drdrowsy
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by drdrowsy
-
-
symantec autoprotect keeps popping up more and more files, they are sequentially named APQ****.tmp with risk trojan.gen.2 I've not noticed any system slowdowns or any other strange events
-
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.17.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Laurence :: LAURENCE-VAIO [administrator]
5/17/2012 10:56:19 AM
mbam-log-2012-05-17 (10-56-19).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 602610
Time elapsed: 53 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
this was all that was in the log file:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
it did find two files:
C:\Users\Laurence\Downloads\cnet2_easydvd_download_com_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Laurence\Downloads\InternationalPrimoPDF.exe Win32/OpenCandy application deleted - quarantined
the symantic was going crazy during the scan, it must have gotten hundreds of hits
-
ran it again, rebooted and programs are working again, here's the log
ComboFix 12-05-16.02 - Laurence 05/16/2012 20:47:13.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.3776 [GMT -4:00]
Running from: c:\users\Laurence\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Laurence\AppData\Local\Temp\_MEI49322\_ctypes.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\_elementtree.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\_hashlib.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\_socket.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\_ssl.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\pyexpat.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\pysqlite2._sqlite.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\python26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\pythoncom26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\PyWinTypes26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\select.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32api.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32com.shell.shell.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32crypt.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32event.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32file.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32gui.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32inet.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\win32process.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._controls_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._core_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._gdi_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._html2.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._misc_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._windows_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wx._wizard.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxbase293u_net_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxbase293u_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_adv_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_core_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_html_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49322\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-11 01:35 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 01:35 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 01:35 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 01:34 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 01:34 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 01:34 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 01:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 01:33 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 01:33 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 01:33 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 01:33 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-05 03:25 . 2012-05-05 03:25 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-04-26 02:28 . 2012-05-17 00:34 -------- d-s---w- c:\users\Laurence\Google Drive
2012-04-19 23:55 . 2012-04-19 23:55 -------- d-----w- c:\program files (x86)\Botanicula
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-12 14:11 . 2012-04-15 12:56 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-12 14:11 . 2011-06-21 10:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:46 . 2012-04-14 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-14 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-14 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-14 07:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-14 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-14 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-14 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-14 07:03 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-14 07:03 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-14 07:03 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-14 07:03 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-14 07:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-14 07:03 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38 . 2012-03-14 20:11 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 20:11 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 20:11 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 20:11 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-16 1242448]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2011-05-22 48648]
"AROReminder"="c:\program files (x86)\ARO 2011\ARO.exe" [2011-11-11 2315120]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-05-02 11396840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-02-03 82944]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-01-15 316784]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-05-17 115560]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-01 1302]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2011-3-14 1520280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);c:\windows\system32\DRIVERS\qcfilterSny2k.sys [x]
R3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);c:\windows\system32\DRIVERS\qcusbnetsny2k.sys [x]
R3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);c:\windows\system32\DRIVERS\qcusbserSny2k.sys [x]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448]
R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-05-25 43032]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-08-04 96384]
S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]
S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2011-03-15 154776]
S2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-19 330488]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-16 190496]
S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [x]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004Core.job
- c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004UA.job
- c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 410136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-19 16414824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-16 9962016]
"vncutil"="c:\program files\Realtek\Audio\HDA\vncutil64.exe" [2010-02-16 475680]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
c:\program files (x86)\DDNi\Oasis\VAIO Messenger.exe
.
**************************************************************************
.
Completion time: 2012-05-16 21:00:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-17 01:00
ComboFix2.txt 2012-05-16 23:25
ComboFix3.txt 2012-05-16 22:58
.
Pre-Run: 168,306,253,824 bytes free
Post-Run: 168,205,283,328 bytes free
.
- - End Of File - - 8F18CB66B7F3C5A91BDD1EE61E42D462
-
sorry, i missed that
i'll try again
-
i ran the program and it restarted the computer, then every executable file gave me the the error "illegal operation attempted on a registry that has been marked for deletion." I did a system restore to before running the program. here's the log:
ComboFix 12-05-16.02 - Laurence 05/16/2012 19:12:51.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.3630 [GMT -4:00]
Running from: c:\users\Laurence\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Laurence\AppData\Local\Temp\_MEI49882\_ctypes.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\_elementtree.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\_hashlib.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\_socket.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\_ssl.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\pyexpat.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\pysqlite2._sqlite.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\python26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\pythoncom26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\PyWinTypes26.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\select.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32api.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32com.shell.shell.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32crypt.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32event.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32file.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32gui.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32inet.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\win32process.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._controls_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._core_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._gdi_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._html2.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._misc_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._windows_.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wx._wizard.pyd
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxbase293u_net_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxbase293u_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_adv_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_core_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_html_vc.dll
c:\users\Laurence\AppData\Local\Temp\_MEI49882\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-04-16 to 2012-05-16 )))))))))))))))))))))))))))))))
.
.
2012-05-16 23:23 . 2012-05-16 23:23 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-05-16 23:23 . 2012-05-16 23:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-11 01:35 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-11 01:35 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-11 01:35 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 01:34 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 01:34 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-11 01:34 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-11 01:34 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-11 01:33 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-11 01:33 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-11 01:33 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-11 01:33 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-05 03:25 . 2012-05-05 03:25 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-04-26 02:28 . 2012-05-16 23:07 -------- d-s---w- c:\users\Laurence\Google Drive
2012-04-19 23:55 . 2012-04-19 23:55 -------- d-----w- c:\program files (x86)\Botanicula
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-12 14:11 . 2012-04-15 12:56 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-12 14:11 . 2011-06-21 10:26 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:46 . 2012-04-14 07:00 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-14 07:00 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-14 07:00 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-14 07:00 5120 ----a-w- c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-14 07:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-14 07:00 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-14 07:00 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-14 07:03 2311168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-14 07:03 1390080 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-14 07:03 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-14 07:03 1799168 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-14 07:03 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-14 07:03 1127424 ----a-w- c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-14 07:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38 . 2012-03-14 20:11 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 20:11 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 20:11 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 20:11 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-24 39408]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-16 1242448]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2011-05-22 48648]
"AROReminder"="c:\program files (x86)\ARO 2011\ARO.exe" [2011-11-11 2315120]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-05-02 11396840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-02-03 82944]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-01-15 316784]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-05-17 115560]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-01 1302]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2010-09-09 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-9-13 97384]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2011-3-14 1520280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 135664]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-16 129976]
R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-09-22 43028328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);c:\windows\system32\DRIVERS\qcfilterSny2k.sys [x]
R3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);c:\windows\system32\DRIVERS\qcusbnetsny2k.sys [x]
R3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);c:\windows\system32\DRIVERS\qcusbserSny2k.sys [x]
R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448]
R3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-05-25 43032]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 370024]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-08-04 96384]
S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]
S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2011-03-15 154776]
S2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-19 330488]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-16 190496]
S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [x]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-13 138360]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-24 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004Core.job
- c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4054118356-3738999985-918269534-1004UA.job
- c:\users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17 08:58]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 22:31 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 410136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-19 16414824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-16 9962016]
"vncutil"="c:\program files\Realtek\Audio\HDA\vncutil64.exe" [2010-02-16 475680]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\program files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
.
**************************************************************************
.
Completion time: 2012-05-16 19:25:54 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-16 23:25
ComboFix2.txt 2012-05-16 22:58
.
Pre-Run: 168,985,804,800 bytes free
Post-Run: 168,279,408,640 bytes free
.
- - End Of File - - 0207C6C06D5590B8A42D3416FEA081EC
-
part 2:
18:11:34.0729 1408 Serenum - ok
18:11:34.0737 1408 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:11:34.0772 1408 Serial - ok
18:11:34.0779 1408 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:11:34.0812 1408 sermouse - ok
18:11:34.0834 1408 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:11:34.0913 1408 SessionEnv - ok
18:11:34.0920 1408 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:11:34.0951 1408 SFEP - ok
18:11:34.0958 1408 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:11:34.0992 1408 sffdisk - ok
18:11:35.0001 1408 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:11:35.0033 1408 sffp_mmc - ok
18:11:35.0044 1408 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:11:35.0083 1408 sffp_sd - ok
18:11:35.0090 1408 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:11:35.0120 1408 sfloppy - ok
18:11:35.0141 1408 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:11:35.0217 1408 SharedAccess - ok
18:11:35.0237 1408 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:11:35.0316 1408 ShellHWDetection - ok
18:11:35.0324 1408 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:11:35.0355 1408 SiSRaid2 - ok
18:11:35.0363 1408 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:11:35.0396 1408 SiSRaid4 - ok
18:11:35.0405 1408 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:11:35.0475 1408 Smb - ok
18:11:35.0595 1408 SmcService (26eb194d1fb2870e0453a99b84889f8d) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
18:11:35.0801 1408 SmcService - ok
18:11:35.0814 1408 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
18:11:35.0850 1408 SMSIVZAM5X64 - ok
18:11:35.0887 1408 SNAC (c2e9b4e50cf3a15255b45a7c7a0a881e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
18:11:35.0923 1408 SNAC - ok
18:11:35.0946 1408 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:11:35.0986 1408 SNMPTRAP - ok
18:11:35.0996 1408 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:11:36.0036 1408 spldr - ok
18:11:36.0066 1408 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:11:36.0171 1408 Spooler - ok
18:11:36.0299 1408 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:11:36.0570 1408 sppsvc - ok
18:11:36.0589 1408 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:11:36.0673 1408 sppuinotify - ok
18:11:36.0695 1408 SQLAgent$DDNI (a892134c28777978ecde8283dc57ac0f) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE
18:11:36.0824 1408 SQLAgent$DDNI - ok
18:11:36.0841 1408 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:11:37.0017 1408 SQLBrowser - ok
18:11:37.0030 1408 SQLWriter (f92e5f93be572b512da3c016b675ede0) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:11:37.0108 1408 SQLWriter - ok
18:11:37.0133 1408 SRTSP (b531fc8918dcdaae638511a123c3465e) C:\Windows\system32\Drivers\SRTSP64.SYS
18:11:37.0175 1408 SRTSP - ok
18:11:37.0199 1408 SRTSPL (2bd3a73d0601320b72486fc3ebc2544f) C:\Windows\system32\Drivers\SRTSPL64.SYS
18:11:37.0242 1408 SRTSPL - ok
18:11:37.0249 1408 SRTSPX (529b337c1aeeb289f0b502eb0ee6a8f5) C:\Windows\system32\Drivers\SRTSPX64.SYS
18:11:37.0279 1408 SRTSPX - ok
18:11:37.0303 1408 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:11:37.0347 1408 srv - ok
18:11:37.0368 1408 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:11:37.0410 1408 srv2 - ok
18:11:37.0423 1408 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:11:37.0460 1408 srvnet - ok
18:11:37.0474 1408 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:11:37.0553 1408 SSDPSRV - ok
18:11:37.0563 1408 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:11:37.0635 1408 SstpSvc - ok
18:11:37.0642 1408 Steam Client Service - ok
18:11:37.0652 1408 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:11:37.0686 1408 stexstor - ok
18:11:37.0716 1408 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:11:37.0771 1408 stisvc - ok
18:11:37.0780 1408 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:11:37.0815 1408 storflt - ok
18:11:37.0823 1408 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
18:11:37.0860 1408 StorSvc - ok
18:11:37.0868 1408 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:11:37.0902 1408 storvsc - ok
18:11:37.0910 1408 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:11:37.0946 1408 swenum - ok
18:11:37.0973 1408 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:11:38.0050 1408 swprv - ok
18:11:38.0130 1408 Symantec AntiVirus (f3a4ead0b3946e439f0397f7a4d09952) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
18:11:38.0236 1408 Symantec AntiVirus - ok
18:11:38.0269 1408 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:11:38.0310 1408 SymEvent - ok
18:11:38.0329 1408 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys
18:11:38.0374 1408 SynTP - ok
18:11:38.0450 1408 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:11:38.0582 1408 SysMain - ok
18:11:38.0603 1408 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:11:38.0656 1408 TabletInputService - ok
18:11:38.0677 1408 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:11:38.0776 1408 TapiSrv - ok
18:11:38.0787 1408 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:11:38.0863 1408 TBS - ok
18:11:38.0949 1408 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:11:39.0032 1408 Tcpip - ok
18:11:39.0068 1408 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:11:39.0149 1408 TCPIP6 - ok
18:11:39.0170 1408 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:11:39.0253 1408 tcpipreg - ok
18:11:39.0266 1408 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:11:39.0302 1408 TDPIPE - ok
18:11:39.0310 1408 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:11:39.0345 1408 TDTCP - ok
18:11:39.0359 1408 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:11:39.0445 1408 tdx - ok
18:11:39.0455 1408 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:11:39.0492 1408 TermDD - ok
18:11:39.0528 1408 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:11:39.0636 1408 TermService - ok
18:11:39.0648 1408 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:11:39.0699 1408 Themes - ok
18:11:39.0710 1408 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:11:39.0792 1408 THREADORDER - ok
18:11:39.0801 1408 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
18:11:39.0841 1408 TPM - ok
18:11:39.0855 1408 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:11:39.0950 1408 TrkWks - ok
18:11:39.0965 1408 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:11:40.0050 1408 TrustedInstaller - ok
18:11:40.0065 1408 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:11:40.0143 1408 tssecsrv - ok
18:11:40.0154 1408 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:11:40.0185 1408 TsUsbFlt - ok
18:11:40.0203 1408 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:11:40.0291 1408 tunnel - ok
18:11:40.0300 1408 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:11:40.0336 1408 uagp35 - ok
18:11:40.0353 1408 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:11:40.0441 1408 udfs - ok
18:11:40.0460 1408 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:11:40.0497 1408 UI0Detect - ok
18:11:40.0509 1408 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:11:40.0551 1408 uliagpkx - ok
18:11:40.0561 1408 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:11:40.0602 1408 umbus - ok
18:11:40.0611 1408 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:11:40.0650 1408 UmPass - ok
18:11:40.0667 1408 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:11:40.0715 1408 UmRdpService - ok
18:11:40.0819 1408 UNS (ad88af249abdc546151f9bfc4093fa9b) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:11:40.0955 1408 UNS - ok
18:11:40.0986 1408 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:11:41.0074 1408 upnphost - ok
18:11:41.0087 1408 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:11:41.0132 1408 usbccgp - ok
18:11:41.0144 1408 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:11:41.0192 1408 usbcir - ok
18:11:41.0202 1408 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:11:41.0242 1408 usbehci - ok
18:11:41.0264 1408 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:11:41.0312 1408 usbhub - ok
18:11:41.0322 1408 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:11:41.0361 1408 usbohci - ok
18:11:41.0370 1408 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:11:41.0412 1408 usbprint - ok
18:11:41.0421 1408 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:11:41.0463 1408 usbscan - ok
18:11:41.0474 1408 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:11:41.0517 1408 USBSTOR - ok
18:11:41.0526 1408 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:11:41.0562 1408 usbuhci - ok
18:11:41.0577 1408 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:11:41.0623 1408 usbvideo - ok
18:11:41.0633 1408 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:11:41.0721 1408 UxSms - ok
18:11:41.0737 1408 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:11:41.0859 1408 VAIO Event Service - ok
18:11:41.0893 1408 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:11:41.0946 1408 VAIO Power Management - ok
18:11:41.0956 1408 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:11:41.0986 1408 VaultSvc - ok
18:11:42.0001 1408 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:11:42.0041 1408 vdrvroot - ok
18:11:42.0073 1408 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:11:42.0177 1408 vds - ok
18:11:42.0187 1408 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:11:42.0232 1408 vga - ok
18:11:42.0241 1408 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:11:42.0331 1408 VgaSave - ok
18:11:42.0349 1408 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:11:42.0396 1408 vhdmp - ok
18:11:42.0405 1408 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:11:42.0441 1408 viaide - ok
18:11:42.0456 1408 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:11:42.0499 1408 vmbus - ok
18:11:42.0508 1408 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:11:42.0542 1408 VMBusHID - ok
18:11:42.0552 1408 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:11:42.0591 1408 volmgr - ok
18:11:42.0613 1408 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:11:42.0650 1408 volmgrx - ok
18:11:42.0669 1408 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:11:42.0722 1408 volsnap - ok
18:11:42.0738 1408 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
18:11:42.0781 1408 vpcbus - ok
18:11:42.0792 1408 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:11:42.0833 1408 vpcnfltr - ok
18:11:42.0844 1408 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
18:11:42.0881 1408 vpcusb - ok
18:11:42.0904 1408 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
18:11:42.0942 1408 vpcvmm - ok
18:11:42.0956 1408 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:11:42.0999 1408 vsmraid - ok
18:11:43.0073 1408 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:11:43.0176 1408 VSS - ok
18:11:43.0242 1408 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
18:11:43.0310 1408 VUAgent - ok
18:11:43.0328 1408 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:11:43.0370 1408 vwifibus - ok
18:11:43.0382 1408 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:11:43.0442 1408 vwififlt - ok
18:11:43.0452 1408 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:11:43.0499 1408 vwifimp - ok
18:11:43.0523 1408 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:11:43.0638 1408 W32Time - ok
18:11:43.0653 1408 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:11:43.0698 1408 WacomPen - ok
18:11:43.0713 1408 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:11:43.0809 1408 WANARP - ok
18:11:43.0817 1408 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:11:43.0902 1408 Wanarpv6 - ok
18:11:43.0963 1408 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:11:44.0037 1408 WatAdminSvc - ok
18:11:44.0110 1408 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:11:44.0183 1408 wbengine - ok
18:11:44.0210 1408 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:11:44.0265 1408 WbioSrvc - ok
18:11:44.0289 1408 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:11:44.0349 1408 wcncsvc - ok
18:11:44.0359 1408 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:11:44.0407 1408 WcsPlugInService - ok
18:11:44.0417 1408 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:11:44.0456 1408 Wd - ok
18:11:44.0490 1408 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:11:44.0553 1408 Wdf01000 - ok
18:11:44.0566 1408 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:11:44.0634 1408 WdiServiceHost - ok
18:11:44.0642 1408 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:11:44.0690 1408 WdiSystemHost - ok
18:11:44.0710 1408 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:11:44.0771 1408 WebClient - ok
18:11:44.0790 1408 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:11:44.0876 1408 Wecsvc - ok
18:11:44.0887 1408 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:11:44.0972 1408 wercplsupport - ok
18:11:44.0984 1408 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:11:45.0060 1408 WerSvc - ok
18:11:45.0071 1408 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:11:45.0151 1408 WfpLwf - ok
18:11:45.0159 1408 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:11:45.0195 1408 WIMMount - ok
18:11:45.0203 1408 WinDefend - ok
18:11:45.0222 1408 WinHttpAutoProxySvc - ok
18:11:45.0245 1408 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:11:45.0334 1408 Winmgmt - ok
18:11:45.0420 1408 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:11:45.0543 1408 WinRM - ok
18:11:45.0568 1408 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
18:11:45.0607 1408 WinUsb - ok
18:11:45.0650 1408 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:11:45.0699 1408 Wlansvc - ok
18:11:45.0803 1408 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:11:45.0914 1408 wlidsvc - ok
18:11:45.0937 1408 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:11:45.0976 1408 WmiAcpi - ok
18:11:46.0000 1408 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:11:46.0051 1408 wmiApSrv - ok
18:11:46.0062 1408 WMPNetworkSvc - ok
18:11:46.0073 1408 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:11:46.0115 1408 WPCSvc - ok
18:11:46.0128 1408 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:11:46.0192 1408 WPDBusEnum - ok
18:11:46.0202 1408 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:11:46.0284 1408 ws2ifsl - ok
18:11:46.0298 1408 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:11:46.0355 1408 wscsvc - ok
18:11:46.0364 1408 WSearch - ok
18:11:46.0474 1408 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
18:11:46.0676 1408 wuauserv - ok
18:11:46.0699 1408 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:11:46.0790 1408 WudfPf - ok
18:11:46.0806 1408 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:11:46.0901 1408 WUDFRd - ok
18:11:46.0914 1408 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:11:47.0003 1408 wudfsvc - ok
18:11:47.0021 1408 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:11:47.0069 1408 WwanSvc - ok
18:11:47.0123 1408 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:11:47.0197 1408 \Device\Harddisk0\DR0 - ok
18:11:47.0201 1408 Boot (0x1200) (35f93f0df2bb3e522fb703b86f86acc0) \Device\Harddisk0\DR0\Partition0
18:11:47.0202 1408 \Device\Harddisk0\DR0\Partition0 - ok
18:11:47.0208 1408 Boot (0x1200) (a540b548e3d8c786ce32a55ccfcf2864) \Device\Harddisk0\DR0\Partition1
18:11:47.0209 1408 \Device\Harddisk0\DR0\Partition1 - ok
18:11:47.0210 1408 ============================================================
18:11:47.0210 1408 Scan finished
18:11:47.0210 1408 ============================================================
18:11:47.0222 4420 Detected object count: 2
18:11:47.0223 4420 Actual detected object count: 2
18:12:54.0382 4420 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:12:54.0382 4420 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:12:54.0386 4420 SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user
18:12:54.0387 4420 SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:14:32.0250 2832 ============================================================
18:14:32.0250 2832 Scan started
18:14:32.0250 2832 Mode: Manual; SigCheck; TDLFS;
18:14:32.0250 2832 ============================================================
18:14:32.0345 2832 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:14:32.0391 2832 1394ohci - ok
18:14:32.0399 2832 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:14:32.0519 2832 ACDaemon - ok
18:14:32.0536 2832 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:14:32.0577 2832 ACPI - ok
18:14:32.0582 2832 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:14:32.0618 2832 AcpiPmi - ok
18:14:32.0641 2832 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:14:32.0682 2832 adp94xx - ok
18:14:32.0699 2832 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:14:32.0735 2832 adpahci - ok
18:14:32.0747 2832 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:14:32.0779 2832 adpu320 - ok
18:14:32.0788 2832 ADVService (7233688fc422ef657e082309e6180142) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
18:14:32.0808 2832 ADVService - ok
18:14:32.0816 2832 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:14:32.0893 2832 AeLookupSvc - ok
18:14:32.0917 2832 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:14:32.0954 2832 AFD - ok
18:14:32.0960 2832 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:14:32.0989 2832 agp440 - ok
18:14:32.0996 2832 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:14:33.0025 2832 ALG - ok
18:14:33.0029 2832 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:14:33.0055 2832 aliide - ok
18:14:33.0060 2832 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:14:33.0089 2832 amdide - ok
18:14:33.0095 2832 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:14:33.0122 2832 AmdK8 - ok
18:14:33.0129 2832 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:14:33.0156 2832 AmdPPM - ok
18:14:33.0164 2832 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:14:33.0194 2832 amdsata - ok
18:14:33.0205 2832 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:14:33.0236 2832 amdsbs - ok
18:14:33.0241 2832 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:14:33.0267 2832 amdxata - ok
18:14:33.0273 2832 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:14:33.0344 2832 AppID - ok
18:14:33.0350 2832 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:14:33.0421 2832 AppIDSvc - ok
18:14:33.0428 2832 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:14:33.0501 2832 Appinfo - ok
18:14:33.0513 2832 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:14:33.0543 2832 AppMgmt - ok
18:14:33.0550 2832 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:14:33.0579 2832 arc - ok
18:14:33.0588 2832 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:14:33.0617 2832 arcsas - ok
18:14:33.0636 2832 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:14:33.0687 2832 aspnet_state - ok
18:14:33.0692 2832 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:14:33.0764 2832 AsyncMac - ok
18:14:33.0769 2832 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:14:33.0795 2832 atapi - ok
18:14:33.0826 2832 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:14:33.0943 2832 AudioEndpointBuilder - ok
18:14:33.0952 2832 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:14:34.0070 2832 AudioSrv - ok
18:14:34.0080 2832 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:14:34.0117 2832 AxInstSV - ok
18:14:34.0140 2832 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:14:34.0174 2832 b06bdrv - ok
18:14:34.0189 2832 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:14:34.0218 2832 b57nd60a - ok
18:14:34.0230 2832 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:14:34.0257 2832 BDESVC - ok
18:14:34.0261 2832 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:14:34.0330 2832 Beep - ok
18:14:34.0361 2832 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:14:34.0452 2832 BFE - ok
18:14:34.0496 2832 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:14:34.0598 2832 BITS - ok
18:14:34.0605 2832 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:14:34.0634 2832 blbdrive - ok
18:14:34.0641 2832 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:14:34.0671 2832 bowser - ok
18:14:34.0676 2832 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:14:34.0711 2832 BrFiltLo - ok
18:14:34.0715 2832 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:14:34.0749 2832 BrFiltUp - ok
18:14:34.0758 2832 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:14:34.0837 2832 Browser - ok
18:14:34.0854 2832 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:14:34.0888 2832 Brserid - ok
18:14:34.0895 2832 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:14:34.0931 2832 BrSerWdm - ok
18:14:34.0936 2832 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:14:34.0971 2832 BrUsbMdm - ok
18:14:34.0975 2832 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:14:35.0001 2832 BrUsbSer - ok
18:14:35.0008 2832 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:14:35.0032 2832 BthEnum - ok
18:14:35.0039 2832 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:14:35.0073 2832 BTHMODEM - ok
18:14:35.0081 2832 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:14:35.0116 2832 BthPan - ok
18:14:35.0141 2832 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:14:35.0176 2832 BTHPORT - ok
18:14:35.0183 2832 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:14:35.0255 2832 bthserv - ok
18:14:35.0263 2832 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:14:35.0290 2832 BTHUSB - ok
18:14:35.0296 2832 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
18:14:35.0320 2832 btusbflt - ok
18:14:35.0328 2832 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
18:14:35.0352 2832 btwaudio - ok
18:14:35.0361 2832 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
18:14:35.0386 2832 btwavdt - ok
18:14:35.0427 2832 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:14:35.0476 2832 btwdins - ok
18:14:35.0482 2832 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:14:35.0502 2832 btwl2cap - ok
18:14:35.0507 2832 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:14:35.0528 2832 btwrchid - ok
18:14:35.0537 2832 cag (ce52d435a50afda0077322db4f404a6e) C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys
18:14:35.0561 2832 cag - ok
18:14:35.0570 2832 ccEvtMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:14:35.0603 2832 ccEvtMgr - ok
18:14:35.0608 2832 ccSetMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:14:35.0640 2832 ccSetMgr - ok
18:14:35.0647 2832 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:14:35.0724 2832 cdfs - ok
18:14:35.0734 2832 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:14:35.0763 2832 cdrom - ok
18:14:35.0771 2832 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:14:35.0844 2832 CertPropSvc - ok
18:14:35.0850 2832 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:14:35.0885 2832 circlass - ok
18:14:35.0904 2832 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:14:35.0953 2832 CLFS - ok
18:14:35.0963 2832 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:14:36.0030 2832 clr_optimization_v2.0.50727_32 - ok
18:14:36.0041 2832 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:14:36.0069 2832 clr_optimization_v2.0.50727_64 - ok
18:14:36.0083 2832 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:14:36.0117 2832 clr_optimization_v4.0.30319_32 - ok
18:14:36.0127 2832 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:14:36.0154 2832 clr_optimization_v4.0.30319_64 - ok
18:14:36.0159 2832 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:14:36.0188 2832 CmBatt - ok
18:14:36.0194 2832 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:14:36.0223 2832 cmdide - ok
18:14:36.0246 2832 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:14:36.0301 2832 CNG - ok
18:14:36.0307 2832 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:14:36.0336 2832 Compbatt - ok
18:14:36.0343 2832 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:14:36.0379 2832 CompositeBus - ok
18:14:36.0384 2832 COMSysApp - ok
18:14:36.0392 2832 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:14:36.0422 2832 crcdisk - ok
18:14:36.0437 2832 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:14:36.0519 2832 CryptSvc - ok
18:14:36.0545 2832 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:14:36.0585 2832 CSC - ok
18:14:36.0617 2832 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:14:36.0661 2832 CscService - ok
18:14:36.0667 2832 ctxva51 (bc9d0bd74e78d8f88d96e96faba828dd) C:\Windows\system32\DRIVERS\ctxva51.sys
18:14:36.0690 2832 ctxva51 - ok
18:14:36.0719 2832 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:14:36.0809 2832 DcomLaunch - ok
18:14:36.0825 2832 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:14:36.0905 2832 defragsvc - ok
18:14:36.0913 2832 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:14:36.0986 2832 DfsC - ok
18:14:37.0001 2832 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:14:37.0083 2832 Dhcp - ok
18:14:37.0089 2832 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:14:37.0165 2832 discache - ok
18:14:37.0173 2832 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:14:37.0201 2832 Disk - ok
18:14:37.0212 2832 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
18:14:37.0236 2832 DNE - ok
18:14:37.0247 2832 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:14:37.0277 2832 Dnscache - ok
18:14:37.0292 2832 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:14:37.0367 2832 dot3svc - ok
18:14:37.0378 2832 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:14:37.0454 2832 DPS - ok
18:14:37.0459 2832 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:14:37.0489 2832 drmkaud - ok
18:14:37.0533 2832 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:14:37.0600 2832 DXGKrnl - ok
18:14:37.0618 2832 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys
18:14:37.0647 2832 e1kexpress - ok
18:14:37.0657 2832 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:14:37.0733 2832 EapHost - ok
18:14:37.0739 2832 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys
18:14:37.0761 2832 easytether - ok
18:14:37.0884 2832 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:14:37.0975 2832 ebdrv - ok
18:14:38.0000 2832 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:14:38.0036 2832 eeCtrl - ok
18:14:38.0058 2832 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:14:38.0086 2832 EFS - ok
18:14:38.0118 2832 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:14:38.0184 2832 ehRecvr - ok
18:14:38.0193 2832 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:14:38.0224 2832 ehSched - ok
18:14:38.0253 2832 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:14:38.0299 2832 elxstor - ok
18:14:38.0310 2832 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:14:38.0334 2832 EraserUtilRebootDrv - ok
18:14:38.0340 2832 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:14:38.0365 2832 ErrDev - ok
18:14:38.0392 2832 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:14:38.0471 2832 EventSystem - ok
18:14:38.0532 2832 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:14:38.0620 2832 EvtEng - ok
18:14:38.0636 2832 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:14:38.0712 2832 exfat - ok
18:14:38.0718 2832 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:14:38.0794 2832 fastfat - ok
18:14:38.0826 2832 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:14:38.0864 2832 Fax - ok
18:14:38.0869 2832 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:14:38.0895 2832 fdc - ok
18:14:38.0900 2832 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:14:38.0974 2832 fdPHost - ok
18:14:38.0980 2832 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:14:39.0055 2832 FDResPub - ok
18:14:39.0061 2832 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:14:39.0089 2832 FileInfo - ok
18:14:39.0094 2832 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:14:39.0166 2832 Filetrace - ok
18:14:39.0170 2832 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:14:39.0196 2832 flpydisk - ok
18:14:39.0212 2832 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:14:39.0245 2832 FltMgr - ok
18:14:39.0288 2832 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:14:39.0345 2832 FontCache - ok
18:14:39.0357 2832 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:14:39.0382 2832 FontCache3.0.0.0 - ok
18:14:39.0390 2832 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:14:39.0415 2832 FsDepends - ok
18:14:39.0426 2832 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:14:39.0451 2832 Fs_Rec - ok
18:14:39.0464 2832 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:14:39.0500 2832 fvevol - ok
18:14:39.0506 2832 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:14:39.0534 2832 gagp30kx - ok
18:14:39.0569 2832 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:14:39.0709 2832 gpsvc - ok
18:14:39.0720 2832 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:39.0758 2832 gupdate - ok
18:14:39.0762 2832 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:39.0799 2832 gupdatem - ok
18:14:39.0810 2832 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:14:39.0846 2832 gusvc - ok
18:14:39.0853 2832 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:14:39.0879 2832 hcw85cir - ok
18:14:39.0897 2832 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:14:39.0934 2832 HdAudAddService - ok
18:14:39.0943 2832 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:14:39.0977 2832 HDAudBus - ok
18:14:39.0984 2832 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
18:14:40.0008 2832 HECIx64 - ok
18:14:40.0013 2832 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:14:40.0040 2832 HidBatt - ok
18:14:40.0048 2832 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:14:40.0082 2832 HidBth - ok
18:14:40.0088 2832 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:14:40.0121 2832 HidIr - ok
18:14:40.0127 2832 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:14:40.0199 2832 hidserv - ok
18:14:40.0206 2832 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:14:40.0233 2832 HidUsb - ok
18:14:40.0242 2832 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:14:40.0313 2832 hkmsvc - ok
18:14:40.0325 2832 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:14:40.0355 2832 HomeGroupListener - ok
18:14:40.0367 2832 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:14:40.0399 2832 HomeGroupProvider - ok
18:14:40.0407 2832 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:14:40.0435 2832 HpSAMD - ok
18:14:40.0469 2832 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:14:40.0554 2832 HTTP - ok
18:14:40.0561 2832 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:14:40.0586 2832 hwpolicy - ok
18:14:40.0596 2832 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:14:40.0624 2832 i8042prt - ok
18:14:40.0652 2832 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
18:14:40.0689 2832 iaStor - ok
18:14:40.0696 2832 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:14:40.0717 2832 IAStorDataMgrSvc - ok
18:14:40.0737 2832 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:14:40.0774 2832 iaStorV - ok
18:14:40.0809 2832 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:14:40.0861 2832 idsvc - ok
18:14:40.0872 2832 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:14:40.0903 2832 iirsp - ok
18:14:40.0944 2832 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:14:41.0042 2832 IKEEXT - ok
18:14:41.0053 2832 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
18:14:41.0083 2832 Impcd - ok
18:14:41.0187 2832 IntcAzAudAddService (9aa1e982bc10176ce316aadfbd5c28f5) C:\Windows\system32\drivers\RTKVHD64.sys
18:14:41.0286 2832 IntcAzAudAddService - ok
18:14:41.0301 2832 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:14:41.0329 2832 intelide - ok
18:14:41.0337 2832 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:14:41.0367 2832 intelppm - ok
18:14:41.0378 2832 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:14:41.0451 2832 IPBusEnum - ok
18:14:41.0459 2832 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:14:41.0532 2832 IpFilterDriver - ok
18:14:41.0561 2832 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:14:41.0643 2832 iphlpsvc - ok
18:14:41.0651 2832 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:14:41.0680 2832 IPMIDRV - ok
18:14:41.0689 2832 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:14:41.0765 2832 IPNAT - ok
18:14:41.0770 2832 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:14:41.0804 2832 IRENUM - ok
18:14:41.0810 2832 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:14:41.0839 2832 isapnp - ok
18:14:41.0855 2832 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:14:41.0889 2832 iScsiPrt - ok
18:14:41.0895 2832 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:14:41.0923 2832 kbdclass - ok
18:14:41.0930 2832 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:14:41.0956 2832 kbdhid - ok
18:14:41.0962 2832 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:14:41.0991 2832 KeyIso - ok
18:14:41.0999 2832 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:14:42.0027 2832 KSecDD - ok
18:14:42.0037 2832 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:14:42.0068 2832 KSecPkg - ok
18:14:42.0075 2832 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:14:42.0145 2832 ksthunk - ok
18:14:42.0163 2832 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:14:42.0245 2832 KtmRm - ok
18:14:42.0259 2832 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:14:42.0337 2832 LanmanServer - ok
18:14:42.0346 2832 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:14:42.0423 2832 LanmanWorkstation - ok
18:14:42.0558 2832 LiveUpdate (6105b28f5d03c4affa7197b228768849) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
18:14:42.0687 2832 LiveUpdate - ok
18:14:42.0700 2832 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:14:42.0784 2832 lltdio - ok
18:14:42.0801 2832 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:14:42.0887 2832 lltdsvc - ok
18:14:42.0893 2832 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:14:42.0978 2832 lmhosts - ok
18:14:42.0993 2832 LMS (ad1cf8471b06badb93d87cc4d63b8483) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:14:43.0040 2832 LMS - ok
18:14:43.0053 2832 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:14:43.0087 2832 LSI_FC - ok
18:14:43.0097 2832 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:14:43.0129 2832 LSI_SAS - ok
18:14:43.0137 2832 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:14:43.0167 2832 LSI_SAS2 - ok
18:14:43.0176 2832 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:14:43.0205 2832 LSI_SCSI - ok
18:14:43.0216 2832 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:14:43.0293 2832 luafv - ok
18:14:43.0302 2832 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:14:43.0332 2832 Mcx2Svc - ok
18:14:43.0338 2832 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:14:43.0364 2832 megasas - ok
18:14:43.0381 2832 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:14:43.0414 2832 MegaSR - ok
18:14:43.0423 2832 Microsoft SharePoint Workspace Audit Service - ok
18:14:43.0433 2832 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:14:43.0508 2832 MMCSS - ok
18:14:43.0514 2832 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:14:43.0588 2832 Modem - ok
18:14:43.0593 2832 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:14:43.0625 2832 monitor - ok
18:14:43.0631 2832 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
18:14:43.0655 2832 motandroidusb - ok
18:14:43.0665 2832 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
18:14:43.0814 2832 MotoConnect Service - ok
18:14:43.0821 2832 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:14:43.0849 2832 mouclass - ok
18:14:43.0855 2832 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:14:43.0882 2832 mouhid - ok
18:14:43.0892 2832 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:14:43.0920 2832 mountmgr - ok
18:14:43.0932 2832 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:14:43.0964 2832 mpio - ok
18:14:43.0972 2832 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:14:44.0041 2832 mpsdrv - ok
18:14:44.0078 2832 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:14:44.0191 2832 MpsSvc - ok
18:14:44.0200 2832 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:14:44.0235 2832 MRxDAV - ok
18:14:44.0245 2832 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:14:44.0276 2832 mrxsmb - ok
18:14:44.0292 2832 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:14:44.0320 2832 mrxsmb10 - ok
18:14:44.0329 2832 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:14:44.0354 2832 mrxsmb20 - ok
18:14:44.0361 2832 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:14:44.0385 2832 msahci - ok
18:14:44.0395 2832 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:14:44.0423 2832 msdsm - ok
18:14:44.0433 2832 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:14:44.0461 2832 MSDTC - ok
18:14:44.0472 2832 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:14:44.0536 2832 Msfs - ok
18:14:44.0542 2832 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:14:44.0604 2832 mshidkmdf - ok
18:14:44.0609 2832 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:14:44.0630 2832 msisadrv - ok
18:14:44.0639 2832 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:14:44.0700 2832 MSiSCSI - ok
18:14:44.0705 2832 msiserver - ok
18:14:44.0711 2832 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:14:44.0770 2832 MSKSSRV - ok
18:14:44.0776 2832 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:14:44.0836 2832 MSPCLOCK - ok
18:14:44.0840 2832 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:14:44.0901 2832 MSPQM - ok
18:14:44.0919 2832 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:14:44.0949 2832 MsRPC - ok
18:14:44.0957 2832 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:14:44.0980 2832 mssmbios - ok
18:14:44.0987 2832 MSSQL$DDNI - ok
18:14:44.0997 2832 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:14:45.0054 2832 MSSQLServerADHelper100 - ok
18:14:45.0060 2832 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:14:45.0121 2832 MSTEE - ok
18:14:45.0127 2832 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:14:45.0149 2832 MTConfig - ok
18:14:45.0156 2832 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:14:45.0186 2832 Mup - ok
18:14:45.0208 2832 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:14:45.0278 2832 napagent - ok
18:14:45.0295 2832 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:14:45.0329 2832 NativeWifiP - ok
18:14:45.0344 2832 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\ENG64.SYS
18:14:45.0365 2832 NAVENG - ok
18:14:45.0452 2832 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\EX64.SYS
18:14:45.0522 2832 NAVEX15 - ok
18:14:45.0570 2832 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:14:45.0657 2832 NDIS - ok
18:14:45.0665 2832 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:14:45.0745 2832 NdisCap - ok
18:14:45.0752 2832 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:14:45.0842 2832 NdisTapi - ok
18:14:45.0850 2832 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:14:45.0928 2832 Ndisuio - ok
18:14:45.0940 2832 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:14:46.0022 2832 NdisWan - ok
18:14:46.0030 2832 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:14:46.0109 2832 NDProxy - ok
18:14:46.0118 2832 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:14:46.0196 2832 NetBIOS - ok
18:14:46.0212 2832 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:14:46.0286 2832 NetBT - ok
18:14:46.0292 2832 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:14:46.0320 2832 Netlogon - ok
18:14:46.0341 2832 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:14:46.0428 2832 Netman - ok
18:14:46.0446 2832 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:14:46.0475 2832 NetMsmqActivator - ok
18:14:46.0482 2832 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:14:46.0511 2832 NetPipeActivator - ok
18:14:46.0536 2832 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:14:46.0660 2832 netprofm - ok
18:14:46.0667 2832 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:14:46.0695 2832 NetTcpActivator - ok
18:14:46.0701 2832 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:14:46.0730 2832 NetTcpPortSharing - ok
18:14:46.0952 2832 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
18:14:47.0149 2832 NETw5s64 - ok
18:14:47.0170 2832 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:14:47.0198 2832 nfrd960 - ok
18:14:47.0219 2832 NitroReaderDriverReadSpool2 (0734398d3d99986bb8006e9bb5eab1e5) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
18:14:47.0249 2832 NitroReaderDriverReadSpool2 - ok
18:14:47.0267 2832 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:14:47.0345 2832 NlaSvc - ok
18:14:47.0352 2832 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:14:47.0432 2832 Npfs - ok
18:14:47.0440 2832 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:14:47.0520 2832 nsi - ok
18:14:47.0527 2832 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:14:47.0607 2832 nsiproxy - ok
18:14:47.0618 2832 nsverctl (538ae37d97f59f878e2c171944250cc7) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
18:14:47.0664 2832 nsverctl - ok
18:14:47.0737 2832 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:14:47.0819 2832 Ntfs - ok
18:14:47.0836 2832 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:14:47.0914 2832 Null - ok
18:14:47.0923 2832 NVHDA (181e7fe39211e04128a30708906627d8) C:\Windows\system32\drivers\nvhda64v.sys
18:14:47.0949 2832 NVHDA - ok
18:14:48.0263 2832 nvlddmkm (9439174331d5d1ffe6316590356c34ee) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:14:48.0662 2832 nvlddmkm - ok
18:14:48.0693 2832 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:14:48.0727 2832 nvraid - ok
18:14:48.0740 2832 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:14:48.0773 2832 nvstor - ok
18:14:48.0794 2832 nvsvc (982f4d28a521e99a78496775150d3b1c) C:\Windows\system32\nvvsvc.exe
18:14:48.0828 2832 nvsvc - ok
18:14:48.0839 2832 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:14:48.0869 2832 nv_agp - ok
18:14:48.0879 2832 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
18:14:48.0893 2832 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
18:14:48.0893 2832 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
18:14:48.0901 2832 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:14:48.0928 2832 ohci1394 - ok
18:14:48.0940 2832 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:14:49.0003 2832 ose - ok
18:14:49.0163 2832 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:14:49.0347 2832 osppsvc - ok
18:14:49.0382 2832 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:14:49.0417 2832 p2pimsvc - ok
18:14:49.0440 2832 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:14:49.0477 2832 p2psvc - ok
18:14:49.0488 2832 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:14:49.0519 2832 Parport - ok
18:14:49.0529 2832 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:14:49.0560 2832 partmgr - ok
18:14:49.0574 2832 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:14:49.0618 2832 PcaSvc - ok
18:14:49.0633 2832 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:14:49.0667 2832 pci - ok
18:14:49.0674 2832 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:14:49.0702 2832 pciide - ok
18:14:49.0719 2832 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:14:49.0756 2832 pcmcia - ok
18:14:49.0767 2832 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:14:49.0798 2832 pcw - ok
18:14:49.0824 2832 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:14:49.0912 2832 PEAUTH - ok
18:14:49.0972 2832 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:14:50.0025 2832 PeerDistSvc - ok
18:14:50.0053 2832 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:14:50.0090 2832 PerfHost - ok
18:14:50.0168 2832 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:14:50.0278 2832 pla - ok
18:14:50.0302 2832 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:14:50.0341 2832 PlugPlay - ok
18:14:50.0349 2832 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:14:50.0378 2832 PNRPAutoReg - ok
18:14:50.0389 2832 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:14:50.0425 2832 PNRPsvc - ok
18:14:50.0452 2832 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:14:50.0541 2832 PolicyAgent - ok
18:14:50.0558 2832 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:14:50.0644 2832 Power - ok
18:14:50.0657 2832 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:14:50.0736 2832 PptpMiniport - ok
18:14:50.0745 2832 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:14:50.0774 2832 Processor - ok
18:14:50.0788 2832 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:14:50.0864 2832 ProfSvc - ok
18:14:50.0871 2832 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:14:50.0899 2832 ProtectedStorage - ok
18:14:50.0910 2832 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:14:50.0982 2832 Psched - ok
18:14:50.0990 2832 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:14:51.0013 2832 PxHlpa64 - ok
18:14:51.0020 2832 qcfilterSny2k (fd79acb284b6bb288c8826fff72778e9) C:\Windows\system32\DRIVERS\qcfilterSny2k.sys
18:14:51.0041 2832 qcfilterSny2k - ok
18:14:51.0058 2832 qcusbnetsny2k (d4168d8bebcf573b8ffb2a0c09094da3) C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys
18:14:51.0084 2832 qcusbnetsny2k - ok
18:14:51.0094 2832 qcusbsersny2k (3a5625922508a972345f096cb163d55b) C:\Windows\system32\DRIVERS\qcusbserSny2k.sys
18:14:51.0118 2832 qcusbsersny2k - ok
18:14:51.0136 2832 QDLService2kSony (2b3b8b43d4c41e46a2b82459da0d5a2d) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
18:14:51.0182 2832 QDLService2kSony - ok
18:14:51.0248 2832 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:14:51.0318 2832 ql2300 - ok
18:14:51.0339 2832 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:14:51.0368 2832 ql40xx - ok
18:14:51.0385 2832 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:14:51.0425 2832 QWAVE - ok
18:14:51.0432 2832 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:14:51.0467 2832 QWAVEdrv - ok
18:14:51.0474 2832 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:14:51.0549 2832 RasAcd - ok
18:14:51.0558 2832 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:14:51.0630 2832 RasAgileVpn - ok
18:14:51.0641 2832 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:14:51.0714 2832 RasAuto - ok
18:14:51.0725 2832 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:14:51.0797 2832 Rasl2tp - ok
18:14:51.0817 2832 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:14:51.0897 2832 RasMan - ok
18:14:51.0907 2832 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:14:51.0981 2832 RasPppoe - ok
18:14:51.0990 2832 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:14:52.0072 2832 RasSstp - ok
18:14:52.0091 2832 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:14:52.0186 2832 rdbss - ok
18:14:52.0194 2832 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:14:52.0230 2832 rdpbus - ok
18:14:52.0236 2832 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:14:52.0315 2832 RDPCDD - ok
18:14:52.0333 2832 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:14:52.0363 2832 RDPDR - ok
18:14:52.0370 2832 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:14:52.0449 2832 RDPENCDD - ok
18:14:52.0460 2832 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:14:52.0538 2832 RDPREFMP - ok
18:14:52.0554 2832 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:14:52.0585 2832 RDPWD - ok
18:14:52.0599 2832 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:14:52.0631 2832 rdyboost - ok
18:14:52.0672 2832 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:14:52.0717 2832 RegSrvc - ok
18:14:52.0727 2832 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:14:52.0801 2832 RemoteAccess - ok
18:14:52.0814 2832 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:14:52.0892 2832 RemoteRegistry - ok
18:14:52.0906 2832 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:14:52.0941 2832 RFCOMM - ok
18:14:52.0951 2832 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
18:14:52.0974 2832 rimspci - ok
18:14:52.0983 2832 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
18:14:53.0005 2832 risdsnpe - ok
18:14:53.0015 2832 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:14:53.0091 2832 RpcEptMapper - ok
18:14:53.0098 2832 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:14:53.0126 2832 RpcLocator - ok
18:14:53.0153 2832 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:14:53.0237 2832 RpcSs - ok
18:14:53.0247 2832 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:14:53.0321 2832 rspndr - ok
18:14:53.0335 2832 RtkAudioService (b7fcc2d5b1dd8898bc00056cbfba46b8) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
18:14:53.0361 2832 RtkAudioService - ok
18:14:53.0368 2832 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:14:53.0393 2832 s3cap - ok
18:14:53.0408 2832 SampleCollector (5ae755a8b7673b8536f88245247c5308) C:\Program Files\Sony\VAIO Care\collsvc.exe
18:14:53.0425 2832 SampleCollector ( UnsignedFile.Multi.Generic ) - warning
18:14:53.0426 2832 SampleCollector - detected UnsignedFile.Multi.Generic (1)
18:14:53.0432 2832 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:14:53.0460 2832 SamSs - ok
18:14:53.0472 2832 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:14:53.0500 2832 sbp2port - ok
18:14:53.0514 2832 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:14:53.0590 2832 SCardSvr - ok
18:14:53.0598 2832 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:14:53.0667 2832 scfilter - ok
18:14:53.0715 2832 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:14:53.0846 2832 Schedule - ok
18:14:53.0856 2832 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:14:53.0927 2832 SCPolicySvc - ok
18:14:53.0938 2832 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
18:14:53.0973 2832 sdbus - ok
18:14:53.0986 2832 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:14:54.0016 2832 SDRSVC - ok
18:14:54.0024 2832 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:14:54.0096 2832 secdrv - ok
18:14:54.0104 2832 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:14:54.0177 2832 seclogon - ok
18:14:54.0186 2832 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:14:54.0262 2832 SENS - ok
18:14:54.0270 2832 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:14:54.0297 2832 SensrSvc - ok
18:14:54.0305 2832 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:14:54.0332 2832 Serenum - ok
18:14:54.0342 2832 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:14:54.0370 2832 Serial - ok
18:14:54.0378 2832 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:14:54.0405 2832 sermouse - ok
18:14:54.0431 2832 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:14:54.0503 2832 SessionEnv - ok
18:14:54.0510 2832 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
18:14:54.0531 2832 SFEP - ok
18:14:54.0538 2832 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:14:54.0564 2832 sffdisk - ok
18:14:54.0571 2832 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:14:54.0596 2832 sffp_mmc - ok
18:14:54.0603 2832 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:14:54.0635 2832 sffp_sd - ok
18:14:54.0643 2832 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:14:54.0670 2832 sfloppy - ok
18:14:54.0691 2832 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:14:54.0768 2832 SharedAccess - ok
18:14:54.0790 2832 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:14:54.0870 2832 ShellHWDetection - ok
18:14:54.0879 2832 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:14:54.0906 2832 SiSRaid2 - ok
18:14:54.0915 2832 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:14:54.0944 2832 SiSRaid4 - ok
18:14:54.0956 2832 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:14:55.0047 2832 Smb - ok
18:14:55.0189 2832 SmcService (26eb194d1fb2870e0453a99b84889f8d) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
18:14:55.0377 2832 SmcService - ok
18:14:55.0387 2832 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
18:14:55.0409 2832 SMSIVZAM5X64 - ok
18:14:55.0440 2832 SNAC (c2e9b4e50cf3a15255b45a7c7a0a881e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
18:14:55.0470 2832 SNAC - ok
18:14:55.0490 2832 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:14:55.0516 2832 SNMPTRAP - ok
18:14:55.0528 2832 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:14:55.0552 2832 spldr - ok
18:14:55.0580 2832 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:14:55.0658 2832 Spooler - ok
18:14:55.0810 2832 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:14:56.0105 2832 sppsvc - ok
18:14:56.0124 2832 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:14:56.0205 2832 sppuinotify - ok
18:14:56.0231 2832 SQLAgent$DDNI (a892134c28777978ecde8283dc57ac0f) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE
18:14:56.0314 2832 SQLAgent$DDNI - ok
18:14:56.0331 2832 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:14:56.0433 2832 SQLBrowser - ok
18:14:56.0447 2832 SQLWriter (f92e5f93be572b512da3c016b675ede0) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:14:56.0498 2832 SQLWriter - ok
18:14:56.0525 2832 SRTSP (b531fc8918dcdaae638511a123c3465e) C:\Windows\system32\Drivers\SRTSP64.SYS
18:14:56.0559 2832 SRTSP - ok
18:14:56.0585 2832 SRTSPL (2bd3a73d0601320b72486fc3ebc2544f) C:\Windows\system32\Drivers\SRTSPL64.SYS
18:14:56.0620 2832 SRTSPL - ok
18:14:56.0628 2832 SRTSPX (529b337c1aeeb289f0b502eb0ee6a8f5) C:\Windows\system32\Drivers\SRTSPX64.SYS
18:14:56.0649 2832 SRTSPX - ok
18:14:56.0675 2832 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:14:56.0709 2832 srv - ok
18:14:56.0732 2832 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:14:56.0764 2832 srv2 - ok
18:14:56.0778 2832 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:14:56.0806 2832 srvnet - ok
18:14:56.0821 2832 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:14:56.0897 2832 SSDPSRV - ok
18:14:56.0908 2832 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:14:56.0985 2832 SstpSvc - ok
18:14:56.0992 2832 Steam Client Service - ok
18:14:57.0002 2832 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:14:57.0029 2832 stexstor - ok
18:14:57.0058 2832 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:14:57.0106 2832 stisvc - ok
18:14:57.0115 2832 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:14:57.0141 2832 storflt - ok
18:14:57.0149 2832 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
18:14:57.0175 2832 StorSvc - ok
18:14:57.0183 2832 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:14:57.0210 2832 storvsc - ok
18:14:57.0217 2832 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:14:57.0249 2832 swenum - ok
18:14:57.0275 2832 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:14:57.0357 2832 swprv - ok
18:14:57.0440 2832 Symantec AntiVirus (f3a4ead0b3946e439f0397f7a4d09952) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
18:14:57.0545 2832 Symantec AntiVirus - ok
18:14:57.0582 2832 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:14:57.0610 2832 SymEvent - ok
18:14:57.0630 2832 SynTP (3c08fb2829a5304825f974b1631dedfa) C:\Windows\system32\DRIVERS\SynTP.sys
18:14:57.0663 2832 SynTP - ok
18:14:57.0741 2832 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:14:57.0839 2832 SysMain - ok
18:14:57.0855 2832 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:14:57.0898 2832 TabletInputService - ok
18:14:57.0919 2832 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:14:58.0009 2832 TapiSrv - ok
18:14:58.0020 2832 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:14:58.0102 2832 TBS - ok
18:14:58.0188 2832 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:14:58.0270 2832 Tcpip - ok
18:14:58.0326 2832 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:14:58.0408 2832 TCPIP6 - ok
18:14:58.0431 2832 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:14:58.0502 2832 tcpipreg - ok
18:14:58.0515 2832 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:14:58.0540 2832 TDPIPE - ok
18:14:58.0549 2832 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:14:58.0573 2832 TDTCP - ok
18:14:58.0585 2832 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:14:58.0656 2832 tdx - ok
18:14:58.0666 2832 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:14:58.0693 2832 TermDD - ok
18:14:58.0728 2832 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:14:58.0815 2832 TermService - ok
18:14:58.0825 2832 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:14:58.0861 2832 Themes - ok
18:14:58.0871 2832 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:14:58.0947 2832 THREADORDER - ok
18:14:58.0956 2832 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
18:14:58.0982 2832 TPM - ok
18:14:58.0994 2832 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:14:59.0065 2832 TrkWks - ok
18:14:59.0079 2832 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:14:59.0144 2832 TrustedInstaller - ok
18:14:59.0157 2832 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:14:59.0221 2832 tssecsrv - ok
18:14:59.0231 2832 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:14:59.0255 2832 TsUsbFlt - ok
18:14:59.0265 2832 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:14:59.0332 2832 tunnel - ok
18:14:59.0341 2832 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:14:59.0367 2832 uagp35 - ok
18:14:59.0388 2832 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:14:59.0457 2832 udfs - ok
18:14:59.0475 2832 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:14:59.0502 2832 UI0Detect - ok
18:14:59.0511 2832 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:14:59.0537 2832 uliagpkx - ok
18:14:59.0546 2832 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:14:59.0571 2832 umbus - ok
18:14:59.0578 2832 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:14:59.0601 2832 UmPass - ok
18:14:59.0617 2832 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:14:59.0647 2832 UmRdpService - ok
18:14:59.0747 2832 UNS (ad88af249abdc546151f9bfc4093fa9b) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:14:59.0853 2832 UNS - ok
18:14:59.0884 2832 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:14:59.0970 2832 upnphost - ok
18:14:59.0983 2832 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:00.0015 2832 usbccgp - ok
18:15:00.0029 2832 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:15:00.0066 2832 usbcir - ok
18:15:00.0076 2832 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:15:00.0103 2832 usbehci - ok
18:15:00.0123 2832 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:15:00.0182 2832 usbhub - ok
18:15:00.0196 2832 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:15:00.0233 2832 usbohci - ok
18:15:00.0245 2832 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:15:00.0283 2832 usbprint - ok
18:15:00.0293 2832 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:15:00.0329 2832 usbscan - ok
18:15:00.0340 2832 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:15:00.0371 2832 USBSTOR - ok
18:15:00.0380 2832 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:15:00.0406 2832 usbuhci - ok
18:15:00.0420 2832 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:15:00.0456 2832 usbvideo - ok
18:15:00.0466 2832 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:15:00.0542 2832 UxSms - ok
18:15:00.0559 2832 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:15:00.0623 2832 VAIO Event Service - ok
18:15:00.0655 2832 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:15:00.0693 2832 VAIO Power Management - ok
18:15:00.0701 2832 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:15:00.0729 2832 VaultSvc - ok
18:15:00.0744 2832 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:15:00.0771 2832 vdrvroot - ok
18:15:00.0799 2832 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:15:00.0881 2832 vds - ok
18:15:00.0889 2832 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:15:00.0923 2832 vga - ok
18:15:00.0932 2832 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:15:01.0005 2832 VgaSave - ok
18:15:01.0021 2832 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:15:01.0053 2832 vhdmp - ok
18:15:01.0062 2832 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:15:01.0088 2832 viaide - ok
18:15:01.0104 2832 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:15:01.0136 2832 vmbus - ok
18:15:01.0145 2832 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:15:01.0170 2832 VMBusHID - ok
18:15:01.0180 2832 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:15:01.0206 2832 volmgr - ok
18:15:01.0226 2832 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:15:01.0260 2832 volmgrx - ok
18:15:01.0278 2832 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:15:01.0312 2832 volsnap - ok
18:15:01.0326 2832 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
18:15:01.0355 2832 vpcbus - ok
18:15:01.0365 2832 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:15:01.0390 2832 vpcnfltr - ok
18:15:01.0400 2832 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
18:15:01.0424 2832 vpcusb - ok
18:15:01.0446 2832 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
18:15:01.0479 2832 vpcvmm - ok
18:15:01.0492 2832 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:15:01.0520 2832 vsmraid - ok
18:15:01.0593 2832 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:15:01.0707 2832 VSS - ok
18:15:01.0774 2832 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
18:15:01.0845 2832 VUAgent - ok
18:15:01.0859 2832 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:15:01.0894 2832 vwifibus - ok
18:15:01.0903 2832 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:15:01.0941 2832 vwififlt - ok
18:15:01.0949 2832 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:15:01.0988 2832 vwifimp - ok
18:15:02.0016 2832 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:15:02.0127 2832 W32Time - ok
18:15:02.0143 2832 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:15:02.0176 2832 WacomPen - ok
18:15:02.0188 2832 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:15:02.0261 2832 WANARP - ok
18:15:02.0268 2832 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:15:02.0341 2832 Wanarpv6 - ok
18:15:02.0401 2832 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:15:02.0462 2832 WatAdminSvc - ok
18:15:02.0531 2832 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:15:02.0588 2832 wbengine - ok
18:15:02.0616 2832 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:15:02.0655 2832 WbioSrvc - ok
18:15:02.0678 2832 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:15:02.0722 2832 wcncsvc - ok
18:15:02.0732 2832 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:15:02.0762 2832 WcsPlugInService - ok
18:15:02.0771 2832 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:15:02.0798 2832 Wd - ok
18:15:02.0831 2832 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:15:02.0876 2832 Wdf01000 - ok
18:15:02.0887 2832 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:15:02.0931 2832 WdiServiceHost - ok
18:15:02.0938 2832 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:15:02.0982 2832 WdiSystemHost - ok
18:15:03.0000 2832 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:15:03.0054 2832 WebClient - ok
18:15:03.0071 2832 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:15:03.0149 2832 Wecsvc - ok
18:15:03.0160 2832 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:15:03.0235 2832 wercplsupport - ok
18:15:03.0246 2832 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:15:03.0320 2832 WerSvc - ok
18:15:03.0330 2832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:15:03.0401 2832 WfpLwf - ok
18:15:03.0409 2832 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:15:03.0433 2832 WIMMount - ok
18:15:03.0440 2832 WinDefend - ok
18:15:03.0458 2832 WinHttpAutoProxySvc - ok
18:15:03.0482 2832 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:15:03.0552 2832 Winmgmt - ok
18:15:03.0639 2832 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:15:03.0742 2832 WinRM - ok
18:15:03.0773 2832 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
18:15:03.0808 2832 WinUsb - ok
18:15:03.0853 2832 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:15:03.0909 2832 Wlansvc - ok
18:15:04.0007 2832 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:15:04.0107 2832 wlidsvc - ok
18:15:04.0128 2832 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:15:04.0156 2832 WmiAcpi - ok
18:15:04.0180 2832 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:15:04.0217 2832 wmiApSrv - ok
18:15:04.0227 2832 WMPNetworkSvc - ok
18:15:04.0240 2832 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:15:04.0269 2832 WPCSvc - ok
18:15:04.0282 2832 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:15:04.0323 2832 WPDBusEnum - ok
18:15:04.0333 2832 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:15:04.0409 2832 ws2ifsl - ok
18:15:04.0422 2832 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:15:04.0461 2832 wscsvc - ok
18:15:04.0469 2832 WSearch - ok
18:15:04.0577 2832 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
18:15:04.0786 2832 wuauserv - ok
18:15:04.0811 2832 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:15:04.0890 2832 WudfPf - ok
18:15:04.0905 2832 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:15:04.0986 2832 WUDFRd - ok
18:15:04.0998 2832 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:15:05.0083 2832 wudfsvc - ok
18:15:05.0103 2832 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:15:05.0137 2832 WwanSvc - ok
18:15:05.0189 2832 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:15:05.0255 2832 \Device\Harddisk0\DR0 - ok
18:15:05.0259 2832 Boot (0x1200) (35f93f0df2bb3e522fb703b86f86acc0) \Device\Harddisk0\DR0\Partition0
18:15:05.0260 2832 \Device\Harddisk0\DR0\Partition0 - ok
18:15:05.0266 2832 Boot (0x1200) (a540b548e3d8c786ce32a55ccfcf2864) \Device\Harddisk0\DR0\Partition1
18:15:05.0267 2832 \Device\Harddisk0\DR0\Partition1 - ok
18:15:05.0268 2832 ============================================================
18:15:05.0268 2832 Scan finished
18:15:05.0268 2832 ============================================================
18:15:05.0280 4060 Detected object count: 2
18:15:05.0280 4060 Actual detected object count: 2
18:15:28.0172 4060 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:15:28.0172 4060 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:15:28.0175 4060 SampleCollector ( UnsignedFile.Multi.Generic ) - skipped by user
18:15:28.0175 4060 SampleCollector ( UnsignedFile.Multi.Generic ) - User select action: Skip
-
here is the report from tdsskiller: (part 1 due to length)
18:10:23.0642 8424 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
18:10:24.0025 8424 ============================================================
18:10:24.0025 8424 Current date / time: 2012/05/16 18:10:24.0025
18:10:24.0025 8424 SystemInfo:
18:10:24.0025 8424
18:10:24.0025 8424 OS Version: 6.1.7601 ServicePack: 1.0
18:10:24.0025 8424 Product type: Workstation
18:10:24.0025 8424 ComputerName: LAURENCE-VAIO
18:10:24.0026 8424 UserName: Laurence
18:10:24.0026 8424 Windows directory: C:\Windows
18:10:24.0026 8424 System windows directory: C:\Windows
18:10:24.0026 8424 Running under WOW64
18:10:24.0026 8424 Processor architecture: Intel x64
18:10:24.0026 8424 Number of processors: 4
18:10:24.0026 8424 Page size: 0x1000
18:10:24.0026 8424 Boot type: Normal boot
18:10:24.0026 8424 ============================================================
18:10:24.0554 8424 Drive \Device\Harddisk0\DR0 - Size: 0x3B9EC00000 (238.48 Gb), SectorSize: 0x200, Cylinders: 0x799B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:10:24.0562 8424 ============================================================
18:10:24.0562 8424 \Device\Harddisk0\DR0:
18:10:24.0562 8424 MBR partitions:
18:10:24.0562 8424 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x11E6800, BlocksNum 0x32000
18:10:24.0562 8424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1218800, BlocksNum 0x1CADD000
18:10:24.0562 8424 ============================================================
18:10:24.0565 8424 C: <-> \Device\Harddisk0\DR0\Partition1
18:10:24.0565 8424 ============================================================
18:10:24.0565 8424 Initialize success
18:10:24.0565 8424 ============================================================
18:11:08.0961 1408 ============================================================
18:11:08.0961 1408 Scan started
18:11:08.0961 1408 Mode: Manual; SigCheck; TDLFS;
18:11:08.0961 1408 ============================================================
18:11:09.0065 1408 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:11:09.0165 1408 1394ohci - ok
18:11:09.0173 1408 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:11:09.0328 1408 ACDaemon - ok
18:11:09.0346 1408 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:11:09.0408 1408 ACPI - ok
18:11:09.0419 1408 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:11:09.0479 1408 AcpiPmi - ok
18:11:09.0502 1408 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:11:09.0556 1408 adp94xx - ok
18:11:09.0574 1408 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:11:09.0622 1408 adpahci - ok
18:11:09.0633 1408 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:11:09.0677 1408 adpu320 - ok
18:11:09.0685 1408 ADVService (7233688fc422ef657e082309e6180142) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
18:11:09.0715 1408 ADVService - ok
18:11:09.0721 1408 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:11:09.0837 1408 AeLookupSvc - ok
18:11:09.0861 1408 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:11:09.0903 1408 AFD - ok
18:11:09.0910 1408 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:11:09.0948 1408 agp440 - ok
18:11:09.0956 1408 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:11:09.0994 1408 ALG - ok
18:11:10.0000 1408 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:11:10.0036 1408 aliide - ok
18:11:10.0041 1408 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:11:10.0080 1408 amdide - ok
18:11:10.0087 1408 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:11:10.0131 1408 AmdK8 - ok
18:11:10.0137 1408 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:11:10.0174 1408 AmdPPM - ok
18:11:10.0182 1408 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:11:10.0222 1408 amdsata - ok
18:11:10.0234 1408 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:11:10.0275 1408 amdsbs - ok
18:11:10.0280 1408 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:11:10.0316 1408 amdxata - ok
18:11:10.0323 1408 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:11:10.0451 1408 AppID - ok
18:11:10.0457 1408 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:11:10.0532 1408 AppIDSvc - ok
18:11:10.0540 1408 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:11:10.0625 1408 Appinfo - ok
18:11:10.0638 1408 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:11:10.0685 1408 AppMgmt - ok
18:11:10.0693 1408 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:11:10.0735 1408 arc - ok
18:11:10.0743 1408 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:11:10.0784 1408 arcsas - ok
18:11:10.0802 1408 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:11:10.0888 1408 aspnet_state - ok
18:11:10.0893 1408 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:11:10.0975 1408 AsyncMac - ok
18:11:10.0981 1408 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:11:11.0016 1408 atapi - ok
18:11:11.0047 1408 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:11:11.0212 1408 AudioEndpointBuilder - ok
18:11:11.0221 1408 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:11:11.0340 1408 AudioSrv - ok
18:11:11.0348 1408 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:11:11.0411 1408 AxInstSV - ok
18:11:11.0432 1408 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:11:11.0481 1408 b06bdrv - ok
18:11:11.0496 1408 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:11:11.0540 1408 b57nd60a - ok
18:11:11.0551 1408 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:11:11.0592 1408 BDESVC - ok
18:11:11.0597 1408 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:11:11.0679 1408 Beep - ok
18:11:11.0711 1408 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:11:11.0811 1408 BFE - ok
18:11:11.0853 1408 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:11:11.0944 1408 BITS - ok
18:11:11.0950 1408 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:11:11.0987 1408 blbdrive - ok
18:11:11.0995 1408 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:11:12.0037 1408 bowser - ok
18:11:12.0042 1408 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:11:12.0098 1408 BrFiltLo - ok
18:11:12.0103 1408 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:11:12.0142 1408 BrFiltUp - ok
18:11:12.0150 1408 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:11:12.0226 1408 Browser - ok
18:11:12.0240 1408 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:11:12.0289 1408 Brserid - ok
18:11:12.0296 1408 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:11:12.0338 1408 BrSerWdm - ok
18:11:12.0342 1408 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:11:12.0382 1408 BrUsbMdm - ok
18:11:12.0387 1408 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:11:12.0422 1408 BrUsbSer - ok
18:11:12.0428 1408 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
18:11:12.0468 1408 BthEnum - ok
18:11:12.0474 1408 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:11:12.0517 1408 BTHMODEM - ok
18:11:12.0526 1408 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
18:11:12.0571 1408 BthPan - ok
18:11:12.0598 1408 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
18:11:12.0648 1408 BTHPORT - ok
18:11:12.0656 1408 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:11:12.0738 1408 bthserv - ok
18:11:12.0748 1408 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
18:11:12.0785 1408 BTHUSB - ok
18:11:12.0792 1408 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
18:11:12.0825 1408 btusbflt - ok
18:11:12.0834 1408 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
18:11:12.0869 1408 btwaudio - ok
18:11:12.0878 1408 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
18:11:12.0914 1408 btwavdt - ok
18:11:12.0955 1408 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:11:13.0021 1408 btwdins - ok
18:11:13.0027 1408 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:11:13.0058 1408 btwl2cap - ok
18:11:13.0063 1408 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
18:11:13.0095 1408 btwrchid - ok
18:11:13.0103 1408 cag (ce52d435a50afda0077322db4f404a6e) C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys
18:11:13.0138 1408 cag - ok
18:11:13.0147 1408 ccEvtMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:11:13.0199 1408 ccEvtMgr - ok
18:11:13.0204 1408 ccSetMgr (260a069f403da226d18c058ad14fd3a3) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
18:11:13.0235 1408 ccSetMgr - ok
18:11:13.0243 1408 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:11:13.0328 1408 cdfs - ok
18:11:13.0338 1408 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:11:13.0377 1408 cdrom - ok
18:11:13.0384 1408 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:11:13.0467 1408 CertPropSvc - ok
18:11:13.0473 1408 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:11:13.0517 1408 circlass - ok
18:11:13.0538 1408 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:11:13.0584 1408 CLFS - ok
18:11:13.0594 1408 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:11:13.0696 1408 clr_optimization_v2.0.50727_32 - ok
18:11:13.0707 1408 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:11:13.0741 1408 clr_optimization_v2.0.50727_64 - ok
18:11:13.0756 1408 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:11:13.0808 1408 clr_optimization_v4.0.30319_32 - ok
18:11:13.0817 1408 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:11:13.0856 1408 clr_optimization_v4.0.30319_64 - ok
18:11:13.0862 1408 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:11:13.0897 1408 CmBatt - ok
18:11:13.0902 1408 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:11:13.0937 1408 cmdide - ok
18:11:13.0959 1408 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:11:14.0020 1408 CNG - ok
18:11:14.0026 1408 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:11:14.0063 1408 Compbatt - ok
18:11:14.0069 1408 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:11:14.0111 1408 CompositeBus - ok
18:11:14.0115 1408 COMSysApp - ok
18:11:14.0122 1408 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:11:14.0159 1408 crcdisk - ok
18:11:14.0171 1408 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:11:14.0256 1408 CryptSvc - ok
18:11:14.0278 1408 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:11:14.0328 1408 CSC - ok
18:11:14.0359 1408 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:11:14.0402 1408 CscService - ok
18:11:14.0408 1408 ctxva51 (bc9d0bd74e78d8f88d96e96faba828dd) C:\Windows\system32\DRIVERS\ctxva51.sys
18:11:14.0440 1408 ctxva51 - ok
18:11:14.0468 1408 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:11:14.0554 1408 DcomLaunch - ok
18:11:14.0570 1408 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:11:14.0652 1408 defragsvc - ok
18:11:14.0660 1408 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:11:14.0733 1408 DfsC - ok
18:11:14.0748 1408 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:11:14.0839 1408 Dhcp - ok
18:11:14.0845 1408 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:11:14.0921 1408 discache - ok
18:11:14.0929 1408 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:11:14.0968 1408 Disk - ok
18:11:14.0977 1408 DNE (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
18:11:15.0002 1408 DNE - ok
18:11:15.0014 1408 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:11:15.0049 1408 Dnscache - ok
18:11:15.0064 1408 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:11:15.0149 1408 dot3svc - ok
18:11:15.0160 1408 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:11:15.0242 1408 DPS - ok
18:11:15.0248 1408 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:11:15.0291 1408 drmkaud - ok
18:11:15.0335 1408 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:11:15.0432 1408 DXGKrnl - ok
18:11:15.0449 1408 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys
18:11:15.0495 1408 e1kexpress - ok
18:11:15.0504 1408 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:11:15.0595 1408 EapHost - ok
18:11:15.0602 1408 easytether (1e8d0e318d3f17b2eaaf993db20c76f0) C:\Windows\system32\DRIVERS\easytthr.sys
18:11:15.0637 1408 easytether - ok
18:11:15.0762 1408 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:11:15.0869 1408 ebdrv - ok
18:11:15.0895 1408 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:11:15.0948 1408 eeCtrl - ok
18:11:15.0971 1408 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:11:16.0014 1408 EFS - ok
18:11:16.0045 1408 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:11:16.0118 1408 ehRecvr - ok
18:11:16.0127 1408 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:11:16.0175 1408 ehSched - ok
18:11:16.0203 1408 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:11:16.0269 1408 elxstor - ok
18:11:16.0279 1408 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:11:16.0314 1408 EraserUtilRebootDrv - ok
18:11:16.0319 1408 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:11:16.0355 1408 ErrDev - ok
18:11:16.0380 1408 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:11:16.0461 1408 EventSystem - ok
18:11:16.0525 1408 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:11:16.0653 1408 EvtEng - ok
18:11:16.0672 1408 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:11:16.0761 1408 exfat - ok
18:11:16.0767 1408 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:11:16.0863 1408 fastfat - ok
18:11:16.0895 1408 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:11:16.0953 1408 Fax - ok
18:11:16.0958 1408 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:11:16.0999 1408 fdc - ok
18:11:17.0004 1408 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:11:17.0099 1408 fdPHost - ok
18:11:17.0105 1408 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:11:17.0194 1408 FDResPub - ok
18:11:17.0199 1408 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:11:17.0230 1408 FileInfo - ok
18:11:17.0235 1408 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:11:17.0318 1408 Filetrace - ok
18:11:17.0323 1408 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:11:17.0362 1408 flpydisk - ok
18:11:17.0380 1408 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:11:17.0416 1408 FltMgr - ok
18:11:17.0465 1408 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:11:17.0529 1408 FontCache - ok
18:11:17.0540 1408 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:11:17.0576 1408 FontCache3.0.0.0 - ok
18:11:17.0583 1408 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:11:17.0611 1408 FsDepends - ok
18:11:17.0618 1408 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:11:17.0653 1408 Fs_Rec - ok
18:11:17.0667 1408 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:11:17.0705 1408 fvevol - ok
18:11:17.0712 1408 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:11:17.0750 1408 gagp30kx - ok
18:11:17.0786 1408 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:11:17.0927 1408 gpsvc - ok
18:11:17.0939 1408 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:11:17.0976 1408 gupdate - ok
18:11:17.0981 1408 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:11:18.0017 1408 gupdatem - ok
18:11:18.0028 1408 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:11:18.0065 1408 gusvc - ok
18:11:18.0072 1408 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:11:18.0111 1408 hcw85cir - ok
18:11:18.0130 1408 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:11:18.0180 1408 HdAudAddService - ok
18:11:18.0189 1408 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:11:18.0233 1408 HDAudBus - ok
18:11:18.0240 1408 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
18:11:18.0273 1408 HECIx64 - ok
18:11:18.0278 1408 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:11:18.0315 1408 HidBatt - ok
18:11:18.0324 1408 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:11:18.0369 1408 HidBth - ok
18:11:18.0376 1408 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:11:18.0417 1408 HidIr - ok
18:11:18.0424 1408 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:11:18.0506 1408 hidserv - ok
18:11:18.0512 1408 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:11:18.0548 1408 HidUsb - ok
18:11:18.0557 1408 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:11:18.0638 1408 hkmsvc - ok
18:11:18.0652 1408 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:11:18.0696 1408 HomeGroupListener - ok
18:11:18.0708 1408 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:11:18.0752 1408 HomeGroupProvider - ok
18:11:18.0761 1408 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:11:18.0799 1408 HpSAMD - ok
18:11:18.0832 1408 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:11:18.0920 1408 HTTP - ok
18:11:18.0926 1408 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:11:18.0952 1408 hwpolicy - ok
18:11:18.0960 1408 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:11:18.0999 1408 i8042prt - ok
18:11:19.0025 1408 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
18:11:19.0061 1408 iaStor - ok
18:11:19.0068 1408 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:11:19.0098 1408 IAStorDataMgrSvc - ok
18:11:19.0119 1408 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:11:19.0168 1408 iaStorV - ok
18:11:19.0206 1408 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:11:19.0265 1408 idsvc - ok
18:11:19.0275 1408 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:11:19.0311 1408 iirsp - ok
18:11:19.0347 1408 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:11:19.0452 1408 IKEEXT - ok
18:11:19.0464 1408 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
18:11:19.0500 1408 Impcd - ok
18:11:19.0584 1408 IntcAzAudAddService (9aa1e982bc10176ce316aadfbd5c28f5) C:\Windows\system32\drivers\RTKVHD64.sys
18:11:19.0685 1408 IntcAzAudAddService - ok
18:11:19.0699 1408 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:11:19.0735 1408 intelide - ok
18:11:19.0743 1408 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:11:19.0779 1408 intelppm - ok
18:11:19.0788 1408 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:11:19.0872 1408 IPBusEnum - ok
18:11:19.0880 1408 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:11:19.0961 1408 IpFilterDriver - ok
18:11:19.0988 1408 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:11:20.0070 1408 iphlpsvc - ok
18:11:20.0079 1408 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:11:20.0121 1408 IPMIDRV - ok
18:11:20.0130 1408 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:11:20.0216 1408 IPNAT - ok
18:11:20.0221 1408 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:11:20.0271 1408 IRENUM - ok
18:11:20.0277 1408 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:11:20.0313 1408 isapnp - ok
18:11:20.0328 1408 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:11:20.0372 1408 iScsiPrt - ok
18:11:20.0380 1408 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:11:20.0416 1408 kbdclass - ok
18:11:20.0423 1408 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:11:20.0461 1408 kbdhid - ok
18:11:20.0466 1408 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:11:20.0494 1408 KeyIso - ok
18:11:20.0502 1408 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:11:20.0541 1408 KSecDD - ok
18:11:20.0551 1408 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:11:20.0593 1408 KSecPkg - ok
18:11:20.0599 1408 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:11:20.0681 1408 ksthunk - ok
18:11:20.0700 1408 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:11:20.0796 1408 KtmRm - ok
18:11:20.0810 1408 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:11:20.0889 1408 LanmanServer - ok
18:11:20.0899 1408 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:11:20.0975 1408 LanmanWorkstation - ok
18:11:21.0094 1408 LiveUpdate (6105b28f5d03c4affa7197b228768849) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
18:11:21.0243 1408 LiveUpdate - ok
18:11:21.0260 1408 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:11:21.0352 1408 lltdio - ok
18:11:21.0370 1408 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:11:21.0467 1408 lltdsvc - ok
18:11:21.0474 1408 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:11:21.0566 1408 lmhosts - ok
18:11:21.0584 1408 LMS (ad1cf8471b06badb93d87cc4d63b8483) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:11:21.0659 1408 LMS - ok
18:11:21.0672 1408 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:11:21.0717 1408 LSI_FC - ok
18:11:21.0727 1408 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:11:21.0771 1408 LSI_SAS - ok
18:11:21.0780 1408 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:11:21.0821 1408 LSI_SAS2 - ok
18:11:21.0831 1408 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:11:21.0875 1408 LSI_SCSI - ok
18:11:21.0885 1408 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:11:21.0970 1408 luafv - ok
18:11:21.0979 1408 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:11:22.0019 1408 Mcx2Svc - ok
18:11:22.0025 1408 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:11:22.0061 1408 megasas - ok
18:11:22.0078 1408 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:11:22.0124 1408 MegaSR - ok
18:11:22.0132 1408 Microsoft SharePoint Workspace Audit Service - ok
18:11:22.0143 1408 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:11:22.0221 1408 MMCSS - ok
18:11:22.0229 1408 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:11:22.0311 1408 Modem - ok
18:11:22.0318 1408 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:11:22.0360 1408 monitor - ok
18:11:22.0366 1408 motandroidusb (d69f1e9a944a5f46a494af901ed41118) C:\Windows\system32\Drivers\motoandroid.sys
18:11:22.0404 1408 motandroidusb - ok
18:11:22.0412 1408 MotoConnect Service (9b2923c59d49672d1205c391a1296525) C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
18:11:22.0696 1408 MotoConnect Service - ok
18:11:22.0703 1408 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:11:22.0741 1408 mouclass - ok
18:11:22.0748 1408 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:11:22.0785 1408 mouhid - ok
18:11:22.0794 1408 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:11:22.0823 1408 mountmgr - ok
18:11:22.0836 1408 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:11:22.0880 1408 mpio - ok
18:11:22.0888 1408 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:11:22.0975 1408 mpsdrv - ok
18:11:23.0015 1408 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:11:23.0142 1408 MpsSvc - ok
18:11:23.0153 1408 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:11:23.0202 1408 MRxDAV - ok
18:11:23.0212 1408 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:11:23.0266 1408 mrxsmb - ok
18:11:23.0282 1408 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:11:23.0325 1408 mrxsmb10 - ok
18:11:23.0335 1408 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:11:23.0374 1408 mrxsmb20 - ok
18:11:23.0380 1408 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:11:23.0416 1408 msahci - ok
18:11:23.0426 1408 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:11:23.0468 1408 msdsm - ok
18:11:23.0479 1408 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:11:23.0519 1408 MSDTC - ok
18:11:23.0531 1408 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:11:23.0614 1408 Msfs - ok
18:11:23.0619 1408 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:11:23.0692 1408 mshidkmdf - ok
18:11:23.0698 1408 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:11:23.0733 1408 msisadrv - ok
18:11:23.0745 1408 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:11:23.0830 1408 MSiSCSI - ok
18:11:23.0835 1408 msiserver - ok
18:11:23.0844 1408 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:11:23.0926 1408 MSKSSRV - ok
18:11:23.0932 1408 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:11:24.0011 1408 MSPCLOCK - ok
18:11:24.0016 1408 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:11:24.0088 1408 MSPQM - ok
18:11:24.0111 1408 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:11:24.0157 1408 MsRPC - ok
18:11:24.0167 1408 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:11:24.0203 1408 mssmbios - ok
18:11:24.0212 1408 MSSQL$DDNI - ok
18:11:24.0222 1408 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:11:24.0341 1408 MSSQLServerADHelper100 - ok
18:11:24.0347 1408 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:11:24.0430 1408 MSTEE - ok
18:11:24.0437 1408 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:11:24.0473 1408 MTConfig - ok
18:11:24.0481 1408 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:11:24.0517 1408 Mup - ok
18:11:24.0537 1408 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:11:24.0631 1408 napagent - ok
18:11:24.0649 1408 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:11:24.0699 1408 NativeWifiP - ok
18:11:24.0713 1408 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\ENG64.SYS
18:11:24.0737 1408 NAVENG - ok
18:11:24.0817 1408 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120515.017\EX64.SYS
18:11:24.0905 1408 NAVEX15 - ok
18:11:24.0962 1408 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:11:25.0053 1408 NDIS - ok
18:11:25.0061 1408 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:11:25.0155 1408 NdisCap - ok
18:11:25.0163 1408 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:11:25.0271 1408 NdisTapi - ok
18:11:25.0279 1408 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:11:25.0367 1408 Ndisuio - ok
18:11:25.0385 1408 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:11:25.0478 1408 NdisWan - ok
18:11:25.0486 1408 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:11:25.0574 1408 NDProxy - ok
18:11:25.0581 1408 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:11:25.0664 1408 NetBIOS - ok
18:11:25.0681 1408 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:11:25.0758 1408 NetBT - ok
18:11:25.0764 1408 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:11:25.0792 1408 Netlogon - ok
18:11:25.0812 1408 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:11:25.0907 1408 Netman - ok
18:11:25.0925 1408 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:11:25.0962 1408 NetMsmqActivator - ok
18:11:25.0967 1408 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:11:25.0996 1408 NetPipeActivator - ok
18:11:26.0021 1408 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:11:26.0149 1408 netprofm - ok
18:11:26.0155 1408 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:11:26.0184 1408 NetTcpActivator - ok
18:11:26.0190 1408 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:11:26.0218 1408 NetTcpPortSharing - ok
18:11:26.0439 1408 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys
18:11:26.0678 1408 NETw5s64 - ok
18:11:26.0702 1408 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:11:26.0744 1408 nfrd960 - ok
18:11:26.0766 1408 NitroReaderDriverReadSpool2 (0734398d3d99986bb8006e9bb5eab1e5) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
18:11:26.0810 1408 NitroReaderDriverReadSpool2 - ok
18:11:26.0828 1408 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:11:26.0919 1408 NlaSvc - ok
18:11:26.0927 1408 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:11:27.0009 1408 Npfs - ok
18:11:27.0016 1408 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:11:27.0100 1408 nsi - ok
18:11:27.0107 1408 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:11:27.0180 1408 nsiproxy - ok
18:11:27.0191 1408 nsverctl (538ae37d97f59f878e2c171944250cc7) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
18:11:27.0268 1408 nsverctl - ok
18:11:27.0346 1408 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:11:27.0446 1408 Ntfs - ok
18:11:27.0463 1408 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:11:27.0550 1408 Null - ok
18:11:27.0559 1408 NVHDA (181e7fe39211e04128a30708906627d8) C:\Windows\system32\drivers\nvhda64v.sys
18:11:27.0598 1408 NVHDA - ok
18:11:27.0913 1408 nvlddmkm (9439174331d5d1ffe6316590356c34ee) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:11:28.0329 1408 nvlddmkm - ok
18:11:28.0354 1408 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:11:28.0396 1408 nvraid - ok
18:11:28.0408 1408 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:11:28.0450 1408 nvstor - ok
18:11:28.0471 1408 nvsvc (982f4d28a521e99a78496775150d3b1c) C:\Windows\system32\nvvsvc.exe
18:11:28.0517 1408 nvsvc - ok
18:11:28.0528 1408 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:11:28.0569 1408 nv_agp - ok
18:11:28.0579 1408 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
18:11:28.0602 1408 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
18:11:28.0602 1408 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
18:11:28.0611 1408 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:11:28.0649 1408 ohci1394 - ok
18:11:28.0661 1408 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:11:28.0767 1408 ose - ok
18:11:28.0926 1408 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:11:29.0135 1408 osppsvc - ok
18:11:29.0164 1408 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:11:29.0206 1408 p2pimsvc - ok
18:11:29.0230 1408 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:11:29.0278 1408 p2psvc - ok
18:11:29.0290 1408 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:11:29.0333 1408 Parport - ok
18:11:29.0342 1408 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:11:29.0374 1408 partmgr - ok
18:11:29.0388 1408 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:11:29.0446 1408 PcaSvc - ok
18:11:29.0460 1408 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:11:29.0507 1408 pci - ok
18:11:29.0514 1408 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:11:29.0553 1408 pciide - ok
18:11:29.0567 1408 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:11:29.0612 1408 pcmcia - ok
18:11:29.0620 1408 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:11:29.0662 1408 pcw - ok
18:11:29.0686 1408 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:11:29.0784 1408 PEAUTH - ok
18:11:29.0839 1408 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:11:29.0908 1408 PeerDistSvc - ok
18:11:29.0938 1408 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:11:29.0998 1408 PerfHost - ok
18:11:30.0079 1408 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:11:30.0195 1408 pla - ok
18:11:30.0218 1408 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:11:30.0281 1408 PlugPlay - ok
18:11:30.0289 1408 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:11:30.0327 1408 PNRPAutoReg - ok
18:11:30.0339 1408 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:11:30.0375 1408 PNRPsvc - ok
18:11:30.0401 1408 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:11:30.0507 1408 PolicyAgent - ok
18:11:30.0524 1408 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:11:30.0612 1408 Power - ok
18:11:30.0626 1408 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:11:30.0723 1408 PptpMiniport - ok
18:11:30.0733 1408 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:11:30.0774 1408 Processor - ok
18:11:30.0789 1408 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:11:30.0888 1408 ProfSvc - ok
18:11:30.0895 1408 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:11:30.0926 1408 ProtectedStorage - ok
18:11:30.0938 1408 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:11:31.0014 1408 Psched - ok
18:11:31.0023 1408 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
18:11:31.0056 1408 PxHlpa64 - ok
18:11:31.0062 1408 qcfilterSny2k (fd79acb284b6bb288c8826fff72778e9) C:\Windows\system32\DRIVERS\qcfilterSny2k.sys
18:11:31.0094 1408 qcfilterSny2k - ok
18:11:31.0110 1408 qcusbnetsny2k (d4168d8bebcf573b8ffb2a0c09094da3) C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys
18:11:31.0155 1408 qcusbnetsny2k - ok
18:11:31.0166 1408 qcusbsersny2k (3a5625922508a972345f096cb163d55b) C:\Windows\system32\DRIVERS\qcusbserSny2k.sys
18:11:31.0202 1408 qcusbsersny2k - ok
18:11:31.0221 1408 QDLService2kSony (2b3b8b43d4c41e46a2b82459da0d5a2d) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
18:11:31.0295 1408 QDLService2kSony - ok
18:11:31.0362 1408 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:11:31.0453 1408 ql2300 - ok
18:11:31.0476 1408 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:11:31.0518 1408 ql40xx - ok
18:11:31.0535 1408 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:11:31.0586 1408 QWAVE - ok
18:11:31.0593 1408 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:11:31.0631 1408 QWAVEdrv - ok
18:11:31.0638 1408 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:11:31.0729 1408 RasAcd - ok
18:11:31.0738 1408 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:11:31.0828 1408 RasAgileVpn - ok
18:11:31.0839 1408 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:11:31.0931 1408 RasAuto - ok
18:11:31.0943 1408 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:11:32.0028 1408 Rasl2tp - ok
18:11:32.0051 1408 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:11:32.0143 1408 RasMan - ok
18:11:32.0156 1408 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:11:32.0245 1408 RasPppoe - ok
18:11:32.0253 1408 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:11:32.0334 1408 RasSstp - ok
18:11:32.0349 1408 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:11:32.0456 1408 rdbss - ok
18:11:32.0463 1408 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:11:32.0505 1408 rdpbus - ok
18:11:32.0511 1408 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:11:32.0583 1408 RDPCDD - ok
18:11:32.0599 1408 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:11:32.0638 1408 RDPDR - ok
18:11:32.0644 1408 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:11:32.0711 1408 RDPENCDD - ok
18:11:32.0720 1408 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:11:32.0786 1408 RDPREFMP - ok
18:11:32.0800 1408 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
18:11:32.0840 1408 RDPWD - ok
18:11:32.0853 1408 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:11:32.0893 1408 rdyboost - ok
18:11:32.0932 1408 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:11:32.0986 1408 RegSrvc - ok
18:11:32.0996 1408 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:11:33.0072 1408 RemoteAccess - ok
18:11:33.0084 1408 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:11:33.0166 1408 RemoteRegistry - ok
18:11:33.0178 1408 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
18:11:33.0220 1408 RFCOMM - ok
18:11:33.0230 1408 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys
18:11:33.0265 1408 rimspci - ok
18:11:33.0274 1408 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys
18:11:33.0308 1408 risdsnpe - ok
18:11:33.0317 1408 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:11:33.0399 1408 RpcEptMapper - ok
18:11:33.0406 1408 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:11:33.0439 1408 RpcLocator - ok
18:11:33.0464 1408 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:11:33.0539 1408 RpcSs - ok
18:11:33.0548 1408 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:11:33.0626 1408 rspndr - ok
18:11:33.0639 1408 RtkAudioService (b7fcc2d5b1dd8898bc00056cbfba46b8) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
18:11:33.0675 1408 RtkAudioService - ok
18:11:33.0683 1408 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:11:33.0718 1408 s3cap - ok
18:11:33.0732 1408 SampleCollector (5ae755a8b7673b8536f88245247c5308) C:\Program Files\Sony\VAIO Care\collsvc.exe
18:11:33.0759 1408 SampleCollector ( UnsignedFile.Multi.Generic ) - warning
18:11:33.0760 1408 SampleCollector - detected UnsignedFile.Multi.Generic (1)
18:11:33.0766 1408 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:11:33.0791 1408 SamSs - ok
18:11:33.0801 1408 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:11:33.0838 1408 sbp2port - ok
18:11:33.0852 1408 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:11:33.0931 1408 SCardSvr - ok
18:11:33.0938 1408 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:11:34.0004 1408 scfilter - ok
18:11:34.0053 1408 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:11:34.0222 1408 Schedule - ok
18:11:34.0232 1408 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:11:34.0296 1408 SCPolicySvc - ok
18:11:34.0305 1408 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
18:11:34.0345 1408 sdbus - ok
18:11:34.0360 1408 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:11:34.0400 1408 SDRSVC - ok
18:11:34.0408 1408 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:11:34.0483 1408 secdrv - ok
18:11:34.0490 1408 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:11:34.0567 1408 seclogon - ok
18:11:34.0576 1408 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:11:34.0647 1408 SENS - ok
18:11:34.0655 1408 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:11:34.0690 1408 SensrSvc - ok
18:11:34.0697 1408 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
-
here's the report. thanks!
RogueKiller V7.4.4 [05/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Laurence [Admin rights]
Mode: Scan -- Date: 05/16/2012 12:11:55
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 3 ¤¤¤
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: Volume0 +++++
--- User ---
[MBR] 466705e0808f6b2b6cec8c1a87a46f19
[bSP] c5cc656a4eef15d89ea42e0c6fdddbc7 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9164 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 18769920 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 18974720 | Size: 234938 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
-
symantec keeps popping up telling me that i have the trojan.gen.2 virus, but it can't seem to get rid of it
here are the dds and attach files
thanks in advance
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Laurence at 22:46:09 on 2012-05-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5814.2885 [GMT -4:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Protector Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\Eap3Host.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Protector Suite\psqltray.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Citrix\Secure Access Client\nsload.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Windows\System32\vds.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Laurence\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\calc.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SymCorpUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uInternet Settings,ProxyOverride =
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Laurence\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"
uRun: [AROReminder] C:\Program Files (x86)\ARO 2011\ARO.exe -rem
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMAZON~1.LNK - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CITRIX~1.LNK - C:\Program Files (x86)\Citrix\Secure Access Client\nsload.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 156.111.60.150 156.111.70.150
TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81} : DhcpNameServer = 156.111.60.150 156.111.70.150
TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\14344594F4E4455434 : DhcpNameServer = 192.168.0.1 71.250.0.12
TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\56C6B696E637F6E6 : DhcpNameServer = 192.168.1.1 167.206.245.129 167.206.245.130
TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\7657563747D2E65647 : DhcpNameServer = 156.111.60.150 156.111.70.150
TCP: Interfaces\{48BFCAC3-5008-4FCE-BD16-C0851CCABD81}\C616D6269656 : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Laurence\AppData\Roaming\Mozilla\Firefox\Profiles\75hmdkwi.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee.dll
FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee64.dll
FF - plugin: C:\Users\Laurence\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npagee.dll
FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npagee64.dll
FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Laurence\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 cag;Citrix cag plugin for Access Gateway;C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [2010-8-4 96384]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-1 13336]
R2 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-6-24 91456]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-6-21 341296]
R2 nsverctl;Citrix Secure Access Client Service;C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [2011-3-14 154776]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248]
R2 QDLService2kSony;Qualcomm Gobi 2000 Download Service (Sony);C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSony.exe [2009-12-18 330488]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-8-24 190496]
R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-5-17 1831024]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-1 2320920]
R3 ctxva51;Citrix Virtual Adapter;C:\Windows\system32\DRIVERS\ctxva51.sys --> C:\Windows\system32\DRIVERS\ctxva51.sys [?]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-27 138360]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-24 574320]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-24 135664]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-24 135664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\system32\Drivers\motoandroid.sys --> C:\Windows\system32\Drivers\motoandroid.sys [?]
S3 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2011-9-22 43028328]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 qcfilterSny2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9225);C:\Windows\system32\DRIVERS\qcfilterSny2k.sys --> C:\Windows\system32\DRIVERS\qcfilterSny2k.sys [?]
S3 qcusbnetsny2k;Gobi 2000 USB-NDIS miniport(05C6-9225);C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys --> C:\Windows\system32\DRIVERS\qcusbnetsny2k.sys [?]
S3 qcusbsersny2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9225);C:\Windows\system32\DRIVERS\qcusbserSny2k.sys --> C:\Windows\system32\DRIVERS\qcusbserSny2k.sys [?]
S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-8-24 168448]
S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-31 47128]
S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== Created Last 30 ================
.
2012-05-11 01:35:04 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-11 01:35:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-11 01:35:00 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-11 01:34:58 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-11 01:34:57 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-11 01:34:57 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-11 01:34:06 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-11 01:33:45 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-11 01:33:41 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-11 01:33:40 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33:40 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-11 01:33:39 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-11 01:33:39 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-04-26 02:28:28 -------- d-s---w- C:\Users\Laurence\Google Drive
2012-04-19 23:55:26 -------- d-----w- C:\Program Files (x86)\Botanicula
2012-04-16 17:35:21 -------- d-----w- C:\ProgramData\Canon IJ Network Tool
2012-04-16 17:35:21 -------- d-----w- C:\Program Files (x86)\Canon
2012-04-16 17:35:18 315392 ----a-w- C:\Windows\SysWow64\CNC880L.dll
2012-04-16 17:35:18 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2012-04-16 17:35:18 106496 ----a-w- C:\Windows\SysWow64\CNC880U.dll
2012-04-16 17:35:15 -------- d--h--w- C:\ProgramData\CanonIJFAX
2012-04-16 17:34:54 37376 ----a-w- C:\Windows\System32\CNMN6UI.DLL
2012-04-16 17:34:54 342016 ----a-w- C:\Windows\SysWow64\CNMNPPM.DLL
2012-04-16 17:34:54 328192 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
2012-04-16 17:34:54 -------- d-----w- C:\Windows\System32\STRING
2012-04-16 17:28:44 88576 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPAN.DLL
2012-04-16 17:28:44 29696 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDAN.DLL
2012-04-16 17:28:25 374784 ----a-w- C:\Windows\System32\CNMLMAN.DLL
2012-04-16 17:28:19 302080 ----a-w- C:\Windows\System32\CNCALAN.DLL
2012-04-16 17:28:16 248320 ----a-w- C:\Windows\System32\CNMIUAN.DLL
2012-04-15 12:56:27 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-14 07:00:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-14 07:00:37 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-14 07:00:37 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-14 07:00:37 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-14 07:00:37 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-14 07:00:37 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-14 07:00:37 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
.
==================== Find3M ====================
.
2012-05-12 14:11:41 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 16:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 22:46:48.93 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/29/2010 10:38:31 AM
System Uptime: 5/12/2012 3:03:33 PM (7 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core i7 CPU M 620 @ 2.67GHz | N/A | 1173/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 229 GiB total, 158.609 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP115: 4/14/2012 3:00:16 AM - Windows Update
RP116: 5/11/2012 3:00:34 AM - Windows Update
RP117: 5/12/2012 11:23:46 AM - VAIO Care Automatic Restore Point
.
==== Installed Programs ======================
.
.
Adobe Reader 9.4.7
Adobe Shockwave Player 11.6
Amazon MP3 Downloader 1.0.10
Amazon Unbox Video
Angry Birds
Application Manager for VAIO
ArcSoft WebCam Companion 3
Bejeweled 3
Botanicula
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Citrix XenApp Web Plugin
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Easy DVD Player
Google Chrome
Google Drive
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Intel AppUp(SM) center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Driver
Java Auto Updater
Java 6 Update 18
Junk Mail filter update
LiveUpdate 3.3 (Symantec Corporation)
Logitech Harmony Remote Software 7
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 4.0
MotoConnect 1.1.31
Mozilla Firefox 11.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
Oasis2Service
OOBE
Portal 2
PrimoPDF -- brought to you by Nitro PDF Software
Qualcomm Gobi 2000 Package for Sony
Realtek High Definition Audio Driver
Remote Control USB Driver
Remote Play with PlayStation 3
SecureW2 Enterprise Client 3.1.4 for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951)
Setting Utility Series
SmartWi Connection Utility
Spelling Dictionaries Support For Adobe Reader 9
Sql Server Customer Experience Improvement Program
Steam
swMSM
Terraria
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VAIO - Remote Play with PlayStation®3
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Messenger
VAIO Power Management
VAIO Survey
VAIO Update
VAIO Wallpaper Contents
VAIO Window Organizer
VZAccess Manager
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge!
.
==== Event Viewer Messages From Past Week ========
.
5/12/2012 12:36:09 PM, Error: Service Control Manager [7031] - The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
.
==== End Of File ===========================
help getting rid of trojan.gen.2
in Resolved Malware Removal Logs
Posted
that may have actually worked. i tried it this morning, haven't gotten any alerts from symantec in a couple of hours
thanks!!