Jump to content

drdrowsy

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. that may have actually worked. i tried it this morning, haven't gotten any alerts from symantec in a couple of hours thanks!!
  2. symantec autoprotect keeps popping up more and more files, they are sequentially named APQ****.tmp with risk trojan.gen.2 I've not noticed any system slowdowns or any other strange events
  3. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.17.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laurence :: LAURENCE-VAIO [administrator] 5/17/2012 10:56:19 AM mbam-log-2012-05-17 (10-56-19).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 602610 Time elapsed: 53 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. this was all that was in the log file: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK it did find two files: C:\Users\Laurence\Downloads\cnet2_easydvd_download_com_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined C:\Users\Laurence\Downloads\InternationalPrimoPDF.exe Win32/OpenCandy application deleted - quarantined the symantic was going crazy during the scan, it must have gotten hundreds of hits
  5. ran it again, rebooted and programs are working again, here's the log ComboFix 12-05-16.02 - Laurence 05/16/2012 20:47:13.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.3776 [GMT -4:00] Running from: c:\users\Laurence\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Laurence\AppData\Local\Temp\_MEI49322\_ctypes.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\_elementtree.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\_hashlib.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\_socket.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\_ssl.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\pyexpat.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\pysqlite2._sqlite.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\python26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\pythoncom26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\PyWinTypes26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\select.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32api.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32com.shell.shell.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32crypt.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32event.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32file.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32gui.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32inet.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32process.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._controls_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._core_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._gdi_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._html2.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._misc_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._windows_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._wizard.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxbase293u_net_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxbase293u_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_adv_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_core_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_html_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_webview_vc.dll . . ((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 ))))))))))))))))))))))))))))))) . . 2012-05-11 01:35 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 01:35 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 01:35 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 01:34 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 01:34 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 01:34 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 01:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 01:33 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 01:33 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 01:33 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 01:33 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-05 03:25 . 2012-05-05 03:25 -------- d-----w- c:\users\Default\AppData\Local\Google 2012-04-26 02:28 . 2012-05-17 00:34 -------- d-s---w- c:\users\Laurence\Google Drive 2012-04-19 23:55 . 2012-04-19 23:55 -------- d-----w- c:\program files (x86)\Botanicula . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-12 14:11 . 2012-04-15 12:56 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-12 14:11 . 2011-06-21 10:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-01 06:46 . 2012-04-14 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:38 . 2012-04-14 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:33 . 2012-04-14 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:28 . 2012-04-14 07:00 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:37 . 2012-04-14 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:33 . 2012-04-14 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:29 . 2012-04-14 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 06:56 . 2012-04-14 07:03 2311168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 06:49 . 2012-04-14 07:03 1390080 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:48 . 2012-04-14 07:03 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:42 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 01:18 . 2012-04-14 07:03 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-02-28 01:11 . 2012-04-14 07:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11 . 2012-04-14 07:03 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 01:03 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-17 06:38 . 2012-03-14 20:11 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 20:11 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 20:11 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 20:11 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-16 1242448] "EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2011-05-22 48648] "AROReminder"="c:\program files (x86)\ARO 2011\ARO.exe" [2011-11-11 2315120] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-05-02 11396840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-02-03 82944] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-01-15 316784] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-05-17 115560] "Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-01 1302] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2011-3-14 1520280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x] R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);c:\windows\system32\DRIVERS\qcfilterSny2k.sys [x] R3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);c:\windows\system32\DRIVERS\qcusbnetsny2k.sys [x] R3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);c:\windows\system32\DRIVERS\qcusbserSny2k.sys [x] R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448] R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-05-25 43032] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-08-04 96384] S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296] S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2011-03-15 154776] S2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-19 330488] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x] S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-16 190496] S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [x] S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x] S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004Core.job - c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004UA.job - c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 390680] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 410136] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-19 16414824] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-16 9962016] "vncutil"="c:\program files\Realtek\Audio\HDA\vncutil64.exe" [2010-02-16 475680] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\ . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe c:\windows\SysWOW64\DllHost.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe c:\program files\Sony\VAIO Care\VCSpt.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe c:\program files (x86)\DDNi\Oasis\VAIO Messenger.exe . ************************************************************************** . Completion time: 2012-05-16 21:00:19 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-17 01:00 ComboFix2.txt 2012-05-16 23:25 ComboFix3.txt 2012-05-16 22:58 . Pre-Run: 168,306,253,824 bytes free Post-Run: 168,205,283,328 bytes free . - - End Of File - - 8F18CB66B7F3C5A91BDD1EE61E42D462
  6. i ran the program and it restarted the computer, then every executable file gave me the the error "illegal operation attempted on a registry that has been marked for deletion." I did a system restore to before running the program. here's the log: ComboFix 12-05-16.02 - Laurence 05/16/2012 19:12:51.1.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.3630 [GMT -4:00] Running from: c:\users\Laurence\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Laurence\AppData\Local\Temp\_MEI49882\_ctypes.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\_elementtree.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\_hashlib.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\_socket.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\_ssl.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\pyexpat.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\pysqlite2._sqlite.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\python26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\pythoncom26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\PyWinTypes26.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\select.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32api.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32com.shell.shell.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32crypt.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32event.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32file.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32gui.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32inet.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32process.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._controls_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._core_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._gdi_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._html2.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._misc_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._windows_.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._wizard.pyd c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxbase293u_net_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxbase293u_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_adv_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_core_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_html_vc.dll c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_webview_vc.dll . . ((((((((((((((((((((((((( Files Created from 2012-04-16 to 2012-05-16 ))))))))))))))))))))))))))))))) . . 2012-05-16 23:23 . 2012-05-16 23:23 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2012-05-16 23:23 . 2012-05-16 23:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-11 01:35 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 01:35 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 01:35 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 01:34 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 01:34 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 01:34 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 01:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 01:33 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 01:33 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 01:33 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 01:33 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-05 03:25 . 2012-05-05 03:25 -------- d-----w- c:\users\Default\AppData\Local\Google 2012-04-26 02:28 . 2012-05-16 23:07 -------- d-s---w- c:\users\Laurence\Google Drive 2012-04-19 23:55 . 2012-04-19 23:55 -------- d-----w- c:\program files (x86)\Botanicula . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-12 14:11 . 2012-04-15 12:56 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-12 14:11 . 2011-06-21 10:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-01 06:46 . 2012-04-14 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-03-01 06:38 . 2012-04-14 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-03-01 06:33 . 2012-04-14 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-03-01 06:28 . 2012-04-14 07:00 5120 ----a-w- c:\windows\system32\wmi.dll 2012-03-01 05:37 . 2012-04-14 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-03-01 05:33 . 2012-04-14 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-03-01 05:29 . 2012-04-14 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-02-28 06:56 . 2012-04-14 07:03 2311168 ----a-w- c:\windows\system32\jscript9.dll 2012-02-28 06:49 . 2012-04-14 07:03 1390080 ----a-w- c:\windows\system32\wininet.dll 2012-02-28 06:48 . 2012-04-14 07:03 1493504 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-28 06:42 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-28 01:18 . 2012-04-14 07:03 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-02-28 01:11 . 2012-04-14 07:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-02-28 01:11 . 2012-04-14 07:03 1127424 ----a-w- c:\windows\SysWow64\wininet.dll 2012-02-28 01:03 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-02-17 06:38 . 2012-03-14 20:11 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-14 20:11 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-14 20:11 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-14 20:11 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-16 1242448] "EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2011-05-22 48648] "AROReminder"="c:\program files (x86)\ARO 2011\ARO.exe" [2011-11-11 2315120] "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-05-02 11396840] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-02-03 82944] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-01-15 316784] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-05-17 115560] "Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-01 1302] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2011-3-14 1520280] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248] R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-16 129976] R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);c:\windows\system32\DRIVERS\qcfilterSny2k.sys [x] R3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);c:\windows\system32\DRIVERS\qcusbnetsny2k.sys [x] R3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);c:\windows\system32\DRIVERS\qcusbserSny2k.sys [x] R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448] R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-05-25 43032] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-08-04 96384] S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296] S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2011-03-15 154776] S2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-19 330488] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x] S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-16 190496] S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [x] S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x] S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004Core.job - c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58] . 2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004UA.job - c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 166424] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 390680] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 410136] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-19 16414824] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-16 9962016] "vncutil"="c:\program files\Realtek\Audio\HDA\vncutil64.exe" [2010-02-16 475680] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\ . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe c:\windows\SysWOW64\DllHost.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe c:\program files\Sony\VAIO Care\VCSpt.exe c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe . ************************************************************************** . Completion time: 2012-05-16 19:25:54 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-16 23:25 ComboFix2.txt 2012-05-16 22:58 . Pre-Run: 168,985,804,800 bytes free Post-Run: 168,279,408,640 bytes free . - - End Of File - - 0207C6C06D5590B8A42D3416FEA081EC
  7. part 2: 18:11:34.0729 1408 Serenum - ok 18:11:34.0737 1408 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 18:11:34.0772 1408 Serial - ok 18:11:34.0779 1408 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 18:11:34.0812 1408 sermouse - ok 18:11:34.0834 1408 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 18:11:34.0913 1408 SessionEnv - ok 18:11:34.0920 1408 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 18:11:34.0951 1408 SFEP - ok 18:11:34.0958 1408 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:11:34.0992 1408 sffdisk - ok 18:11:35.0001 1408 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:11:35.0033 1408 sffp_mmc - ok 18:11:35.0044 1408 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:11:35.0083 1408 sffp_sd - ok 18:11:35.0090 1408 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 18:11:35.0120 1408 sfloppy - ok 18:11:35.0141 1408 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:11:35.0217 1408 SharedAccess - ok 18:11:35.0237 1408 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 18:11:35.0316 1408 ShellHWDetection - ok 18:11:35.0324 1408 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 18:11:35.0355 1408 SiSRaid2 - ok 18:11:35.0363 1408 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 18:11:35.0396 1408 SiSRaid4 - ok 18:11:35.0405 1408 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:11:35.0475 1408 Smb - ok 18:11:35.0595 1408 SmcService (26eb194d1fb2870e0453a99b84889f8d) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe 18:11:35.0801 1408 SmcService - ok 18:11:35.0814 1408 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS 18:11:35.0850 1408 SMSIVZAM5X64 - ok 18:11:35.0887 1408 SNAC (c2e9b4e50cf3a15255b45a7c7a0a881e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE 18:11:35.0923 1408 SNAC - ok 18:11:35.0946 1408 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:11:35.0986 1408 SNMPTRAP - ok 18:11:35.0996 1408 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:11:36.0036 1408 spldr - ok 18:11:36.0066 1408 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 18:11:36.0171 1408 Spooler - ok 18:11:36.0299 1408 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 18:11:36.0570 1408 sppsvc - ok 18:11:36.0589 1408 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:11:36.0673 1408 sppuinotify - ok 18:11:36.0695 1408 SQLAgent$DDNI (a892134c28777978ecde8283dc57ac0f) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE 18:11:36.0824 1408 SQLAgent$DDNI - ok 18:11:36.0841 1408 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:11:37.0017 1408 SQLBrowser - ok 18:11:37.0030 1408 SQLWriter (f92e5f93be572b512da3c016b675ede0) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:11:37.0108 1408 SQLWriter - ok 18:11:37.0133 1408 SRTSP (b531fc8918dcdaae638511a123c3465e) C:\Windows\system32\Drivers\SRTSP64.SYS 18:11:37.0175 1408 SRTSP - ok 18:11:37.0199 1408 SRTSPL (2bd3a73d0601320b72486fc3ebc2544f) C:\Windows\system32\Drivers\SRTSPL64.SYS 18:11:37.0242 1408 SRTSPL - ok 18:11:37.0249 1408 SRTSPX (529b337c1aeeb289f0b502eb0ee6a8f5) C:\Windows\system32\Drivers\SRTSPX64.SYS 18:11:37.0279 1408 SRTSPX - ok 18:11:37.0303 1408 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:11:37.0347 1408 srv - ok 18:11:37.0368 1408 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:11:37.0410 1408 srv2 - ok 18:11:37.0423 1408 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:11:37.0460 1408 srvnet - ok 18:11:37.0474 1408 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:11:37.0553 1408 SSDPSRV - ok 18:11:37.0563 1408 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:11:37.0635 1408 SstpSvc - ok 18:11:37.0642 1408 Steam Client Service - ok 18:11:37.0652 1408 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 18:11:37.0686 1408 stexstor - ok 18:11:37.0716 1408 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 18:11:37.0771 1408 stisvc - ok 18:11:37.0780 1408 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 18:11:37.0815 1408 storflt - ok 18:11:37.0823 1408 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 18:11:37.0860 1408 StorSvc - ok 18:11:37.0868 1408 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 18:11:37.0902 1408 storvsc - ok 18:11:37.0910 1408 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:11:37.0946 1408 swenum - ok 18:11:37.0973 1408 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:11:38.0050 1408 swprv - ok 18:11:38.0130 1408 Symantec AntiVirus (f3a4ead0b3946e439f0397f7a4d09952) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:11:38.0236 1408 Symantec AntiVirus - ok 18:11:38.0269 1408 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 18:11:38.0310 1408 SymEvent - ok 18:11:38.0329 1408 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys 18:11:38.0374 1408 SynTP - ok 18:11:38.0450 1408 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 18:11:38.0582 1408 SysMain - ok 18:11:38.0603 1408 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 18:11:38.0656 1408 TabletInputService - ok 18:11:38.0677 1408 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 18:11:38.0776 1408 TapiSrv - ok 18:11:38.0787 1408 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:11:38.0863 1408 TBS - ok 18:11:38.0949 1408 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 18:11:39.0032 1408 Tcpip - ok 18:11:39.0068 1408 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 18:11:39.0149 1408 TCPIP6 - ok 18:11:39.0170 1408 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:11:39.0253 1408 tcpipreg - ok 18:11:39.0266 1408 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:11:39.0302 1408 TDPIPE - ok 18:11:39.0310 1408 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 18:11:39.0345 1408 TDTCP - ok 18:11:39.0359 1408 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:11:39.0445 1408 tdx - ok 18:11:39.0455 1408 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:11:39.0492 1408 TermDD - ok 18:11:39.0528 1408 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 18:11:39.0636 1408 TermService - ok 18:11:39.0648 1408 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:11:39.0699 1408 Themes - ok 18:11:39.0710 1408 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:11:39.0792 1408 THREADORDER - ok 18:11:39.0801 1408 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 18:11:39.0841 1408 TPM - ok 18:11:39.0855 1408 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:11:39.0950 1408 TrkWks - ok 18:11:39.0965 1408 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 18:11:40.0050 1408 TrustedInstaller - ok 18:11:40.0065 1408 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:11:40.0143 1408 tssecsrv - ok 18:11:40.0154 1408 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:11:40.0185 1408 TsUsbFlt - ok 18:11:40.0203 1408 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:11:40.0291 1408 tunnel - ok 18:11:40.0300 1408 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 18:11:40.0336 1408 uagp35 - ok 18:11:40.0353 1408 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:11:40.0441 1408 udfs - ok 18:11:40.0460 1408 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:11:40.0497 1408 UI0Detect - ok 18:11:40.0509 1408 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:11:40.0551 1408 uliagpkx - ok 18:11:40.0561 1408 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 18:11:40.0602 1408 umbus - ok 18:11:40.0611 1408 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 18:11:40.0650 1408 UmPass - ok 18:11:40.0667 1408 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 18:11:40.0715 1408 UmRdpService - ok 18:11:40.0819 1408 UNS (ad88af249abdc546151f9bfc4093fa9b) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 18:11:40.0955 1408 UNS - ok 18:11:40.0986 1408 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:11:41.0074 1408 upnphost - ok 18:11:41.0087 1408 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:11:41.0132 1408 usbccgp - ok 18:11:41.0144 1408 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:11:41.0192 1408 usbcir - ok 18:11:41.0202 1408 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 18:11:41.0242 1408 usbehci - ok 18:11:41.0264 1408 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:11:41.0312 1408 usbhub - ok 18:11:41.0322 1408 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 18:11:41.0361 1408 usbohci - ok 18:11:41.0370 1408 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:11:41.0412 1408 usbprint - ok 18:11:41.0421 1408 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 18:11:41.0463 1408 usbscan - ok 18:11:41.0474 1408 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:11:41.0517 1408 USBSTOR - ok 18:11:41.0526 1408 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:11:41.0562 1408 usbuhci - ok 18:11:41.0577 1408 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:11:41.0623 1408 usbvideo - ok 18:11:41.0633 1408 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:11:41.0721 1408 UxSms - ok 18:11:41.0737 1408 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 18:11:41.0859 1408 VAIO Event Service - ok 18:11:41.0893 1408 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 18:11:41.0946 1408 VAIO Power Management - ok 18:11:41.0956 1408 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:11:41.0986 1408 VaultSvc - ok 18:11:42.0001 1408 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:11:42.0041 1408 vdrvroot - ok 18:11:42.0073 1408 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 18:11:42.0177 1408 vds - ok 18:11:42.0187 1408 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:11:42.0232 1408 vga - ok 18:11:42.0241 1408 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:11:42.0331 1408 VgaSave - ok 18:11:42.0349 1408 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:11:42.0396 1408 vhdmp - ok 18:11:42.0405 1408 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:11:42.0441 1408 viaide - ok 18:11:42.0456 1408 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 18:11:42.0499 1408 vmbus - ok 18:11:42.0508 1408 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 18:11:42.0542 1408 VMBusHID - ok 18:11:42.0552 1408 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:11:42.0591 1408 volmgr - ok 18:11:42.0613 1408 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:11:42.0650 1408 volmgrx - ok 18:11:42.0669 1408 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:11:42.0722 1408 volsnap - ok 18:11:42.0738 1408 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 18:11:42.0781 1408 vpcbus - ok 18:11:42.0792 1408 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 18:11:42.0833 1408 vpcnfltr - ok 18:11:42.0844 1408 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 18:11:42.0881 1408 vpcusb - ok 18:11:42.0904 1408 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys 18:11:42.0942 1408 vpcvmm - ok 18:11:42.0956 1408 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 18:11:42.0999 1408 vsmraid - ok 18:11:43.0073 1408 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 18:11:43.0176 1408 VSS - ok 18:11:43.0242 1408 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 18:11:43.0310 1408 VUAgent - ok 18:11:43.0328 1408 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:11:43.0370 1408 vwifibus - ok 18:11:43.0382 1408 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:11:43.0442 1408 vwififlt - ok 18:11:43.0452 1408 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:11:43.0499 1408 vwifimp - ok 18:11:43.0523 1408 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:11:43.0638 1408 W32Time - ok 18:11:43.0653 1408 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 18:11:43.0698 1408 WacomPen - ok 18:11:43.0713 1408 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:11:43.0809 1408 WANARP - ok 18:11:43.0817 1408 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:11:43.0902 1408 Wanarpv6 - ok 18:11:43.0963 1408 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:11:44.0037 1408 WatAdminSvc - ok 18:11:44.0110 1408 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 18:11:44.0183 1408 wbengine - ok 18:11:44.0210 1408 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:11:44.0265 1408 WbioSrvc - ok 18:11:44.0289 1408 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 18:11:44.0349 1408 wcncsvc - ok 18:11:44.0359 1408 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:11:44.0407 1408 WcsPlugInService - ok 18:11:44.0417 1408 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 18:11:44.0456 1408 Wd - ok 18:11:44.0490 1408 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:11:44.0553 1408 Wdf01000 - ok 18:11:44.0566 1408 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:11:44.0634 1408 WdiServiceHost - ok 18:11:44.0642 1408 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:11:44.0690 1408 WdiSystemHost - ok 18:11:44.0710 1408 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 18:11:44.0771 1408 WebClient - ok 18:11:44.0790 1408 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:11:44.0876 1408 Wecsvc - ok 18:11:44.0887 1408 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:11:44.0972 1408 wercplsupport - ok 18:11:44.0984 1408 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:11:45.0060 1408 WerSvc - ok 18:11:45.0071 1408 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:11:45.0151 1408 WfpLwf - ok 18:11:45.0159 1408 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:11:45.0195 1408 WIMMount - ok 18:11:45.0203 1408 WinDefend - ok 18:11:45.0222 1408 WinHttpAutoProxySvc - ok 18:11:45.0245 1408 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:11:45.0334 1408 Winmgmt - ok 18:11:45.0420 1408 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 18:11:45.0543 1408 WinRM - ok 18:11:45.0568 1408 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 18:11:45.0607 1408 WinUsb - ok 18:11:45.0650 1408 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:11:45.0699 1408 Wlansvc - ok 18:11:45.0803 1408 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:11:45.0914 1408 wlidsvc - ok 18:11:45.0937 1408 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:11:45.0976 1408 WmiAcpi - ok 18:11:46.0000 1408 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:11:46.0051 1408 wmiApSrv - ok 18:11:46.0062 1408 WMPNetworkSvc - ok 18:11:46.0073 1408 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:11:46.0115 1408 WPCSvc - ok 18:11:46.0128 1408 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 18:11:46.0192 1408 WPDBusEnum - ok 18:11:46.0202 1408 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:11:46.0284 1408 ws2ifsl - ok 18:11:46.0298 1408 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 18:11:46.0355 1408 wscsvc - ok 18:11:46.0364 1408 WSearch - ok 18:11:46.0474 1408 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 18:11:46.0676 1408 wuauserv - ok 18:11:46.0699 1408 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:11:46.0790 1408 WudfPf - ok 18:11:46.0806 1408 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:11:46.0901 1408 WUDFRd - ok 18:11:46.0914 1408 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 18:11:47.0003 1408 wudfsvc - ok 18:11:47.0021 1408 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:11:47.0069 1408 WwanSvc - ok 18:11:47.0123 1408 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:11:47.0197 1408 \Device\Harddisk0\DR0 - ok 18:11:47.0201 1408 Boot (0x1200) (35f93f0df2bb3e522fb703b86f86acc0) \Device\Harddisk0\DR0\Partition0 18:11:47.0202 1408 \Device\Harddisk0\DR0\Partition0 - ok 18:11:47.0208 1408 Boot (0x1200) (a540b548e3d8c786ce32a55ccfcf2864) \Device\Harddisk0\DR0\Partition1 18:11:47.0209 1408 \Device\Harddisk0\DR0\Partition1 - ok 18:11:47.0210 1408 ============================================================ 18:11:47.0210 1408 Scan finished 18:11:47.0210 1408 ============================================================ 18:11:47.0222 4420 Detected object count: 2 18:11:47.0223 4420 Actual detected object count: 2 18:12:54.0382 4420 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user 18:12:54.0382 4420 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:12:54.0386 4420 SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user 18:12:54.0387 4420 SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:14:32.0250 2832 ============================================================ 18:14:32.0250 2832 Scan started 18:14:32.0250 2832 Mode: Manual; SigCheck; TDLFS; 18:14:32.0250 2832 ============================================================ 18:14:32.0345 2832 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:14:32.0391 2832 1394ohci - ok 18:14:32.0399 2832 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 18:14:32.0519 2832 ACDaemon - ok 18:14:32.0536 2832 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:14:32.0577 2832 ACPI - ok 18:14:32.0582 2832 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:14:32.0618 2832 AcpiPmi - ok 18:14:32.0641 2832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 18:14:32.0682 2832 adp94xx - ok 18:14:32.0699 2832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 18:14:32.0735 2832 adpahci - ok 18:14:32.0747 2832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 18:14:32.0779 2832 adpu320 - ok 18:14:32.0788 2832 ADVService (7233688fc422ef657e082309e6180142) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe 18:14:32.0808 2832 ADVService - ok 18:14:32.0816 2832 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:14:32.0893 2832 AeLookupSvc - ok 18:14:32.0917 2832 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:14:32.0954 2832 AFD - ok 18:14:32.0960 2832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:14:32.0989 2832 agp440 - ok 18:14:32.0996 2832 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:14:33.0025 2832 ALG - ok 18:14:33.0029 2832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:14:33.0055 2832 aliide - ok 18:14:33.0060 2832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:14:33.0089 2832 amdide - ok 18:14:33.0095 2832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 18:14:33.0122 2832 AmdK8 - ok 18:14:33.0129 2832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 18:14:33.0156 2832 AmdPPM - ok 18:14:33.0164 2832 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:14:33.0194 2832 amdsata - ok 18:14:33.0205 2832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 18:14:33.0236 2832 amdsbs - ok 18:14:33.0241 2832 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:14:33.0267 2832 amdxata - ok 18:14:33.0273 2832 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:14:33.0344 2832 AppID - ok 18:14:33.0350 2832 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:14:33.0421 2832 AppIDSvc - ok 18:14:33.0428 2832 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 18:14:33.0501 2832 Appinfo - ok 18:14:33.0513 2832 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 18:14:33.0543 2832 AppMgmt - ok 18:14:33.0550 2832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 18:14:33.0579 2832 arc - ok 18:14:33.0588 2832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 18:14:33.0617 2832 arcsas - ok 18:14:33.0636 2832 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:14:33.0687 2832 aspnet_state - ok 18:14:33.0692 2832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:14:33.0764 2832 AsyncMac - ok 18:14:33.0769 2832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:14:33.0795 2832 atapi - ok 18:14:33.0826 2832 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:14:33.0943 2832 AudioEndpointBuilder - ok 18:14:33.0952 2832 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:14:34.0070 2832 AudioSrv - ok 18:14:34.0080 2832 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 18:14:34.0117 2832 AxInstSV - ok 18:14:34.0140 2832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 18:14:34.0174 2832 b06bdrv - ok 18:14:34.0189 2832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:14:34.0218 2832 b57nd60a - ok 18:14:34.0230 2832 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:14:34.0257 2832 BDESVC - ok 18:14:34.0261 2832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:14:34.0330 2832 Beep - ok 18:14:34.0361 2832 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 18:14:34.0452 2832 BFE - ok 18:14:34.0496 2832 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 18:14:34.0598 2832 BITS - ok 18:14:34.0605 2832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 18:14:34.0634 2832 blbdrive - ok 18:14:34.0641 2832 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:14:34.0671 2832 bowser - ok 18:14:34.0676 2832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 18:14:34.0711 2832 BrFiltLo - ok 18:14:34.0715 2832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 18:14:34.0749 2832 BrFiltUp - ok 18:14:34.0758 2832 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 18:14:34.0837 2832 Browser - ok 18:14:34.0854 2832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:14:34.0888 2832 Brserid - ok 18:14:34.0895 2832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:14:34.0931 2832 BrSerWdm - ok 18:14:34.0936 2832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:14:34.0971 2832 BrUsbMdm - ok 18:14:34.0975 2832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:14:35.0001 2832 BrUsbSer - ok 18:14:35.0008 2832 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 18:14:35.0032 2832 BthEnum - ok 18:14:35.0039 2832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 18:14:35.0073 2832 BTHMODEM - ok 18:14:35.0081 2832 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:14:35.0116 2832 BthPan - ok 18:14:35.0141 2832 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 18:14:35.0176 2832 BTHPORT - ok 18:14:35.0183 2832 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:14:35.0255 2832 bthserv - ok 18:14:35.0263 2832 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 18:14:35.0290 2832 BTHUSB - ok 18:14:35.0296 2832 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 18:14:35.0320 2832 btusbflt - ok 18:14:35.0328 2832 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 18:14:35.0352 2832 btwaudio - ok 18:14:35.0361 2832 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys 18:14:35.0386 2832 btwavdt - ok 18:14:35.0427 2832 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 18:14:35.0476 2832 btwdins - ok 18:14:35.0482 2832 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 18:14:35.0502 2832 btwl2cap - ok 18:14:35.0507 2832 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 18:14:35.0528 2832 btwrchid - ok 18:14:35.0537 2832 cag (ce52d435a50afda0077322db4f404a6e) C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys 18:14:35.0561 2832 cag - ok 18:14:35.0570 2832 ccEvtMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 18:14:35.0603 2832 ccEvtMgr - ok 18:14:35.0608 2832 ccSetMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 18:14:35.0640 2832 ccSetMgr - ok 18:14:35.0647 2832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:14:35.0724 2832 cdfs - ok 18:14:35.0734 2832 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 18:14:35.0763 2832 cdrom - ok 18:14:35.0771 2832 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:14:35.0844 2832 CertPropSvc - ok 18:14:35.0850 2832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 18:14:35.0885 2832 circlass - ok 18:14:35.0904 2832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:14:35.0953 2832 CLFS - ok 18:14:35.0963 2832 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:14:36.0030 2832 clr_optimization_v2.0.50727_32 - ok 18:14:36.0041 2832 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:14:36.0069 2832 clr_optimization_v2.0.50727_64 - ok 18:14:36.0083 2832 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:14:36.0117 2832 clr_optimization_v4.0.30319_32 - ok 18:14:36.0127 2832 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:14:36.0154 2832 clr_optimization_v4.0.30319_64 - ok 18:14:36.0159 2832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 18:14:36.0188 2832 CmBatt - ok 18:14:36.0194 2832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:14:36.0223 2832 cmdide - ok 18:14:36.0246 2832 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:14:36.0301 2832 CNG - ok 18:14:36.0307 2832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 18:14:36.0336 2832 Compbatt - ok 18:14:36.0343 2832 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:14:36.0379 2832 CompositeBus - ok 18:14:36.0384 2832 COMSysApp - ok 18:14:36.0392 2832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 18:14:36.0422 2832 crcdisk - ok 18:14:36.0437 2832 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 18:14:36.0519 2832 CryptSvc - ok 18:14:36.0545 2832 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 18:14:36.0585 2832 CSC - ok 18:14:36.0617 2832 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 18:14:36.0661 2832 CscService - ok 18:14:36.0667 2832 ctxva51 (bc9d0bd74e78d8f88d96e96faba828dd) C:\Windows\system32\DRIVERS\ctxva51.sys 18:14:36.0690 2832 ctxva51 - ok 18:14:36.0719 2832 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:14:36.0809 2832 DcomLaunch - ok 18:14:36.0825 2832 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:14:36.0905 2832 defragsvc - ok 18:14:36.0913 2832 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:14:36.0986 2832 DfsC - ok 18:14:37.0001 2832 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 18:14:37.0083 2832 Dhcp - ok 18:14:37.0089 2832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:14:37.0165 2832 discache - ok 18:14:37.0173 2832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 18:14:37.0201 2832 Disk - ok 18:14:37.0212 2832 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 18:14:37.0236 2832 DNE - ok 18:14:37.0247 2832 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 18:14:37.0277 2832 Dnscache - ok 18:14:37.0292 2832 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 18:14:37.0367 2832 dot3svc - ok 18:14:37.0378 2832 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 18:14:37.0454 2832 DPS - ok 18:14:37.0459 2832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:14:37.0489 2832 drmkaud - ok 18:14:37.0533 2832 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:14:37.0600 2832 DXGKrnl - ok 18:14:37.0618 2832 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys 18:14:37.0647 2832 e1kexpress - ok 18:14:37.0657 2832 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:14:37.0733 2832 EapHost - ok 18:14:37.0739 2832 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys 18:14:37.0761 2832 easytether - ok 18:14:37.0884 2832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 18:14:37.0975 2832 ebdrv - ok 18:14:38.0000 2832 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 18:14:38.0036 2832 eeCtrl - ok 18:14:38.0058 2832 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 18:14:38.0086 2832 EFS - ok 18:14:38.0118 2832 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 18:14:38.0184 2832 ehRecvr - ok 18:14:38.0193 2832 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:14:38.0224 2832 ehSched - ok 18:14:38.0253 2832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 18:14:38.0299 2832 elxstor - ok 18:14:38.0310 2832 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:14:38.0334 2832 EraserUtilRebootDrv - ok 18:14:38.0340 2832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:14:38.0365 2832 ErrDev - ok 18:14:38.0392 2832 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:14:38.0471 2832 EventSystem - ok 18:14:38.0532 2832 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 18:14:38.0620 2832 EvtEng - ok 18:14:38.0636 2832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:14:38.0712 2832 exfat - ok 18:14:38.0718 2832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:14:38.0794 2832 fastfat - ok 18:14:38.0826 2832 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 18:14:38.0864 2832 Fax - ok 18:14:38.0869 2832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 18:14:38.0895 2832 fdc - ok 18:14:38.0900 2832 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:14:38.0974 2832 fdPHost - ok 18:14:38.0980 2832 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:14:39.0055 2832 FDResPub - ok 18:14:39.0061 2832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:14:39.0089 2832 FileInfo - ok 18:14:39.0094 2832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:14:39.0166 2832 Filetrace - ok 18:14:39.0170 2832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 18:14:39.0196 2832 flpydisk - ok 18:14:39.0212 2832 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:14:39.0245 2832 FltMgr - ok 18:14:39.0288 2832 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 18:14:39.0345 2832 FontCache - ok 18:14:39.0357 2832 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:14:39.0382 2832 FontCache3.0.0.0 - ok 18:14:39.0390 2832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:14:39.0415 2832 FsDepends - ok 18:14:39.0426 2832 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 18:14:39.0451 2832 Fs_Rec - ok 18:14:39.0464 2832 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:14:39.0500 2832 fvevol - ok 18:14:39.0506 2832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 18:14:39.0534 2832 gagp30kx - ok 18:14:39.0569 2832 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 18:14:39.0709 2832 gpsvc - ok 18:14:39.0720 2832 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:14:39.0758 2832 gupdate - ok 18:14:39.0762 2832 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:14:39.0799 2832 gupdatem - ok 18:14:39.0810 2832 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:14:39.0846 2832 gusvc - ok 18:14:39.0853 2832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:14:39.0879 2832 hcw85cir - ok 18:14:39.0897 2832 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:14:39.0934 2832 HdAudAddService - ok 18:14:39.0943 2832 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:14:39.0977 2832 HDAudBus - ok 18:14:39.0984 2832 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys 18:14:40.0008 2832 HECIx64 - ok 18:14:40.0013 2832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 18:14:40.0040 2832 HidBatt - ok 18:14:40.0048 2832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 18:14:40.0082 2832 HidBth - ok 18:14:40.0088 2832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 18:14:40.0121 2832 HidIr - ok 18:14:40.0127 2832 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 18:14:40.0199 2832 hidserv - ok 18:14:40.0206 2832 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:14:40.0233 2832 HidUsb - ok 18:14:40.0242 2832 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 18:14:40.0313 2832 hkmsvc - ok 18:14:40.0325 2832 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 18:14:40.0355 2832 HomeGroupListener - ok 18:14:40.0367 2832 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 18:14:40.0399 2832 HomeGroupProvider - ok 18:14:40.0407 2832 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:14:40.0435 2832 HpSAMD - ok 18:14:40.0469 2832 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:14:40.0554 2832 HTTP - ok 18:14:40.0561 2832 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:14:40.0586 2832 hwpolicy - ok 18:14:40.0596 2832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:14:40.0624 2832 i8042prt - ok 18:14:40.0652 2832 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys 18:14:40.0689 2832 iaStor - ok 18:14:40.0696 2832 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 18:14:40.0717 2832 IAStorDataMgrSvc - ok 18:14:40.0737 2832 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:14:40.0774 2832 iaStorV - ok 18:14:40.0809 2832 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:14:40.0861 2832 idsvc - ok 18:14:40.0872 2832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 18:14:40.0903 2832 iirsp - ok 18:14:40.0944 2832 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 18:14:41.0042 2832 IKEEXT - ok 18:14:41.0053 2832 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 18:14:41.0083 2832 Impcd - ok 18:14:41.0187 2832 IntcAzAudAddService (9aa1e982bc10176ce316aadfbd5c28f5) C:\Windows\system32\drivers\RTKVHD64.sys 18:14:41.0286 2832 IntcAzAudAddService - ok 18:14:41.0301 2832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:14:41.0329 2832 intelide - ok 18:14:41.0337 2832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:14:41.0367 2832 intelppm - ok 18:14:41.0378 2832 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:14:41.0451 2832 IPBusEnum - ok 18:14:41.0459 2832 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:14:41.0532 2832 IpFilterDriver - ok 18:14:41.0561 2832 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 18:14:41.0643 2832 iphlpsvc - ok 18:14:41.0651 2832 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:14:41.0680 2832 IPMIDRV - ok 18:14:41.0689 2832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:14:41.0765 2832 IPNAT - ok 18:14:41.0770 2832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:14:41.0804 2832 IRENUM - ok 18:14:41.0810 2832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:14:41.0839 2832 isapnp - ok 18:14:41.0855 2832 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:14:41.0889 2832 iScsiPrt - ok 18:14:41.0895 2832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 18:14:41.0923 2832 kbdclass - ok 18:14:41.0930 2832 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 18:14:41.0956 2832 kbdhid - ok 18:14:41.0962 2832 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:14:41.0991 2832 KeyIso - ok 18:14:41.0999 2832 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:14:42.0027 2832 KSecDD - ok 18:14:42.0037 2832 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:14:42.0068 2832 KSecPkg - ok 18:14:42.0075 2832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:14:42.0145 2832 ksthunk - ok 18:14:42.0163 2832 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:14:42.0245 2832 KtmRm - ok 18:14:42.0259 2832 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 18:14:42.0337 2832 LanmanServer - ok 18:14:42.0346 2832 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 18:14:42.0423 2832 LanmanWorkstation - ok 18:14:42.0558 2832 LiveUpdate (6105b28f5d03c4affa7197b228768849) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:14:42.0687 2832 LiveUpdate - ok 18:14:42.0700 2832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:14:42.0784 2832 lltdio - ok 18:14:42.0801 2832 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:14:42.0887 2832 lltdsvc - ok 18:14:42.0893 2832 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:14:42.0978 2832 lmhosts - ok 18:14:42.0993 2832 LMS (ad1cf8471b06badb93d87cc4d63b8483) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 18:14:43.0040 2832 LMS - ok 18:14:43.0053 2832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 18:14:43.0087 2832 LSI_FC - ok 18:14:43.0097 2832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 18:14:43.0129 2832 LSI_SAS - ok 18:14:43.0137 2832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 18:14:43.0167 2832 LSI_SAS2 - ok 18:14:43.0176 2832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 18:14:43.0205 2832 LSI_SCSI - ok 18:14:43.0216 2832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:14:43.0293 2832 luafv - ok 18:14:43.0302 2832 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 18:14:43.0332 2832 Mcx2Svc - ok 18:14:43.0338 2832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 18:14:43.0364 2832 megasas - ok 18:14:43.0381 2832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 18:14:43.0414 2832 MegaSR - ok 18:14:43.0423 2832 Microsoft SharePoint Workspace Audit Service - ok 18:14:43.0433 2832 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:14:43.0508 2832 MMCSS - ok 18:14:43.0514 2832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:14:43.0588 2832 Modem - ok 18:14:43.0593 2832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:14:43.0625 2832 monitor - ok 18:14:43.0631 2832 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys 18:14:43.0655 2832 motandroidusb - ok 18:14:43.0665 2832 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe 18:14:43.0814 2832 MotoConnect Service - ok 18:14:43.0821 2832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 18:14:43.0849 2832 mouclass - ok 18:14:43.0855 2832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:14:43.0882 2832 mouhid - ok 18:14:43.0892 2832 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:14:43.0920 2832 mountmgr - ok 18:14:43.0932 2832 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:14:43.0964 2832 mpio - ok 18:14:43.0972 2832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:14:44.0041 2832 mpsdrv - ok 18:14:44.0078 2832 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 18:14:44.0191 2832 MpsSvc - ok 18:14:44.0200 2832 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:14:44.0235 2832 MRxDAV - ok 18:14:44.0245 2832 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:14:44.0276 2832 mrxsmb - ok 18:14:44.0292 2832 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:14:44.0320 2832 mrxsmb10 - ok 18:14:44.0329 2832 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:14:44.0354 2832 mrxsmb20 - ok 18:14:44.0361 2832 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:14:44.0385 2832 msahci - ok 18:14:44.0395 2832 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:14:44.0423 2832 msdsm - ok 18:14:44.0433 2832 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:14:44.0461 2832 MSDTC - ok 18:14:44.0472 2832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:14:44.0536 2832 Msfs - ok 18:14:44.0542 2832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:14:44.0604 2832 mshidkmdf - ok 18:14:44.0609 2832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:14:44.0630 2832 msisadrv - ok 18:14:44.0639 2832 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:14:44.0700 2832 MSiSCSI - ok 18:14:44.0705 2832 msiserver - ok 18:14:44.0711 2832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:14:44.0770 2832 MSKSSRV - ok 18:14:44.0776 2832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:14:44.0836 2832 MSPCLOCK - ok 18:14:44.0840 2832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:14:44.0901 2832 MSPQM - ok 18:14:44.0919 2832 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:14:44.0949 2832 MsRPC - ok 18:14:44.0957 2832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:14:44.0980 2832 mssmbios - ok 18:14:44.0987 2832 MSSQL$DDNI - ok 18:14:44.0997 2832 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 18:14:45.0054 2832 MSSQLServerADHelper100 - ok 18:14:45.0060 2832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:14:45.0121 2832 MSTEE - ok 18:14:45.0127 2832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 18:14:45.0149 2832 MTConfig - ok 18:14:45.0156 2832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:14:45.0186 2832 Mup - ok 18:14:45.0208 2832 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 18:14:45.0278 2832 napagent - ok 18:14:45.0295 2832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:14:45.0329 2832 NativeWifiP - ok 18:14:45.0344 2832 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\ENG64.SYS 18:14:45.0365 2832 NAVENG - ok 18:14:45.0452 2832 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\EX64.SYS 18:14:45.0522 2832 NAVEX15 - ok 18:14:45.0570 2832 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:14:45.0657 2832 NDIS - ok 18:14:45.0665 2832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:14:45.0745 2832 NdisCap - ok 18:14:45.0752 2832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:14:45.0842 2832 NdisTapi - ok 18:14:45.0850 2832 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:14:45.0928 2832 Ndisuio - ok 18:14:45.0940 2832 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:14:46.0022 2832 NdisWan - ok 18:14:46.0030 2832 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:14:46.0109 2832 NDProxy - ok 18:14:46.0118 2832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:14:46.0196 2832 NetBIOS - ok 18:14:46.0212 2832 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:14:46.0286 2832 NetBT - ok 18:14:46.0292 2832 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:14:46.0320 2832 Netlogon - ok 18:14:46.0341 2832 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:14:46.0428 2832 Netman - ok 18:14:46.0446 2832 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:14:46.0475 2832 NetMsmqActivator - ok 18:14:46.0482 2832 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:14:46.0511 2832 NetPipeActivator - ok 18:14:46.0536 2832 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:14:46.0660 2832 netprofm - ok 18:14:46.0667 2832 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:14:46.0695 2832 NetTcpActivator - ok 18:14:46.0701 2832 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:14:46.0730 2832 NetTcpPortSharing - ok 18:14:46.0952 2832 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys 18:14:47.0149 2832 NETw5s64 - ok 18:14:47.0170 2832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 18:14:47.0198 2832 nfrd960 - ok 18:14:47.0219 2832 NitroReaderDriverReadSpool2 (0734398d3d99986bb8006e9bb5eab1e5) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe 18:14:47.0249 2832 NitroReaderDriverReadSpool2 - ok 18:14:47.0267 2832 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 18:14:47.0345 2832 NlaSvc - ok 18:14:47.0352 2832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:14:47.0432 2832 Npfs - ok 18:14:47.0440 2832 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:14:47.0520 2832 nsi - ok 18:14:47.0527 2832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:14:47.0607 2832 nsiproxy - ok 18:14:47.0618 2832 nsverctl (538ae37d97f59f878e2c171944250cc7) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe 18:14:47.0664 2832 nsverctl - ok 18:14:47.0737 2832 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:14:47.0819 2832 Ntfs - ok 18:14:47.0836 2832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:14:47.0914 2832 Null - ok 18:14:47.0923 2832 NVHDA (181e7fe39211e04128a30708906627d8) C:\Windows\system32\drivers\nvhda64v.sys 18:14:47.0949 2832 NVHDA - ok 18:14:48.0263 2832 nvlddmkm (9439174331d5d1ffe6316590356c34ee) C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:14:48.0662 2832 nvlddmkm - ok 18:14:48.0693 2832 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:14:48.0727 2832 nvraid - ok 18:14:48.0740 2832 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:14:48.0773 2832 nvstor - ok 18:14:48.0794 2832 nvsvc (982f4d28a521e99a78496775150d3b1c) C:\Windows\system32\nvvsvc.exe 18:14:48.0828 2832 nvsvc - ok 18:14:48.0839 2832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:14:48.0869 2832 nv_agp - ok 18:14:48.0879 2832 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe 18:14:48.0893 2832 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning 18:14:48.0893 2832 Oasis2Service - detected UnsignedFile.Multi.Generic (1) 18:14:48.0901 2832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:14:48.0928 2832 ohci1394 - ok 18:14:48.0940 2832 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:14:49.0003 2832 ose - ok 18:14:49.0163 2832 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:14:49.0347 2832 osppsvc - ok 18:14:49.0382 2832 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:14:49.0417 2832 p2pimsvc - ok 18:14:49.0440 2832 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:14:49.0477 2832 p2psvc - ok 18:14:49.0488 2832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 18:14:49.0519 2832 Parport - ok 18:14:49.0529 2832 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 18:14:49.0560 2832 partmgr - ok 18:14:49.0574 2832 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:14:49.0618 2832 PcaSvc - ok 18:14:49.0633 2832 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:14:49.0667 2832 pci - ok 18:14:49.0674 2832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:14:49.0702 2832 pciide - ok 18:14:49.0719 2832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 18:14:49.0756 2832 pcmcia - ok 18:14:49.0767 2832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:14:49.0798 2832 pcw - ok 18:14:49.0824 2832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:14:49.0912 2832 PEAUTH - ok 18:14:49.0972 2832 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 18:14:50.0025 2832 PeerDistSvc - ok 18:14:50.0053 2832 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:14:50.0090 2832 PerfHost - ok 18:14:50.0168 2832 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 18:14:50.0278 2832 pla - ok 18:14:50.0302 2832 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 18:14:50.0341 2832 PlugPlay - ok 18:14:50.0349 2832 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:14:50.0378 2832 PNRPAutoReg - ok 18:14:50.0389 2832 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:14:50.0425 2832 PNRPsvc - ok 18:14:50.0452 2832 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 18:14:50.0541 2832 PolicyAgent - ok 18:14:50.0558 2832 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:14:50.0644 2832 Power - ok 18:14:50.0657 2832 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:14:50.0736 2832 PptpMiniport - ok 18:14:50.0745 2832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 18:14:50.0774 2832 Processor - ok 18:14:50.0788 2832 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 18:14:50.0864 2832 ProfSvc - ok 18:14:50.0871 2832 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:14:50.0899 2832 ProtectedStorage - ok 18:14:50.0910 2832 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:14:50.0982 2832 Psched - ok 18:14:50.0990 2832 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 18:14:51.0013 2832 PxHlpa64 - ok 18:14:51.0020 2832 qcfilterSny2k (fd79acb284b6bb288c8826fff72778e9) C:\Windows\system32\DRIVERS\qcfilterSny2k.sys 18:14:51.0041 2832 qcfilterSny2k - ok 18:14:51.0058 2832 qcusbnetsny2k (d4168d8bebcf573b8ffb2a0c09094da3) C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys 18:14:51.0084 2832 qcusbnetsny2k - ok 18:14:51.0094 2832 qcusbsersny2k (3a5625922508a972345f096cb163d55b) C:\Windows\system32\DRIVERS\qcusbserSny2k.sys 18:14:51.0118 2832 qcusbsersny2k - ok 18:14:51.0136 2832 QDLService2kSony (2b3b8b43d4c41e46a2b82459da0d5a2d) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe 18:14:51.0182 2832 QDLService2kSony - ok 18:14:51.0248 2832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 18:14:51.0318 2832 ql2300 - ok 18:14:51.0339 2832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 18:14:51.0368 2832 ql40xx - ok 18:14:51.0385 2832 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:14:51.0425 2832 QWAVE - ok 18:14:51.0432 2832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:14:51.0467 2832 QWAVEdrv - ok 18:14:51.0474 2832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:14:51.0549 2832 RasAcd - ok 18:14:51.0558 2832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:14:51.0630 2832 RasAgileVpn - ok 18:14:51.0641 2832 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:14:51.0714 2832 RasAuto - ok 18:14:51.0725 2832 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:14:51.0797 2832 Rasl2tp - ok 18:14:51.0817 2832 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 18:14:51.0897 2832 RasMan - ok 18:14:51.0907 2832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:14:51.0981 2832 RasPppoe - ok 18:14:51.0990 2832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:14:52.0072 2832 RasSstp - ok 18:14:52.0091 2832 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:14:52.0186 2832 rdbss - ok 18:14:52.0194 2832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:14:52.0230 2832 rdpbus - ok 18:14:52.0236 2832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:14:52.0315 2832 RDPCDD - ok 18:14:52.0333 2832 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 18:14:52.0363 2832 RDPDR - ok 18:14:52.0370 2832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:14:52.0449 2832 RDPENCDD - ok 18:14:52.0460 2832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:14:52.0538 2832 RDPREFMP - ok 18:14:52.0554 2832 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 18:14:52.0585 2832 RDPWD - ok 18:14:52.0599 2832 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:14:52.0631 2832 rdyboost - ok 18:14:52.0672 2832 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 18:14:52.0717 2832 RegSrvc - ok 18:14:52.0727 2832 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:14:52.0801 2832 RemoteAccess - ok 18:14:52.0814 2832 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:14:52.0892 2832 RemoteRegistry - ok 18:14:52.0906 2832 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 18:14:52.0941 2832 RFCOMM - ok 18:14:52.0951 2832 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 18:14:52.0974 2832 rimspci - ok 18:14:52.0983 2832 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 18:14:53.0005 2832 risdsnpe - ok 18:14:53.0015 2832 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:14:53.0091 2832 RpcEptMapper - ok 18:14:53.0098 2832 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:14:53.0126 2832 RpcLocator - ok 18:14:53.0153 2832 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:14:53.0237 2832 RpcSs - ok 18:14:53.0247 2832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:14:53.0321 2832 rspndr - ok 18:14:53.0335 2832 RtkAudioService (b7fcc2d5b1dd8898bc00056cbfba46b8) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 18:14:53.0361 2832 RtkAudioService - ok 18:14:53.0368 2832 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 18:14:53.0393 2832 s3cap - ok 18:14:53.0408 2832 SampleCollector (5ae755a8b7673b8536f88245247c5308) C:\Program Files\Sony\VAIO Care\collsvc.exe 18:14:53.0425 2832 SampleCollector ( UnsignedFile.Multi.Generic ) - warning 18:14:53.0426 2832 SampleCollector - detected UnsignedFile.Multi.Generic (1) 18:14:53.0432 2832 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:14:53.0460 2832 SamSs - ok 18:14:53.0472 2832 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:14:53.0500 2832 sbp2port - ok 18:14:53.0514 2832 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:14:53.0590 2832 SCardSvr - ok 18:14:53.0598 2832 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:14:53.0667 2832 scfilter - ok 18:14:53.0715 2832 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 18:14:53.0846 2832 Schedule - ok 18:14:53.0856 2832 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:14:53.0927 2832 SCPolicySvc - ok 18:14:53.0938 2832 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 18:14:53.0973 2832 sdbus - ok 18:14:53.0986 2832 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 18:14:54.0016 2832 SDRSVC - ok 18:14:54.0024 2832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:14:54.0096 2832 secdrv - ok 18:14:54.0104 2832 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 18:14:54.0177 2832 seclogon - ok 18:14:54.0186 2832 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 18:14:54.0262 2832 SENS - ok 18:14:54.0270 2832 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:14:54.0297 2832 SensrSvc - ok 18:14:54.0305 2832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 18:14:54.0332 2832 Serenum - ok 18:14:54.0342 2832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 18:14:54.0370 2832 Serial - ok 18:14:54.0378 2832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 18:14:54.0405 2832 sermouse - ok 18:14:54.0431 2832 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 18:14:54.0503 2832 SessionEnv - ok 18:14:54.0510 2832 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 18:14:54.0531 2832 SFEP - ok 18:14:54.0538 2832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 18:14:54.0564 2832 sffdisk - ok 18:14:54.0571 2832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 18:14:54.0596 2832 sffp_mmc - ok 18:14:54.0603 2832 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 18:14:54.0635 2832 sffp_sd - ok 18:14:54.0643 2832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 18:14:54.0670 2832 sfloppy - ok 18:14:54.0691 2832 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 18:14:54.0768 2832 SharedAccess - ok 18:14:54.0790 2832 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 18:14:54.0870 2832 ShellHWDetection - ok 18:14:54.0879 2832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 18:14:54.0906 2832 SiSRaid2 - ok 18:14:54.0915 2832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 18:14:54.0944 2832 SiSRaid4 - ok 18:14:54.0956 2832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 18:14:55.0047 2832 Smb - ok 18:14:55.0189 2832 SmcService (26eb194d1fb2870e0453a99b84889f8d) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe 18:14:55.0377 2832 SmcService - ok 18:14:55.0387 2832 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS 18:14:55.0409 2832 SMSIVZAM5X64 - ok 18:14:55.0440 2832 SNAC (c2e9b4e50cf3a15255b45a7c7a0a881e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE 18:14:55.0470 2832 SNAC - ok 18:14:55.0490 2832 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 18:14:55.0516 2832 SNMPTRAP - ok 18:14:55.0528 2832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 18:14:55.0552 2832 spldr - ok 18:14:55.0580 2832 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 18:14:55.0658 2832 Spooler - ok 18:14:55.0810 2832 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 18:14:56.0105 2832 sppsvc - ok 18:14:56.0124 2832 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 18:14:56.0205 2832 sppuinotify - ok 18:14:56.0231 2832 SQLAgent$DDNI (a892134c28777978ecde8283dc57ac0f) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE 18:14:56.0314 2832 SQLAgent$DDNI - ok 18:14:56.0331 2832 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 18:14:56.0433 2832 SQLBrowser - ok 18:14:56.0447 2832 SQLWriter (f92e5f93be572b512da3c016b675ede0) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 18:14:56.0498 2832 SQLWriter - ok 18:14:56.0525 2832 SRTSP (b531fc8918dcdaae638511a123c3465e) C:\Windows\system32\Drivers\SRTSP64.SYS 18:14:56.0559 2832 SRTSP - ok 18:14:56.0585 2832 SRTSPL (2bd3a73d0601320b72486fc3ebc2544f) C:\Windows\system32\Drivers\SRTSPL64.SYS 18:14:56.0620 2832 SRTSPL - ok 18:14:56.0628 2832 SRTSPX (529b337c1aeeb289f0b502eb0ee6a8f5) C:\Windows\system32\Drivers\SRTSPX64.SYS 18:14:56.0649 2832 SRTSPX - ok 18:14:56.0675 2832 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 18:14:56.0709 2832 srv - ok 18:14:56.0732 2832 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 18:14:56.0764 2832 srv2 - ok 18:14:56.0778 2832 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 18:14:56.0806 2832 srvnet - ok 18:14:56.0821 2832 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 18:14:56.0897 2832 SSDPSRV - ok 18:14:56.0908 2832 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 18:14:56.0985 2832 SstpSvc - ok 18:14:56.0992 2832 Steam Client Service - ok 18:14:57.0002 2832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 18:14:57.0029 2832 stexstor - ok 18:14:57.0058 2832 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 18:14:57.0106 2832 stisvc - ok 18:14:57.0115 2832 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 18:14:57.0141 2832 storflt - ok 18:14:57.0149 2832 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 18:14:57.0175 2832 StorSvc - ok 18:14:57.0183 2832 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 18:14:57.0210 2832 storvsc - ok 18:14:57.0217 2832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 18:14:57.0249 2832 swenum - ok 18:14:57.0275 2832 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 18:14:57.0357 2832 swprv - ok 18:14:57.0440 2832 Symantec AntiVirus (f3a4ead0b3946e439f0397f7a4d09952) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe 18:14:57.0545 2832 Symantec AntiVirus - ok 18:14:57.0582 2832 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 18:14:57.0610 2832 SymEvent - ok 18:14:57.0630 2832 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys 18:14:57.0663 2832 SynTP - ok 18:14:57.0741 2832 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 18:14:57.0839 2832 SysMain - ok 18:14:57.0855 2832 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 18:14:57.0898 2832 TabletInputService - ok 18:14:57.0919 2832 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 18:14:58.0009 2832 TapiSrv - ok 18:14:58.0020 2832 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 18:14:58.0102 2832 TBS - ok 18:14:58.0188 2832 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 18:14:58.0270 2832 Tcpip - ok 18:14:58.0326 2832 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 18:14:58.0408 2832 TCPIP6 - ok 18:14:58.0431 2832 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 18:14:58.0502 2832 tcpipreg - ok 18:14:58.0515 2832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 18:14:58.0540 2832 TDPIPE - ok 18:14:58.0549 2832 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 18:14:58.0573 2832 TDTCP - ok 18:14:58.0585 2832 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 18:14:58.0656 2832 tdx - ok 18:14:58.0666 2832 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 18:14:58.0693 2832 TermDD - ok 18:14:58.0728 2832 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 18:14:58.0815 2832 TermService - ok 18:14:58.0825 2832 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 18:14:58.0861 2832 Themes - ok 18:14:58.0871 2832 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:14:58.0947 2832 THREADORDER - ok 18:14:58.0956 2832 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 18:14:58.0982 2832 TPM - ok 18:14:58.0994 2832 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 18:14:59.0065 2832 TrkWks - ok 18:14:59.0079 2832 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 18:14:59.0144 2832 TrustedInstaller - ok 18:14:59.0157 2832 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:14:59.0221 2832 tssecsrv - ok 18:14:59.0231 2832 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 18:14:59.0255 2832 TsUsbFlt - ok 18:14:59.0265 2832 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 18:14:59.0332 2832 tunnel - ok 18:14:59.0341 2832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 18:14:59.0367 2832 uagp35 - ok 18:14:59.0388 2832 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 18:14:59.0457 2832 udfs - ok 18:14:59.0475 2832 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 18:14:59.0502 2832 UI0Detect - ok 18:14:59.0511 2832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 18:14:59.0537 2832 uliagpkx - ok 18:14:59.0546 2832 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 18:14:59.0571 2832 umbus - ok 18:14:59.0578 2832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 18:14:59.0601 2832 UmPass - ok 18:14:59.0617 2832 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 18:14:59.0647 2832 UmRdpService - ok 18:14:59.0747 2832 UNS (ad88af249abdc546151f9bfc4093fa9b) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 18:14:59.0853 2832 UNS - ok 18:14:59.0884 2832 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 18:14:59.0970 2832 upnphost - ok 18:14:59.0983 2832 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 18:15:00.0015 2832 usbccgp - ok 18:15:00.0029 2832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 18:15:00.0066 2832 usbcir - ok 18:15:00.0076 2832 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 18:15:00.0103 2832 usbehci - ok 18:15:00.0123 2832 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 18:15:00.0182 2832 usbhub - ok 18:15:00.0196 2832 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 18:15:00.0233 2832 usbohci - ok 18:15:00.0245 2832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 18:15:00.0283 2832 usbprint - ok 18:15:00.0293 2832 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 18:15:00.0329 2832 usbscan - ok 18:15:00.0340 2832 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:15:00.0371 2832 USBSTOR - ok 18:15:00.0380 2832 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 18:15:00.0406 2832 usbuhci - ok 18:15:00.0420 2832 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 18:15:00.0456 2832 usbvideo - ok 18:15:00.0466 2832 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 18:15:00.0542 2832 UxSms - ok 18:15:00.0559 2832 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 18:15:00.0623 2832 VAIO Event Service - ok 18:15:00.0655 2832 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 18:15:00.0693 2832 VAIO Power Management - ok 18:15:00.0701 2832 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:15:00.0729 2832 VaultSvc - ok 18:15:00.0744 2832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 18:15:00.0771 2832 vdrvroot - ok 18:15:00.0799 2832 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 18:15:00.0881 2832 vds - ok 18:15:00.0889 2832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 18:15:00.0923 2832 vga - ok 18:15:00.0932 2832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 18:15:01.0005 2832 VgaSave - ok 18:15:01.0021 2832 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 18:15:01.0053 2832 vhdmp - ok 18:15:01.0062 2832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 18:15:01.0088 2832 viaide - ok 18:15:01.0104 2832 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 18:15:01.0136 2832 vmbus - ok 18:15:01.0145 2832 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 18:15:01.0170 2832 VMBusHID - ok 18:15:01.0180 2832 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 18:15:01.0206 2832 volmgr - ok 18:15:01.0226 2832 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 18:15:01.0260 2832 volmgrx - ok 18:15:01.0278 2832 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 18:15:01.0312 2832 volsnap - ok 18:15:01.0326 2832 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys 18:15:01.0355 2832 vpcbus - ok 18:15:01.0365 2832 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys 18:15:01.0390 2832 vpcnfltr - ok 18:15:01.0400 2832 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys 18:15:01.0424 2832 vpcusb - ok 18:15:01.0446 2832 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys 18:15:01.0479 2832 vpcvmm - ok 18:15:01.0492 2832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 18:15:01.0520 2832 vsmraid - ok 18:15:01.0593 2832 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 18:15:01.0707 2832 VSS - ok 18:15:01.0774 2832 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 18:15:01.0845 2832 VUAgent - ok 18:15:01.0859 2832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 18:15:01.0894 2832 vwifibus - ok 18:15:01.0903 2832 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 18:15:01.0941 2832 vwififlt - ok 18:15:01.0949 2832 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 18:15:01.0988 2832 vwifimp - ok 18:15:02.0016 2832 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 18:15:02.0127 2832 W32Time - ok 18:15:02.0143 2832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 18:15:02.0176 2832 WacomPen - ok 18:15:02.0188 2832 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:15:02.0261 2832 WANARP - ok 18:15:02.0268 2832 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 18:15:02.0341 2832 Wanarpv6 - ok 18:15:02.0401 2832 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 18:15:02.0462 2832 WatAdminSvc - ok 18:15:02.0531 2832 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 18:15:02.0588 2832 wbengine - ok 18:15:02.0616 2832 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 18:15:02.0655 2832 WbioSrvc - ok 18:15:02.0678 2832 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 18:15:02.0722 2832 wcncsvc - ok 18:15:02.0732 2832 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 18:15:02.0762 2832 WcsPlugInService - ok 18:15:02.0771 2832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 18:15:02.0798 2832 Wd - ok 18:15:02.0831 2832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 18:15:02.0876 2832 Wdf01000 - ok 18:15:02.0887 2832 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:15:02.0931 2832 WdiServiceHost - ok 18:15:02.0938 2832 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 18:15:02.0982 2832 WdiSystemHost - ok 18:15:03.0000 2832 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 18:15:03.0054 2832 WebClient - ok 18:15:03.0071 2832 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 18:15:03.0149 2832 Wecsvc - ok 18:15:03.0160 2832 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 18:15:03.0235 2832 wercplsupport - ok 18:15:03.0246 2832 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 18:15:03.0320 2832 WerSvc - ok 18:15:03.0330 2832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 18:15:03.0401 2832 WfpLwf - ok 18:15:03.0409 2832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 18:15:03.0433 2832 WIMMount - ok 18:15:03.0440 2832 WinDefend - ok 18:15:03.0458 2832 WinHttpAutoProxySvc - ok 18:15:03.0482 2832 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 18:15:03.0552 2832 Winmgmt - ok 18:15:03.0639 2832 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 18:15:03.0742 2832 WinRM - ok 18:15:03.0773 2832 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 18:15:03.0808 2832 WinUsb - ok 18:15:03.0853 2832 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 18:15:03.0909 2832 Wlansvc - ok 18:15:04.0007 2832 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:15:04.0107 2832 wlidsvc - ok 18:15:04.0128 2832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 18:15:04.0156 2832 WmiAcpi - ok 18:15:04.0180 2832 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 18:15:04.0217 2832 wmiApSrv - ok 18:15:04.0227 2832 WMPNetworkSvc - ok 18:15:04.0240 2832 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 18:15:04.0269 2832 WPCSvc - ok 18:15:04.0282 2832 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 18:15:04.0323 2832 WPDBusEnum - ok 18:15:04.0333 2832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 18:15:04.0409 2832 ws2ifsl - ok 18:15:04.0422 2832 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 18:15:04.0461 2832 wscsvc - ok 18:15:04.0469 2832 WSearch - ok 18:15:04.0577 2832 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 18:15:04.0786 2832 wuauserv - ok 18:15:04.0811 2832 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 18:15:04.0890 2832 WudfPf - ok 18:15:04.0905 2832 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:15:04.0986 2832 WUDFRd - ok 18:15:04.0998 2832 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 18:15:05.0083 2832 wudfsvc - ok 18:15:05.0103 2832 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 18:15:05.0137 2832 WwanSvc - ok 18:15:05.0189 2832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 18:15:05.0255 2832 \Device\Harddisk0\DR0 - ok 18:15:05.0259 2832 Boot (0x1200) (35f93f0df2bb3e522fb703b86f86acc0) \Device\Harddisk0\DR0\Partition0 18:15:05.0260 2832 \Device\Harddisk0\DR0\Partition0 - ok 18:15:05.0266 2832 Boot (0x1200) (a540b548e3d8c786ce32a55ccfcf2864) \Device\Harddisk0\DR0\Partition1 18:15:05.0267 2832 \Device\Harddisk0\DR0\Partition1 - ok 18:15:05.0268 2832 ============================================================ 18:15:05.0268 2832 Scan finished 18:15:05.0268 2832 ============================================================ 18:15:05.0280 4060 Detected object count: 2 18:15:05.0280 4060 Actual detected object count: 2 18:15:28.0172 4060 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user 18:15:28.0172 4060 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:15:28.0175 4060 SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user 18:15:28.0175 4060 SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip
  8. here is the report from tdsskiller: (part 1 due to length) 18:10:23.0642 8424 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57 18:10:24.0025 8424 ============================================================ 18:10:24.0025 8424 Current date / time: 2012/05/16 18:10:24.0025 18:10:24.0025 8424 SystemInfo: 18:10:24.0025 8424 18:10:24.0025 8424 OS Version: 6.1.7601 ServicePack: 1.0 18:10:24.0025 8424 Product type: Workstation 18:10:24.0025 8424 ComputerName: LAURENCE-VAIO 18:10:24.0026 8424 UserName: Laurence 18:10:24.0026 8424 Windows directory: C:\Windows 18:10:24.0026 8424 System windows directory: C:\Windows 18:10:24.0026 8424 Running under WOW64 18:10:24.0026 8424 Processor architecture: Intel x64 18:10:24.0026 8424 Number of processors: 4 18:10:24.0026 8424 Page size: 0x1000 18:10:24.0026 8424 Boot type: Normal boot 18:10:24.0026 8424 ============================================================ 18:10:24.0554 8424 Drive \Device\Harddisk0\DR0 - Size: 0x3B9EC00000 (238.48 Gb), SectorSize: 0x200, Cylinders: 0x799B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:10:24.0562 8424 ============================================================ 18:10:24.0562 8424 \Device\Harddisk0\DR0: 18:10:24.0562 8424 MBR partitions: 18:10:24.0562 8424 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x11E6800, BlocksNum 0x32000 18:10:24.0562 8424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1218800, BlocksNum 0x1CADD000 18:10:24.0562 8424 ============================================================ 18:10:24.0565 8424 C: <-> \Device\Harddisk0\DR0\Partition1 18:10:24.0565 8424 ============================================================ 18:10:24.0565 8424 Initialize success 18:10:24.0565 8424 ============================================================ 18:11:08.0961 1408 ============================================================ 18:11:08.0961 1408 Scan started 18:11:08.0961 1408 Mode: Manual; SigCheck; TDLFS; 18:11:08.0961 1408 ============================================================ 18:11:09.0065 1408 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 18:11:09.0165 1408 1394ohci - ok 18:11:09.0173 1408 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 18:11:09.0328 1408 ACDaemon - ok 18:11:09.0346 1408 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 18:11:09.0408 1408 ACPI - ok 18:11:09.0419 1408 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 18:11:09.0479 1408 AcpiPmi - ok 18:11:09.0502 1408 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 18:11:09.0556 1408 adp94xx - ok 18:11:09.0574 1408 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 18:11:09.0622 1408 adpahci - ok 18:11:09.0633 1408 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 18:11:09.0677 1408 adpu320 - ok 18:11:09.0685 1408 ADVService (7233688fc422ef657e082309e6180142) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe 18:11:09.0715 1408 ADVService - ok 18:11:09.0721 1408 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 18:11:09.0837 1408 AeLookupSvc - ok 18:11:09.0861 1408 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 18:11:09.0903 1408 AFD - ok 18:11:09.0910 1408 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 18:11:09.0948 1408 agp440 - ok 18:11:09.0956 1408 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 18:11:09.0994 1408 ALG - ok 18:11:10.0000 1408 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 18:11:10.0036 1408 aliide - ok 18:11:10.0041 1408 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 18:11:10.0080 1408 amdide - ok 18:11:10.0087 1408 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 18:11:10.0131 1408 AmdK8 - ok 18:11:10.0137 1408 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 18:11:10.0174 1408 AmdPPM - ok 18:11:10.0182 1408 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 18:11:10.0222 1408 amdsata - ok 18:11:10.0234 1408 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 18:11:10.0275 1408 amdsbs - ok 18:11:10.0280 1408 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 18:11:10.0316 1408 amdxata - ok 18:11:10.0323 1408 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 18:11:10.0451 1408 AppID - ok 18:11:10.0457 1408 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 18:11:10.0532 1408 AppIDSvc - ok 18:11:10.0540 1408 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 18:11:10.0625 1408 Appinfo - ok 18:11:10.0638 1408 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 18:11:10.0685 1408 AppMgmt - ok 18:11:10.0693 1408 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 18:11:10.0735 1408 arc - ok 18:11:10.0743 1408 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 18:11:10.0784 1408 arcsas - ok 18:11:10.0802 1408 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:11:10.0888 1408 aspnet_state - ok 18:11:10.0893 1408 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 18:11:10.0975 1408 AsyncMac - ok 18:11:10.0981 1408 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 18:11:11.0016 1408 atapi - ok 18:11:11.0047 1408 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:11:11.0212 1408 AudioEndpointBuilder - ok 18:11:11.0221 1408 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 18:11:11.0340 1408 AudioSrv - ok 18:11:11.0348 1408 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 18:11:11.0411 1408 AxInstSV - ok 18:11:11.0432 1408 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 18:11:11.0481 1408 b06bdrv - ok 18:11:11.0496 1408 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 18:11:11.0540 1408 b57nd60a - ok 18:11:11.0551 1408 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 18:11:11.0592 1408 BDESVC - ok 18:11:11.0597 1408 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 18:11:11.0679 1408 Beep - ok 18:11:11.0711 1408 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 18:11:11.0811 1408 BFE - ok 18:11:11.0853 1408 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 18:11:11.0944 1408 BITS - ok 18:11:11.0950 1408 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 18:11:11.0987 1408 blbdrive - ok 18:11:11.0995 1408 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 18:11:12.0037 1408 bowser - ok 18:11:12.0042 1408 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 18:11:12.0098 1408 BrFiltLo - ok 18:11:12.0103 1408 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 18:11:12.0142 1408 BrFiltUp - ok 18:11:12.0150 1408 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 18:11:12.0226 1408 Browser - ok 18:11:12.0240 1408 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 18:11:12.0289 1408 Brserid - ok 18:11:12.0296 1408 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 18:11:12.0338 1408 BrSerWdm - ok 18:11:12.0342 1408 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 18:11:12.0382 1408 BrUsbMdm - ok 18:11:12.0387 1408 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 18:11:12.0422 1408 BrUsbSer - ok 18:11:12.0428 1408 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 18:11:12.0468 1408 BthEnum - ok 18:11:12.0474 1408 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 18:11:12.0517 1408 BTHMODEM - ok 18:11:12.0526 1408 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 18:11:12.0571 1408 BthPan - ok 18:11:12.0598 1408 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 18:11:12.0648 1408 BTHPORT - ok 18:11:12.0656 1408 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 18:11:12.0738 1408 bthserv - ok 18:11:12.0748 1408 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 18:11:12.0785 1408 BTHUSB - ok 18:11:12.0792 1408 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 18:11:12.0825 1408 btusbflt - ok 18:11:12.0834 1408 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 18:11:12.0869 1408 btwaudio - ok 18:11:12.0878 1408 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys 18:11:12.0914 1408 btwavdt - ok 18:11:12.0955 1408 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 18:11:13.0021 1408 btwdins - ok 18:11:13.0027 1408 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 18:11:13.0058 1408 btwl2cap - ok 18:11:13.0063 1408 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 18:11:13.0095 1408 btwrchid - ok 18:11:13.0103 1408 cag (ce52d435a50afda0077322db4f404a6e) C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys 18:11:13.0138 1408 cag - ok 18:11:13.0147 1408 ccEvtMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 18:11:13.0199 1408 ccEvtMgr - ok 18:11:13.0204 1408 ccSetMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe 18:11:13.0235 1408 ccSetMgr - ok 18:11:13.0243 1408 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 18:11:13.0328 1408 cdfs - ok 18:11:13.0338 1408 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 18:11:13.0377 1408 cdrom - ok 18:11:13.0384 1408 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:11:13.0467 1408 CertPropSvc - ok 18:11:13.0473 1408 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 18:11:13.0517 1408 circlass - ok 18:11:13.0538 1408 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 18:11:13.0584 1408 CLFS - ok 18:11:13.0594 1408 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:11:13.0696 1408 clr_optimization_v2.0.50727_32 - ok 18:11:13.0707 1408 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:11:13.0741 1408 clr_optimization_v2.0.50727_64 - ok 18:11:13.0756 1408 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:11:13.0808 1408 clr_optimization_v4.0.30319_32 - ok 18:11:13.0817 1408 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:11:13.0856 1408 clr_optimization_v4.0.30319_64 - ok 18:11:13.0862 1408 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 18:11:13.0897 1408 CmBatt - ok 18:11:13.0902 1408 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 18:11:13.0937 1408 cmdide - ok 18:11:13.0959 1408 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 18:11:14.0020 1408 CNG - ok 18:11:14.0026 1408 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 18:11:14.0063 1408 Compbatt - ok 18:11:14.0069 1408 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 18:11:14.0111 1408 CompositeBus - ok 18:11:14.0115 1408 COMSysApp - ok 18:11:14.0122 1408 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 18:11:14.0159 1408 crcdisk - ok 18:11:14.0171 1408 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 18:11:14.0256 1408 CryptSvc - ok 18:11:14.0278 1408 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 18:11:14.0328 1408 CSC - ok 18:11:14.0359 1408 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 18:11:14.0402 1408 CscService - ok 18:11:14.0408 1408 ctxva51 (bc9d0bd74e78d8f88d96e96faba828dd) C:\Windows\system32\DRIVERS\ctxva51.sys 18:11:14.0440 1408 ctxva51 - ok 18:11:14.0468 1408 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:11:14.0554 1408 DcomLaunch - ok 18:11:14.0570 1408 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 18:11:14.0652 1408 defragsvc - ok 18:11:14.0660 1408 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 18:11:14.0733 1408 DfsC - ok 18:11:14.0748 1408 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 18:11:14.0839 1408 Dhcp - ok 18:11:14.0845 1408 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 18:11:14.0921 1408 discache - ok 18:11:14.0929 1408 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 18:11:14.0968 1408 Disk - ok 18:11:14.0977 1408 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys 18:11:15.0002 1408 DNE - ok 18:11:15.0014 1408 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 18:11:15.0049 1408 Dnscache - ok 18:11:15.0064 1408 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 18:11:15.0149 1408 dot3svc - ok 18:11:15.0160 1408 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 18:11:15.0242 1408 DPS - ok 18:11:15.0248 1408 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 18:11:15.0291 1408 drmkaud - ok 18:11:15.0335 1408 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 18:11:15.0432 1408 DXGKrnl - ok 18:11:15.0449 1408 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys 18:11:15.0495 1408 e1kexpress - ok 18:11:15.0504 1408 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 18:11:15.0595 1408 EapHost - ok 18:11:15.0602 1408 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys 18:11:15.0637 1408 easytether - ok 18:11:15.0762 1408 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 18:11:15.0869 1408 ebdrv - ok 18:11:15.0895 1408 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 18:11:15.0948 1408 eeCtrl - ok 18:11:15.0971 1408 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 18:11:16.0014 1408 EFS - ok 18:11:16.0045 1408 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 18:11:16.0118 1408 ehRecvr - ok 18:11:16.0127 1408 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 18:11:16.0175 1408 ehSched - ok 18:11:16.0203 1408 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 18:11:16.0269 1408 elxstor - ok 18:11:16.0279 1408 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 18:11:16.0314 1408 EraserUtilRebootDrv - ok 18:11:16.0319 1408 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 18:11:16.0355 1408 ErrDev - ok 18:11:16.0380 1408 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 18:11:16.0461 1408 EventSystem - ok 18:11:16.0525 1408 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 18:11:16.0653 1408 EvtEng - ok 18:11:16.0672 1408 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 18:11:16.0761 1408 exfat - ok 18:11:16.0767 1408 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 18:11:16.0863 1408 fastfat - ok 18:11:16.0895 1408 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 18:11:16.0953 1408 Fax - ok 18:11:16.0958 1408 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 18:11:16.0999 1408 fdc - ok 18:11:17.0004 1408 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 18:11:17.0099 1408 fdPHost - ok 18:11:17.0105 1408 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 18:11:17.0194 1408 FDResPub - ok 18:11:17.0199 1408 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 18:11:17.0230 1408 FileInfo - ok 18:11:17.0235 1408 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 18:11:17.0318 1408 Filetrace - ok 18:11:17.0323 1408 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 18:11:17.0362 1408 flpydisk - ok 18:11:17.0380 1408 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 18:11:17.0416 1408 FltMgr - ok 18:11:17.0465 1408 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 18:11:17.0529 1408 FontCache - ok 18:11:17.0540 1408 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:11:17.0576 1408 FontCache3.0.0.0 - ok 18:11:17.0583 1408 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 18:11:17.0611 1408 FsDepends - ok 18:11:17.0618 1408 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 18:11:17.0653 1408 Fs_Rec - ok 18:11:17.0667 1408 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 18:11:17.0705 1408 fvevol - ok 18:11:17.0712 1408 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 18:11:17.0750 1408 gagp30kx - ok 18:11:17.0786 1408 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 18:11:17.0927 1408 gpsvc - ok 18:11:17.0939 1408 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:11:17.0976 1408 gupdate - ok 18:11:17.0981 1408 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:11:18.0017 1408 gupdatem - ok 18:11:18.0028 1408 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:11:18.0065 1408 gusvc - ok 18:11:18.0072 1408 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 18:11:18.0111 1408 hcw85cir - ok 18:11:18.0130 1408 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 18:11:18.0180 1408 HdAudAddService - ok 18:11:18.0189 1408 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 18:11:18.0233 1408 HDAudBus - ok 18:11:18.0240 1408 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys 18:11:18.0273 1408 HECIx64 - ok 18:11:18.0278 1408 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 18:11:18.0315 1408 HidBatt - ok 18:11:18.0324 1408 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 18:11:18.0369 1408 HidBth - ok 18:11:18.0376 1408 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 18:11:18.0417 1408 HidIr - ok 18:11:18.0424 1408 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 18:11:18.0506 1408 hidserv - ok 18:11:18.0512 1408 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 18:11:18.0548 1408 HidUsb - ok 18:11:18.0557 1408 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 18:11:18.0638 1408 hkmsvc - ok 18:11:18.0652 1408 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 18:11:18.0696 1408 HomeGroupListener - ok 18:11:18.0708 1408 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 18:11:18.0752 1408 HomeGroupProvider - ok 18:11:18.0761 1408 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 18:11:18.0799 1408 HpSAMD - ok 18:11:18.0832 1408 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 18:11:18.0920 1408 HTTP - ok 18:11:18.0926 1408 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 18:11:18.0952 1408 hwpolicy - ok 18:11:18.0960 1408 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 18:11:18.0999 1408 i8042prt - ok 18:11:19.0025 1408 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys 18:11:19.0061 1408 iaStor - ok 18:11:19.0068 1408 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 18:11:19.0098 1408 IAStorDataMgrSvc - ok 18:11:19.0119 1408 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 18:11:19.0168 1408 iaStorV - ok 18:11:19.0206 1408 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:11:19.0265 1408 idsvc - ok 18:11:19.0275 1408 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 18:11:19.0311 1408 iirsp - ok 18:11:19.0347 1408 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 18:11:19.0452 1408 IKEEXT - ok 18:11:19.0464 1408 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 18:11:19.0500 1408 Impcd - ok 18:11:19.0584 1408 IntcAzAudAddService (9aa1e982bc10176ce316aadfbd5c28f5) C:\Windows\system32\drivers\RTKVHD64.sys 18:11:19.0685 1408 IntcAzAudAddService - ok 18:11:19.0699 1408 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 18:11:19.0735 1408 intelide - ok 18:11:19.0743 1408 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 18:11:19.0779 1408 intelppm - ok 18:11:19.0788 1408 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 18:11:19.0872 1408 IPBusEnum - ok 18:11:19.0880 1408 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:11:19.0961 1408 IpFilterDriver - ok 18:11:19.0988 1408 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 18:11:20.0070 1408 iphlpsvc - ok 18:11:20.0079 1408 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 18:11:20.0121 1408 IPMIDRV - ok 18:11:20.0130 1408 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 18:11:20.0216 1408 IPNAT - ok 18:11:20.0221 1408 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 18:11:20.0271 1408 IRENUM - ok 18:11:20.0277 1408 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 18:11:20.0313 1408 isapnp - ok 18:11:20.0328 1408 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 18:11:20.0372 1408 iScsiPrt - ok 18:11:20.0380 1408 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 18:11:20.0416 1408 kbdclass - ok 18:11:20.0423 1408 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 18:11:20.0461 1408 kbdhid - ok 18:11:20.0466 1408 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:11:20.0494 1408 KeyIso - ok 18:11:20.0502 1408 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 18:11:20.0541 1408 KSecDD - ok 18:11:20.0551 1408 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 18:11:20.0593 1408 KSecPkg - ok 18:11:20.0599 1408 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 18:11:20.0681 1408 ksthunk - ok 18:11:20.0700 1408 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 18:11:20.0796 1408 KtmRm - ok 18:11:20.0810 1408 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 18:11:20.0889 1408 LanmanServer - ok 18:11:20.0899 1408 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 18:11:20.0975 1408 LanmanWorkstation - ok 18:11:21.0094 1408 LiveUpdate (6105b28f5d03c4affa7197b228768849) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE 18:11:21.0243 1408 LiveUpdate - ok 18:11:21.0260 1408 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 18:11:21.0352 1408 lltdio - ok 18:11:21.0370 1408 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 18:11:21.0467 1408 lltdsvc - ok 18:11:21.0474 1408 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 18:11:21.0566 1408 lmhosts - ok 18:11:21.0584 1408 LMS (ad1cf8471b06badb93d87cc4d63b8483) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 18:11:21.0659 1408 LMS - ok 18:11:21.0672 1408 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 18:11:21.0717 1408 LSI_FC - ok 18:11:21.0727 1408 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 18:11:21.0771 1408 LSI_SAS - ok 18:11:21.0780 1408 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 18:11:21.0821 1408 LSI_SAS2 - ok 18:11:21.0831 1408 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 18:11:21.0875 1408 LSI_SCSI - ok 18:11:21.0885 1408 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 18:11:21.0970 1408 luafv - ok 18:11:21.0979 1408 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 18:11:22.0019 1408 Mcx2Svc - ok 18:11:22.0025 1408 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 18:11:22.0061 1408 megasas - ok 18:11:22.0078 1408 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 18:11:22.0124 1408 MegaSR - ok 18:11:22.0132 1408 Microsoft SharePoint Workspace Audit Service - ok 18:11:22.0143 1408 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 18:11:22.0221 1408 MMCSS - ok 18:11:22.0229 1408 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 18:11:22.0311 1408 Modem - ok 18:11:22.0318 1408 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 18:11:22.0360 1408 monitor - ok 18:11:22.0366 1408 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys 18:11:22.0404 1408 motandroidusb - ok 18:11:22.0412 1408 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe 18:11:22.0696 1408 MotoConnect Service - ok 18:11:22.0703 1408 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 18:11:22.0741 1408 mouclass - ok 18:11:22.0748 1408 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 18:11:22.0785 1408 mouhid - ok 18:11:22.0794 1408 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 18:11:22.0823 1408 mountmgr - ok 18:11:22.0836 1408 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 18:11:22.0880 1408 mpio - ok 18:11:22.0888 1408 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 18:11:22.0975 1408 mpsdrv - ok 18:11:23.0015 1408 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 18:11:23.0142 1408 MpsSvc - ok 18:11:23.0153 1408 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 18:11:23.0202 1408 MRxDAV - ok 18:11:23.0212 1408 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:11:23.0266 1408 mrxsmb - ok 18:11:23.0282 1408 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:11:23.0325 1408 mrxsmb10 - ok 18:11:23.0335 1408 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:11:23.0374 1408 mrxsmb20 - ok 18:11:23.0380 1408 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 18:11:23.0416 1408 msahci - ok 18:11:23.0426 1408 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 18:11:23.0468 1408 msdsm - ok 18:11:23.0479 1408 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 18:11:23.0519 1408 MSDTC - ok 18:11:23.0531 1408 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 18:11:23.0614 1408 Msfs - ok 18:11:23.0619 1408 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 18:11:23.0692 1408 mshidkmdf - ok 18:11:23.0698 1408 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 18:11:23.0733 1408 msisadrv - ok 18:11:23.0745 1408 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 18:11:23.0830 1408 MSiSCSI - ok 18:11:23.0835 1408 msiserver - ok 18:11:23.0844 1408 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 18:11:23.0926 1408 MSKSSRV - ok 18:11:23.0932 1408 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 18:11:24.0011 1408 MSPCLOCK - ok 18:11:24.0016 1408 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 18:11:24.0088 1408 MSPQM - ok 18:11:24.0111 1408 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 18:11:24.0157 1408 MsRPC - ok 18:11:24.0167 1408 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 18:11:24.0203 1408 mssmbios - ok 18:11:24.0212 1408 MSSQL$DDNI - ok 18:11:24.0222 1408 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 18:11:24.0341 1408 MSSQLServerADHelper100 - ok 18:11:24.0347 1408 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 18:11:24.0430 1408 MSTEE - ok 18:11:24.0437 1408 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 18:11:24.0473 1408 MTConfig - ok 18:11:24.0481 1408 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 18:11:24.0517 1408 Mup - ok 18:11:24.0537 1408 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 18:11:24.0631 1408 napagent - ok 18:11:24.0649 1408 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 18:11:24.0699 1408 NativeWifiP - ok 18:11:24.0713 1408 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\ENG64.SYS 18:11:24.0737 1408 NAVENG - ok 18:11:24.0817 1408 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\EX64.SYS 18:11:24.0905 1408 NAVEX15 - ok 18:11:24.0962 1408 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 18:11:25.0053 1408 NDIS - ok 18:11:25.0061 1408 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 18:11:25.0155 1408 NdisCap - ok 18:11:25.0163 1408 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 18:11:25.0271 1408 NdisTapi - ok 18:11:25.0279 1408 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 18:11:25.0367 1408 Ndisuio - ok 18:11:25.0385 1408 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 18:11:25.0478 1408 NdisWan - ok 18:11:25.0486 1408 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 18:11:25.0574 1408 NDProxy - ok 18:11:25.0581 1408 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 18:11:25.0664 1408 NetBIOS - ok 18:11:25.0681 1408 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 18:11:25.0758 1408 NetBT - ok 18:11:25.0764 1408 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:11:25.0792 1408 Netlogon - ok 18:11:25.0812 1408 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 18:11:25.0907 1408 Netman - ok 18:11:25.0925 1408 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:11:25.0962 1408 NetMsmqActivator - ok 18:11:25.0967 1408 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:11:25.0996 1408 NetPipeActivator - ok 18:11:26.0021 1408 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 18:11:26.0149 1408 netprofm - ok 18:11:26.0155 1408 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:11:26.0184 1408 NetTcpActivator - ok 18:11:26.0190 1408 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:11:26.0218 1408 NetTcpPortSharing - ok 18:11:26.0439 1408 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys 18:11:26.0678 1408 NETw5s64 - ok 18:11:26.0702 1408 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 18:11:26.0744 1408 nfrd960 - ok 18:11:26.0766 1408 NitroReaderDriverReadSpool2 (0734398d3d99986bb8006e9bb5eab1e5) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe 18:11:26.0810 1408 NitroReaderDriverReadSpool2 - ok 18:11:26.0828 1408 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 18:11:26.0919 1408 NlaSvc - ok 18:11:26.0927 1408 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 18:11:27.0009 1408 Npfs - ok 18:11:27.0016 1408 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 18:11:27.0100 1408 nsi - ok 18:11:27.0107 1408 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 18:11:27.0180 1408 nsiproxy - ok 18:11:27.0191 1408 nsverctl (538ae37d97f59f878e2c171944250cc7) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe 18:11:27.0268 1408 nsverctl - ok 18:11:27.0346 1408 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 18:11:27.0446 1408 Ntfs - ok 18:11:27.0463 1408 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 18:11:27.0550 1408 Null - ok 18:11:27.0559 1408 NVHDA (181e7fe39211e04128a30708906627d8) C:\Windows\system32\drivers\nvhda64v.sys 18:11:27.0598 1408 NVHDA - ok 18:11:27.0913 1408 nvlddmkm (9439174331d5d1ffe6316590356c34ee) C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:11:28.0329 1408 nvlddmkm - ok 18:11:28.0354 1408 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 18:11:28.0396 1408 nvraid - ok 18:11:28.0408 1408 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 18:11:28.0450 1408 nvstor - ok 18:11:28.0471 1408 nvsvc (982f4d28a521e99a78496775150d3b1c) C:\Windows\system32\nvvsvc.exe 18:11:28.0517 1408 nvsvc - ok 18:11:28.0528 1408 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 18:11:28.0569 1408 nv_agp - ok 18:11:28.0579 1408 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe 18:11:28.0602 1408 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning 18:11:28.0602 1408 Oasis2Service - detected UnsignedFile.Multi.Generic (1) 18:11:28.0611 1408 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 18:11:28.0649 1408 ohci1394 - ok 18:11:28.0661 1408 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:11:28.0767 1408 ose - ok 18:11:28.0926 1408 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:11:29.0135 1408 osppsvc - ok 18:11:29.0164 1408 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:11:29.0206 1408 p2pimsvc - ok 18:11:29.0230 1408 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 18:11:29.0278 1408 p2psvc - ok 18:11:29.0290 1408 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 18:11:29.0333 1408 Parport - ok 18:11:29.0342 1408 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 18:11:29.0374 1408 partmgr - ok 18:11:29.0388 1408 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 18:11:29.0446 1408 PcaSvc - ok 18:11:29.0460 1408 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 18:11:29.0507 1408 pci - ok 18:11:29.0514 1408 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 18:11:29.0553 1408 pciide - ok 18:11:29.0567 1408 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 18:11:29.0612 1408 pcmcia - ok 18:11:29.0620 1408 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 18:11:29.0662 1408 pcw - ok 18:11:29.0686 1408 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 18:11:29.0784 1408 PEAUTH - ok 18:11:29.0839 1408 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 18:11:29.0908 1408 PeerDistSvc - ok 18:11:29.0938 1408 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 18:11:29.0998 1408 PerfHost - ok 18:11:30.0079 1408 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 18:11:30.0195 1408 pla - ok 18:11:30.0218 1408 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 18:11:30.0281 1408 PlugPlay - ok 18:11:30.0289 1408 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 18:11:30.0327 1408 PNRPAutoReg - ok 18:11:30.0339 1408 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 18:11:30.0375 1408 PNRPsvc - ok 18:11:30.0401 1408 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 18:11:30.0507 1408 PolicyAgent - ok 18:11:30.0524 1408 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 18:11:30.0612 1408 Power - ok 18:11:30.0626 1408 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 18:11:30.0723 1408 PptpMiniport - ok 18:11:30.0733 1408 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 18:11:30.0774 1408 Processor - ok 18:11:30.0789 1408 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 18:11:30.0888 1408 ProfSvc - ok 18:11:30.0895 1408 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:11:30.0926 1408 ProtectedStorage - ok 18:11:30.0938 1408 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 18:11:31.0014 1408 Psched - ok 18:11:31.0023 1408 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 18:11:31.0056 1408 PxHlpa64 - ok 18:11:31.0062 1408 qcfilterSny2k (fd79acb284b6bb288c8826fff72778e9) C:\Windows\system32\DRIVERS\qcfilterSny2k.sys 18:11:31.0094 1408 qcfilterSny2k - ok 18:11:31.0110 1408 qcusbnetsny2k (d4168d8bebcf573b8ffb2a0c09094da3) C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys 18:11:31.0155 1408 qcusbnetsny2k - ok 18:11:31.0166 1408 qcusbsersny2k (3a5625922508a972345f096cb163d55b) C:\Windows\system32\DRIVERS\qcusbserSny2k.sys 18:11:31.0202 1408 qcusbsersny2k - ok 18:11:31.0221 1408 QDLService2kSony (2b3b8b43d4c41e46a2b82459da0d5a2d) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe 18:11:31.0295 1408 QDLService2kSony - ok 18:11:31.0362 1408 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 18:11:31.0453 1408 ql2300 - ok 18:11:31.0476 1408 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 18:11:31.0518 1408 ql40xx - ok 18:11:31.0535 1408 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 18:11:31.0586 1408 QWAVE - ok 18:11:31.0593 1408 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 18:11:31.0631 1408 QWAVEdrv - ok 18:11:31.0638 1408 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 18:11:31.0729 1408 RasAcd - ok 18:11:31.0738 1408 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 18:11:31.0828 1408 RasAgileVpn - ok 18:11:31.0839 1408 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 18:11:31.0931 1408 RasAuto - ok 18:11:31.0943 1408 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:11:32.0028 1408 Rasl2tp - ok 18:11:32.0051 1408 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 18:11:32.0143 1408 RasMan - ok 18:11:32.0156 1408 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 18:11:32.0245 1408 RasPppoe - ok 18:11:32.0253 1408 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 18:11:32.0334 1408 RasSstp - ok 18:11:32.0349 1408 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 18:11:32.0456 1408 rdbss - ok 18:11:32.0463 1408 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 18:11:32.0505 1408 rdpbus - ok 18:11:32.0511 1408 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:11:32.0583 1408 RDPCDD - ok 18:11:32.0599 1408 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 18:11:32.0638 1408 RDPDR - ok 18:11:32.0644 1408 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 18:11:32.0711 1408 RDPENCDD - ok 18:11:32.0720 1408 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 18:11:32.0786 1408 RDPREFMP - ok 18:11:32.0800 1408 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 18:11:32.0840 1408 RDPWD - ok 18:11:32.0853 1408 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 18:11:32.0893 1408 rdyboost - ok 18:11:32.0932 1408 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 18:11:32.0986 1408 RegSrvc - ok 18:11:32.0996 1408 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 18:11:33.0072 1408 RemoteAccess - ok 18:11:33.0084 1408 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 18:11:33.0166 1408 RemoteRegistry - ok 18:11:33.0178 1408 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 18:11:33.0220 1408 RFCOMM - ok 18:11:33.0230 1408 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 18:11:33.0265 1408 rimspci - ok 18:11:33.0274 1408 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 18:11:33.0308 1408 risdsnpe - ok 18:11:33.0317 1408 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 18:11:33.0399 1408 RpcEptMapper - ok 18:11:33.0406 1408 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 18:11:33.0439 1408 RpcLocator - ok 18:11:33.0464 1408 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 18:11:33.0539 1408 RpcSs - ok 18:11:33.0548 1408 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 18:11:33.0626 1408 rspndr - ok 18:11:33.0639 1408 RtkAudioService (b7fcc2d5b1dd8898bc00056cbfba46b8) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 18:11:33.0675 1408 RtkAudioService - ok 18:11:33.0683 1408 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 18:11:33.0718 1408 s3cap - ok 18:11:33.0732 1408 SampleCollector (5ae755a8b7673b8536f88245247c5308) C:\Program Files\Sony\VAIO Care\collsvc.exe 18:11:33.0759 1408 SampleCollector ( UnsignedFile.Multi.Generic ) - warning 18:11:33.0760 1408 SampleCollector - detected UnsignedFile.Multi.Generic (1) 18:11:33.0766 1408 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 18:11:33.0791 1408 SamSs - ok 18:11:33.0801 1408 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 18:11:33.0838 1408 sbp2port - ok 18:11:33.0852 1408 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 18:11:33.0931 1408 SCardSvr - ok 18:11:33.0938 1408 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 18:11:34.0004 1408 scfilter - ok 18:11:34.0053 1408 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 18:11:34.0222 1408 Schedule - ok 18:11:34.0232 1408 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 18:11:34.0296 1408 SCPolicySvc - ok 18:11:34.0305 1408 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 18:11:34.0345 1408 sdbus - ok 18:11:34.0360 1408 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 18:11:34.0400 1408 SDRSVC - ok 18:11:34.0408 1408 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 18:11:34.0483 1408 secdrv - ok 18:11:34.0490 1408 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 18:11:34.0567 1408 seclogon - ok 18:11:34.0576 1408 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 18:11:34.0647 1408 SENS - ok 18:11:34.0655 1408 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 18:11:34.0690 1408 SensrSvc - ok 18:11:34.0697 1408 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
  9. here's the report. thanks! RogueKiller V7.4.4 [05/08/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Laurence [Admin rights] Mode: Scan -- Date: 05/16/2012 12:11:55 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 3 ¤¤¤ [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Volume0 +++++ --- User --- [MBR] 466705e0808f6b2b6cec8c1a87a46f19 [bSP] c5cc656a4eef15d89ea42e0c6fdddbc7 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9164 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 18769920 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 18974720 | Size: 234938 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt
  10. symantec keeps popping up telling me that i have the trojan.gen.2 virus, but it can't seem to get rid of it here are the dds and attach files thanks in advance . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Laurence at 22:46:09 on 2012-05-12 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.2885 [GMT -4:00] . AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Program Files\Citrix\Secure Access Client\nsverctl.exe C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files\Protector Suite\upeksvr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\Eap3Host.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Sony\VAIO Care\VCSpt.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\vncutil64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Protector Suite\psqltray.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Citrix\Secure Access Client\nsload.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe C:\Program Files\Sony\VAIO Update Common\VUAgent.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe C:\Windows\System32\vds.exe C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Laurence\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\calc.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SymCorpUI.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uInternet Settings,ProxyOverride = mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe" uRun: [AROReminder] C:\Program Files (x86)\ARO 2011\ARO.exe -rem uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CITRIX~1.LNK - C:\Program Files (x86)\Citrix\Secure Access Client\nsload.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab TCP: DhcpNameServer = 156.111.60.150 156.111.70.150 TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81} : DhcpNameServer = 156.111.60.150 156.111.70.150 TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\14344594F4E4455434 : DhcpNameServer = 192.168.0.1 71.250.0.12 TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\56C6B696E637F6E6 : DhcpNameServer = 192.168.1.1 167.206.245.129 167.206.245.130 TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\7657563747D2E65647 : DhcpNameServer = 156.111.60.150 156.111.70.150 TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\C616D6269656 : DhcpNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe" mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\ FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee.dll FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee64.dll FF - plugin: C:\Users\Laurence\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npagee.dll FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npagee64.dll FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 cag;Citrix cag plugin for Access Gateway;C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-8-4 96384] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-1 13336] R2 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-6-24 91456] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-6-21 341296] R2 nsverctl;Citrix Secure Access Client Service;C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [2011-3-14 154776] R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248] R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-18 330488] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-8-24 190496] R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-5-17 1831024] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-1 2320920] R3 ctxva51;Citrix Virtual Adapter;C:\Windows\system32\DRIVERS\ctxva51.sys --> C:\Windows\system32\DRIVERS\ctxva51.sys [?] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?] R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-27 138360] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-24 574320] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-24 135664] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-24 135664] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?] S3 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-9-22 43028328] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);C:\Windows\system32\DRIVERS\qcfilterSny2k.sys --> C:\Windows\system32\DRIVERS\qcfilterSny2k.sys [?] S3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys --> C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys [?] S3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);C:\Windows\system32\DRIVERS\qcusbserSny2k.sys --> C:\Windows\system32\DRIVERS\qcusbserSny2k.sys [?] S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-8-24 168448] S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128] S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024] . =============== Created Last 30 ================ . 2012-05-11 01:35:04 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-11 01:35:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-11 01:35:00 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-11 01:34:58 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-11 01:34:57 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-11 01:34:57 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-11 01:34:06 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-11 01:33:45 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-11 01:33:41 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-11 01:33:40 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33:40 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 01:33:39 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-11 01:33:39 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-04-26 02:28:28 -------- d-s---w- C:\Users\Laurence\Google Drive 2012-04-19 23:55:26 -------- d-----w- C:\Program Files (x86)\Botanicula 2012-04-16 17:35:21 -------- d-----w- C:\ProgramData\Canon IJ Network Tool 2012-04-16 17:35:21 -------- d-----w- C:\Program Files (x86)\Canon 2012-04-16 17:35:18 315392 ----a-w- C:\Windows\SysWow64\CNC880L.dll 2012-04-16 17:35:18 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2012-04-16 17:35:18 106496 ----a-w- C:\Windows\SysWow64\CNC880U.dll 2012-04-16 17:35:15 -------- d--h--w- C:\ProgramData\CanonIJFAX 2012-04-16 17:34:54 37376 ----a-w- C:\Windows\System32\CNMN6UI.DLL 2012-04-16 17:34:54 342016 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL 2012-04-16 17:34:54 328192 ----a-w- C:\Windows\System32\CNMN6PPM.DLL 2012-04-16 17:34:54 -------- d-----w- C:\Windows\System32\STRING 2012-04-16 17:28:44 88576 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPAN.DLL 2012-04-16 17:28:44 29696 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDAN.DLL 2012-04-16 17:28:25 374784 ----a-w- C:\Windows\System32\CNMLMAN.DLL 2012-04-16 17:28:19 302080 ----a-w- C:\Windows\System32\CNCALAN.DLL 2012-04-16 17:28:16 248320 ----a-w- C:\Windows\System32\CNMIUAN.DLL 2012-04-15 12:56:27 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-14 07:00:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-14 07:00:37 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-14 07:00:37 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-14 07:00:37 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-14 07:00:37 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-14 07:00:37 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-14 07:00:37 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll . ==================== Find3M ==================== . 2012-05-12 14:11:41 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-14 16:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX . ============= FINISH: 22:46:48.93 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 9/29/2010 10:38:31 AM System Uptime: 5/12/2012 3:03:33 PM (7 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i7 CPU M 620 @ 2.67GHz | N/A | 1173/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 229 GiB total, 158.609 GiB free. E: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP115: 4/14/2012 3:00:16 AM - Windows Update RP116: 5/11/2012 3:00:34 AM - Windows Update RP117: 5/12/2012 11:23:46 AM - VAIO Care Automatic Restore Point . ==== Installed Programs ====================== . . Adobe Reader 9.4.7 Adobe Shockwave Player 11.6 Amazon MP3 Downloader 1.0.10 Amazon Unbox Video Angry Birds Application Manager for VAIO ArcSoft WebCam Companion 3 Bejeweled 3 Botanicula Canon IJ Network Scanner Selector EX Canon IJ Network Tool Citrix XenApp Web Plugin D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Easy DVD Player Google Chrome Google Drive Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Intel AppUp(SM) center Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Java Auto Updater Java 6 Update 18 Junk Mail filter update LiveUpdate 3.3 (Symantec Corporation) Logitech Harmony Remote Software 7 Malwarebytes Anti-Malware version 1.60.0.1800 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft XNA Framework Redistributable 4.0 MotoConnect 1.1.31 Mozilla Firefox 11.0 (x86 en-US) MSVCRT MSVCRT_amd64 Oasis2Service OOBE Portal 2 PrimoPDF -- brought to you by Nitro PDF Software Qualcomm Gobi 2000 Package for Sony Realtek High Definition Audio Driver Remote Control USB Driver Remote Play with PlayStation 3 SecureW2 Enterprise Client 3.1.4 for Windows Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition Service Pack 3 for SQL Server 2008 (KB2546951) Setting Utility Series SmartWi Connection Utility Spelling Dictionaries Support For Adobe Reader 9 Sql Server Customer Experience Improvement Program Steam swMSM Terraria Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VAIO - Remote Play with PlayStation®3 VAIO Care VAIO Control Center VAIO Data Restore Tool VAIO Event Service VAIO Hardware Diagnostics VAIO Help and Support VAIO Messenger VAIO Power Management VAIO Survey VAIO Update VAIO Wallpaper Contents VAIO Window Organizer VZAccess Manager Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zuma's Revenge! . ==== Event Viewer Messages From Past Week ======== . 5/12/2012 12:36:09 PM, Error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.