03.358 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d1e060]
16:04:03.368 3 CLASSPNP.SYS[fffff88000dc043f] -> nt!IofCallDriver -> [0xfffffa8004d1d770]
16:04:03.377 5 Sahdad64.sys[fffff88001813e25] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b61060]
16:04:03.384 \Driver\atapi[0xfffffa8004b305c0] -> IRP_MJ_CREATE -> 0xfffffa8003cb02c0
16:04:04.533 AVAST engine scan C:\Windows
16:04:06.858 AVAST engine scan C:\Windows\system32
16:08:01.255 AVAST engine scan C:\Windows\system32\drivers
16:08:18.273 AVAST engine scan C:\Users\Quincy
16:29:46.508 AVAST engine scan C:\ProgramData
17:27:31.143 Scan finished successfully
17:58:41.090 Disk 0 MBR has been saved successfully to "C:\Users\Quincy\Desktop\MBR.dat"
17:58:41.105 The log file has been saved successfully to "C:\Users\Quincy\Desktop\aswMBR.txt"
 
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Quincy :: QUINCY-PC [administrator]

11/4/2012 6:01:40 PM
mbam-log-2012-11-04 (18-01-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 251568
Time elapsed: 9 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
Good :)

Create new restore point before proceeding with the next step....
How to:
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

===========================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 12-11-04.01 - Quincy 11/04/2012 18:55:56.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4063.1235 [GMT -5:00]
Running from: c:\users\Quincy\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Quincy\AppData\Roaming\inst.exe
c:\users\Quincy\AppData\Roaming\Windows Update
c:\users\Quincy\AppData\Roaming\Windows Update\logs.dat
c:\users\Quincy\AppData\Roaming\Windows Update\plugin.dat
c:\users\Quincy\Documents\~WRL0886.tmp
c:\windows\SysWow64\ndisapi.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-05 to 2012-11-05 )))))))))))))))))))))))))))))))
.
.
2012-11-05 00:10 . 2012-11-05 00:10 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-11-05 00:10 . 2012-11-05 00:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-04 19:58 . 2012-11-04 19:58 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-03 02:15 . 2012-11-03 02:15 -------- d-----w- c:\users\Quincy\AppData\Local\Macromedia
2012-10-28 16:39 . 2012-10-28 16:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-24 20:03 . 2012-10-24 20:03 -------- d-----w- c:\program files\DIFX
2012-10-24 19:55 . 2012-10-24 20:03 -------- d-----w- c:\program files (x86)\LeapFrog
2012-10-24 19:55 . 2012-10-24 19:55 -------- d-----w- c:\programdata\Leapfrog
2012-10-17 14:43 . 2012-10-17 14:43 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-16 20:52 . 2012-10-16 20:52 -------- d-----w- c:\users\Quincy\AppData\Roaming\Malwarebytes
2012-10-16 20:52 . 2012-10-16 20:52 -------- d-----w- c:\programdata\Malwarebytes
2012-10-16 20:52 . 2012-10-22 23:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-16 20:52 . 2012-09-29 23:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-10 10:09 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 10:07 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 10:07 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 10:07 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 10:07 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 10:07 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 10:07 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-02 11:05 . 2012-06-26 10:13 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-02 11:05 . 2011-05-19 17:57 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-17 14:43 . 2012-06-22 05:33 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-17 14:43 . 2010-05-10 02:30 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-10 10:51 . 2009-10-27 12:41 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-08-24 18:05 . 2012-09-21 20:48 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 18:05 . 2012-09-21 20:48 1494528 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 18:05 . 2012-09-21 20:48 134144 ----a-w- c:\windows\system32\url.dll
2012-08-24 18:03 . 2012-09-21 20:48 9056256 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 18:03 . 2012-09-21 20:48 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 18:03 . 2012-09-21 20:48 735744 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 18:03 . 2012-09-21 20:48 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 18:02 . 2012-09-21 20:48 247808 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 18:02 . 2012-09-21 20:48 12295680 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 18:02 . 2012-09-21 20:48 2453504 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 16:57 . 2012-09-21 20:48 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 15:59 . 2012-09-21 20:48 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 15:20 . 2012-09-21 20:48 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 19:50 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 19:50 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 19:50 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 19:50 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 10:35 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 17:01 . 2012-09-20 23:33 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 17:01 . 2010-05-09 00:20 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 17:01 . 2010-05-09 00:20 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-10 10:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}]
2009-11-17 18:37 2166296 ----a-w- c:\program files (x86)\Isohunt-vuze\tbIso1.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-02-08 17:22 721840 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
2011-01-18 13:05 87480 ----a-w- c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-05-16 18:37 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}"= "c:\program files (x86)\Isohunt-vuze\tbIso1.dll" [2009-11-17 2166296]
"{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"= "c:\progra~2\BEARSH~1\MediaBar\ToolBar\bsdtxmltbpi.dll" [2011-01-18 87480]
.
[HKEY_CLASSES_ROOT\clsid\{6c3a1de1-94ca-4ad6-acdf-c1324adc487b}]
.
[HKEY_CLASSES_ROOT\clsid\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-06-16 2736128]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-09-10 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
"CPMonitor"="c:\program files (x86)\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"MioNet"="c:\program files (x86)\MioNet\MioNetLauncher.exe" [2010-02-09 32768]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-08 40376]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440]
"TkBellExe"="c:\program files (x86)\real\realplayer\update\realsched.exe" [2010-11-26 274608]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]
.
c:\users\Quincy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicHoldem.lnk - c:\magicholdem\MagicHoldem.exe [N/A]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 MioNet;MioNet;c:\program files (x86)\MioNet\MioNetManager.exe [2010-02-09 139264]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 PTAPCBUS;Pantech Android USB Composite Device (PTAPC);c:\windows\system32\DRIVERS\PTAPCBUS.sys [2011-06-24 103040]
R3 PTAPCMDM;Pantech Android USB Modem Drivers (PTAPC);c:\windows\system32\DRIVERS\PTAPCMDM.sys [2011-06-24 183424]
R3 PTAPCVSP;Pantech Android USB Serial Port (PTAPC);c:\windows\system32\DRIVERS\PTAPCVSP.sys [2011-06-24 183424]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 RoxMediaDB12;RoxMediaDB12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-09-17 167424]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-17 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-17 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-17 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-17 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-17 91432]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-10 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-02 27120]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-02 19952]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-23 828912]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-05 1385632]
S1 c2scsi64;c2scsi64;c:\windows\system32\DRIVERS\c2scsi64.sys [2009-07-24 167920]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20121102.001\IDSvia64.sys [2012-09-06 513184]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-02 27632]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-06-02 457200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-01 203264]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2009-06-23 127352]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 Ndisrd;WinpkFilter Service;c:\windows\system32\DRIVERS\ndisrd.sys [2009-09-14 32096]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-11-25 82816]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 11392]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 17:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 11:05]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 21:35]
.
2012-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 21:35]
.
2012-11-05 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2012-03-16 12:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2011-02-08 17:22 1057712 ----a-w- c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfFactory Pro Dispatcher v3"="c:\windows\system32\spool\DRIVERS\x64\3\fppdis3a.exe" [2009-06-12 745984]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll c:\progra~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll c:\windows\System32\acaptuser64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: cinemanow.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: qflix.com
Trusted Zone: roxio.com
Trusted Zone: sonic.com\redirect
Trusted Zone: sonic.com\redirect2
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
FF - ProfilePath - c:\users\Quincy\AppData\Roaming\Mozilla\Firefox\Profiles\fc1zqtky.default\
FF - ExtSQL: 2012-10-29 18:04; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF - ExtSQL: 2012-10-31 22:02; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - ExtSQL: !HIDDEN! 2009-12-24 14:28; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-33465492.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
WebBrowser-{6C3A1DE1-94CA-4AD6-ACDF-C1324ADC487B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-04 19:15:17
ComboFix-quarantined-files.txt 2012-11-05 00:15
.
Pre-Run: 63,368,790,016 bytes free
Post-Run: 67,357,294,592 bytes free
.
- - End Of File - - B9681807050C654BD5FF4479D27D9CCA
 
You must log in or register to reply here.

Similar threads

M
Windows update issues - Server 2012 & 2016 (mainly 2016)
Replies
1
Views
1K
msmeal
M
Scorpus
AMD promises upscaling quality improvements with FSR 3.1 update, adds Vulkan and Xbox...
Replies
7
Views
191
Puiu
Puiu
Scorpus
Nvidia launches three new GeForce RTX 4060 GPUs, starting at $300
2
Replies
42
Views
2K
ScottSoapbox
S

Latest posts

Back