Jump to content

User42

Members
  • Posts

    15
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Okay, thank you for your assistance man. I greatly appreciate it. You can close the thread whenever you like, all my questions have been answered.
  2. Also, do you feel confident in that my system is secure? I understand you can't say anything absolutely out of liability, but if this were your system would you be comfortable in using it for security sensitive online work?
  3. Thanks for you help. I suspect that NoScript would have really helped with preventing this issue from arising. I do have a question for you regarding firewalls; do you feel that Windows Firewall is simply too commonly used to be effective?
  4. I haven't encountered any additional pop ups and my computer's performance is where it normally is at. From my end it looks like things have been sorted out. Do you see anything in the logs that looks like there might be any remaining issues? Also, did you happen to see anything in the previous logs that was known malware? I'm just trying to get an idea of where this problem came from and if it has been successfully cleaned up.
  5. Here's what we got the second time: ComboFix 14-02-05.02 - Administrator 02/07/2014 15:32:23.2.4 - x64 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.7854.5871 [GMT -6:00] Running from: c:\users\Administrator.OPTIMUS\Desktop\ComboFix.exe Command switches used :: c:\users\Administrator.OPTIMUS\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Matt.OPTIMUS\Downloads\ccsetup404(1).exe" "c:\users\Matt.OPTIMUS\Downloads\ccsetup404.exe" "c:\users\Matt.OPTIMUS\Downloads\rcsetup149.exe" "c:\users\Matt.OPTIMUS\Downloads\Shockwave_Installer_Slim.exe" "c:\users\Matt.OPTIMUS\Downloads\WinZip175.exe" "c:\users\Matt\Downloads\Shockwave_Installer_Slim(1).exe" "c:\users\Matt\Downloads\Shockwave_Installer_Slim.exe" "c:\windows\System32\Adobe\Shockwave 12\gt.exe" "c:\windows\SysWOW64\Adobe\Shockwave 12\gt.exe" . . ((((((((((((((((((((((((( Files Created from 2014-01-07 to 2014-02-07 ))))))))))))))))))))))))))))))) . . 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\sharon\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\SABER\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\saber.SABERPACK\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\randi\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\Matt\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\Matt.OPTIMUS\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\kevinb\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-02-07 21:40 . 2014-02-07 21:40 -------- d-----w- c:\users\administrator\AppData\Local\temp 2014-02-07 10:14 . 2014-02-07 10:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C2AB9D-2154-490E-B502-DFD19FCFCD2A}\offreg.dll 2014-02-07 10:13 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70C2AB9D-2154-490E-B502-DFD19FCFCD2A}\mpengine.dll 2014-02-07 01:53 . 2014-02-07 01:53 -------- d-----w- c:\program files (x86)\ESET 2014-02-06 02:46 . 2014-02-07 01:19 -------- d-----w- C:\AdwCleaner 2014-02-04 05:12 . 2014-02-04 05:12 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\SUPERAntiSpyware.com 2014-02-04 05:11 . 2014-02-04 05:11 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Malwarebytes 2014-02-04 01:32 . 2014-02-04 01:32 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Sony Corporation 2014-02-04 01:32 . 2014-02-04 01:32 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Apple Computer 2014-01-22 02:32 . 2013-12-19 03:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-22 02:38 . 2012-11-05 01:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-01-22 02:38 . 2011-12-15 14:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-16 09:01 . 2011-01-04 15:55 86054176 ----a-w- c:\windows\system32\MRT.exe 2013-12-18 12:13 . 2011-01-04 15:02 270496 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "SoftwareSASGeneration"= 3 (0x3) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 KAPFA;KAPFA;c:\windows\system32\drivers\KAPFA.SYS;c:\windows\SYSNATIVE\drivers\KAPFA.SYS [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 CFUACProxy_officeguardianv2;CFUACProxy_officeguardianv2;c:\programdata\OfficeGuardianV2\UACProxy.exe;c:\programdata\OfficeGuardianV2\UACProxy.exe [x] R4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x] R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R4 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [x] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x] R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] R4 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program files\Sony\VAIO Update 5\VUAgent.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x] S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x] S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2014-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-05 02:38] . 2014-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3005969190-4086435550-3862566449-1188Core.job - c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-07 00:19] . 2014-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3005969190-4086435550-3862566449-1188UA.job - c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-07 00:19] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-14 1212560] "Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [bU] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976] "IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-14 1212560] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Administrator.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\kz5whinr.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{F974CC36-BF25-4374-A035-B0A9DA79E735}\VAIO Messenger Setup 2.0.424.0.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-02-07 15:43:19 ComboFix-quarantined-files.txt 2014-02-07 21:43 ComboFix2.txt 2014-02-06 23:30 . Pre-Run: 206,221,742,080 bytes free Post-Run: 206,129,807,360 bytes free . - - End Of File - - BAAA4191D06610A340232210EAD7BD25
  6. And here's the other scan: C:\Users\Matt\Downloads\Shockwave_Installer_Slim(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt.OPTIMUS\Downloads\ccsetup404(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt.OPTIMUS\Downloads\ccsetup404.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt.OPTIMUS\Downloads\rcsetup149.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt.OPTIMUS\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Users\Matt.OPTIMUS\Downloads\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
  7. Here's the MBAM log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.02.02.04 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Administrator :: OPTIMUS [administrator] 2/6/2014 7:41:51 PM mbam-log-2014-02-06 (19-41-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 387936 Time elapsed: 6 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  8. Here's the log. The system seems to be running fine, it hasn't really exhibited any issues outside of rare unwarranted pop ups. See anything here that looks like more scans are needed? # AdwCleaner v3.018 - Report created 06/02/2014 at 19:19:09 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Professional (64 bits) # Username : Administrator - OPTIMUS # Running from : C:\Users\Administrator.OPTIMUS\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\~0 Folder Deleted : C:\ProgramData\Partner ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\Software\DeviceVM Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Matt.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\v0g1m3kb.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2333 octets] - [05/02/2014 20:46:50] AdwCleaner[R1].txt - [2393 octets] - [06/02/2014 19:17:34] AdwCleaner[s0].txt - [2350 octets] - [06/02/2014 19:19:09] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2410 octets] ##########
  9. Am I correct in reading that ComboFix just deleted almost a GB of data?
  10. Sorry for the delayed reply. Here's the log file: ComboFix 14-02-05.02 - Administrator 02/06/2014 17:13:33.1.4 - x64 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.7854.5341 [GMT -6:00] Running from: c:\users\Administrator.OPTIMUS\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_uvnc_service . . ((((((((((((((((((((((((( Files Created from 2014-01-06 to 2014-02-06 ))))))))))))))))))))))))))))))) . . 2014-02-06 23:21 . 2014-02-06 23:21 -------- d-----w- c:\users\Matt\AppData\Local\temp 2014-02-06 23:21 . 2014-02-06 23:21 -------- d-----w- c:\users\Matt.OPTIMUS\AppData\Local\temp 2014-02-06 02:46 . 2014-02-06 02:47 -------- d-----w- C:\AdwCleaner 2014-02-04 20:59 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0D8C654-2F4E-4875-9149-59F968B2D437}\mpengine.dll 2014-02-04 05:12 . 2014-02-04 05:12 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\SUPERAntiSpyware.com 2014-02-04 05:11 . 2014-02-04 05:11 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Malwarebytes 2014-02-04 01:32 . 2014-02-04 01:32 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Sony Corporation 2014-02-04 01:32 . 2014-02-04 01:32 -------- d-----w- c:\users\Administrator.OPTIMUS\AppData\Roaming\Apple Computer 2014-01-22 02:32 . 2013-12-19 03:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-01-22 02:38 . 2012-11-05 01:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-01-22 02:38 . 2011-12-15 14:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-16 09:01 . 2011-01-04 15:55 86054176 ----a-w- c:\windows\system32\MRT.exe 2013-12-18 12:13 . 2011-01-04 15:02 270496 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "SoftwareSASGeneration"= 3 (0x3) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 KAPFA;KAPFA;c:\windows\system32\drivers\KAPFA.SYS;c:\windows\SYSNATIVE\drivers\KAPFA.SYS [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 SIUSBXP;SIUSBXP;c:\windows\system32\drivers\SiUSBXp.sys;c:\windows\SYSNATIVE\drivers\SiUSBXp.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 CFUACProxy_officeguardianv2;CFUACProxy_officeguardianv2;c:\programdata\OfficeGuardianV2\UACProxy.exe;c:\programdata\OfficeGuardianV2\UACProxy.exe [x] R4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x] R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R4 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [x] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x] R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] R4 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program files\Sony\VAIO Update 5\VUAgent.exe [x] S0 aswRvrt;aswRvrt; [x] S0 aswVmm;aswVmm; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x] S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x] S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x] S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2014-02-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-05 02:38] . 2014-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3005969190-4086435550-3862566449-1188Core.job - c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-07 00:19] . 2014-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3005969190-4086435550-3862566449-1188UA.job - c:\users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-07 00:19] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-14 1212560] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976] "IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-14 1212560] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Administrator.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\kz5whinr.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-KALFFCMP78398462090252 HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{F974CC36-BF25-4374-A035-B0A9DA79E735}\VAIO Messenger Setup 2.0.424.0.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_USERS\S-1-5-21-1364000384-3839376072-689731930-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (Administrator) "Progid"="FirefoxHTML" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files\Sony\VAIO Care\VCSpt.exe . ************************************************************************** . Completion time: 2014-02-06 17:30:42 - machine was rebooted ComboFix-quarantined-files.txt 2014-02-06 23:30 . Pre-Run: 208,603,803,648 bytes free Post-Run: 209,541,091,328 bytes free . - - End Of File - - 2D32DEB102478140035F1663272E4540
  11. Is there any reason why you are suggesting that I run these executables before RKill? That seems to be standard procedure around here.
  12. AdwCleaner Log (I don't see anything in here that I installed): # AdwCleaner v3.018 - Report created 05/02/2014 at 20:46:50 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Professional (64 bits) # Username : Administrator - OPTIMUS # Running from : C:\Users\Administrator.OPTIMUS\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found C:\ProgramData\~0 Folder Found C:\ProgramData\Partner ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Key Found : HKLM\Software\DeviceVM Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : [x64] HKLM\SOFTWARE\DeviceVM ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v26.0 (en-US) [ File : C:\Users\Matt.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\v0g1m3kb.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2189 octets] - [05/02/2014 20:46:50] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2249 octets] ##########
  13. TDSS Part 2: 20:46:37.0993 0x149c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll 20:46:38.0011 0x149c napagent - ok 20:46:38.0049 0x149c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:46:38.0057 0x149c NativeWifiP - ok 20:46:38.0115 0x149c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys 20:46:38.0150 0x149c NDIS - ok 20:46:38.0171 0x149c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:46:38.0173 0x149c NdisCap - ok 20:46:38.0197 0x149c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:46:38.0198 0x149c NdisTapi - ok 20:46:38.0248 0x149c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:46:38.0251 0x149c Ndisuio - ok 20:46:38.0271 0x149c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:46:38.0276 0x149c NdisWan - ok 20:46:38.0289 0x149c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:46:38.0291 0x149c NDProxy - ok 20:46:38.0343 0x149c [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 20:46:38.0347 0x149c Net Driver HPZ12 - ok 20:46:38.0400 0x149c [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 20:46:38.0402 0x149c Netaapl - ok 20:46:38.0425 0x149c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:46:38.0427 0x149c NetBIOS - ok 20:46:38.0465 0x149c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:46:38.0472 0x149c NetBT - ok 20:46:38.0492 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe 20:46:38.0494 0x149c Netlogon - ok 20:46:38.0532 0x149c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 20:46:38.0543 0x149c Netman - ok 20:46:38.0592 0x149c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:46:38.0596 0x149c NetMsmqActivator - ok 20:46:38.0612 0x149c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:46:38.0615 0x149c NetPipeActivator - ok 20:46:38.0630 0x149c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 20:46:38.0642 0x149c netprofm - ok 20:46:38.0649 0x149c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:46:38.0652 0x149c NetTcpActivator - ok 20:46:38.0658 0x149c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:46:38.0661 0x149c NetTcpPortSharing - ok 20:46:38.0945 0x149c [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys 20:46:39.0191 0x149c NETw5s64 - ok 20:46:39.0228 0x149c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:46:39.0231 0x149c nfrd960 - ok 20:46:39.0263 0x149c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll 20:46:39.0272 0x149c NlaSvc - ok 20:46:39.0300 0x149c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:46:39.0303 0x149c Npfs - ok 20:46:39.0315 0x149c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 20:46:39.0318 0x149c nsi - ok 20:46:39.0327 0x149c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:46:39.0328 0x149c nsiproxy - ok 20:46:39.0414 0x149c [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:46:39.0472 0x149c Ntfs - ok 20:46:39.0482 0x149c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 20:46:39.0484 0x149c Null - ok 20:46:39.0541 0x149c [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:46:39.0546 0x149c nvraid - ok 20:46:39.0589 0x149c [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:46:39.0594 0x149c nvstor - ok 20:46:39.0621 0x149c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:46:39.0625 0x149c nv_agp - ok 20:46:39.0749 0x149c [ 07571684567859DA796A566CC78FFA74, 63FDFB32F16BB7D5E69E089802BB9ABC0315632220599FAD35DFDAAE3000FEF4 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe 20:46:39.0751 0x149c Oasis2Service - ok 20:46:39.0775 0x149c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:46:39.0778 0x149c ohci1394 - ok 20:46:39.0850 0x149c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:46:39.0853 0x149c ose - ok 20:46:39.0888 0x149c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:46:39.0898 0x149c p2pimsvc - ok 20:46:39.0933 0x149c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 20:46:39.0945 0x149c p2psvc - ok 20:46:39.0963 0x149c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 20:46:39.0966 0x149c Parport - ok 20:46:40.0000 0x149c [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:46:40.0002 0x149c partmgr - ok 20:46:40.0016 0x149c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 20:46:40.0023 0x149c PcaSvc - ok 20:46:40.0055 0x149c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\drivers\pci.sys 20:46:40.0060 0x149c pci - ok 20:46:40.0074 0x149c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 20:46:40.0076 0x149c pciide - ok 20:46:40.0105 0x149c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:46:40.0111 0x149c pcmcia - ok 20:46:40.0133 0x149c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 20:46:40.0136 0x149c pcw - ok 20:46:40.0167 0x149c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:46:40.0188 0x149c PEAUTH - ok 20:46:40.0267 0x149c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:46:40.0333 0x149c PeerDistSvc - ok 20:46:40.0431 0x149c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:46:40.0434 0x149c PerfHost - ok 20:46:40.0513 0x149c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll 20:46:40.0590 0x149c pla - ok 20:46:40.0657 0x149c [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:46:40.0669 0x149c PlugPlay - ok 20:46:40.0736 0x149c [ 80E85394D8CD7F84340B1C6F4B9D698F, 13FE588297445F25DAA56AA9ED8EB307A7349381CC158DBB8213FE2E04BEB9DC ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 20:46:40.0745 0x149c PMBDeviceInfoProvider - ok 20:46:40.0783 0x149c [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 20:46:40.0787 0x149c Pml Driver HPZ12 - ok 20:46:40.0818 0x149c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:46:40.0821 0x149c PNRPAutoReg - ok 20:46:40.0843 0x149c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:46:40.0851 0x149c PNRPsvc - ok 20:46:40.0890 0x149c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:46:40.0908 0x149c PolicyAgent - ok 20:46:40.0928 0x149c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 20:46:40.0934 0x149c Power - ok 20:46:40.0955 0x149c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:46:40.0958 0x149c PptpMiniport - ok 20:46:40.0990 0x149c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 20:46:40.0993 0x149c Processor - ok 20:46:41.0036 0x149c [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc C:\Windows\system32\profsvc.dll 20:46:41.0043 0x149c ProfSvc - ok 20:46:41.0058 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:46:41.0061 0x149c ProtectedStorage - ok 20:46:41.0082 0x149c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:46:41.0085 0x149c Psched - ok 20:46:41.0150 0x149c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 20:46:41.0211 0x149c ql2300 - ok 20:46:41.0239 0x149c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 20:46:41.0243 0x149c ql40xx - ok 20:46:41.0272 0x149c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 20:46:41.0280 0x149c QWAVE - ok 20:46:41.0306 0x149c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:46:41.0308 0x149c QWAVEdrv - ok 20:46:41.0320 0x149c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:46:41.0321 0x149c RasAcd - ok 20:46:41.0358 0x149c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:46:41.0360 0x149c RasAgileVpn - ok 20:46:41.0376 0x149c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 20:46:41.0381 0x149c RasAuto - ok 20:46:41.0393 0x149c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:46:41.0397 0x149c Rasl2tp - ok 20:46:41.0414 0x149c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll 20:46:41.0424 0x149c RasMan - ok 20:46:41.0440 0x149c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:46:41.0443 0x149c RasPppoe - ok 20:46:41.0469 0x149c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:46:41.0472 0x149c RasSstp - ok 20:46:41.0492 0x149c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:46:41.0500 0x149c rdbss - ok 20:46:41.0534 0x149c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 20:46:41.0536 0x149c rdpbus - ok 20:46:41.0552 0x149c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:46:41.0553 0x149c RDPCDD - ok 20:46:41.0598 0x149c [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:46:41.0602 0x149c RDPDR - ok 20:46:41.0623 0x149c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:46:41.0624 0x149c RDPENCDD - ok 20:46:41.0633 0x149c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:46:41.0634 0x149c RDPREFMP - ok 20:46:41.0681 0x149c [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:46:41.0687 0x149c RDPWD - ok 20:46:41.0723 0x149c [ E5DC9BA9E439D6DBDD79F8CAACB5BF01, 70CE6EAC4226A51508A469B3473E7A7C969E59AC50FF4076BE477DD7CCE0CB18 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:46:41.0729 0x149c rdyboost - ok 20:46:41.0839 0x149c [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:46:41.0854 0x149c RegSrvc - ok 20:46:41.0903 0x149c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:46:41.0908 0x149c RemoteAccess - ok 20:46:41.0937 0x149c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:46:41.0944 0x149c RemoteRegistry - ok 20:46:41.0974 0x149c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 20:46:41.0979 0x149c RFCOMM - ok 20:46:42.0012 0x149c [ FA6ABC06B629DA29634D31F1FE0347BD, 6469EB5C43CFBF9D774DE09042E3E0B4A08B8A146A43450F591725418BF5104E ] rimspci C:\Windows\system32\drivers\rimssne64.sys 20:46:42.0015 0x149c rimspci - ok 20:46:42.0049 0x149c [ 8F8539A7F5C117D4407B2985995671F2, D598C2F1F7B20E88386EADAFCA2616C3E4277521DDADF05C54933CCD9F5CA39B ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys 20:46:42.0051 0x149c risdsnpe - ok 20:46:42.0084 0x149c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:46:42.0088 0x149c RpcEptMapper - ok 20:46:42.0116 0x149c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 20:46:42.0118 0x149c RpcLocator - ok 20:46:42.0142 0x149c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll 20:46:42.0154 0x149c RpcSs - ok 20:46:42.0191 0x149c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:46:42.0194 0x149c rspndr - ok 20:46:42.0214 0x149c [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 20:46:42.0216 0x149c s3cap - ok 20:46:42.0236 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe 20:46:42.0239 0x149c SamSs - ok 20:46:42.0306 0x149c [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 20:46:42.0307 0x149c SASDIFSV - ok 20:46:42.0346 0x149c [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 20:46:42.0347 0x149c SASKUTIL - ok 20:46:42.0386 0x149c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:46:42.0389 0x149c sbp2port - ok 20:46:42.0419 0x149c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:46:42.0426 0x149c SCardSvr - ok 20:46:42.0461 0x149c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:46:42.0463 0x149c scfilter - ok 20:46:42.0538 0x149c [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll 20:46:42.0605 0x149c Schedule - ok 20:46:42.0632 0x149c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:46:42.0634 0x149c SCPolicySvc - ok 20:46:42.0666 0x149c [ 2C8D162EFAF73ABD36D8BCBB6340CAE7, DC40B08D39941D4FD0C3D5BEF279F50B66FE2D5859A0C85EF0DB11F91289DA9E ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 20:46:42.0669 0x149c sdbus - ok 20:46:42.0703 0x149c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:46:42.0709 0x149c SDRSVC - ok 20:46:42.0736 0x149c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:46:42.0738 0x149c secdrv - ok 20:46:42.0751 0x149c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll 20:46:42.0755 0x149c seclogon - ok 20:46:42.0770 0x149c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 20:46:42.0775 0x149c SENS - ok 20:46:42.0809 0x149c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:46:42.0812 0x149c SensrSvc - ok 20:46:42.0834 0x149c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 20:46:42.0836 0x149c Serenum - ok 20:46:42.0851 0x149c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 20:46:42.0854 0x149c Serial - ok 20:46:42.0908 0x149c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 20:46:42.0910 0x149c sermouse - ok 20:46:42.0944 0x149c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll 20:46:42.0949 0x149c SessionEnv - ok 20:46:42.0984 0x149c [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys 20:46:42.0985 0x149c SFEP - ok 20:46:43.0006 0x149c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:46:43.0008 0x149c sffdisk - ok 20:46:43.0038 0x149c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:46:43.0040 0x149c sffp_mmc - ok 20:46:43.0058 0x149c [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:46:43.0060 0x149c sffp_sd - ok 20:46:43.0068 0x149c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 20:46:43.0070 0x149c sfloppy - ok 20:46:43.0110 0x149c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:46:43.0122 0x149c SharedAccess - ok 20:46:43.0163 0x149c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:46:43.0182 0x149c ShellHWDetection - ok 20:46:43.0199 0x149c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:46:43.0202 0x149c SiSRaid2 - ok 20:46:43.0248 0x149c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:46:43.0253 0x149c SiSRaid4 - ok 20:46:43.0318 0x149c [ CEDF7CFFCCD03451FD22DBAAC2E3DE8E, A1F4B952099EBA4BA4E659782F85B45C4BBB411BF5B7C02D5BE0CC3DBF27AFF3 ] SIUSBXP C:\Windows\system32\drivers\SiUSBXp.sys 20:46:43.0319 0x149c SIUSBXP - ok 20:46:43.0356 0x149c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:46:43.0360 0x149c Smb - ok 20:46:43.0396 0x149c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:46:43.0400 0x149c SNMPTRAP - ok 20:46:43.0455 0x149c [ C3E69DB0A4E59564230E053232F39AC7, D7E4AC42C0731F69869E96F3AE9021ABD968E17C92283A54F265E73E6BD60ED5 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 20:46:43.0459 0x149c SOHCImp - ok 20:46:43.0486 0x149c [ 65CC4779A29C3E82B987BD4961790DFF, 91D072ADBCD4AEB2E10D0CC97E89E92099E8061A601F1A88425B4A20FC50FF78 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 20:46:43.0496 0x149c SOHDms - ok 20:46:43.0515 0x149c [ F47D75CEE1844EEF4A9EA6EE768828FB, 242550EB5879476DD2CFC0E38FAF3C6D0263FEA7504BD73ED3B004E274D7CDF6 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 20:46:43.0519 0x149c SOHDs - ok 20:46:43.0601 0x149c [ 5449FC97476F52E027409E703791E6A9, 88AFFBD1970575AB0E16B07AC7C6364879298320540F3451603DCBF54D551273 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 20:46:43.0610 0x149c SpfService - ok 20:46:43.0631 0x149c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 20:46:43.0633 0x149c spldr - ok 20:46:43.0681 0x149c [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler C:\Windows\System32\spoolsv.exe 20:46:43.0701 0x149c Spooler - ok 20:46:43.0828 0x149c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe 20:46:43.0941 0x149c sppsvc - ok 20:46:43.0967 0x149c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:46:43.0972 0x149c sppuinotify - ok 20:46:44.0026 0x149c [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:46:44.0037 0x149c srv - ok 20:46:44.0068 0x149c [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:46:44.0078 0x149c srv2 - ok 20:46:44.0126 0x149c [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:46:44.0131 0x149c srvnet - ok 20:46:44.0161 0x149c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:46:44.0168 0x149c SSDPSRV - ok 20:46:44.0179 0x149c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:46:44.0184 0x149c SstpSvc - ok 20:46:44.0281 0x149c [ DB0768632C680B7C0D3AA92D80416893, BEC3CF4F1CB150AC7C4647DD7C0D5D62B10824308E44467CD77CA3427A46FB20 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 20:46:44.0300 0x149c Steam Client Service - ok 20:46:44.0330 0x149c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:46:44.0332 0x149c stexstor - ok 20:46:44.0377 0x149c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 20:46:44.0378 0x149c StillCam - ok 20:46:44.0436 0x149c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll 20:46:44.0457 0x149c stisvc - ok 20:46:44.0484 0x149c [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 20:46:44.0486 0x149c storflt - ok 20:46:44.0520 0x149c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 20:46:44.0524 0x149c StorSvc - ok 20:46:44.0565 0x149c [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\drivers\storvsc.sys 20:46:44.0567 0x149c storvsc - ok 20:46:44.0579 0x149c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 20:46:44.0581 0x149c swenum - ok 20:46:44.0623 0x149c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 20:46:44.0643 0x149c swprv - ok 20:46:44.0740 0x149c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll 20:46:44.0809 0x149c SysMain - ok 20:46:44.0825 0x149c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:46:44.0830 0x149c TabletInputService - ok 20:46:44.0853 0x149c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:46:44.0863 0x149c TapiSrv - ok 20:46:44.0881 0x149c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 20:46:44.0885 0x149c TBS - ok 20:46:44.0983 0x149c [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:46:45.0051 0x149c Tcpip - ok 20:46:45.0132 0x149c [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:46:45.0164 0x149c TCPIP6 - ok 20:46:45.0187 0x149c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:46:45.0189 0x149c tcpipreg - ok 20:46:45.0211 0x149c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:46:45.0212 0x149c TDPIPE - ok 20:46:45.0241 0x149c [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:46:45.0243 0x149c TDTCP - ok 20:46:45.0256 0x149c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:46:45.0259 0x149c tdx - ok 20:46:45.0277 0x149c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\drivers\termdd.sys 20:46:45.0279 0x149c TermDD - ok 20:46:45.0332 0x149c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll 20:46:45.0366 0x149c TermService - ok 20:46:45.0394 0x149c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 20:46:45.0398 0x149c Themes - ok 20:46:45.0424 0x149c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 20:46:45.0427 0x149c THREADORDER - ok 20:46:45.0459 0x149c [ 519CB7D7F697F4BA47DE05845C20F158, F4B40014CB5047463FC40C28D9CFF0DA5E8592A2A9ED8E938A0A9D43DBD0A516 ] TlntSvr C:\Windows\System32\tlntsvr.exe 20:46:45.0465 0x149c TlntSvr - ok 20:46:45.0485 0x149c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 20:46:45.0491 0x149c TrkWks - ok 20:46:45.0555 0x149c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:46:45.0560 0x149c TrustedInstaller - ok 20:46:45.0593 0x149c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:46:45.0595 0x149c tssecsrv - ok 20:46:45.0633 0x149c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:46:45.0637 0x149c tunnel - ok 20:46:45.0649 0x149c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:46:45.0652 0x149c uagp35 - ok 20:46:45.0675 0x149c [ 0E5E962B5649D544BE54E8C90761EA2B, E595930B1B2F7E870A33D857047A53CA3EE63048C6CAE069633864B4C9888DDD ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:46:45.0684 0x149c udfs - ok 20:46:45.0714 0x149c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:46:45.0719 0x149c UI0Detect - ok 20:46:45.0746 0x149c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:46:45.0748 0x149c uliagpkx - ok 20:46:45.0776 0x149c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:46:45.0778 0x149c umbus - ok 20:46:45.0813 0x149c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 20:46:45.0814 0x149c UmPass - ok 20:46:45.0855 0x149c [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll 20:46:45.0862 0x149c UmRdpService - ok 20:46:46.0001 0x149c [ 11A559E0F10CC5E788984023DF400A6F, B16B6C2305B421402C2FA4D4D32A8359C4A5B5F14D14C04A1AE7BEC7EEA13047 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 20:46:46.0084 0x149c UNS - ok 20:46:46.0133 0x149c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 20:46:46.0154 0x149c upnphost - ok 20:46:46.0194 0x149c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 20:46:46.0196 0x149c USBAAPL64 - ok 20:46:46.0257 0x149c [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 20:46:46.0261 0x149c usbaudio - ok 20:46:46.0291 0x149c [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:46:46.0294 0x149c usbccgp - ok 20:46:46.0334 0x149c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:46:46.0337 0x149c usbcir - ok 20:46:46.0376 0x149c [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:46:46.0378 0x149c usbehci - ok 20:46:46.0427 0x149c [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:46:46.0436 0x149c usbhub - ok 20:46:46.0466 0x149c [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:46:46.0468 0x149c usbohci - ok 20:46:46.0501 0x149c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:46:46.0503 0x149c usbprint - ok 20:46:46.0541 0x149c [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 20:46:46.0543 0x149c usbscan - ok 20:46:46.0589 0x149c [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:46:46.0592 0x149c USBSTOR - ok 20:46:46.0628 0x149c [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:46:46.0631 0x149c usbuhci - ok 20:46:46.0674 0x149c [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 20:46:46.0681 0x149c usbvideo - ok 20:46:46.0828 0x149c [ B840C0D1A043BD4F3D98EE0C8BD8DE72, D6689E912F2331E510884CFE7647E46F371DF9F4F489A1046E47DDD52CD78197 ] uvnc_service C:\Program Files (x86)\UltraVNC\WinVNC.exe 20:46:46.0908 0x149c uvnc_service - ok 20:46:47.0004 0x149c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 20:46:47.0008 0x149c UxSms - ok 20:46:47.0226 0x149c [ A60605FC66552B421EE1F3D4EBB9A4E0, DCAC76EACAABD38E3896F78B56F51D08ECCC46E360DC29857526929900455E07 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 20:46:47.0232 0x149c VAIO Event Service - ok 20:46:47.0323 0x149c [ D469BE2723F79CF4B384680B1FDC577D, 8967D83D7A59E1C04F1A252246ABD7B64ABEC36BF02E3CA5BD672ABCA36E2BE0 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 20:46:47.0344 0x149c VAIO Power Management - ok 20:46:47.0369 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe 20:46:47.0371 0x149c VaultSvc - ok 20:46:47.0433 0x149c [ D7FCD8FBBF6CC93140D9C7C7959ED60C, 58D83F9CDC1FDC7451E3F1950208C35D18A81EC9B3615D0AF74262259587EF9F ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 20:46:47.0439 0x149c VBoxDrv - ok 20:46:47.0482 0x149c [ 6B22F16BE58AEF1A57970611D7109507, 50D195D6105DB0AA08593290B96A10BA8E34A934E68CE93C319FB075614820A6 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 20:46:47.0485 0x149c VBoxNetAdp - ok 20:46:47.0499 0x149c [ 10DD814DA2F2064F53B9694E30FF45A4, 6246FB4C8C12D1A89EF1765E906ECBDD59B891AAEB27838200F1DB95CB2DB330 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 20:46:47.0503 0x149c VBoxNetFlt - ok 20:46:47.0562 0x149c [ 812C2E4EC41CFCACE761620E17463529, 8838FB1B17C729552B80374B77F07A61C145FBA87B0697CA3CF0CF2D6E32005D ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 20:46:47.0564 0x149c VBoxUSBMon - ok 20:46:47.0651 0x149c [ 96EFA2698D6B9E2931609A3EA73FC5DC, FE9F4EEBEA0671FD4B3DF2180EB763AB54B59DA60E372589447C32EA6A792D4F ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 20:46:47.0685 0x149c VCFw - ok 20:46:47.0746 0x149c [ 3EEBF3C348C3DEB4CF6F10F2E6E222CD, 5D85364945ABF28965C7AD75A0EAD54EDBC8C72D64BB3E82D7FDAAD63BDB564E ] VClone C:\Windows\system32\DRIVERS\VClone.sys 20:46:47.0748 0x149c VClone - ok 20:46:47.0807 0x149c [ 7BEBF6A5285FFC03C34A7297A4E177CB, 39EFA9B03B84C65C3E57D2D4ADD8F6A57EB977410B7CDC24837C32FD13041517 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 20:46:47.0819 0x149c VcmIAlzMgr - ok 20:46:47.0871 0x149c [ E005B04DFCA99F5880C5111933194CA9, 9F3F48B3BA74DF5073D2A9767EB11B28CF54E01BA12FD269771187FB4BC26A3D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 20:46:47.0880 0x149c VcmINSMgr - ok 20:46:47.0910 0x149c [ 829A32FD1334F72429CA0515760EB7A7, CE37108DB7D539DB1FA260C049803ECDE55DE067B8712BCF89BA703DA6EC22D5 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 20:46:47.0914 0x149c VcmXmlIfHelper - ok 20:46:47.0930 0x149c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:46:47.0933 0x149c vdrvroot - ok 20:46:47.0967 0x149c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe 20:46:47.0988 0x149c vds - ok 20:46:48.0029 0x149c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:46:48.0031 0x149c vga - ok 20:46:48.0052 0x149c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 20:46:48.0054 0x149c VgaSave - ok 20:46:48.0086 0x149c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:46:48.0092 0x149c vhdmp - ok 20:46:48.0133 0x149c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 20:46:48.0135 0x149c viaide - ok 20:46:48.0306 0x149c [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:46:48.0312 0x149c vmbus - ok 20:46:48.0369 0x149c [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 20:46:48.0371 0x149c VMBusHID - ok 20:46:48.0414 0x149c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:46:48.0417 0x149c volmgr - ok 20:46:48.0459 0x149c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:46:48.0468 0x149c volmgrx - ok 20:46:48.0520 0x149c [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:46:48.0528 0x149c volsnap - ok 20:46:48.0571 0x149c [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\drivers\vpchbus.sys 20:46:48.0577 0x149c vpcbus - ok 20:46:48.0611 0x149c [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys 20:46:48.0613 0x149c vpcnfltr - ok 20:46:48.0645 0x149c [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys 20:46:48.0648 0x149c vpcusb - ok 20:46:48.0690 0x149c [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys 20:46:48.0700 0x149c vpcvmm - ok 20:46:48.0749 0x149c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:46:48.0754 0x149c vsmraid - ok 20:46:48.0839 0x149c [ A7EB62C664A03901165290A714BD48D0, 983BA71FE311FEBB21A0AE9A42FD128DFA787A47905E5533D192039A9609FCF1 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 20:46:48.0869 0x149c VSNService - ok 20:46:48.0967 0x149c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe 20:46:49.0034 0x149c VSS - ok 20:46:49.0136 0x149c [ E55A44D8F9F713D5F5D5BBAEF2BA0A34, 2EB5AF46BD1EE7F8BE9BC53D9CA65D0A181522BF40248F8ED0A5F924E946D13F ] VUAgent C:\Program Files\Sony\VAIO Update 5\VUAgent.exe 20:46:49.0202 0x149c VUAgent - ok 20:46:49.0238 0x149c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 20:46:49.0240 0x149c vwifibus - ok 20:46:49.0265 0x149c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 20:46:49.0267 0x149c vwififlt - ok 20:46:49.0284 0x149c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 20:46:49.0286 0x149c vwifimp - ok 20:46:49.0332 0x149c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 20:46:49.0344 0x149c W32Time - ok 20:46:49.0382 0x149c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 20:46:49.0384 0x149c WacomPen - ok 20:46:49.0431 0x149c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:46:49.0434 0x149c WANARP - ok 20:46:49.0454 0x149c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:46:49.0457 0x149c Wanarpv6 - ok 20:46:49.0585 0x149c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:46:49.0643 0x149c WatAdminSvc - ok 20:46:49.0746 0x149c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe 20:46:49.0824 0x149c wbengine - ok 20:46:49.0878 0x149c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:46:49.0886 0x149c WbioSrvc - ok 20:46:49.0943 0x149c [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:46:49.0955 0x149c wcncsvc - ok 20:46:50.0005 0x149c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:46:50.0010 0x149c WcsPlugInService - ok 20:46:50.0033 0x149c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 20:46:50.0034 0x149c Wd - ok 20:46:50.0100 0x149c [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:46:50.0135 0x149c Wdf01000 - ok 20:46:50.0175 0x149c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:46:50.0183 0x149c WdiServiceHost - ok 20:46:50.0189 0x149c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:46:50.0196 0x149c WdiSystemHost - ok 20:46:50.0233 0x149c [ 5B34E5938B9E76798977725E3F7847C4, FE9DBBF82478AA04E7EA1C131B931997F2663E79E87D86B59803B8C16B8C3341 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys 20:46:50.0234 0x149c wdkmd - ok 20:46:50.0278 0x149c [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll 20:46:50.0287 0x149c WebClient - ok 20:46:50.0308 0x149c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:46:50.0316 0x149c Wecsvc - ok 20:46:50.0333 0x149c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:46:50.0339 0x149c wercplsupport - ok 20:46:50.0375 0x149c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 20:46:50.0380 0x149c WerSvc - ok 20:46:50.0413 0x149c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:46:50.0414 0x149c WfpLwf - ok 20:46:50.0506 0x149c [ 8686E96E13F41AC9806A79CA8004FEEE, 1B8077D288B2169E7DFDAC7C90F6AD0C04A1A9590D83F4DBAC346ECA6D4F6184 ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe 20:46:50.0540 0x149c WiMAXAppSrv - ok 20:46:50.0572 0x149c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:46:50.0574 0x149c WIMMount - ok 20:46:50.0592 0x149c WinDefend - ok 20:46:50.0611 0x149c WinHttpAutoProxySvc - ok 20:46:50.0676 0x149c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:46:50.0683 0x149c Winmgmt - ok 20:46:50.0786 0x149c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll 20:46:50.0875 0x149c WinRM - ok 20:46:50.0947 0x149c [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:46:50.0949 0x149c WinUsb - ok 20:46:50.0973 0x149c WinVNC4 - ok 20:46:51.0029 0x149c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:46:51.0076 0x149c Wlansvc - ok 20:46:51.0260 0x149c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:46:51.0339 0x149c wlidsvc - ok 20:46:51.0374 0x149c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:46:51.0375 0x149c WmiAcpi - ok 20:46:51.0405 0x149c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:46:51.0412 0x149c wmiApSrv - ok 20:46:51.0439 0x149c WMPNetworkSvc - ok 20:46:51.0471 0x149c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:46:51.0475 0x149c WPCSvc - ok 20:46:51.0495 0x149c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:46:51.0502 0x149c WPDBusEnum - ok 20:46:51.0526 0x149c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:46:51.0527 0x149c ws2ifsl - ok 20:46:51.0573 0x149c [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll 20:46:51.0580 0x149c wscsvc - ok 20:46:51.0614 0x149c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 20:46:51.0615 0x149c WSDPrintDevice - ok 20:46:51.0619 0x149c WSearch - ok 20:46:51.0749 0x149c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 20:46:51.0831 0x149c wuauserv - ok 20:46:51.0880 0x149c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:46:51.0883 0x149c WudfPf - ok 20:46:51.0935 0x149c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:46:51.0941 0x149c WUDFRd - ok 20:46:51.0979 0x149c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:46:51.0985 0x149c wudfsvc - ok 20:46:52.0016 0x149c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:46:52.0024 0x149c WwanSvc - ok 20:46:52.0076 0x149c [ 5250193EF8E173AA7491250F00EB367F, FF33B5112C5702CBD8EF2B0B5E49428973054B961F3B105419F7A47E2057B8A6 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys 20:46:52.0085 0x149c yukonw7 - ok 20:46:52.0141 0x149c ================ Scan global =============================== 20:46:52.0169 0x149c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 20:46:52.0215 0x149c [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll 20:46:52.0237 0x149c [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll 20:46:52.0271 0x149c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 20:46:52.0297 0x149c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 20:46:52.0310 0x149c [ Global ] - ok 20:46:52.0311 0x149c ================ Scan MBR ================================== 20:46:52.0321 0x149c [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0 20:46:52.0390 0x149c \Device\Harddisk0\DR0 - ok 20:46:52.0392 0x149c ================ Scan VBR ================================== 20:46:52.0394 0x149c [ 37127624E91BA0D132A8F419695792D3 ] \Device\Harddisk0\DR0\Partition1 20:46:52.0396 0x149c \Device\Harddisk0\DR0\Partition1 - ok 20:46:52.0405 0x149c [ CFCFCD88614389DCA92196BBB7BE838E ] \Device\Harddisk0\DR0\Partition2 20:46:52.0407 0x149c \Device\Harddisk0\DR0\Partition2 - ok 20:46:52.0407 0x149c Waiting for KSN requests completion. In queue: 115 20:46:53.0407 0x149c Waiting for KSN requests completion. In queue: 115 20:46:54.0407 0x149c Waiting for KSN requests completion. In queue: 115 20:46:55.0408 0x149c Waiting for KSN requests completion. In queue: 115 20:46:56.0466 0x149c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 8.0.1497.376 ), 0x41000 ( enabled : updated ) 20:46:56.0529 0x149c Win FW state via NFP2: enabled 20:46:59.0362 0x149c ============================================================ 20:46:59.0362 0x149c Scan finished 20:46:59.0362 0x149c ============================================================ 20:46:59.0372 0x1138 Detected object count: 0 20:46:59.0372 0x1138 Actual detected object count: 0 20:47:22.0758 0x04a4 Deinitialize success
  14. TDSS part 1: 20:46:14.0820 0x1b54 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50 20:46:17.0403 0x1b54 ============================================================ 20:46:17.0403 0x1b54 Current date / time: 2014/02/05 20:46:17.0403 20:46:17.0403 0x1b54 SystemInfo: 20:46:17.0403 0x1b54 20:46:17.0403 0x1b54 OS Version: 6.1.7600 ServicePack: 0.0 20:46:17.0403 0x1b54 Product type: Workstation 20:46:17.0403 0x1b54 ComputerName: OPTIMUS 20:46:17.0404 0x1b54 UserName: Administrator 20:46:17.0404 0x1b54 Windows directory: C:\Windows 20:46:17.0404 0x1b54 System windows directory: C:\Windows 20:46:17.0404 0x1b54 Running under WOW64 20:46:17.0404 0x1b54 Processor architecture: Intel x64 20:46:17.0404 0x1b54 Number of processors: 4 20:46:17.0404 0x1b54 Page size: 0x1000 20:46:17.0404 0x1b54 Boot type: Normal boot 20:46:17.0404 0x1b54 ============================================================ 20:46:17.0644 0x1b54 KLMD registered as C:\Windows\system32\drivers\59103970.sys 20:46:17.0904 0x1b54 System UUID: {CEEF9DE7-E5BD-DAE3-116B-D781094441A7} 20:46:19.0055 0x1b54 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:46:19.0062 0x1b54 ============================================================ 20:46:19.0062 0x1b54 \Device\Harddisk0\DR0: 20:46:19.0062 0x1b54 MBR partitions: 20:46:19.0062 0x1b54 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1739800, BlocksNum 0x32000 20:46:19.0062 0x1b54 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x176B800, BlocksNum 0x2D197EED 20:46:19.0102 0x1b54 ============================================================ 20:46:19.0144 0x1b54 C: <-> \Device\Harddisk0\DR0\Partition2 20:46:19.0144 0x1b54 ============================================================ 20:46:19.0144 0x1b54 Initialize success 20:46:19.0144 0x1b54 ============================================================ 20:46:20.0997 0x149c ============================================================ 20:46:20.0997 0x149c Scan started 20:46:20.0997 0x149c Mode: Manual; 20:46:20.0997 0x149c ============================================================ 20:46:20.0997 0x149c KSN ping started 20:46:23.0897 0x149c KSN ping finished: true 20:46:24.0244 0x149c ================ Scan system memory ======================== 20:46:24.0244 0x149c System memory - ok 20:46:24.0244 0x149c ================ Scan services ============================= 20:46:24.0422 0x149c [ ABDCD326E1DD1C62509ED94C278A7453, 51E2722C7D2588BE1C29A1680C988B9BE45433E147CCE285C3A918216418E44B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 20:46:24.0427 0x149c !SASCORE - ok 20:46:24.0657 0x149c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:46:24.0663 0x149c 1394ohci - ok 20:46:25.0020 0x149c [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 20:46:25.0024 0x149c ACDaemon - ok 20:46:25.0071 0x149c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:46:25.0080 0x149c ACPI - ok 20:46:25.0122 0x149c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:46:25.0123 0x149c AcpiPmi - ok 20:46:25.0220 0x149c [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:46:25.0223 0x149c AdobeARMservice - ok 20:46:25.0406 0x149c [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:46:25.0413 0x149c AdobeFlashPlayerUpdateSvc - ok 20:46:25.0468 0x149c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:46:25.0481 0x149c adp94xx - ok 20:46:25.0538 0x149c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:46:25.0546 0x149c adpahci - ok 20:46:25.0580 0x149c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:46:25.0585 0x149c adpu320 - ok 20:46:25.0622 0x149c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:46:25.0624 0x149c AeLookupSvc - ok 20:46:25.0689 0x149c [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys 20:46:25.0701 0x149c AFD - ok 20:46:25.0748 0x149c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 20:46:25.0751 0x149c agp440 - ok 20:46:25.0772 0x149c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 20:46:25.0775 0x149c ALG - ok 20:46:25.0808 0x149c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 20:46:25.0810 0x149c aliide - ok 20:46:25.0829 0x149c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 20:46:25.0830 0x149c amdide - ok 20:46:25.0856 0x149c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 20:46:25.0859 0x149c AmdK8 - ok 20:46:25.0871 0x149c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 20:46:25.0873 0x149c AmdPPM - ok 20:46:25.0922 0x149c [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:46:25.0925 0x149c amdsata - ok 20:46:25.0968 0x149c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:46:25.0973 0x149c amdsbs - ok 20:46:26.0004 0x149c [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:46:26.0006 0x149c amdxata - ok 20:46:26.0074 0x149c [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38, 916CA4FE1899609AB36E66CB90D69EC487C1913C9C542760564BCFFF1B6E8070 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys 20:46:26.0082 0x149c ApfiltrService - ok 20:46:26.0129 0x149c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys 20:46:26.0132 0x149c AppID - ok 20:46:26.0149 0x149c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:46:26.0151 0x149c AppIDSvc - ok 20:46:26.0169 0x149c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll 20:46:26.0171 0x149c Appinfo - ok 20:46:26.0254 0x149c [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:46:26.0257 0x149c Apple Mobile Device - ok 20:46:26.0299 0x149c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 20:46:26.0304 0x149c AppMgmt - ok 20:46:26.0343 0x149c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 20:46:26.0345 0x149c arc - ok 20:46:26.0378 0x149c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:46:26.0381 0x149c arcsas - ok 20:46:26.0537 0x149c [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:46:26.0539 0x149c aspnet_state - ok 20:46:26.0591 0x149c [ A83C9C15680BB9E270ACF7172068E287, 0841A2151D9FDF834F989B1FD5A319871C9069BA62077947516BB9735B99B648 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:46:26.0593 0x149c aswFsBlk - ok 20:46:26.0666 0x149c [ 5C40B8D77EBEE1DE0E7A8CDD0CD75773, 3D9C70795FE2C33F2561B40327EE4EB3FB0E06CB0B469668B373120C54D7C205 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:46:26.0669 0x149c aswMonFlt - ok 20:46:26.0743 0x149c [ 997F6977294B9ACB7F400431DF8E3A4A, E597F8096479554F0A5765E5F809DCBB8FB502BF96112F4B0E14E2034DC1FC06 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 20:46:26.0746 0x149c aswRdr - ok 20:46:26.0816 0x149c [ 286193DC28CFB4CEB8D378E20A0850A9, 60E8C8E4ABBC127B3137E7854467F69AA2352C23AA2132AF92B9BFA1C5A0130A ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 20:46:26.0819 0x149c aswRvrt - ok 20:46:26.0876 0x149c [ 58B93BA20D4693D0800D2B0A62B8059D, 0109D189FF0D42F6F97C08C459EAF94F190E9F893E0C92A08A472A9E21D5E0E5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:46:26.0921 0x149c aswSnx - ok 20:46:26.0998 0x149c [ EC7148DB4D126C81426A67602822E62C, BA967D5A96813867571C1629292C1DEEB743168F2C2F21060FC3DA6354CB49B3 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:46:27.0010 0x149c aswSP - ok 20:46:27.0102 0x149c [ 0E422E9CB7CD9C0AA6D4DFEAFA086EAA, E3DE7AE0906AA1D83F43B7AF001F1636E33FAE82919934B6B75DF7EA128CD52E ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 20:46:27.0105 0x149c aswTdi - ok 20:46:27.0147 0x149c [ 9FE455C916C656144B004E3EB48507CE, D645135ED01914135B7FE764528F8B20A445B5658E075D14459A10AE275E4871 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 20:46:27.0153 0x149c aswVmm - ok 20:46:27.0187 0x149c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:46:27.0188 0x149c AsyncMac - ok 20:46:27.0228 0x149c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 20:46:27.0230 0x149c atapi - ok 20:46:27.0316 0x149c [ CCA705CDF038D5BC243203CE4416B345, C907A4022411D9FDFD5FCEA8D067CF1713F786351FAFA739EDC5B5C3E66B1BAD ] athr C:\Windows\system32\DRIVERS\athrx.sys 20:46:27.0385 0x149c athr - ok 20:46:27.0651 0x149c [ EAEA2CE49DE0CCA80BEB9134107E5DD7, 3C253E085A6854ED3C4F0947CA6A688547AB8A8FAD430B246CC8244F5E92EE7A ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 20:46:27.0859 0x149c atikmdag - ok 20:46:27.0944 0x149c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:46:27.0978 0x149c AudioEndpointBuilder - ok 20:46:27.0998 0x149c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:46:28.0011 0x149c AudioSrv - ok 20:46:28.0125 0x149c [ 9330941C8F6DF417F6DBBE998DB6687E, 28BC051D7C74721BAF85BE2AAB97EAE44152779106C5BDA1FDA07B9C049E2FDC ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:46:28.0127 0x149c avast! Antivirus - ok 20:46:28.0167 0x149c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:46:28.0170 0x149c AxInstSV - ok 20:46:28.0217 0x149c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:46:28.0235 0x149c b06bdrv - ok 20:46:28.0270 0x149c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:46:28.0277 0x149c b57nd60a - ok 20:46:28.0326 0x149c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 20:46:28.0329 0x149c BDESVC - ok 20:46:28.0354 0x149c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 20:46:28.0356 0x149c Beep - ok 20:46:28.0424 0x149c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll 20:46:28.0459 0x149c BFE - ok 20:46:28.0524 0x149c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll 20:46:28.0579 0x149c BITS - ok 20:46:28.0622 0x149c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 20:46:28.0623 0x149c blbdrive - ok 20:46:28.0714 0x149c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 20:46:28.0725 0x149c Bonjour Service - ok 20:46:28.0802 0x149c [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:46:28.0805 0x149c bowser - ok 20:46:28.0851 0x149c [ F46DD257FAD7D2D097EF32E72220A06C, 073232E10CE9654D39360B3031BDEACA15FFAD879DAE41B866762AA207050B59 ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys 20:46:28.0853 0x149c bpenum - ok 20:46:28.0898 0x149c [ E82060AED0F28ED8909F2B07FA276185, E2F76FFDEC62ABFD8708E0936CD6AB301F5AE1C2058CA14C592A65055F5289F5 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys 20:46:28.0902 0x149c bpmp - ok 20:46:28.0917 0x149c [ FC6313A5A45C1AE53D0491F0057D5A4D, C1663B37F9D17BD54B89B345BDDA411FC45C255A6BA5BFCE7463A551FD1FBE41 ] bpusb C:\Windows\system32\Drivers\bpusb.sys 20:46:28.0919 0x149c bpusb - ok 20:46:28.0947 0x149c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 20:46:28.0948 0x149c BrFiltLo - ok 20:46:28.0963 0x149c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 20:46:28.0964 0x149c BrFiltUp - ok 20:46:29.0011 0x149c [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll 20:46:29.0015 0x149c Browser - ok 20:46:29.0041 0x149c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:46:29.0049 0x149c Brserid - ok 20:46:29.0083 0x149c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:46:29.0085 0x149c BrSerWdm - ok 20:46:29.0120 0x149c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:46:29.0121 0x149c BrUsbMdm - ok 20:46:29.0138 0x149c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:46:29.0139 0x149c BrUsbSer - ok 20:46:29.0183 0x149c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 20:46:29.0185 0x149c BthEnum - ok 20:46:29.0214 0x149c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 20:46:29.0217 0x149c BTHMODEM - ok 20:46:29.0260 0x149c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 20:46:29.0264 0x149c BthPan - ok 20:46:29.0307 0x149c [ D59773C7FDD3D795D6FE402EEEA8D71E, 9A26A1A3254D7BCDFADFFC9FD5D1A53A3DF12AC874FB2525AD33B87E42EFC5B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 20:46:29.0325 0x149c BTHPORT - ok 20:46:29.0383 0x149c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 20:46:29.0385 0x149c bthserv - ok 20:46:29.0399 0x149c [ 8504842634DD144C075B6B0C982CCEC4, BFBB8D67F146FBD4813BB8B29A3865C222966DA2B043732A5BCD759A40F4E5CE ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 20:46:29.0402 0x149c BTHUSB - ok 20:46:29.0428 0x149c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:46:29.0432 0x149c cdfs - ok 20:46:29.0472 0x149c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:46:29.0478 0x149c cdrom - ok 20:46:29.0510 0x149c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll 20:46:29.0513 0x149c CertPropSvc - ok 20:46:29.0643 0x149c [ C149FE6E95025FD731D89ABBA5BB182F, D1E8FAEC96A8365502E6BC50C38FF4DA2A175824A00CDFC3198E0C89F0118FF3 ] CFUACProxy_officeguardianv2 C:\ProgramData\OfficeGuardianV2\UACProxy.exe 20:46:29.0647 0x149c CFUACProxy_officeguardianv2 - ok 20:46:29.0678 0x149c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 20:46:29.0681 0x149c circlass - ok 20:46:29.0720 0x149c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 20:46:29.0729 0x149c CLFS - ok 20:46:29.0785 0x149c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:46:29.0789 0x149c clr_optimization_v2.0.50727_32 - ok 20:46:29.0820 0x149c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:46:29.0823 0x149c clr_optimization_v2.0.50727_64 - ok 20:46:29.0932 0x149c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:46:29.0936 0x149c clr_optimization_v4.0.30319_32 - ok 20:46:29.0951 0x149c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:46:29.0955 0x149c clr_optimization_v4.0.30319_64 - ok 20:46:30.0000 0x149c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 20:46:30.0002 0x149c CmBatt - ok 20:46:30.0021 0x149c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:46:30.0022 0x149c cmdide - ok 20:46:30.0088 0x149c [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys 20:46:30.0098 0x149c CNG - ok 20:46:30.0142 0x149c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 20:46:30.0144 0x149c Compbatt - ok 20:46:30.0178 0x149c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:46:30.0180 0x149c CompositeBus - ok 20:46:30.0196 0x149c COMSysApp - ok 20:46:30.0226 0x149c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 20:46:30.0228 0x149c crcdisk - ok 20:46:30.0270 0x149c [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:46:30.0275 0x149c CryptSvc - ok 20:46:30.0317 0x149c [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys 20:46:30.0330 0x149c CSC - ok 20:46:30.0379 0x149c [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll 20:46:30.0414 0x149c CscService - ok 20:46:30.0461 0x149c [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys 20:46:30.0463 0x149c dc3d - ok 20:46:30.0520 0x149c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:46:30.0539 0x149c DcomLaunch - ok 20:46:30.0588 0x149c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 20:46:30.0596 0x149c defragsvc - ok 20:46:30.0680 0x149c [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:46:30.0683 0x149c DfsC - ok 20:46:30.0727 0x149c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:46:30.0735 0x149c Dhcp - ok 20:46:30.0787 0x149c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 20:46:30.0788 0x149c discache - ok 20:46:30.0823 0x149c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 20:46:30.0825 0x149c Disk - ok 20:46:30.0900 0x149c [ 61458C120CDDFE7514E2DB125568CA59, EFC2F2364520C0AF8E74D28702231FB5824B42494550B4A3BD408AE32DE2898D ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe 20:46:30.0910 0x149c DMAgent - ok 20:46:30.0986 0x149c [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:46:30.0992 0x149c Dnscache - ok 20:46:31.0028 0x149c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll 20:46:31.0035 0x149c dot3svc - ok 20:46:31.0115 0x149c [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 20:46:31.0120 0x149c Dot4 - ok 20:46:31.0150 0x149c [ 85135AD27E79B689335C08167D917CDE, B023ABF4CC71862AE107B27D3CD698517074A97FA76A8AE18058ACF39AC1E786 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 20:46:31.0151 0x149c Dot4Print - ok 20:46:31.0192 0x149c [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 20:46:31.0194 0x149c dot4usb - ok 20:46:31.0228 0x149c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll 20:46:31.0233 0x149c DPS - ok 20:46:31.0264 0x149c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:46:31.0266 0x149c drmkaud - ok 20:46:31.0331 0x149c [ 24CE1ECF9D0AE0301775B07F5FEA175B, 9FECFD05A950A978D7BCF6E044FE9E48E4405EEE6D037EFCE24962FCD0CC9040 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:46:31.0366 0x149c DXGKrnl - ok 20:46:31.0395 0x149c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 20:46:31.0399 0x149c EapHost - ok 20:46:31.0526 0x149c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 20:46:31.0636 0x149c ebdrv - ok 20:46:31.0680 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe 20:46:31.0683 0x149c EFS - ok 20:46:31.0776 0x149c [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:46:31.0810 0x149c ehRecvr - ok 20:46:31.0852 0x149c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 20:46:31.0855 0x149c ehSched - ok 20:46:31.0936 0x149c [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 20:46:31.0937 0x149c ElbyCDIO - ok 20:46:31.0985 0x149c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 20:46:32.0002 0x149c elxstor - ok 20:46:32.0031 0x149c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:46:32.0033 0x149c ErrDev - ok 20:46:32.0081 0x149c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 20:46:32.0091 0x149c EventSystem - ok 20:46:32.0214 0x149c [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:46:32.0256 0x149c EvtEng - ok 20:46:32.0305 0x149c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 20:46:32.0310 0x149c exfat - ok 20:46:32.0334 0x149c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:46:32.0340 0x149c fastfat - ok 20:46:32.0399 0x149c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe 20:46:32.0423 0x149c Fax - ok 20:46:32.0447 0x149c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 20:46:32.0449 0x149c fdc - ok 20:46:32.0474 0x149c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 20:46:32.0476 0x149c fdPHost - ok 20:46:32.0492 0x149c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 20:46:32.0495 0x149c FDResPub - ok 20:46:32.0505 0x149c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:46:32.0508 0x149c FileInfo - ok 20:46:32.0523 0x149c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:46:32.0525 0x149c Filetrace - ok 20:46:32.0541 0x149c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 20:46:32.0543 0x149c flpydisk - ok 20:46:32.0566 0x149c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:46:32.0574 0x149c FltMgr - ok 20:46:32.0667 0x149c [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll 20:46:32.0713 0x149c FontCache - ok 20:46:32.0765 0x149c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:46:32.0767 0x149c FontCache3.0.0.0 - ok 20:46:32.0803 0x149c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:46:32.0805 0x149c FsDepends - ok 20:46:32.0850 0x149c [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:46:32.0852 0x149c Fs_Rec - ok 20:46:32.0910 0x149c [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:46:32.0915 0x149c fvevol - ok 20:46:32.0939 0x149c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:46:32.0941 0x149c gagp30kx - ok 20:46:32.0990 0x149c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:46:32.0992 0x149c GEARAspiWDM - ok 20:46:33.0045 0x149c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll 20:46:33.0080 0x149c gpsvc - ok 20:46:33.0114 0x149c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:46:33.0116 0x149c hcw85cir - ok 20:46:33.0160 0x149c [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:46:33.0169 0x149c HdAudAddService - ok 20:46:33.0200 0x149c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 20:46:33.0203 0x149c HDAudBus - ok 20:46:33.0244 0x149c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys 20:46:33.0246 0x149c HECIx64 - ok 20:46:33.0260 0x149c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 20:46:33.0262 0x149c HidBatt - ok 20:46:33.0280 0x149c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 20:46:33.0284 0x149c HidBth - ok 20:46:33.0316 0x149c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 20:46:33.0318 0x149c HidIr - ok 20:46:33.0348 0x149c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 20:46:33.0351 0x149c hidserv - ok 20:46:33.0392 0x149c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:46:33.0394 0x149c HidUsb - ok 20:46:33.0420 0x149c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll 20:46:33.0424 0x149c hkmsvc - ok 20:46:33.0444 0x149c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:46:33.0451 0x149c HomeGroupListener - ok 20:46:33.0473 0x149c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:46:33.0480 0x149c HomeGroupProvider - ok 20:46:33.0623 0x149c [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 20:46:33.0630 0x149c hpqcxs08 - ok 20:46:33.0656 0x149c [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 20:46:33.0660 0x149c hpqddsvc - ok 20:46:33.0694 0x149c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:46:33.0697 0x149c HpSAMD - ok 20:46:33.0768 0x149c [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 20:46:33.0816 0x149c HPSLPSVC - ok 20:46:33.0877 0x149c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:46:33.0911 0x149c HTTP - ok 20:46:33.0926 0x149c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:46:33.0927 0x149c hwpolicy - ok 20:46:33.0956 0x149c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 20:46:33.0959 0x149c i8042prt - ok 20:46:34.0015 0x149c [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\drivers\iaStor.sys 20:46:34.0025 0x149c iaStor - ok 20:46:34.0094 0x149c [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 20:46:34.0095 0x149c IAStorDataMgrSvc - ok 20:46:34.0150 0x149c [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:46:34.0160 0x149c iaStorV - ok 20:46:34.0243 0x149c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:46:34.0297 0x149c idsvc - ok 20:46:34.0679 0x149c [ 2A22AB054F4630D2EF4BAB2853F6D5F6, 9CD7A5FFB7E25B51E9D311531EE5EC20CEAC356C7A27D52B61DA810DB412437B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 20:46:35.0009 0x149c igfx - ok 20:46:35.0054 0x149c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:46:35.0056 0x149c iirsp - ok 20:46:35.0101 0x149c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll 20:46:35.0136 0x149c IKEEXT - ok 20:46:35.0190 0x149c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\drivers\Impcd.sys 20:46:35.0193 0x149c Impcd - ok 20:46:35.0386 0x149c [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 20:46:35.0512 0x149c IntcAzAudAddService - ok 20:46:35.0563 0x149c [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 20:46:35.0570 0x149c IntcDAud - ok 20:46:35.0602 0x149c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 20:46:35.0604 0x149c intelide - ok 20:46:35.0631 0x149c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 20:46:35.0633 0x149c intelppm - ok 20:46:35.0674 0x149c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:46:35.0679 0x149c IPBusEnum - ok 20:46:35.0702 0x149c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:46:35.0705 0x149c IpFilterDriver - ok 20:46:35.0738 0x149c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:46:35.0759 0x149c iphlpsvc - ok 20:46:35.0787 0x149c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:46:35.0790 0x149c IPMIDRV - ok 20:46:35.0826 0x149c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:46:35.0830 0x149c IPNAT - ok 20:46:35.0932 0x149c [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 20:46:35.0962 0x149c iPod Service - ok 20:46:35.0997 0x149c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:46:35.0999 0x149c IRENUM - ok 20:46:36.0022 0x149c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:46:36.0024 0x149c isapnp - ok 20:46:36.0058 0x149c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:46:36.0064 0x149c iScsiPrt - ok 20:46:36.0091 0x149c KAPFA - ok 20:46:36.0120 0x149c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:46:36.0123 0x149c kbdclass - ok 20:46:36.0164 0x149c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:46:36.0166 0x149c kbdhid - ok 20:46:36.0180 0x149c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe 20:46:36.0182 0x149c KeyIso - ok 20:46:36.0215 0x149c [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:46:36.0218 0x149c KSecDD - ok 20:46:36.0236 0x149c [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:46:36.0240 0x149c KSecPkg - ok 20:46:36.0280 0x149c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:46:36.0282 0x149c ksthunk - ok 20:46:36.0323 0x149c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 20:46:36.0336 0x149c KtmRm - ok 20:46:36.0405 0x149c [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll 20:46:36.0412 0x149c LanmanServer - ok 20:46:36.0437 0x149c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:46:36.0443 0x149c LanmanWorkstation - ok 20:46:36.0492 0x149c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:46:36.0494 0x149c lltdio - ok 20:46:36.0530 0x149c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:46:36.0539 0x149c lltdsvc - ok 20:46:36.0576 0x149c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:46:36.0579 0x149c lmhosts - ok 20:46:36.0623 0x149c [ 3D23191672D83E90D1CF63927EE98136, 90EC8E0E0FCC838B7D258C76A5C92335A2F2B7AE36BD87B3BB4BCF187770B6DE ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 20:46:36.0630 0x149c LMS - ok 20:46:36.0676 0x149c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 20:46:36.0680 0x149c LSI_FC - ok 20:46:36.0693 0x149c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:46:36.0698 0x149c LSI_SAS - ok 20:46:36.0739 0x149c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:46:36.0741 0x149c LSI_SAS2 - ok 20:46:36.0764 0x149c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:46:36.0768 0x149c LSI_SCSI - ok 20:46:36.0800 0x149c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 20:46:36.0804 0x149c luafv - ok 20:46:36.0851 0x149c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:46:36.0855 0x149c Mcx2Svc - ok 20:46:36.0889 0x149c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 20:46:36.0891 0x149c megasas - ok 20:46:36.0935 0x149c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:46:36.0943 0x149c MegaSR - ok 20:46:36.0957 0x149c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 20:46:36.0961 0x149c MMCSS - ok 20:46:36.0986 0x149c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 20:46:36.0988 0x149c Modem - ok 20:46:37.0011 0x149c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:46:37.0014 0x149c monitor - ok 20:46:37.0044 0x149c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:46:37.0046 0x149c mouclass - ok 20:46:37.0071 0x149c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:46:37.0073 0x149c mouhid - ok 20:46:37.0116 0x149c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:46:37.0119 0x149c mountmgr - ok 20:46:37.0214 0x149c [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:46:37.0218 0x149c MozillaMaintenance - ok 20:46:37.0239 0x149c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\drivers\mpio.sys 20:46:37.0244 0x149c mpio - ok 20:46:37.0268 0x149c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:46:37.0271 0x149c mpsdrv - ok 20:46:37.0321 0x149c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll 20:46:37.0355 0x149c MpsSvc - ok 20:46:37.0395 0x149c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:46:37.0399 0x149c MRxDAV - ok 20:46:37.0437 0x149c [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:46:37.0442 0x149c mrxsmb - ok 20:46:37.0485 0x149c [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:46:37.0493 0x149c mrxsmb10 - ok 20:46:37.0514 0x149c [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:46:37.0518 0x149c mrxsmb20 - ok 20:46:37.0544 0x149c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\drivers\msahci.sys 20:46:37.0546 0x149c msahci - ok 20:46:37.0568 0x149c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:46:37.0572 0x149c msdsm - ok 20:46:37.0587 0x149c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 20:46:37.0593 0x149c MSDTC - ok 20:46:37.0623 0x149c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:46:37.0625 0x149c Msfs - ok 20:46:37.0661 0x149c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:46:37.0663 0x149c mshidkmdf - ok 20:46:37.0679 0x149c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:46:37.0681 0x149c msisadrv - ok 20:46:37.0708 0x149c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:46:37.0715 0x149c MSiSCSI - ok 20:46:37.0720 0x149c msiserver - ok 20:46:37.0754 0x149c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:46:37.0755 0x149c MSKSSRV - ok 20:46:37.0764 0x149c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:46:37.0766 0x149c MSPCLOCK - ok 20:46:37.0774 0x149c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:46:37.0776 0x149c MSPQM - ok 20:46:37.0800 0x149c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:46:37.0810 0x149c MsRPC - ok 20:46:37.0822 0x149c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:46:37.0824 0x149c mssmbios - ok 20:46:37.0843 0x149c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:46:37.0845 0x149c MSTEE - ok 20:46:37.0864 0x149c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 20:46:37.0865 0x149c MTConfig - ok 20:46:37.0882 0x149c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 20:46:37.0884 0x149c Mup - ok 20:46:37.0936 0x149c [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 20:46:37.0946 0x149c MyWiFiDHCPDNS - ok
  15. Hi guys, I have encountered some issues with probable malware after I encountered a random pop up at a website titled "rwindowsdefender.nl". The site appears to be associated with the malware that is being served up in Skype's ads. Here are my DDS log files: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.51.2 Run by Administrator at 17:44:15 on 2014-02-05 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.7854.5424 [GMT -6:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\Dwm.exe C:\Program Files\Sony\VAIO Care\VCSpt.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Explorer.EXE C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\perfmon.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\Windows\notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [best Buy pc app] C:\Users\Administrator.OPTIMUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:3 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\14355535 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\3456E647572797C496E6B623035353 : DHCPNameServer = 192.168.0.1 205.171.2.25 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\35162656270313 : DHCPNameServer = 192.168.254.5 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\35162656270313F52374548545 : DHCPNameServer = 192.168.254.5 TCP: Interfaces\{8C5204B0-CF3B-4542-BE20-E2DB265019D5}\642494355727675696C6C616E636566516E60223E243 : DHCPNameServer = 192.168.10.1 TCP: Interfaces\{E986785D-4352-45A9-875A-C114E23ED807} : DHCPNameServer = 172.20.10.1 Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Administrator.OPTIMUS\AppData\Roaming\Mozilla\Firefox\Profiles\kz5whinr.default\ FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npatgpc.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\npMSDM.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-18 65336] R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-18 204880] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-18 1030952] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-18 378944] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-18 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-18 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-5 46808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336] R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-12 94208] R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-12 78848] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-28 2320920] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872] R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104] R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-3 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-12 271872] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032] R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-4-16 39832] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-12 402720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040] S3 SIUSBXP;SIUSBXP;C:\Windows\System32\drivers\SiUSBXp.sys [2010-11-8 19456] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 uvnc_service;uvnc_service;C:\Program Files (x86)\UltraVNC\winvnc.exe [2012-2-14 1830856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-4 1255736] S4 CFUACProxy_officeguardianv2;CFUACProxy_officeguardianv2;C:\ProgramData\OfficeGuardianV2\UACProxy.exe [2011-1-3 83792] S4 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576] S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240] S4 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456] S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-7-28 252416] S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400] S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280] S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952] S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-6 304496] S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-7-28 575856] S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824] S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456] S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880] S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232] S4 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-7-28 836608] S4 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-7-28 1250160] . =============== Created Last 30 ================ . 2014-02-04 20:59:16 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0D8C654-2F4E-4875-9149-59F968B2D437}\mpengine.dll 2014-02-04 05:12:32 -------- d-----w- C:\Users\Administrator.OPTIMUS\AppData\Roaming\SUPERAntiSpyware.com 2014-02-04 05:11:28 -------- d-----w- C:\Users\Administrator.OPTIMUS\AppData\Roaming\Malwarebytes 2014-01-22 02:32:59 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2014-01-22 02:38:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-22 02:38:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-18 12:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 17:44:56.15 =============== ATTACH FILE . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 1/3/2011 9:50:51 AM System Uptime: 2/4/2014 1:36:35 PM (28 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i5 CPU M 460 @ 2.53GHz | N/A | 2534/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 361 GiB total, 188.762 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP456: 1/16/2014 3:00:18 AM - Windows Update RP457: 1/21/2014 8:25:10 PM - Windows Update RP458: 1/21/2014 8:31:52 PM - Installed Java 7 Update 51 RP459: 1/28/2014 7:25:00 PM - Windows Update RP460: 2/3/2014 6:19:05 PM - Removed Skype™ 6.11 RP461: 2/3/2014 6:35:19 PM - Removed Java 7 Update 25 (64-bit) RP462: 2/4/2014 1:42:47 PM - Removed Skype™ 6.11 RP463: 2/4/2014 1:45:07 PM - Removed Skype Click to Call RP464: 2/4/2014 2:58:33 PM - Windows Update . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 12 Plugin Adobe Reader XI (11.0.03) Adobe Shockwave Player 12.0 Alps Pointing-device for VAIO Apple Application Support Apple Mobile Device Support Apple Software Update Application Manager for VAIO ArcSoft WebCam Companion 3 Audacity 2.0.2 avast! Free Antivirus Baldur's Gate Baldur's Gate II Belarc Advisor 8.2 Best Buy pc app Bonjour BufferChm C4700 CCleaner Cisco WebEx Meetings Compatibility Pack for the 2007 Office system Counter-Strike: Global Offensive Counter-Strike: Source Coupon Printer for Windows D3DX10 Destinations DeviceDiscovery Diablo II Diablo III Dungeon Siege 2 Dungeon Siege 2 Broken World GOG.com Downloader version 3.5.8 Google Talk Plugin GPBaseService2 Hero Editor V0.96 HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Officejet Pro 8600 Basic Device Software HP Photo Creations HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply IIS 7.5 Express Intel PROSet Wireless Intel WiMAX Tutorial Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Processor ID Utility Intel® PROSet/Wireless WiFi Software Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Intel® Wireless Display Intel® PROSet/Wireless WiMAX Software iTunes Java 7 Update 25 (64-bit) Java 7 Update 51 Java Auto Updater Java SE Development Kit 7 Update 4 (64-bit) JavaFX 2.1.0 (64-bit) JavaFX 2.1.0 SDK (64-bit) Junk Mail filter update League of Legends Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch Media Gallery Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Download Manager Microsoft Halo Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Sync Framework 2.0 Core Components (x64) ENU Microsoft Sync Framework 2.0 Provider Services (x64) ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Network64 Notepad++ Oasis2Service OOBE Oracle VM VirtualBox 4.2.6 Pando Media Booster Planescape Torment PlayReady PC Runtime amd64 PMB PMB VAIO Edition Guide PMB VAIO Edition plug-in (Click to Disc) PMB VAIO Edition plug-in (VAIO Image Optimizer) PMB VAIO Edition plug-in (VAIO Movie Story) PS_AIO_06_C4700_SW_Min QuickTime QuickTransfer Realtek High Definition Audio Driver Remote Play with PlayStation 3 Remote Play with PlayStation®3 Respondus LockDown Browser Scan Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Shop for HP Supplies SmartWebPrinting SolutionCenter StarCraft II Status Steam SUPERAntiSpyware swMSM SyncToy 2.1 (x64) Team Fortress 2 Toolbox TrayApp UltraVNC 1.0.6.4 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) VAIO - Media Gallery VAIO - PMB VAIO Edition Guide VAIO - PMB VAIO Edition plug-in (Click to Disc) VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) VAIO Care VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Help and Support VAIO Manual VAIO Media plus VAIO Media plus Opening Movie VAIO Movie Story Template Data VAIO Quick Web Access VAIO Sample Contents VAIO Smart Network VAIO Survey VAIO Transfer Support VAIO Update VAIO Wireless Wizard Ventrilo Client for Windows x64 VirtualCloneDrive WebReg Windows 7 USB/DVD Download Tool Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 2/4/2014 1:42:37 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 2/4/2014 1:38:27 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.