Mbam causing Google Chrome to crash and computer hang-Bandoo Searchqu pest

rock2death · April 19, 2012

Ok im having problem using Mbam with my Google Chrome browser. My computer works fine when mbam is disabled on startup and services but when i enabled it after reboot i opened 3 tabs on GC then when i exit GC then re-open, GC wont open and my computer hang. Cant do anything but to force shutdown and turn on the computer and disabled Mbam and GC will works fine. Is Mbam having conflicts with Google Chrome? I tried another browser(microsoft ie) but the problem dont occur.

My computer is Sony Vaio VPCEE42FX, Windows 7 Home Premium 64 bits sp1.

Tried using Chkdsk, sfc /scannow, different Virus/Malware scanner like AVAST, Malwarebytes, SuperAntiSpyware, Prevx 3.0 then removed all virus/malware found but still problem never went away. Thanks and God Bless!

rock2death · April 19, 2012

This exactly what is happening in my computer http://forums.malwarebytes.org/index.php?showtopic=102029 .. Is there already solution for this issue? Thanks.

Maurice Naggar · April 19, 2012

Hello rock2.

Tell me if any of the other security apps (different Virus/Malware scanner like AVAST, Malwarebytes, SuperAntiSpyware, Prevx 3.0) found any malware? If so, can you provide the log?

Are you sure the Google Chrome browser is not horked from other causes?

Have you made sure that all temporary Google files are deleted ? Press SHIFT+CTRL+DEL keys

AND also while in Chrome, press ALT-key +F then press G key to start the check for Google version update.

Is your MBAM a PRO or Trial edition? all up-to-date? when did you install?

What is your antivirus program? all up-to-date ?

Has this system ever been without an installed antivirus?

Did this system ever have a pre-installed Norton/Symantec or McAfee a-v ?

rock2death · April 19, 2012

Hi, this was the result of all the scanners i used.

Avast = No Virus found

Mbam = No Malicious Item found

TDSSkiller = No rouge found

SuperAntispyware =

Prevx 3.0 = C: Ubuntu/ wubu.unistall (removed)

Yes im sure its not horked, i tried re-installing the Google Chrome yesterday but still the same.

Yes all temporary GC files are deleted.

Yes im using the latest version 18.0.1025.162

Im using trial version and it is up to date, i installed it 11 days ago.

AVAST Pro Antivirus yes its up to date.

No, i had installed AV since i bought this laptop.

No Norton/Symantec or McAfee a-v installed.

rock2death · April 19, 2012

Hi, this was the result of all the scanners i used.

Avast = No Virus found

Mbam = No Malicious Item found

TDSSkiller = No rouge found

SuperAntispyware = below


SUPERAntiSpyware Scan Log
http://www.superantispyware.com[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Generated 04/19/2012 at 01:29 PM[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Application Version : 5.0.1144[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Core Rules Database Version : 8479
Trace Rules Database Version: 6291[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Scan type	   : Quick Scan
Total Scan Time : 00:05:11[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Memory items scanned	  : 536
Memory threats detected   : 0
Registry items scanned    : 55089
Registry threats detected : 0
File items scanned	    : 10961
File threats detected	 : 81[/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]Adware.Tracking Cookie
C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Cookies\M1LVEJ1S.txt [ /tribalfusion.com ]
C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Cookies\W80UD7D6.txt [ /adnetwork.net ]
C:\USERS\JANIERO\Cookies\M1LVEJ1S.txt [ Cookie:janiero@tribalfusion.com/ ]
C:\USERS\JANIERO\Cookies\W80UD7D6.txt [ Cookie:janiero@adnetwork.net/ ]
.apmebf.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.apmebf.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.fastclick.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 1\COOKIES ]
.kontera.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.legolas-media.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.legolas-media.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.overture.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.dmtracker.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.revsci.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.revsci.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adbrite.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adbrite.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.atdmt.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.c1.atdmt.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
www.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
www.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adultfriendfinder.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.atdmt.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.sexad.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhub.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhubpremium.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhubpremium.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.pornhubpremium.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.legolas-media.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.invitemedia.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.invitemedia.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.ar.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.estat.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.imrworldwide.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.imrworldwide.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.xiti.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.revsci.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.revsci.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.collective-media.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.at.atwola.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.tacoda.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.advertising.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.advertising.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.collective-media.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.invitemedia.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.avgtechnologies.112.2o7.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.legolas-media.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.legolas-media.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.kaspersky.122.2o7.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.clickbank.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.clickbank.net [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.statcounter.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adinterax.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.overture.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
ad.yieldmanager.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ]
.adinterax.com [ C:\USERS\JANIERO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\COOKIES ][/size][/color][/font]
[font="arial, tahoma, helvetica, sans-serif"][color="#444444"][size=3]

Prevx 3.0 = C: Ubuntu/ wubu.unistall (removed)

Yes im sure its not horked from other causes because i tried clean boot all works fine but when i enabled mbam the problem occur again, i tried re-installing the Google Chrome yesterday but still the same.

Yes all temporary GC files are deleted.

Yes im using the latest version 18.0.1025.162

Im using trial version and it is up to date, i installed it 11 days ago.

AVAST Pro Antivirus yes its up to date.

No, i had installed AV since i bought this laptop.

No Norton/Symantec or McAfee a-v installed.

Maurice Naggar · April 19, 2012

See Section K of the Frequently-asked-questions on MBAM http://forums.malwarebytes.org/index.php?act=findpost&pid=417798

and set "trust exclusions" in both Avast and in MBAM

Then Logoff and restart your system fresh.

Test Chrome, and this time document what sites you visit and where (if) the freeze occurs.

Given that your Internet Explorer does not have the same issue, one tends to think the root is with the Chrome browser.

You are going to need to tell me what "add-ons" there are in the Chrome browser.

rock2death · April 20, 2012

I tried exclusions in my avast and mbam and it doesnt work and also tried disabling other securtiy like windows defender and SAS.

It hang in any website when i exit GC and re-opened it.

No add ons ,extensions just bookmarks.

Maurice Naggar · April 20, 2012

Close all open app windows and run TFC to empty out temporary file areas.

Download TFC by OldTimer and SAVE it to your desktop

Double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
It will close all programs when run, so make sure you have saved all your work before you begin.
Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

After the restart,

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a FULL Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy & Paste the contents of this latest MBAM scan log.

use Chrome to get to this forum http://forums.malwarebytes.org

Does it do OK ?

rock2death · April 20, 2012

Hi, i have done what you said. Below is the log of Mbam.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.04.20.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Janiero :: JANEIRO-VAIO [administrator]
Protection: Disabled
4/20/2012 11:41:50 PM
mbam-log-2012-04-20 (23-41-50).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 448191
Time elapsed: 1 hour(s), 18 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

Yes it does OK.

Maurice Naggar · April 20, 2012

Did you intentionally disable the MBAM realtime protectIion module ?

If the Chrome browser is still locking up, do the following & post logs for review:

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

Go to your Desktop
Double-Click the Computer icon.
From the menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck Hide file extensions for known file types.
Locate and uncheck Hide protected operating system files (Recommended).
Locate and click Show hidden files and folders and drives.
Click Apply > OK.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

Run Security Check
Follow the onscreen instructions inside of the command window.
A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Please read carefully and follow these steps.

Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
Download TDSSKiller and save it to your Desktop.
RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
Then press Start Scan

When the scan is done, it will display a summary screen.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from TDSSKILLER.

Use separate replies as needed if logs do not fit into one reply box.

rock2death · April 21, 2012

Hi, yesterday after i did all what you have said which is use TFC and run full scan of Mbam the problem is still occur so i decided to re-install Mbam.

I uninstalled Mbam using RevoUnistaller that i always use when uninstalling Application/Software and after i uninstalled Mbam i used CCleaner to clean files and registry. After that, i downloaded Mbam then installed, after installation there's a pop-up on system tray telling me that Mbam will expired in 2 days then i restart my computer and after restart, i got this error in Start Up.

[OpenEvent] Failed to perform desired action. Error Code: 2

Then i went to MSCONFIG SERVICES and i found MBAMService is uncheck so i checked it then restart my computer. After that i didn't get the error in and Mbam will succesfully load because it will pop-up on system tray.

rock2death · April 21, 2012

Should i leave it unchecked or checked? What is the default when you installed Mbam? I will wait to your next reply before i do your last post.

Maurice Naggar · April 21, 2012

If I read your initial post properly, you did not purchase MBAM, but are running the Trial mode of MBAM. So the expected behavior while the Trial is still in effect, is for MBAMService to be checked. Leave it checked and proceed with reports -- if you are still having issues with Chrome while MBAM is in real-protection mode.

I would observe that the ideal way to un-instal is with the un-install via Control Panel. Something like Revo Uninstaller to be used only in last resort.

But as with MBAM removal, MalwareBytes has a specialized mbam-clean.exe that can be used if needed.

rock2death · April 22, 2012

Yes i intentionally disable it because the aforementioned problem.

Here is the logs of RSIT.

log.txt

Logfile of random's system information tool 1.09 (written by random/random)

Run by Janiero at 2012-04-22 13:53:34

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 165 GB (64%) free of 256 GB

Total RAM: 3835 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 1:53:52 PM, on 4/22/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Janiero.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files (x86)\RegTweaker\key.dll

O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll

O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11104 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 1192

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\system32\SearchIndexer.exe /Embedding

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe"

taskeng.exe {D58F1F0A-682C-4E44-80F8-630EA6443D2A}

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary

C:\Windows\system32\svchost.exe -k SDRSVC

"C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel=2984.084A9E00.1814200131 /prefetch:3

"C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel=2984.0A332380.1866914207 /prefetch:3

"C:\Users\Janiero\Desktop\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL [2011-11-10 118168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-02 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]

PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-03-20 1128376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-30 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-19 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}]

QuickNet BHO - C:\Program Files (x86)\RegTweaker\key.dll [2011-05-20 243200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}]

Norton Safe Web Lite BHO - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll [2011-10-14 492984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976]

{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - Norton Safe Web Lite - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll [2011-10-14 492984]

{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-03-20 1128376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]

C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]

C:\Program Files\Apoint\Apoint.exe [2010-07-29 226160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]

C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorFX]

C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [2011-11-29 653128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]

C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-11-10 1694608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]

C:\Users\Janiero\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Users\Janiero\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]

C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2012-03-20 2670008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-04-14 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx]

C:\Program Files\My Lockbox\mylbx.exe [2012-03-21 2143552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-01-21 597792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]

C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-06 10134560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWiHelper]

C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [2010-07-15 89080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-01-20 5487488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

c:\program files (x86)\real\realplayer\Update\realsched.exe [2011-11-30 296056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Antivirus]

C:\Program Files (x86)\USB Disk Security\USBGuard.exe [2008-09-23 798720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-09-04 1081632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk]

C:\PROGRA~1\RAINME~1\RAINME~1.EXE [2012-01-08 107720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Janiero^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]

C:\PROGRA~2\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"TaskTray"= []

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]

C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"aux3"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-22 13:53:34 ----D---- C:\rsit

2012-04-22 13:53:34 ----D---- C:\Program Files\trend micro

2012-04-22 13:50:49 ----D---- C:\Windows\ERDNT

2012-04-22 13:48:43 ----D---- C:\Program Files (x86)\ERUNT

2012-04-21 12:44:40 ----A---- C:\Windows\ntbtlog.txt

2012-04-21 12:38:28 ----D---- C:\Users\Janiero\AppData\Roaming\Malwarebytes

2012-04-21 12:38:22 ----D---- C:\ProgramData\Malwarebytes

2012-04-21 12:38:21 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-21 12:38:21 ----A---- C:\Windows\system32\drivers\mbam.sys

2012-04-19 17:05:35 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys

2012-04-19 17:05:34 ----A---- C:\Windows\system32\drivers\aswSP.sys

2012-04-19 17:05:30 ----A---- C:\Windows\system32\drivers\aswSnx.sys

2012-04-19 17:05:29 ----A---- C:\Windows\system32\drivers\aswRdr.sys

2012-04-19 17:05:26 ----A---- C:\Windows\system32\drivers\aswTdi.sys

2012-04-19 17:05:21 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys

2012-04-19 17:04:55 ----A---- C:\Windows\SYSWOW64\aswBoot.exe

2012-04-19 16:18:22 ----A---- C:\Windows\system32\drivers\PCTBD64.sys

2012-04-19 16:18:21 ----A---- C:\Windows\SGDetectionTool.dll

2012-04-19 16:18:21 ----A---- C:\Windows\PCTBDCore.dll

2012-04-19 16:18:21 ----A---- C:\Windows\BDTSupport.dll

2012-04-19 16:18:20 ----A---- C:\Windows\PCTBDRes.dll

2012-04-19 16:17:36 ----A---- C:\Windows\system32\drivers\pctwfpfilter64.sys

2012-04-19 16:17:36 ----A---- C:\Windows\system32\drivers\pctgntdi64.sys

2012-04-19 16:17:29 ----A---- C:\Windows\system32\drivers\pctBTFix64.sys

2012-04-19 16:17:24 ----A---- C:\Windows\system32\drivers\pctplsg64.sys

2012-04-19 16:17:17 ----D---- C:\Program Files (x86)\PC Tools

2012-04-19 15:26:38 ----A---- C:\Windows\system32\drivers\Cat.DB

2012-04-19 15:26:36 ----A---- C:\Windows\system32\drivers\pctEFA64.sys

2012-04-19 15:26:36 ----A---- C:\Windows\system32\drivers\pctDS64.sys

2012-04-19 15:26:35 ----A---- C:\Windows\system32\drivers\PCTCore64.sys

2012-04-19 15:26:33 ----A---- C:\Windows\system32\drivers\PCTSD64.sys

2012-04-19 15:24:19 ----D---- C:\ProgramData\PC Tools

2012-04-19 15:24:18 ----D---- C:\Users\Janiero\AppData\Roaming\TestApp

2012-04-19 13:07:07 ----D---- C:\Users\Janiero\AppData\Roaming\SUPERAntiSpyware.com

2012-04-19 13:06:41 ----D---- C:\ProgramData\SUPERAntiSpyware.com

2012-04-19 13:06:41 ----D---- C:\Program Files\SUPERAntiSpyware

2012-04-18 16:10:16 ----D---- C:\Program Files (x86)\RegTweaker

2012-04-18 15:45:28 ----A---- C:\TDSSKiller.2.7.28.0_18.04.2012_15.45.28_log.txt

2012-04-18 00:25:58 ----A---- C:\Windows\SYSWOW64\PxSecure.dll

2012-04-18 00:25:57 ----D---- C:\Program Files\Prevx

2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxscan.sys

2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxrts.sys

2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxkbf.sys

2012-04-18 00:16:54 ----D---- C:\ProgramData\PrevxCSI

2012-04-17 14:32:13 ----D---- C:\Windows\system32\drivers\NSTx64

2012-04-17 14:32:13 ----D---- C:\Program Files (x86)\Norton Safe Web Lite

2012-04-17 14:32:00 ----D---- C:\Program Files (x86)\NortonInstaller

2012-04-15 17:23:23 ----SD---- C:\32788R22FWJFW

2012-04-15 12:01:00 ----D---- C:\Rbackup

2012-04-15 06:25:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2012-04-15 06:25:54 ----A---- C:\Windows\system32\mshtmled.dll

2012-04-15 06:25:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2012-04-15 06:25:51 ----A---- C:\Windows\system32\iertutil.dll

2012-04-15 06:25:50 ----A---- C:\Windows\SYSWOW64\url.dll

2012-04-15 06:25:50 ----A---- C:\Windows\SYSWOW64\ieui.dll

2012-04-15 06:25:50 ----A---- C:\Windows\system32\url.dll

2012-04-15 06:25:50 ----A---- C:\Windows\system32\jscript9.dll

2012-04-15 06:25:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2012-04-15 06:25:49 ----A---- C:\Windows\SYSWOW64\jscript.dll

2012-04-15 06:25:49 ----A---- C:\Windows\system32\ieui.dll

2012-04-15 06:25:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2012-04-15 06:25:48 ----A---- C:\Windows\system32\jscript.dll

2012-04-15 06:25:47 ----A---- C:\Windows\system32\urlmon.dll

2012-04-15 06:25:47 ----A---- C:\Windows\system32\jsproxy.dll

2012-04-15 06:25:46 ----A---- C:\Windows\SYSWOW64\wininet.dll

2012-04-15 06:25:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2012-04-15 06:25:46 ----A---- C:\Windows\system32\wininet.dll

2012-04-15 06:25:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2012-04-15 06:25:43 ----A---- C:\Windows\system32\mshtml.dll

2012-04-15 06:25:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2012-04-15 06:25:38 ----A---- C:\Windows\system32\ieframe.dll

2012-04-14 21:49:44 ----D---- C:\Program Files (x86)\Windows Installer Clean Up

2012-04-14 21:48:43 ----D---- C:\Program Files (x86)\MSECACHE

2012-04-14 21:01:40 ----A---- C:\Windows\system32\FNTCACHE.DAT

2012-04-14 17:39:40 ----A---- C:\Uninstall.dat

2012-04-13 15:11:24 ----D---- C:\Users\Janiero\AppData\Roaming\Rainmeter

2012-04-13 15:11:17 ----D---- C:\Program Files\Rainmeter

2012-04-13 12:23:41 ----D---- C:\Program Files\My Lockbox

2012-04-13 11:29:44 ----D---- C:\Users\Janiero\AppData\Roaming\Mozilla

2012-04-13 02:34:29 ----D---- C:\Program Files\Perfect Uninstaller

2012-04-13 00:08:48 ----D---- C:\ProgramData\Stardock

2012-04-13 00:07:37 ----HD---- C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}

2012-04-12 23:49:53 ----A---- C:\Windows\SYSWOW64\fsproflt.exe

2012-04-12 23:49:53 ----A---- C:\Windows\system32\drivers\FSPFltd.sys

2012-04-12 14:43:24 ----A---- C:\Windows\system32\wbload.dll

2012-04-12 14:43:20 ----A---- C:\Windows\SYSWOW64\wbload.dll

2012-04-12 14:43:18 ----A---- C:\Windows\SYSWOW64\wbsys.dll

2012-04-12 14:43:15 ----D---- C:\Program Files (x86)\Stardock

2012-04-12 03:26:42 ----A---- C:\Windows\system32\ntoskrnl.exe

2012-04-12 03:26:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2012-04-12 03:26:39 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2012-04-12 03:00:53 ----A---- C:\Windows\system32\imagehlp.dll

2012-04-12 03:00:53 ----A---- C:\Windows\system32\drivers\fs_rec.sys

2012-04-12 03:00:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll

2012-04-12 03:00:50 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2012-04-12 03:00:49 ----A---- C:\Windows\system32\wmi.dll

2012-04-12 03:00:49 ----A---- C:\Windows\system32\wintrust.dll

2012-04-12 03:00:48 ----A---- C:\Windows\SYSWOW64\wmi.dll

2012-04-10 07:27:59 ----D---- C:\Windows\W7SBC

2012-04-10 07:27:59 ----A---- C:\Windows\explorer_edit_w7sbc.exe

2012-04-10 07:27:59 ----A---- C:\Windows\explorer_backup_w7sbc.exe

2012-04-10 07:27:59 ----A---- C:\Windows\explorer.exe

2012-04-10 04:38:00 ----D---- C:\Windows\W7SOC

2012-04-10 04:38:00 ----A---- C:\Windows\explorer.backup.exe

2012-04-10 03:23:36 ----D---- C:\Program Files (x86)\RocketDock

2012-04-09 16:47:52 ----D---- C:\Users\Janiero\AppData\Roaming\Nero

2012-04-09 15:29:47 ----D---- C:\Program Files (x86)\Nero

2012-04-09 15:29:19 ----D---- C:\ProgramData\Nero

2012-04-01 19:11:25 ----D---- C:\Program Files (x86)\SIW

2012-04-01 18:54:17 ----A---- C:\Windows\SYSWOW64\drivers\DrvAgent64.SYS

2012-03-29 18:41:27 ----D---- C:\Program Files\Common Files\Adobe

2012-03-28 17:58:35 ----D---- C:\Program Files (x86)\Adobe Download Assistant

2012-03-28 01:12:29 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2012-03-28 01:07:23 ----D---- C:\Program Files\Adobe

2012-03-27 04:10:05 ----D---- C:\Users\Janiero\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-03-27 02:43:26 ----D---- C:\Users\Janiero\AppData\Roaming\MAXON

2012-03-27 00:04:45 ----D---- C:\Program Files (x86)\Adobe

2012-03-26 23:32:02 ----D---- C:\Windows\pss

2012-03-24 15:45:33 ----AD---- C:\ProgramData\TEMP

2012-03-24 15:45:30 ----D---- C:\ProgramData\SpeedBit

2012-03-24 15:45:27 ----A---- C:\Windows\SYSWOW64\EasyHook64.dll

2012-03-24 15:45:27 ----A---- C:\Windows\SYSWOW64\EasyHook32.dll

2012-03-24 15:45:26 ----D---- C:\Program Files (x86)\DAP

2012-03-23 18:23:23 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys

2012-03-23 18:23:05 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys

2012-03-23 18:22:57 ----D---- C:\Program Files\Oracle

2012-03-23 18:13:02 ----D---- C:\Program Files (x86)\VS Revo Group

2012-03-23 17:52:58 ----A---- C:\Windows\system32\drivers\cpuz135_x64.sys

2012-03-23 17:52:57 ----D---- C:\Program Files\CPUID

======List of files/folders modified in the last 1 month======

2012-04-22 13:53:34 ----RD---- C:\Program Files

2012-04-22 13:51:01 ----D---- C:\Windows\Temp

2012-04-22 13:50:49 ----D---- C:\Windows

2012-04-22 13:48:43 ----D---- C:\Program Files (x86)

2012-04-22 12:22:58 ----D---- C:\Windows\system32\config

2012-04-21 13:47:36 ----D---- C:\Windows\system32\catroot2

2012-04-21 13:08:53 ----D---- C:\Windows\inf

2012-04-21 12:38:22 ----HD---- C:\ProgramData

2012-04-21 12:38:21 ----D---- C:\Windows\system32\drivers

2012-04-21 12:35:47 ----D---- C:\Windows\SysWOW64

2012-04-21 11:50:27 ----D---- C:\Windows\SoftwareDistribution

2012-04-21 11:48:59 ----D---- C:\Windows\debug

2012-04-21 11:34:07 ----SHD---- C:\System Volume Information

2012-04-20 23:34:55 ----D---- C:\Windows\System32

2012-04-19 17:05:19 ----SHD---- C:\Windows\Installer

2012-04-19 16:17:26 ----D---- C:\Windows\winsxs

2012-04-19 15:26:33 ----D---- C:\Program Files (x86)\Common Files

2012-04-18 17:42:36 ----D---- C:\Windows\system32\Tasks

2012-04-18 14:25:33 ----D---- C:\Program Files (x86)\Chikka Messenger

2012-04-18 13:03:14 ----D---- C:\Windows\Prefetch

2012-04-17 14:32:13 ----D---- C:\ProgramData\Norton

2012-04-15 20:51:54 ----D---- C:\ProgramData\Alwil Software

2012-04-15 06:27:35 ----D---- C:\Windows\SYSWOW64\migration

2012-04-15 06:27:35 ----D---- C:\Windows\system32\migration

2012-04-15 06:27:35 ----D---- C:\Program Files\Internet Explorer

2012-04-15 06:27:35 ----D---- C:\Program Files (x86)\Internet Explorer

2012-04-15 06:26:23 ----D---- C:\Windows\system32\catroot

2012-04-14 21:49:44 ----SD---- C:\Users\Janiero\AppData\Roaming\Microsoft

2012-04-13 21:34:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

2012-04-13 20:14:00 ----D---- C:\Windows\Tasks

2012-04-13 12:08:24 ----D---- C:\Program Files (x86)\Google

2012-04-13 11:46:51 ----D---- C:\Users\Janiero\AppData\Roaming\Chikka Messenger

2012-04-13 11:30:13 ----D---- C:\Program Files (x86)\Microsoft

2012-04-13 11:29:44 ----SD---- C:\ProgramData\Microsoft

2012-04-13 11:17:21 ----D---- C:\Users\Janiero\AppData\Roaming\uTorrent

2012-04-13 11:09:52 ----RD---- C:\Users

2012-04-13 10:54:20 ----D---- C:\Windows\system32\wfp

2012-04-13 10:54:20 ----D---- C:\Windows\system32\DriverStore

2012-04-13 10:54:17 ----D---- C:\Windows\system32\wbem

2012-04-13 10:54:17 ----D---- C:\Windows\system32\CodeIntegrity

2012-04-13 10:54:12 ----D---- C:\Windows\registration

2012-04-13 10:53:53 ----D---- C:\Users\Janiero\AppData\Roaming\SoftGrid Client

2012-04-13 10:53:51 ----D---- C:\ProgramData\Real

2012-04-12 20:36:14 ----A---- C:\Windows\Model.txt

2012-04-12 18:32:42 ----SHD---- C:\$Recycle.Bin

2012-04-12 17:11:53 ----D---- C:\Program Files (x86)\DDNi

2012-04-12 17:07:19 ----D---- C:\ProgramData\DDNi

2012-04-12 14:49:25 ----A---- C:\Windows\win.ini

2012-04-12 12:58:33 ----RSD---- C:\Windows\assembly

2012-04-12 12:58:33 ----D---- C:\Windows\Microsoft.NET

2012-04-12 03:06:00 ----D---- C:\ProgramData\Microsoft Help

2012-04-12 03:01:21 ----A---- C:\Windows\system32\MRT.exe

2012-04-12 00:38:45 ----RSD---- C:\Windows\Fonts

2012-04-11 14:12:06 ----D---- C:\Update

2012-04-11 00:22:12 ----D---- C:\Users\Janiero\AppData\Roaming\Adobe

2012-04-10 14:27:55 ----D---- C:\Program Files\CCleaner

2012-04-10 04:30:51 ----D---- C:\Program Files (x86)\Any Video Converter

2012-04-10 04:28:21 ----D---- C:\Program Files (x86)\Garena

2012-04-10 04:10:56 ----D---- C:\Users\Janiero\AppData\Roaming\vlc

2012-04-01 18:54:17 ----D---- C:\Windows\SYSWOW64\drivers

2012-03-30 23:45:52 ----D---- C:\ProgramData\Adobe

2012-03-29 18:41:27 ----D---- C:\Program Files\Common Files

2012-03-27 02:55:15 ----D---- C:\Program Files (x86)\uTorrent

2012-03-25 09:30:05 ----D---- C:\Users\Janiero\AppData\Roaming\Any Video Converter

2012-03-23 18:23:23 ----DC---- C:\Windows\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys [2010-06-30 73856]

R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys [2010-06-30 28800]

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\drivers\AtiPcie.sys [2010-09-15 16440]

R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12352]

R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2012-03-16 426104]

R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys [2012-02-28 453896]

R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176]

R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]

R0 pxscan;pxscan; C:\Windows\System32\drivers\pxscan.sys [2012-04-18 36384]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-05-06 28752]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-05-06 424016]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-05-06 121936]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-05-06 51280]

R1 ccSet_NST;Norton Safe Web Lite Settings Manager; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [2011-08-08 167048]

R1 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD64.sys [2012-03-20 251528]

R1 pxrts;pxrts; C:\Windows\System32\drivers\pxrts.sys [2012-04-18 65736]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-03-14 224048]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-03-14 130864]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 22096]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 63568]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-09-15 6403072]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-15 188928]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-08-25 306296]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2298400]

R3 pxkbf;pxkbf; C:\Windows\System32\drivers\pxkbf.sys [2012-04-18 24024]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-22 242720]

R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-03-08 231328]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-04-06 346144]

R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-03-09 12032]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-03-14 166192]

S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-08 1550848]

S3 bthav;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2008-07-10 40448]

S3 BTHBUS;YRT Bluetooth Bus Driver; C:\Windows\system32\DRIVERS\bthbus.sys [2011-04-25 345968]

S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-13 41984]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]

S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-27 552960]

S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]

S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-03-08 98344]

S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-03-08 132648]

S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-08 35104]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-03-08 21160]

S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-01 21712]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]

S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []

S3 GPU-Z;GPU-Z; \??\C:\Users\Janiero\AppData\Local\Temp\GPU-Z.sys []

S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]

S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]

S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-03-20 85192]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]

S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]

S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-03-14 147248]

S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-03-14 117040]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 NSL;Norton Safe Web Lite; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-08-10 138760]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-13 1255736]

S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-15 202752]

S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]

S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

S4 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]

S4 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-03-20 571320]

S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]

S4 CSIScanner;CSIScanner; C:\Program Files\Prevx\prevx.exe [2012-04-18 6746280]

S4 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05 136176]

S4 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05 136176]

S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]

S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]

S4 Oasis2Service;Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248]

S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

S4 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S4 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-03-20 402336]

S4 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-03-20 1118648]

S4 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]

S4 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]

S4 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]

S4 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]

S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

S4 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2010-09-27 74496]

S4 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-14 217968]

S4 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-03-25 574320]

S4 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]

S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]

S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-19 386416]

S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]

S4 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S4 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

-----------------EOF-----------------

Edited April 22, 2012 by Maurice Naggar
Removed Code block

rock2death · April 22, 2012

info.txt


info.txt logfile of random's system information tool 1.09 2012-04-22 13:54:00
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->"C:\Program Files (x86)\InstallShield Installation Information\{0489D044-6386-4BDF-9F98-577D60CF79DD}\setup.exe" -runfromtemp -l0x0011 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{04EAE65A-CDCF-480F-B754-5C3A9364239C}\setup.exe" -runfromtemp -l0x0011 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{06C05B90-2127-4933-8ABA-61833BDE13FA}\setup.exe" -runfromtemp -l0x0011 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}\setup.exe" -runfromtemp -l0x0011 -removeonly
-->C:\ProgramData\{F974CC36-BF25-4374-A035-B0A9DA79E735}\VAIO Messenger Setup 2.0.424.0.exe
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Download Assistant-->msiexec /qb /x {969E11AA-8F3A-F162-1A5A-0965E216B6CE}
Adobe Download Assistant-->MsiExec.exe /I{969E11AA-8F3A-F162-1A5A-0965E216B6CE}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{1C5EC8F6-5C5F-421F-85BE-919B5D0CAD4C}
Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex
Adobe Photoshop CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}"
Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Alps Pointing-device for VAIO-->%ProgramFiles%\Apoint\Uninstap.exe ADDREMOVE
Altap Salamander 2.54-->C:\Program Files (x86)\Altap Salamander\remove\remove.exe
AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}
Any Video Converter 2.7.9-->"C:\Program Files (x86)\Any Video Converter\unins000.exe"
Apple Application Support-->MsiExec.exe /I{853A4763-6643-4604-8D64-28BDD8925F4C}
Apple Mobile Device Support-->MsiExec.exe /I{8F473675-D702-45F9-8EBC-342B40C17BF5}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Application Manager for VAIO-->C:\Program Files (x86)\Sony\VAIO Uninstaller\vaiouninstaller.exe
ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}\Setup.exe" -l0x9
ATI Catalyst Install Manager-->msiexec /q/x{475672E2-253A-4B55-2E0E-1456A2BFD3E7} REBOOT=ReallySuppress
Bonjour-->MsiExec.exe /X{0E543634-7E25-4B8F-8D5B-97880E5E5088}
Browser Guard 4.0-->"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\unins000.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{9EAC0E21-510E-4259-A9C6-F5D5B8969036}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe"
Click to Disc MergeModules x64-->MsiExec.exe /I{393A9268-A428-4F5A-9B20-BD753309A98E}
CPUID CPU-Z 1.60-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
CursorFX Plus-->"C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}\CursorFX_setup.exe" REMOVE=TRUE MODIFY=FALSE
CursorFX-->C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}\CursorFX_setup.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Download Accelerator Plus (DAP)-->C:\PROGRA~2\DAP\DAPREMOVE.EXE
Driver Genius Professional Edition-->"C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe"
DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe"
Evernote-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4}
Facebook Video Calling 1.2.0.159-->MsiExec.exe /X{7CAC6A44-C3DE-4153-ACA6-7524602C789E}
Garena 2010-->C:\Program Files (x86)\Garena\uninst.exe
Garena Plus-->C:\Program Files (x86)\Garena Plus\uninst.exe
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
iPad/iPhone/iPod to Computer Transfer 7.5.9-->"C:\Program Files\Cucusoft\iPod to Computer\unins000.exe"
iTunes-->MsiExec.exe /I{16DDB3D1-5C27-4599-9C63-E583287191CC}
Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Media Gallery MergeModules x64-->MsiExec.exe /I{115B60D5-BBDB-490E-AF2E-064D37A3CE01}
Media Gallery-->"C:\Program Files (x86)\InstallShield Installation Information\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Click-to-Run 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Click-to-Run 2010-->MsiExec.exe /I{90140000-006D-0409-1000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Starter 2010 - English-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Lockbox 2.8.2-->"C:\Program Files\My Lockbox\unins000.exe"
Nero 9 Essentials-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="2M0M-K0CC-7353-1KE3-A3CL-HP88-AW2X-T02E-412P-6Z4U-5L66-X9C5-2W2Z-0L09-M69L-5U07-K5L1-45XH-3T47-0P2E-272W-605L-4Z8Z-334U-0P79-A104"
Nero BurnRights Help-->MsiExec.exe /X{F6BDD7C5-89ED-4569-9318-469AA9732572}
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero ControlCenter-->MsiExec.exe /X{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}
Nero CoverDesigner Help-->MsiExec.exe /X{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget Help-->MsiExec.exe /X{60C731FB-C951-41CE-AD41-8E54C8594609}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed Help-->MsiExec.exe /X{CC019E3F-59D2-4486-8D4B-878105B62A71}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed Help-->MsiExec.exe /X{E5C7D048-F9B4-4219-B323-8BDB01A2563D}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero Express Help-->MsiExec.exe /X{83202942-84B3-4C50-8622-B8C0AA2D2885}
Nero InfoTool Help-->MsiExec.exe /X{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
Nero ShowTime-->MsiExec.exe /X{02627EE5-EACA-4742-A9CC-E687631773E4}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart Help-->MsiExec.exe /X{2348B586-C9AE-46CE-936C-A68E9426E214}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision Help-->MsiExec.exe /X{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
Norton Safe Web Lite-->C:\Program Files (x86)\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\2.0.0.16\InstStub.exe /X /ARP
Oasis2Service-->MsiExec.exe /I{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}
OOBE-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1B500D37-E7CF-480B-8054-8A563594EC4E}\setup.exe" -l0x9  -removeonly
Oracle VM VirtualBox 4.1.10-->MsiExec.exe /I{B374E6A8-501F-4BC0-BA59-4EE78F06B3B2}
PC Tools Spyware Doctor 9.0-->C:\Program Files (x86)\PC Tools\PC Tools Security\unins000.exe /LOG
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Perfect Uninstaller v6.3.3.9-->"C:\Program Files\Perfect Uninstaller\unins000.exe"
PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
PMB VAIO Edition Guide-->"C:\Program Files (x86)\InstallShield Installation Information\{88C252C8-A7EE-4B60-BF74-8E5919A8048F}\setup.exe" -runfromtemp -l0x0409 -removeonly
PMB VAIO Edition Guide-->MsiExec.exe /X{88C252C8-A7EE-4B60-BF74-8E5919A8048F}
PMB VAIO Edition plug-in (Click to Disc)-->"C:\Program Files (x86)\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe" -runfromtemp -l0x0409 -removeonly
PMB VAIO Edition plug-in (Click to Disc)-->MsiExec.exe /X{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}
PMB VAIO Edition plug-in (VAIO Image Optimizer)-->"C:\Program Files (x86)\InstallShield Installation Information\{1873FFC1-FDCB-47E1-B7C7-F418211E3530}\setup.exe" -runfromtemp -l0x0409 -removeonly
PMB VAIO Edition plug-in (VAIO Image Optimizer)-->MsiExec.exe /X{1873FFC1-FDCB-47E1-B7C7-F418211E3530}
PMB VAIO Edition plug-in (VAIO Movie Story)-->"C:\Program Files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe" -runfromtemp -l0x0409 -removeonly
PMB VAIO Edition plug-in (VAIO Movie Story)-->MsiExec.exe /X{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
PMB-->MsiExec.exe /X{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
Prevx-->"C:\Program Files\Prevx\prevx.exe" /prop UNINSTALL=Y
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Rainmeter-->C:\Program Files\Rainmeter\uninst.exe
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0
Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe -k -m -nrg2709
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe"  -removeonly
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
RegTweaker version 3.2.2.1-->"C:\Program Files (x86)\RegTweaker\unins000.exe"
Revo Uninstaller 1.93-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly
Setup_msm_VCMS_x64-->MsiExec.exe /I{1C6B6716-84AC-412A-A296-247D41EBB7FB}
Setup_msm_VOFS_x64-->MsiExec.exe /I{C69A835B-67A5-4542-AD24-FE36E3140BA9}
Setup_VEP_x64-->MsiExec.exe /I{7BF099BD-10EE-4B04-A195-CAE2742C943E}
SIW version 2011.10.29-->"C:\Program Files (x86)\SIW\unins000.exe"
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SmartWi Connection Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}\setup.exe" -l0x9  -removeonly
SOHLib Merge Module-->MsiExec.exe /I{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}
Sony Home Network Library-->"C:\Program Files (x86)\InstallShield Installation Information\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}\setup.exe" -runfromtemp -l0x0009 -removeonly
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1070E28-73A6-4C99-98DF-17F584E4C2B6}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
USB Disk Security 5.1.0.15-->"C:\Program Files (x86)\USB Disk Security\unins000.exe"
VAIO - Remote Keyboard-->"C:\Program Files (x86)\InstallShield Installation Information\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Care-->"C:\Program Files (x86)\InstallShield Installation Information\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Content Monitoring Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{06C05B90-2127-4933-8ABA-61833BDE13FA}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Data Restore Tool-->"C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO DVD Menu Data-->C:\Program Files (x86)\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0009 -removeonly
VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{0489D044-6386-4BDF-9F98-577D60CF79DD}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Gate Default-->"C:\Program Files (x86)\InstallShield Installation Information\{B7546697-2A80-4256-A24B-1C33163F535B}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Gate-->"C:\Program Files (x86)\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Help and Support-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}\setup.exe" -l0x9  -removeonly
VAIO Manual-->"C:\Program Files (x86)\InstallShield Installation Information\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Media plus Opening Movie-->"C:\Program Files (x86)\InstallShield Installation Information\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Media plus-->"C:\Program Files (x86)\InstallShield Installation Information\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Movie Story MergeModules x64-->MsiExec.exe /I{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}
VAIO Movie Story Template Data-->"C:\Program Files (x86)\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe" -runfromtemp -l0x0409 -removeonly
VAIO Movie Story Template Data-->MsiExec.exe /X{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
VAIO Original Function Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{04EAE65A-CDCF-480F-B754-5C3A9364239C}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{803E4FA5-A940-4420-B89D-A8BC2E160247}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Sample Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Survey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{34B37A74-125E-4406-87BA-E4BD3D097AE5}\setup.exe" -l0x9  -removeonly
VAIO Transfer Support-->"C:\Program Files (x86)\InstallShield Installation Information\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}\setup.exe" -runfromtemp -l0x0009 -removeonly
VAIO Update Merge Module x64-->MsiExec.exe /I{11D25EF7-85FC-4B58-8278-485939C8637F}
VAIO Update Merge Module x64-->MsiExec.exe /I{7C3AC18F-F19B-4082-8D13-7D603848E06C}
VAIO Update Merge Module x64-->MsiExec.exe /I{E743BA71-5955-420B-AA52-67508054AD66}
VAIO Update-->"C:\Program Files (x86)\InstallShield Installation Information\{5BEE8F1F-BD32-4553-8107-500439E43BD7}\setup.exe" -runfromtemp -l0x0409  -removeonly
VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VMp MergeModule x64-->MsiExec.exe /I{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}
VU5x64-->MsiExec.exe /X{46261E1C-5E0D-484E-8CCC-7F770375FBA2}
VU5x86-->MsiExec.exe /X{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
WindowBlinds-->C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_40a2acff2629a139\bcbtums-win7x64-brcm.inf
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid64.inf_amd64_neutral_737f347105a3e66a\bcbthid64.inf
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Family Safety-->MsiExec.exe /I{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}
Windows Live Family Safety-->MsiExec.exe /X{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Searchqu Toolbar-->C:\Program Files (x86)\Windows Searchqu Toolbar\uninstall.exe
WinRAR 4.00 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
XviD4PSP 6.0-->C:\Program Files (x86)\Winnydows\XviD4PSP60\Uninstall.exe
======System event log======
Computer Name: jAnEiro-VAIO
Event Code: 11
Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Record Number: 394952
Source Name: Microsoft-Windows-Wininit
Time Written: 20120415185938.691675-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: jAnEiro-VAIO
Event Code: 6008
Message: The previous system shutdown at 8:37:53 AM on ‎4/‎15/‎2012 was unexpected.
Record Number: 394892
Source Name: EventLog
Time Written: 20120415185929.000000-000
Event Type: Error
User:
Computer Name: jAnEiro-VAIO
Event Code: 11
Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Record Number: 394851
Source Name: Microsoft-Windows-Wininit
Time Written: 20120415161843.850869-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: jAnEiro-VAIO
Event Code: 219
Message: The driver \Driver\usbccgp failed to load for the device USB\VID_0408&PID_03F5\5&11d2702c&0&3.
Record Number: 394797
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20120415161828.850044-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: jAnEiro-VAIO
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 394775
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120415144518.885665-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Janiero-VAIO
Event Code: 3191
Message: {tid=9EC}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)
Record Number: 30827
Source Name: Application Virtualization Client
Time Written: 20111014154855.000000-000
Event Type: Warning
User:
Computer Name: Janiero-VAIO
Event Code: 12348
Message: Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{67ef6521-47a6-11e0-85aa-78843c30527e}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again.
Operation:
   Removing auto-release shadow copies
   Loading provider
Context:
   Execution Context: System Provider
Record Number: 30804
Source Name: VSS
Time Written: 20111014052244.000000-000
Event Type: Warning
User:
Computer Name: Janiero-VAIO
Event Code: 12348
Message: Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{67ef6521-47a6-11e0-85aa-78843c30527e}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again.
Operation:
   Removing auto-release shadow copies
   Loading provider
Context:
   Execution Context: System Provider
Record Number: 30783
Source Name: VSS
Time Written: 20111014051447.000000-000
Event Type: Warning
User:
Computer Name: Janiero-VAIO
Event Code: 100
Message: Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...
Record Number: 30765
Source Name: CVHSVC
Time Written: 20111014040752.000000-000
Event Type: Warning
User:
Computer Name: Janiero-VAIO
Event Code: 100
Message: Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.
Record Number: 30764
Source Name: CVHSVC
Time Written: 20111014040751.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: jAnEiro-VAIO
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID:  S-1-5-18
Account Name:  SYSTEM
Account Domain:  NT AUTHORITY
Logon ID:  0x3e7
Privileges:  SeAssignPrimaryTokenPrivilege
   SeTcbPrivilege
   SeSecurityPrivilege
   SeTakeOwnershipPrivilege
   SeLoadDriverPrivilege
   SeBackupPrivilege
   SeRestorePrivilege
   SeDebugPrivilege
   SeAuditPrivilege
   SeSystemEnvironmentPrivilege
   SeImpersonatePrivilege
Record Number: 168390
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120104010017.736154-000
Event Type: Audit Success
User:
Computer Name: jAnEiro-VAIO
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID:  S-1-5-18
Account Name:  JANEIRO-VAIO$
Account Domain:  CHRISTIAN
Logon ID:  0x3e7
Logon Type:   5
New Logon:
Security ID:  S-1-5-18
Account Name:  SYSTEM
Account Domain:  NT AUTHORITY
Logon ID:  0x3e7
Logon GUID:  {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID:  0x244
Process Name:  C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port:  -
Detailed Authentication Information:
Logon Process:  Advapi 
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length:  0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 168389
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120104010017.736154-000
Event Type: Audit Success
User:
Computer Name: jAnEiro-VAIO
Event Code: 5061
Message: Cryptographic operation.
Subject:
Security ID:  S-1-5-19
Account Name:  LOCAL SERVICE
Account Domain:  NT AUTHORITY
Logon ID:  0x3e5
Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: RSA
Key Name: c4c4e3f3-ae26-4511-a1cc-25b64ed40d25
Key Type: Machine key.
Cryptographic Operation:
Operation: Open Key.
Return Code: 0x0
Record Number: 168388
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120104005824.677023-000
Event Type: Audit Success
User:
Computer Name: jAnEiro-VAIO
Event Code: 5058
Message: Key file operation.
Subject:
Security ID:  S-1-5-19
Account Name:  LOCAL SERVICE
Account Domain:  NT AUTHORITY
Logon ID:  0x3e5
Cryptographic Parameters:
Provider Name: Microsoft Software Key Storage Provider
Algorithm Name: Not Available.
Key Name: c4c4e3f3-ae26-4511-a1cc-25b64ed40d25
Key Type: Machine key.
Key File Operation Information:
File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1ac16315653202550fd290c89f61a745_9147a5cf-b5c6-491d-ac79-fb42c85e44e0
Operation: Read persisted key from file.
Return Code: 0x0
Record Number: 168387
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120104005824.676023-000
Event Type: Audit Success
User:
Computer Name: jAnEiro-VAIO
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID:  S-1-5-18
Account Name:  SYSTEM
Account Domain:  NT AUTHORITY
Logon ID:  0x3e7
Privileges:  SeAssignPrimaryTokenPrivilege
   SeTcbPrivilege
   SeSecurityPrivilege
   SeTakeOwnershipPrivilege
   SeLoadDriverPrivilege
   SeBackupPrivilege
   SeRestorePrivilege
   SeDebugPrivilege
   SeAuditPrivilege
   SeSystemEnvironmentPrivilege
   SeImpersonatePrivilege
Record Number: 168386
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120104005728.305576-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0603
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\
-----------------EOF-----------------

rock2death · April 22, 2012

Step 4 seems didnt work. When i used SecurityCheck.exe theres a windows appear


sed.exe has stopped working
A problem caused the progam to stop working corectly. Windows will close the program and notify you if a solution is available.
Then a notepad appear with no text.


14:15:43.0271 0148 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
14:15:44.0491 0148 ============================================================
14:15:44.0491 0148 Current date / time: 2012/04/22 14:15:44.0491
14:15:44.0491 0148 SystemInfo:
14:15:44.0491 0148
14:15:44.0491 0148 OS Version: 6.1.7601 ServicePack: 1.0
14:15:44.0491 0148 Product type: Workstation
14:15:44.0491 0148 ComputerName: JANEIRO-VAIO
14:15:44.0491 0148 UserName: Janiero
14:15:44.0491 0148 Windows directory: C:\Windows
14:15:44.0491 0148 System windows directory: C:\Windows
14:15:44.0491 0148 Running under WOW64
14:15:44.0491 0148 Processor architecture: Intel x64
14:15:44.0491 0148 Number of processors: 2
14:15:44.0491 0148 Page size: 0x1000
14:15:44.0491 0148 Boot type: Normal boot
14:15:44.0491 0148 ============================================================
14:15:46.0021 0148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:15:46.0041 0148 \Device\Harddisk0\DR0:
14:15:46.0041 0148 MBR partitions:
14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1320800, BlocksNum 0x32000
14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1352800, BlocksNum 0x1F351830
14:15:46.0061 0148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206A5000, BlocksNum 0x19CE0800
14:15:46.0101 0148 C: <-> \Device\Harddisk0\DR0\Partition1
14:15:46.0131 0148 D: <-> \Device\Harddisk0\DR0\Partition2
14:15:46.0131 0148 Initialize success
14:15:46.0131 0148 ============================================================
14:16:12.0263 3588 ============================================================
14:16:12.0263 3588 Scan started
14:16:12.0263 3588 Mode: Manual; SigCheck; TDLFS;
14:16:12.0263 3588 ============================================================
14:16:12.0943 3588 !SASCORE	    (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:16:13.0113 3588 !SASCORE - ok
14:16:13.0233 3588 1394ohci	    (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:16:13.0373 3588 1394ohci - ok
14:16:13.0443 3588 ACDaemon	    (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:16:13.0583 3588 ACDaemon - ok
14:16:13.0673 3588 ACPI		    (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:16:13.0733 3588 ACPI - ok
14:16:13.0773 3588 AcpiPmi		 (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:16:13.0913 3588 AcpiPmi - ok
14:16:14.0063 3588 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:16:14.0093 3588 AdobeARMservice - ok
14:16:14.0193 3588 adp94xx		 (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:16:14.0263 3588 adp94xx - ok
14:16:14.0315 3588 adpahci		 (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:16:14.0365 3588 adpahci - ok
14:16:14.0405 3588 adpu320		 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:16:14.0455 3588 adpu320 - ok
14:16:14.0485 3588 AeLookupSvc	 (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:16:14.0785 3588 AeLookupSvc - ok
14:16:14.0885 3588 AFD			 (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:16:15.0005 3588 AFD - ok
14:16:15.0067 3588 agp440		  (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:16:15.0085 3588 agp440 - ok
14:16:15.0122 3588 ALG			 (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:16:15.0180 3588 ALG - ok
14:16:15.0232 3588 aliide		  (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:16:15.0274 3588 aliide - ok
14:16:15.0311 3588 AMD External Events Utility (8318a3b3ce74b851082af2c0745e979e) C:\Windows\system32\atiesrxx.exe
14:16:15.0441 3588 AMD External Events Utility - ok
14:16:15.0545 3588 amdide		  (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:16:15.0573 3588 amdide - ok
14:16:15.0623 3588 AmdK8		   (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:16:15.0702 3588 AmdK8 - ok
14:16:16.0009 3588 amdkmdag	    (2d597c853db5ea1b1f6d98610039bb50) C:\Windows\system32\DRIVERS\atipmdag.sys
14:16:16.0208 3588 amdkmdag - ok
14:16:16.0308 3588 amdkmdap	    (04d770537e5ac5c4676b9a83cb21ec0a) C:\Windows\system32\DRIVERS\atikmpag.sys
14:16:16.0352 3588 amdkmdap - ok
14:16:16.0397 3588 AmdPPM		  (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
14:16:16.0437 3588 AmdPPM - ok
14:16:16.0483 3588 amdsata		 (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:16:16.0501 3588 amdsata - ok
14:16:16.0545 3588 amdsbs		  (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:16:16.0567 3588 amdsbs - ok
14:16:16.0601 3588 amdxata		 (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:16:16.0619 3588 amdxata - ok
14:16:16.0654 3588 amd_sata	    (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\drivers\amd_sata.sys
14:16:16.0668 3588 amd_sata - ok
14:16:16.0708 3588 amd_xata	    (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\drivers\amd_xata.sys
14:16:16.0721 3588 amd_xata - ok
14:16:16.0769 3588 ApfiltrService  (29d63d80f23da504baa2db5d260dd4bd) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:16:16.0788 3588 ApfiltrService - ok
14:16:16.0830 3588 AppID		   (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:16:17.0039 3588 AppID - ok
14:16:17.0113 3588 AppIDSvc	    (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:16:17.0179 3588 AppIDSvc - ok
14:16:17.0226 3588 Appinfo		 (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:16:17.0292 3588 Appinfo - ok
14:16:17.0347 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:16:17.0362 3588 Apple Mobile Device - ok
14:16:17.0460 3588 arc			 (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:16:17.0478 3588 arc - ok
14:16:17.0601 3588 arcsas		  (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:16:17.0620 3588 arcsas - ok
14:16:17.0770 3588 aswFsBlk	    (4a57b2c375d82cbeb28454e0460d65ad) C:\Windows\system32\drivers\aswFsBlk.sys
14:16:17.0785 3588 aswFsBlk - ok
14:16:17.0927 3588 aswMonFlt	   (0dfa8428e92fa0398a4557077e03d0be) C:\Windows\system32\drivers\aswMonFlt.sys
14:16:17.0949 3588 aswMonFlt - ok
14:16:18.0138 3588 aswRdr		  (061bf40c947848b6f4a478c600b0298c) C:\Windows\system32\drivers\aswRdr.sys
14:16:18.0162 3588 aswRdr - ok
14:16:18.0315 3588 aswSnx		  (9597c6e9091369ef4b94956478d545bf) C:\Windows\system32\drivers\aswSnx.sys
14:16:18.0335 3588 aswSnx - ok
14:16:18.0486 3588 aswSP		   (6b31b59c48a5f45e9f26de37acae7db4) C:\Windows\system32\drivers\aswSP.sys
14:16:18.0507 3588 aswSP - ok
14:16:18.0707 3588 aswTdi		  (5c06c8ed0627a970dc7a4b6624f3bd08) C:\Windows\system32\drivers\aswTdi.sys
14:16:18.0721 3588 aswTdi - ok
14:16:18.0828 3588 AsyncMac	    (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:16:18.0924 3588 AsyncMac - ok
14:16:19.0035 3588 atapi		   (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:16:19.0060 3588 atapi - ok
14:16:19.0133 3588 athr		    (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
14:16:19.0247 3588 athr - ok
14:16:19.0364 3588 AtiPcie		 (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
14:16:19.0391 3588 AtiPcie - ok
14:16:19.0477 3588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:16:19.0653 3588 AudioEndpointBuilder - ok
14:16:19.0675 3588 AudioSrv	    (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:16:19.0755 3588 AudioSrv - ok
14:16:19.0876 3588 avast! Antivirus (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0893 3588 avast! Antivirus - ok
14:16:19.0926 3588 avast! Mail Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0943 3588 avast! Mail Scanner - ok
14:16:19.0963 3588 avast! Web Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0983 3588 avast! Web Scanner - ok
14:16:20.0124 3588 AxInstSV	    (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:16:20.0245 3588 AxInstSV - ok
14:16:20.0352 3588 b06bdrv		 (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:16:20.0429 3588 b06bdrv - ok
14:16:20.0484 3588 b57nd60a	    (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:16:20.0562 3588 b57nd60a - ok
14:16:20.0640 3588 BDESVC		  (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:16:20.0730 3588 BDESVC - ok
14:16:20.0828 3588 Beep		    (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:16:20.0938 3588 Beep - ok
14:16:20.0997 3588 BFE			 (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:16:21.0108 3588 BFE - ok
14:16:21.0179 3588 BITS		    (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:16:21.0368 3588 BITS - ok
14:16:21.0478 3588 blbdrive	    (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
14:16:21.0541 3588 blbdrive - ok
14:16:21.0648 3588 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:16:21.0692 3588 Bonjour Service - ok
14:16:21.0781 3588 bowser		  (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:16:21.0815 3588 bowser - ok
14:16:21.0852 3588 BrFiltLo	    (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:16:21.0906 3588 BrFiltLo - ok
14:16:21.0950 3588 BrFiltUp	    (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:16:22.0003 3588 BrFiltUp - ok
14:16:22.0048 3588 Browser		 (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:16:22.0171 3588 Browser - ok
14:16:22.0387 3588 Browser Defender Update Service (9d5fd177db76a7f5d6b8678870820d3c) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
14:16:22.0443 3588 Browser Defender Update Service - ok
14:16:22.0539 3588 Brserid		 (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:16:22.0633 3588 Brserid - ok
14:16:22.0692 3588 BrSerWdm	    (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:16:22.0760 3588 BrSerWdm - ok
14:16:22.0797 3588 BrUsbMdm	    (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:16:22.0853 3588 BrUsbMdm - ok
14:16:22.0902 3588 BrUsbSer	    (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:16:22.0965 3588 BrUsbSer - ok
14:16:23.0015 3588 bthav		   (0b2ee8b36081c1039ea3d20b952a8ddc) C:\Windows\system32\drivers\bthav.sys
14:16:23.0080 3588 bthav - ok
14:16:23.0142 3588 BTHBUS		  (f3371daab1c4ec83ab8841b9abdf8261) C:\Windows\system32\DRIVERS\bthbus.sys
14:16:23.0240 3588 BTHBUS - ok
14:16:23.0289 3588 BthEnum		 (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:16:23.0379 3588 BthEnum - ok
14:16:23.0465 3588 BTHMODEM	    (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:16:23.0547 3588 BTHMODEM - ok
14:16:23.0600 3588 BthPan		  (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:16:23.0666 3588 BthPan - ok
14:16:23.0721 3588 BTHPORT		 (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:16:23.0797 3588 BTHPORT - ok
14:16:23.0826 3588 bthserv		 (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:16:23.0898 3588 bthserv - ok
14:16:23.0955 3588 BTHUSB		  (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:16:23.0999 3588 BTHUSB - ok
14:16:24.0041 3588 btwaudio	    (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
14:16:24.0057 3588 btwaudio - ok
14:16:24.0094 3588 btwavdt		 (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
14:16:24.0110 3588 btwavdt - ok
14:16:24.0180 3588 btwdins		 (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:16:24.0247 3588 btwdins - ok
14:16:24.0347 3588 btwl2cap	    (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:16:24.0381 3588 btwl2cap - ok
14:16:24.0420 3588 btwrchid	    (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
14:16:24.0454 3588 btwrchid - ok
14:16:24.0595 3588 ccSet_NST	   (a8ad33c9dd88c810cac00acc7f4329fb) C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
14:16:24.0636 3588 ccSet_NST - ok
14:16:24.0686 3588 cdfs		    (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:16:24.0820 3588 cdfs - ok
14:16:24.0871 3588 cdrom		   (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:16:24.0939 3588 cdrom - ok
14:16:24.0996 3588 CertPropSvc	 (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:16:25.0121 3588 CertPropSvc - ok
14:16:25.0174 3588 circlass	    (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:16:25.0255 3588 circlass - ok
14:16:25.0309 3588 CLFS		    (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:16:25.0411 3588 CLFS - ok
14:16:25.0492 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:16:25.0535 3588 clr_optimization_v2.0.50727_32 - ok
14:16:25.0584 3588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:16:25.0627 3588 clr_optimization_v2.0.50727_64 - ok
14:16:25.0688 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:16:25.0771 3588 clr_optimization_v4.0.30319_32 - ok
14:16:25.0879 3588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:16:25.0916 3588 clr_optimization_v4.0.30319_64 - ok
14:16:25.0976 3588 CmBatt		  (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:16:26.0046 3588 CmBatt - ok
14:16:26.0111 3588 cmdide		  (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:16:26.0151 3588 cmdide - ok
14:16:26.0216 3588 CNG			 (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:16:26.0291 3588 CNG - ok
14:16:26.0365 3588 Compbatt	    (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:16:26.0386 3588 Compbatt - ok
14:16:26.0433 3588 CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:16:26.0475 3588 CompositeBus - ok
14:16:26.0488 3588 COMSysApp - ok
14:16:26.0533 3588 crcdisk		 (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:16:26.0548 3588 crcdisk - ok
14:16:26.0603 3588 CryptSvc	    (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:16:26.0765 3588 CryptSvc - ok
14:16:27.0024 3588 CSIScanner	  (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe
14:16:27.0160 3588 CSIScanner - ok
14:16:27.0280 3588 cvhsvc		  (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:16:27.0360 3588 cvhsvc - ok
14:16:27.0472 3588 DcomLaunch	  (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:16:27.0657 3588 DcomLaunch - ok
14:16:27.0713 3588 defragsvc	   (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:16:27.0872 3588 defragsvc - ok
14:16:27.0934 3588 DfsC		    (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:16:28.0046 3588 DfsC - ok
14:16:28.0099 3588 Dhcp		    (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:16:28.0257 3588 Dhcp - ok
14:16:28.0302 3588 discache	    (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:16:28.0400 3588 discache - ok
14:16:28.0445 3588 Disk		    (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:16:28.0488 3588 Disk - ok
14:16:28.0542 3588 Dnscache	    (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:16:28.0606 3588 Dnscache - ok
14:16:28.0661 3588 dot3svc		 (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:16:28.0726 3588 dot3svc - ok
14:16:28.0777 3588 DPS			 (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:16:28.0852 3588 DPS - ok
14:16:28.0901 3588 drmkaud		 (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:16:28.0973 3588 drmkaud - ok
14:16:29.0120 3588 DrvAgent64	  (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
14:16:29.0164 3588 DrvAgent64 - ok
14:16:29.0274 3588 DXGKrnl		 (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:16:29.0337 3588 DXGKrnl - ok
14:16:29.0374 3588 EapHost		 (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:16:29.0473 3588 EapHost - ok
14:16:29.0599 3588 ebdrv		   (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:16:29.0829 3588 ebdrv - ok
14:16:29.0941 3588 EFS			 (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:16:30.0041 3588 EFS - ok
14:16:30.0131 3588 ehRecvr		 (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:16:30.0251 3588 ehRecvr - ok
14:16:30.0311 3588 ehSched		 (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:16:30.0371 3588 ehSched - ok
14:16:30.0453 3588 elxstor		 (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:16:30.0513 3588 elxstor - ok
14:16:30.0563 3588 ErrDev		  (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:16:30.0633 3588 ErrDev - ok
14:16:30.0795 3588 EventSystem	 (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:16:30.0975 3588 EventSystem - ok
14:16:31.0025 3588 exfat		   (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:16:31.0169 3588 exfat - ok
14:16:31.0207 3588 fastfat		 (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:16:31.0277 3588 fastfat - ok
14:16:31.0417 3588 Fax			 (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:16:31.0535 3588 Fax - ok
14:16:31.0579 3588 fdc			 (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:16:31.0619 3588 fdc - ok
14:16:31.0679 3588 fdPHost		 (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:16:31.0739 3588 fdPHost - ok
14:16:31.0759 3588 FDResPub	    (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:16:31.0839 3588 FDResPub - ok
14:16:31.0889 3588 FileInfo	    (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:16:31.0899 3588 FileInfo - ok
14:16:31.0929 3588 Filetrace	   (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:16:31.0999 3588 Filetrace - ok
14:16:32.0039 3588 flpydisk	    (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:16:32.0089 3588 flpydisk - ok
14:16:32.0139 3588 FltMgr		  (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:16:32.0169 3588 FltMgr - ok
14:16:32.0219 3588 FontCache	   (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:16:32.0339 3588 FontCache - ok
14:16:32.0479 3588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:16:32.0509 3588 FontCache3.0.0.0 - ok
14:16:32.0599 3588 FsDepends	   (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:16:32.0639 3588 FsDepends - ok
14:16:32.0799 3588 FSProFilter	 (8197c85348a33bccfe80dd6e2db53903) C:\Windows\system32\Drivers\FSPFltd.sys
14:16:32.0839 3588 FSProFilter - ok
14:16:32.0959 3588 fssfltr		 (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
14:16:32.0989 3588 fssfltr - ok
14:16:33.0139 3588 fsssvc		  (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:16:33.0199 3588 fsssvc - ok
14:16:33.0309 3588 Fs_Rec		  (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:16:33.0359 3588 Fs_Rec - ok
14:16:33.0469 3588 fvevol		  (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:16:33.0529 3588 fvevol - ok
14:16:33.0671 3588 gagp30kx	    (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:16:33.0718 3588 gagp30kx - ok
14:16:33.0863 3588 GEARAspiWDM	 (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:16:33.0883 3588 GEARAspiWDM - ok
14:16:34.0015 3588 GGSAFERDriver - ok
14:16:34.0125 3588 gpsvc		   (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:16:34.0225 3588 gpsvc - ok
14:16:34.0355 3588 GPU-Z - ok
14:16:34.0425 3588 gupdate		 (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:16:34.0445 3588 gupdate - ok
14:16:34.0465 3588 gupdatem	    (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:16:34.0495 3588 gupdatem - ok
14:16:34.0585 3588 hcw85cir	    (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:16:34.0645 3588 hcw85cir - ok
14:16:34.0825 3588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:16:34.0875 3588 HdAudAddService - ok
14:16:34.0995 3588 HDAudBus	    (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:16:35.0045 3588 HDAudBus - ok
14:16:35.0095 3588 HidBatt		 (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:16:35.0165 3588 HidBatt - ok
14:16:35.0217 3588 HidBth		  (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:16:35.0277 3588 HidBth - ok
14:16:35.0327 3588 HidIr		   (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:16:35.0387 3588 HidIr - ok
14:16:35.0437 3588 hidserv		 (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:16:35.0587 3588 hidserv - ok
14:16:35.0667 3588 HidUsb		  (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:16:35.0717 3588 HidUsb - ok
14:16:35.0767 3588 hkmsvc		  (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:16:35.0867 3588 hkmsvc - ok
14:16:35.0907 3588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:16:35.0969 3588 HomeGroupListener - ok
14:16:36.0009 3588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:16:36.0069 3588 HomeGroupProvider - ok
14:16:36.0129 3588 HpSAMD		  (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:16:36.0179 3588 HpSAMD - ok
14:16:36.0231 3588 HTTP		    (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:16:36.0333 3588 HTTP - ok
14:16:36.0463 3588 hwpolicy	    (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:16:36.0503 3588 hwpolicy - ok
14:16:36.0563 3588 i8042prt	    (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:16:36.0603 3588 i8042prt - ok
14:16:36.0675 3588 iaStorV		 (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:16:36.0705 3588 iaStorV - ok
14:16:36.0815 3588 idsvc		   (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:16:36.0855 3588 idsvc - ok
14:16:36.0917 3588 iirsp		   (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:16:36.0947 3588 iirsp - ok
14:16:37.0019 3588 IKEEXT		  (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:16:37.0129 3588 IKEEXT - ok
14:16:37.0291 3588 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys
14:16:37.0341 3588 IntcAzAudAddService - ok
14:16:37.0395 3588 intelide	    (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:16:37.0413 3588 intelide - ok
14:16:37.0453 3588 intelppm	    (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
14:16:37.0493 3588 intelppm - ok
14:16:37.0553 3588 IPBusEnum	   (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:16:37.0633 3588 IPBusEnum - ok
14:16:37.0693 3588 IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:16:37.0773 3588 IpFilterDriver - ok
14:16:37.0823 3588 iphlpsvc	    (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:16:37.0913 3588 iphlpsvc - ok
14:16:37.0983 3588 IPMIDRV		 (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:16:38.0003 3588 IPMIDRV - ok
14:16:38.0043 3588 IPNAT		   (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:16:38.0123 3588 IPNAT - ok
14:16:38.0233 3588 iPod Service    (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
14:16:38.0263 3588 iPod Service - ok
14:16:38.0383 3588 IRENUM		  (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:16:38.0433 3588 IRENUM - ok
14:16:38.0563 3588 isapnp		  (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:16:38.0583 3588 isapnp - ok
14:16:38.0673 3588 iScsiPrt	    (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:16:38.0723 3588 iScsiPrt - ok
14:16:38.0823 3588 kbdclass	    (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:16:38.0843 3588 kbdclass - ok
14:16:38.0933 3588 kbdhid		  (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:16:39.0003 3588 kbdhid - ok
14:16:39.0103 3588 KeyIso		  (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:16:39.0173 3588 KeyIso - ok
14:16:39.0245 3588 KSecDD		  (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:16:39.0295 3588 KSecDD - ok
14:16:39.0395 3588 KSecPkg		 (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:16:39.0435 3588 KSecPkg - ok
14:16:39.0525 3588 ksthunk		 (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:16:39.0675 3588 ksthunk - ok
14:16:39.0847 3588 KtmRm		   (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:16:40.0017 3588 KtmRm - ok
14:16:40.0277 3588 LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:16:40.0427 3588 LanmanServer - ok
14:16:40.0547 3588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:16:40.0627 3588 LanmanWorkstation - ok
14:16:40.0737 3588 lltdio		  (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:16:40.0867 3588 lltdio - ok
14:16:41.0017 3588 lltdsvc		 (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:16:41.0197 3588 lltdsvc - ok
14:16:41.0327 3588 lmhosts		 (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:16:41.0457 3588 lmhosts - ok
14:16:41.0617 3588 LSI_FC		  (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:16:41.0657 3588 LSI_FC - ok
14:16:41.0797 3588 LSI_SAS		 (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:16:41.0837 3588 LSI_SAS - ok
14:16:41.0987 3588 LSI_SAS2	    (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:16:42.0027 3588 LSI_SAS2 - ok
14:16:42.0170 3588 LSI_SCSI	    (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:16:42.0218 3588 LSI_SCSI - ok
14:16:42.0393 3588 luafv		   (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:16:42.0498 3588 luafv - ok
14:16:42.0689 3588 MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
14:16:42.0731 3588 MBAMProtector - ok
14:16:43.0007 3588 MBAMService	 (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:16:43.0071 3588 MBAMService - ok
14:16:43.0211 3588 Mcx2Svc		 (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:16:43.0304 3588 Mcx2Svc - ok
14:16:43.0611 3588 megasas		 (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:16:43.0666 3588 megasas - ok
14:16:43.0805 3588 MegaSR		  (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:16:43.0859 3588 MegaSR - ok
14:16:44.0036 3588 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:16:44.0074 3588 Microsoft Office Groove Audit Service - ok
14:16:44.0181 3588 MMCSS		   (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:16:44.0322 3588 MMCSS - ok
14:16:44.0448 3588 Modem		   (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:16:44.0567 3588 Modem - ok
14:16:44.0711 3588 monitor		 (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:16:44.0761 3588 monitor - ok
14:16:44.0916 3588 mouclass	    (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:16:44.0959 3588 mouclass - ok
14:16:45.0053 3588 mouhid		  (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:16:45.0128 3588 mouhid - ok
14:16:45.0281 3588 mountmgr	    (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:16:45.0327 3588 mountmgr - ok
14:16:45.0435 3588 mpio		    (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:16:45.0483 3588 mpio - ok
14:16:45.0621 3588 mpsdrv		  (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:16:45.0741 3588 mpsdrv - ok
14:16:45.0914 3588 MpsSvc		  (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:16:46.0090 3588 MpsSvc - ok
14:16:46.0255 3588 MRxDAV		  (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:16:46.0340 3588 MRxDAV - ok
14:16:46.0490 3588 mrxsmb		  (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:16:46.0585 3588 mrxsmb - ok
14:16:46.0734 3588 mrxsmb10	    (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:16:46.0817 3588 mrxsmb10 - ok
14:16:46.0967 3588 mrxsmb20	    (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:16:47.0018 3588 mrxsmb20 - ok
14:16:47.0162 3588 msahci		  (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:16:47.0208 3588 msahci - ok
14:16:47.0307 3588 msdsm		   (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:16:47.0354 3588 msdsm - ok
14:16:47.0491 3588 MSDTC		   (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:16:47.0580 3588 MSDTC - ok
14:16:47.0799 3588 Msfs		    (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:16:47.0896 3588 Msfs - ok
14:16:48.0069 3588 mshidkmdf	   (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:16:48.0196 3588 mshidkmdf - ok
14:16:48.0341 3588 msisadrv	    (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:16:48.0381 3588 msisadrv - ok
14:16:48.0476 3588 MSiSCSI		 (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:16:48.0583 3588 MSiSCSI - ok
14:16:48.0658 3588 msiserver - ok
14:16:48.0716 3588 MSKSSRV		 (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:16:48.0847 3588 MSKSSRV - ok
14:16:49.0009 3588 MSPCLOCK	    (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:16:49.0112 3588 MSPCLOCK - ok
14:16:49.0249 3588 MSPQM		   (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:16:49.0380 3588 MSPQM - ok
14:16:49.0543 3588 MsRPC		   (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:16:49.0602 3588 MsRPC - ok
14:16:49.0714 3588 mssmbios	    (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:16:49.0736 3588 mssmbios - ok
14:16:49.0797 3588 MSTEE		   (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:16:49.0931 3588 MSTEE - ok
14:16:49.0993 3588 MTConfig	    (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:16:50.0059 3588 MTConfig - ok
14:16:50.0104 3588 Mup			 (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:16:50.0149 3588 Mup - ok
14:16:50.0209 3588 napagent	    (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:16:50.0318 3588 napagent - ok
14:16:50.0379 3588 NativeWifiP	 (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:16:50.0474 3588 NativeWifiP - ok
14:16:50.0546 3588 NDIS		    (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:16:50.0647 3588 NDIS - ok
14:16:50.0707 3588 NdisCap		 (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:16:50.0778 3588 NdisCap - ok
14:16:50.0811 3588 NdisTapi	    (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:16:50.0859 3588 NdisTapi - ok
14:16:50.0907 3588 Ndisuio		 (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:16:50.0975 3588 Ndisuio - ok
14:16:51.0125 3588 NdisWan		 (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:16:51.0195 3588 NdisWan - ok
14:16:51.0279 3588 NDProxy		 (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:16:51.0325 3588 NDProxy - ok
14:16:51.0495 3588 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:16:51.0526 3588 Nero BackItUp Scheduler 4.0 - ok
14:16:51.0649 3588 NetBIOS		 (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:16:51.0701 3588 NetBIOS - ok
14:16:51.0855 3588 NetBT		   (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:16:51.0927 3588 NetBT - ok
14:16:52.0086 3588 Netlogon	    (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:16:52.0109 3588 Netlogon - ok
14:16:52.0218 3588 Netman		  (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:16:52.0324 3588 Netman - ok
14:16:52.0469 3588 netprofm	    (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:16:52.0644 3588 netprofm - ok
14:16:52.0759 3588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:16:52.0796 3588 NetTcpPortSharing - ok
14:16:52.0921 3588 nfrd960		 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:16:52.0944 3588 nfrd960 - ok
14:16:53.0108 3588 NlaSvc		  (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:16:53.0218 3588 NlaSvc - ok
14:16:53.0438 3588 nmwcd		   (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
14:16:53.0493 3588 nmwcd - ok
14:16:53.0710 3588 nmwcdc		  (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
14:16:53.0810 3588 nmwcdc - ok
14:16:53.0980 3588 Npfs		    (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:16:54.0045 3588 Npfs - ok
14:16:54.0172 3588 nsi			 (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:16:54.0232 3588 nsi - ok
14:16:54.0404 3588 nsiproxy	    (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:16:54.0504 3588 nsiproxy - ok
14:16:54.0644 3588 NSL			 (e127420b7feb65c7f279eaac183bbc0e) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
14:16:54.0684 3588 NSL - ok
14:16:54.0864 3588 Ntfs		    (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:16:54.0940 3588 Ntfs - ok
14:16:55.0096 3588 Null		    (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:16:55.0216 3588 Null - ok
14:16:55.0386 3588 nvraid		  (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:16:55.0416 3588 nvraid - ok
14:16:55.0566 3588 nvstor		  (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:16:55.0616 3588 nvstor - ok
14:16:55.0768 3588 nv_agp		  (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:16:55.0828 3588 nv_agp - ok
14:16:55.0940 3588 Oasis2Service   (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
14:16:55.0995 3588 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
14:16:55.0995 3588 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
14:16:56.0152 3588 odserv		  (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:16:56.0202 3588 odserv - ok
14:16:56.0352 3588 ohci1394	    (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:16:56.0452 3588 ohci1394 - ok
14:16:56.0542 3588 ose			 (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:16:56.0582 3588 ose - ok
14:16:56.0774 3588 osppsvc		 (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:16:57.0034 3588 osppsvc - ok
14:16:57.0144 3588 p2pimsvc	    (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:16:57.0264 3588 p2pimsvc - ok
14:16:57.0306 3588 p2psvc		  (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:16:57.0346 3588 p2psvc - ok
14:16:57.0386 3588 Parport		 (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:16:57.0426 3588 Parport - ok
14:16:57.0476 3588 partmgr		 (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:16:57.0496 3588 partmgr - ok
14:16:57.0546 3588 PcaSvc		  (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:16:57.0616 3588 PcaSvc - ok
14:16:57.0686 3588 pci			 (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:16:57.0736 3588 pci - ok
14:16:57.0776 3588 pciide		  (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:16:57.0816 3588 pciide - ok
14:16:57.0862 3588 pcmcia		  (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:16:57.0878 3588 pcmcia - ok
14:16:57.0918 3588 PCTBD		   (99a3a277a99c437283324067970e1d37) C:\Windows\system32\Drivers\PCTBD64.sys
14:16:57.0938 3588 PCTBD - ok
14:16:58.0008 3588 PCTCore		 (dbb55b4da79a6f59b63e233907ba6bae) C:\Windows\system32\drivers\PCTCore64.sys
14:16:58.0038 3588 PCTCore - ok
14:16:58.0130 3588 pctDS		   (ba1f42a42f405f62ceff6b69a2797f7c) C:\Windows\system32\drivers\pctDS64.sys
14:16:58.0160 3588 pctDS - ok
14:16:58.0230 3588 pctEFA		  (146cc91c93ced13e7fe40e8d8615be39) C:\Windows\system32\drivers\pctEFA64.sys
14:16:58.0290 3588 pctEFA - ok
14:16:58.0360 3588 PCTSD		   (afa19eff0197c474379ed904e25a995d) C:\Windows\system32\Drivers\PCTSD64.sys
14:16:58.0380 3588 PCTSD - ok
14:16:58.0420 3588 pcw			 (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:16:58.0440 3588 pcw - ok
14:16:58.0470 3588 PEAUTH		  (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:16:58.0581 3588 PEAUTH - ok
14:16:58.0636 3588 PerfHost	    (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:16:58.0702 3588 PerfHost - ok
14:16:58.0824 3588 pla			 (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:16:58.0944 3588 pla - ok
14:16:59.0114 3588 PlugPlay	    (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:16:59.0204 3588 PlugPlay - ok
14:16:59.0324 3588 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:16:59.0364 3588 PMBDeviceInfoProvider - ok
14:16:59.0464 3588 PNRPAutoReg	 (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:16:59.0504 3588 PNRPAutoReg - ok
14:16:59.0574 3588 PNRPsvc		 (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:16:59.0624 3588 PNRPsvc - ok
14:16:59.0764 3588 PolicyAgent	 (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:16:59.0963 3588 PolicyAgent - ok
14:17:00.0086 3588 Power		   (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:17:00.0276 3588 Power - ok
14:17:00.0386 3588 PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:17:00.0501 3588 PptpMiniport - ok
14:17:00.0638 3588 Processor	   (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:17:00.0708 3588 Processor - ok
14:17:00.0878 3588 ProfSvc		 (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:17:01.0028 3588 ProfSvc - ok
14:17:01.0208 3588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:01.0268 3588 ProtectedStorage - ok
14:17:01.0428 3588 Psched		  (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:17:01.0528 3588 Psched - ok
14:17:01.0648 3588 PxHlpa64	    (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
14:17:01.0688 3588 PxHlpa64 - ok
14:17:01.0858 3588 pxkbf		   (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys
14:17:01.0904 3588 pxkbf - ok
14:17:02.0120 3588 pxrts		   (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys
14:17:02.0140 3588 pxrts - ok
14:17:02.0332 3588 pxscan		  (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys
14:17:02.0342 3588 pxscan - ok
14:17:02.0522 3588 ql2300		  (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:17:02.0614 3588 ql2300 - ok
14:17:02.0766 3588 ql40xx		  (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:17:02.0796 3588 ql40xx - ok
14:17:02.0926 3588 QWAVE		   (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:17:02.0986 3588 QWAVE - ok
14:17:03.0166 3588 QWAVEdrv	    (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:17:03.0206 3588 QWAVEdrv - ok
14:17:03.0346 3588 RasAcd		  (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:17:03.0416 3588 RasAcd - ok
14:17:03.0556 3588 RasAgileVpn	 (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:17:03.0633 3588 RasAgileVpn - ok
14:17:03.0778 3588 RasAuto		 (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:17:03.0858 3588 RasAuto - ok
14:17:04.0018 3588 Rasl2tp		 (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:17:04.0078 3588 Rasl2tp - ok
14:17:04.0250 3588 RasMan		  (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:17:04.0410 3588 RasMan - ok
14:17:04.0570 3588 RasPppoe	    (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:17:04.0708 3588 RasPppoe - ok
14:17:04.0812 3588 RasSstp		 (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:17:04.0962 3588 RasSstp - ok
14:17:05.0142 3588 rdbss		   (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:17:05.0244 3588 rdbss - ok
14:17:05.0414 3588 rdpbus		  (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
14:17:05.0494 3588 rdpbus - ok
14:17:05.0674 3588 RDPCDD		  (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:17:05.0764 3588 RDPCDD - ok
14:17:05.0934 3588 RDPENCDD	    (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:17:06.0026 3588 RDPENCDD - ok
14:17:06.0186 3588 RDPREFMP	    (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:17:06.0286 3588 RDPREFMP - ok
14:17:06.0466 3588 RDPWD		   (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:17:06.0566 3588 RDPWD - ok
14:17:06.0766 3588 rdyboost	    (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:17:06.0816 3588 rdyboost - ok
14:17:06.0986 3588 RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:17:07.0098 3588 RemoteAccess - ok
14:17:07.0278 3588 RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:17:07.0428 3588 RemoteRegistry - ok
14:17:07.0598 3588 RFCOMM		  (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:17:07.0650 3588 RFCOMM - ok
14:17:07.0800 3588 RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:17:07.0940 3588 RpcEptMapper - ok
14:17:08.0100 3588 RpcLocator	  (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:17:08.0190 3588 RpcLocator - ok
14:17:08.0390 3588 RpcSs		   (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:17:08.0472 3588 RpcSs - ok
14:17:08.0612 3588 rspndr		  (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:17:08.0702 3588 rspndr - ok
14:17:08.0874 3588 RSUSBSTOR	   (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys
14:17:08.0904 3588 RSUSBSTOR - ok
14:17:09.0054 3588 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
14:17:09.0094 3588 RTHDMIAzAudService - ok
14:17:09.0264 3588 RTL8167		 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:17:09.0314 3588 RTL8167 - ok
14:17:09.0506 3588 SamSs		   (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:09.0546 3588 SamSs - ok
14:17:09.0686 3588 SASDIFSV	    (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:17:09.0716 3588 SASDIFSV - ok
14:17:09.0776 3588 SASKUTIL	    (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:17:09.0806 3588 SASKUTIL - ok
14:17:09.0906 3588 sbp2port	    (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:17:09.0936 3588 sbp2port - ok
14:17:09.0986 3588 SCardSvr	    (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:17:10.0056 3588 SCardSvr - ok
14:17:10.0116 3588 scfilter	    (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:17:10.0186 3588 scfilter - ok
14:17:10.0276 3588 Schedule	    (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:17:10.0418 3588 Schedule - ok
14:17:10.0538 3588 SCPolicySvc	 (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:17:10.0618 3588 SCPolicySvc - ok
14:17:10.0798 3588 sdAuxService    (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
14:17:10.0848 3588 sdAuxService - ok
14:17:10.0908 3588 sdCoreService   (697e0a2a300ee8719cafae55b4771053) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
14:17:10.0948 3588 sdCoreService - ok
14:17:11.0040 3588 SDRSVC		  (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:17:11.0140 3588 SDRSVC - ok
14:17:11.0210 3588 secdrv		  (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:17:11.0341 3588 secdrv - ok
14:17:11.0402 3588 seclogon	    (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:17:11.0542 3588 seclogon - ok
14:17:11.0572 3588 SENS		    (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:17:11.0682 3588 SENS - ok
14:17:11.0722 3588 SensrSvc	    (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:17:11.0782 3588 SensrSvc - ok
14:17:11.0834 3588 Serenum		 (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
14:17:11.0874 3588 Serenum - ok
14:17:11.0954 3588 Serial		  (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
14:17:12.0014 3588 Serial - ok
14:17:12.0064 3588 sermouse	    (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:17:12.0124 3588 sermouse - ok
14:17:12.0406 3588 SessionEnv	  (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:17:12.0556 3588 SessionEnv - ok
14:17:12.0646 3588 SFEP		    (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
14:17:12.0726 3588 SFEP - ok
14:17:12.0816 3588 sffdisk		 (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:17:12.0916 3588 sffdisk - ok
14:17:12.0946 3588 sffp_mmc	    (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:17:12.0976 3588 sffp_mmc - ok
14:17:13.0016 3588 sffp_sd		 (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:17:13.0076 3588 sffp_sd - ok
14:17:13.0138 3588 sfloppy		 (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:17:13.0168 3588 sfloppy - ok
14:17:13.0218 3588 Sftfs		   (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:17:13.0248 3588 Sftfs - ok
14:17:13.0360 3588 sftlist		 (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:17:13.0390 3588 sftlist - ok
14:17:13.0512 3588 Sftplay		 (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:17:13.0542 3588 Sftplay - ok
14:17:13.0569 3588 Sftredir	    (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:17:13.0584 3588 Sftredir - ok
14:17:13.0624 3588 Sftvol		  (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:17:13.0644 3588 Sftvol - ok
14:17:13.0734 3588 sftvsa		  (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:17:13.0754 3588 sftvsa - ok
14:17:13.0894 3588 SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:17:13.0964 3588 SharedAccess - ok
14:17:14.0154 3588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:17:14.0244 3588 ShellHWDetection - ok
14:17:14.0404 3588 SiSRaid2	    (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:17:14.0424 3588 SiSRaid2 - ok
14:17:14.0564 3588 SiSRaid4	    (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:17:14.0594 3588 SiSRaid4 - ok
14:17:14.0758 3588 Smb			 (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:17:14.0818 3588 Smb - ok
14:17:14.0960 3588 SNMPTRAP	    (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:17:15.0030 3588 SNMPTRAP - ok
14:17:15.0160 3588 SOHCImp		 (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:17:15.0170 3588 SOHCImp - ok
14:17:15.0332 3588 SOHDms		  (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:17:15.0352 3588 SOHDms - ok
14:17:15.0422 3588 SOHDs		   (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:17:15.0442 3588 SOHDs - ok
14:17:15.0542 3588 SpfService	  (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:17:15.0562 3588 SpfService - ok
14:17:15.0682 3588 spldr		   (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:17:15.0702 3588 spldr - ok
14:17:15.0754 3588 Spooler		 (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:17:15.0834 3588 Spooler - ok
14:17:15.0954 3588 sppsvc		  (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:17:16.0146 3588 sppsvc - ok
14:17:16.0258 3588 sppuinotify	 (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:17:16.0350 3588 sppuinotify - ok
14:17:16.0420 3588 srv			 (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:17:16.0480 3588 srv - ok
14:17:16.0560 3588 srv2		    (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:17:16.0610 3588 srv2 - ok
14:17:16.0710 3588 srvnet		  (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:17:16.0740 3588 srvnet - ok
14:17:16.0850 3588 SSDPSRV		 (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:17:16.0940 3588 SSDPSRV - ok
14:17:17.0050 3588 SstpSvc		 (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:17:17.0150 3588 SstpSvc - ok
14:17:17.0190 3588 stexstor	    (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:17:17.0210 3588 stexstor - ok
14:17:17.0300 3588 stisvc		  (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:17:17.0420 3588 stisvc - ok
14:17:17.0500 3588 swenum		  (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:17:17.0540 3588 swenum - ok
14:17:17.0750 3588 SwitchBoard	 (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:17:17.0830 3588 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:17:17.0830 3588 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:17:17.0950 3588 swprv		   (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:17:18.0070 3588 swprv - ok
14:17:18.0240 3588 SysMain		 (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:17:18.0402 3588 SysMain - ok
14:17:18.0514 3588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:17:18.0604 3588 TabletInputService - ok
14:17:18.0724 3588 TapiSrv		 (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:17:18.0846 3588 TapiSrv - ok
14:17:18.0978 3588 TBS			 (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:17:19.0088 3588 TBS - ok
14:17:19.0208 3588 Tcpip		   (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:17:19.0358 3588 Tcpip - ok
14:17:19.0470 3588 TCPIP6		  (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:17:19.0520 3588 TCPIP6 - ok
14:17:19.0580 3588 tcpipreg	    (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:17:19.0703 3588 tcpipreg - ok
14:17:19.0752 3588 TDPIPE		  (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:17:19.0802 3588 TDPIPE - ok
14:17:19.0862 3588 TDTCP		   (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:17:19.0922 3588 TDTCP - ok
14:17:19.0982 3588 tdx			 (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:17:20.0102 3588 tdx - ok
14:17:20.0172 3588 TermDD		  (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:17:20.0212 3588 TermDD - ok
14:17:20.0292 3588 TermService	 (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:17:20.0452 3588 TermService - ok
14:17:20.0562 3588 Themes		  (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:17:20.0622 3588 Themes - ok
14:17:20.0672 3588 THREADORDER	 (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:17:20.0752 3588 THREADORDER - ok
14:17:20.0792 3588 TrkWks		  (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:17:20.0892 3588 TrkWks - ok
14:17:20.0982 3588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:17:21.0112 3588 TrustedInstaller - ok
14:17:21.0172 3588 tssecsrv	    (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:17:21.0265 3588 tssecsrv - ok
14:17:21.0314 3588 TsUsbFlt	    (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:17:21.0334 3588 TsUsbFlt - ok
14:17:21.0384 3588 tunnel		  (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:17:21.0484 3588 tunnel - ok
14:17:21.0534 3588 uagp35		  (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:17:21.0584 3588 uagp35 - ok
14:17:21.0644 3588 udfs		    (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:17:21.0790 3588 udfs - ok
14:17:21.0866 3588 UI0Detect	   (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:17:21.0896 3588 UI0Detect - ok
14:17:21.0956 3588 uliagpkx	    (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:17:21.0976 3588 uliagpkx - ok
14:17:22.0026 3588 umbus		   (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:17:22.0076 3588 umbus - ok
14:17:22.0156 3588 UmPass		  (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:17:22.0228 3588 UmPass - ok
14:17:22.0460 3588 upnphost	    (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:17:22.0582 3588 upnphost - ok
14:17:22.0764 3588 upperdev	    (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:17:22.0834 3588 upperdev - ok
14:17:22.0984 3588 USBAAPL64	   (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
14:17:23.0047 3588 USBAAPL64 - ok
14:17:23.0256 3588 usbccgp		 (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:17:23.0306 3588 usbccgp - ok
14:17:23.0446 3588 usbcir		  (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:17:23.0476 3588 usbcir - ok
14:17:23.0598 3588 usbehci		 (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:17:23.0628 3588 usbehci - ok
14:17:23.0748 3588 usbfilter	   (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
14:17:23.0768 3588 usbfilter - ok
14:17:23.0968 3588 usbhub		  (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:17:24.0018 3588 usbhub - ok
14:17:24.0168 3588 usbohci		 (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:17:24.0218 3588 usbohci - ok
14:17:24.0398 3588 usbprint	    (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
14:17:24.0478 3588 usbprint - ok
14:17:24.0628 3588 usbser		  (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
14:17:24.0688 3588 usbser - ok
14:17:24.0858 3588 UsbserFilt	  (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:17:24.0898 3588 UsbserFilt - ok
14:17:25.0068 3588 USBSTOR		 (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:17:25.0148 3588 USBSTOR - ok
14:17:25.0318 3588 usbuhci		 (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
14:17:25.0358 3588 usbuhci - ok
14:17:25.0553 3588 usbvideo	    (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:17:25.0609 3588 usbvideo - ok
14:17:25.0786 3588 UxSms		   (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:17:25.0984 3588 UxSms - ok
14:17:26.0141 3588 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
14:17:26.0168 3588 VAIO Entertainment TV Device Arbitration Service - ok
14:17:26.0363 3588 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:17:26.0396 3588 VAIO Event Service - ok
14:17:26.0563 3588 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:17:26.0602 3588 VAIO Power Management - ok
14:17:26.0718 3588 VaultSvc	    (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:26.0753 3588 VaultSvc - ok
14:17:26.0887 3588 VBoxDrv		 (81952471021f6a6f56dda6ed6b5dd638) C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:17:26.0933 3588 VBoxDrv - ok
14:17:27.0062 3588 VBoxNetAdp	  (c9f86aeb504355541ec9820e3155e253) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:17:27.0093 3588 VBoxNetAdp - ok
14:17:27.0249 3588 VBoxNetFlt	  (64715ce639d05d753bcd86f5abf4d82a) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:17:27.0287 3588 VBoxNetFlt - ok
14:17:27.0434 3588 VBoxUSB		 (4831ee295c9911b0236867931be493f1) C:\Windows\system32\Drivers\VBoxUSB.sys
14:17:27.0474 3588 VBoxUSB - ok
14:17:27.0638 3588 VBoxUSBMon	  (edeb78b6a969107a66a5af145ac0a43f) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:17:27.0648 3588 VBoxUSBMon - ok
14:17:27.0818 3588 VCFw		    (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:17:27.0848 3588 VCFw - ok
14:17:28.0018 3588 VcmIAlzMgr	  (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:17:28.0048 3588 VcmIAlzMgr - ok
14:17:28.0180 3588 VcmINSMgr	   (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:17:28.0200 3588 VcmINSMgr - ok
14:17:28.0390 3588 VcmXmlIfHelper  (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:17:28.0410 3588 VcmXmlIfHelper - ok
14:17:28.0760 3588 VCService	   (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
14:17:28.0780 3588 VCService - ok
14:17:28.0890 3588 vdrvroot	    (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:17:28.0910 3588 vdrvroot - ok
14:17:28.0980 3588 vds			 (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:17:29.0072 3588 vds - ok
14:17:29.0172 3588 vga			 (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:17:29.0212 3588 vga - ok
14:17:29.0314 3588 VgaSave		 (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:17:29.0384 3588 VgaSave - ok
14:17:29.0536 3588 vhdmp		   (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:17:29.0556 3588 vhdmp - ok
14:17:29.0628 3588 viaide		  (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:17:29.0638 3588 viaide - ok
14:17:29.0668 3588 volmgr		  (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:17:29.0698 3588 volmgr - ok
14:17:29.0790 3588 volmgrx		 (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:17:29.0830 3588 volmgrx - ok
14:17:29.0970 3588 volsnap		 (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:17:30.0020 3588 volsnap - ok
14:17:30.0120 3588 vsmraid		 (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:17:30.0150 3588 vsmraid - ok
14:17:30.0372 3588 VSS			 (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:17:30.0494 3588 VSS - ok
14:17:30.0667 3588 VUAgent		 (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
14:17:30.0698 3588 VUAgent - ok
14:17:30.0830 3588 vwifibus	    (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:17:30.0890 3588 vwifibus - ok
14:17:31.0003 3588 vwififlt	    (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:17:31.0053 3588 vwififlt - ok
14:17:31.0204 3588 vwifimp		 (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:17:31.0224 3588 vwifimp - ok
14:17:31.0466 3588 W32Time		 (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:17:31.0558 3588 W32Time - ok
14:17:31.0700 3588 WacomPen	    (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:17:31.0750 3588 WacomPen - ok
14:17:31.0940 3588 WANARP		  (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:17:32.0020 3588 WANARP - ok
14:17:32.0030 3588 Wanarpv6	    (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:17:32.0082 3588 Wanarpv6 - ok
14:17:32.0242 3588 WatAdminSvc	 (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:17:32.0302 3588 WatAdminSvc - ok
14:17:32.0462 3588 wbengine	    (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:17:32.0594 3588 wbengine - ok
14:17:32.0724 3588 WbioSrvc	    (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:17:32.0806 3588 WbioSrvc - ok
14:17:32.0936 3588 wcncsvc		 (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:17:33.0036 3588 wcncsvc - ok
14:17:33.0156 3588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:17:33.0219 3588 WcsPlugInService - ok
14:17:33.0268 3588 Wd			  (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:17:33.0288 3588 Wd - ok
14:17:33.0368 3588 Wdf01000	    (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:17:33.0398 3588 Wdf01000 - ok
14:17:33.0438 3588 WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:17:33.0510 3588 WdiServiceHost - ok
14:17:33.0522 3588 WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:17:33.0558 3588 WdiSystemHost - ok
14:17:33.0715 3588 WebClient	   (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:17:33.0772 3588 WebClient - ok
14:17:33.0872 3588 Wecsvc		  (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:17:33.0964 3588 Wecsvc - ok
14:17:34.0064 3588 wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:17:34.0144 3588 wercplsupport - ok
14:17:34.0234 3588 WerSvc		  (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:17:34.0384 3588 WerSvc - ok
14:17:34.0454 3588 WfpLwf		  (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:17:34.0514 3588 WfpLwf - ok
14:17:34.0534 3588 WIMMount	    (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:17:34.0564 3588 WIMMount - ok
14:17:34.0614 3588 WinDefend - ok
14:17:34.0714 3588 WindowBlinds    (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
14:17:34.0764 3588 WindowBlinds - ok
14:17:34.0814 3588 WinHttpAutoProxySvc - ok
14:17:34.0934 3588 Winmgmt		 (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:17:35.0064 3588 Winmgmt - ok
14:17:35.0264 3588 WinRM		   (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:17:35.0464 3588 WinRM - ok
14:17:35.0646 3588 WinUsb		  (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:17:35.0726 3588 WinUsb - ok
14:17:35.0886 3588 Wlansvc		 (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:17:36.0046 3588 Wlansvc - ok
14:17:36.0156 3588 wlcrasvc	    (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:17:36.0176 3588 wlcrasvc - ok
14:17:36.0278 3588 wlidsvc		 (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:17:36.0348 3588 wlidsvc - ok
14:17:36.0450 3588 WmiAcpi		 (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:17:36.0520 3588 WmiAcpi - ok
14:17:36.0630 3588 wmiApSrv	    (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:17:36.0712 3588 wmiApSrv - ok
14:17:36.0784 3588 WMPNetworkSvc - ok
14:17:36.0884 3588 WPCSvc		  (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:17:36.0924 3588 WPCSvc - ok
14:17:36.0974 3588 WPDBusEnum	  (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:17:37.0004 3588 WPDBusEnum - ok
14:17:37.0074 3588 ws2ifsl		 (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:17:37.0184 3588 ws2ifsl - ok
14:17:37.0294 3588 wscsvc		  (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:17:37.0414 3588 wscsvc - ok
14:17:37.0504 3588 WSearch - ok
14:17:37.0656 3588 wuauserv	    (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:17:37.0878 3588 wuauserv - ok
14:17:37.0988 3588 WudfPf		  (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:17:38.0088 3588 WudfPf - ok
14:17:38.0128 3588 WUDFRd		  (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:17:38.0208 3588 WUDFRd - ok
14:17:38.0258 3588 wudfsvc		 (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:17:38.0398 3588 wudfsvc - ok
14:17:38.0458 3588 WwanSvc		 (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:17:38.0548 3588 WwanSvc - ok
14:17:38.0638 3588 MBR (0x1B8)	 (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:17:38.0858 3588 \Device\Harddisk0\DR0 - ok
14:17:38.0868 3588 Boot (0x1200)   (263c0ff3e51adaecd439148ccfe93a1e) \Device\Harddisk0\DR0\Partition0
14:17:38.0868 3588 \Device\Harddisk0\DR0\Partition0 - ok
14:17:38.0898 3588 Boot (0x1200)   (da14fde0126e5bf1db56a5158c69884c) \Device\Harddisk0\DR0\Partition1
14:17:38.0908 3588 \Device\Harddisk0\DR0\Partition1 - ok
14:17:38.0928 3588 Boot (0x1200)   (1c2307a2554ef25fd814817fa3fca47c) \Device\Harddisk0\DR0\Partition2
14:17:38.0938 3588 \Device\Harddisk0\DR0\Partition2 - ok
14:17:38.0938 3588 ============================================================
14:17:38.0938 3588 Scan finished
14:17:38.0938 3588 ============================================================
14:17:38.0968 2912 Detected object count: 2
14:17:38.0968 2912 Actual detected object count: 2
14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

then checkup.txt appear with No Text. Just a blank notepad.

Step 5. TDSSKiller

rock2death · April 22, 2012

Sorry i will repost previous reply

Step 4 seems didnt work. When i used SecurityCheck.exe theres a windows appear


sed.exe has stopped working[/size][/font][/color]
[color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]A problem caused the progam to stop working corectly. Windows will close the program and notify you if a solution is available.[/size][/font][/color]
[color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]Then a notepad appear with no text.[/size][/font][/color]
[color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]

then checkup.txt appear with No Text. Just a blank notepad.

Step 5. TDSSKiller

[/size][/font][/color]

[color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]14:15:43.0271 0148 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
14:15:44.0491 0148 ============================================================
14:15:44.0491 0148 Current date / time: 2012/04/22 14:15:44.0491
14:15:44.0491 0148 SystemInfo:
14:15:44.0491 0148
14:15:44.0491 0148 OS Version: 6.1.7601 ServicePack: 1.0
14:15:44.0491 0148 Product type: Workstation
14:15:44.0491 0148 ComputerName: JANEIRO-VAIO
14:15:44.0491 0148 UserName: Janiero
14:15:44.0491 0148 Windows directory: C:\Windows
14:15:44.0491 0148 System windows directory: C:\Windows
14:15:44.0491 0148 Running under WOW64
14:15:44.0491 0148 Processor architecture: Intel x64
14:15:44.0491 0148 Number of processors: 2
14:15:44.0491 0148 Page size: 0x1000
14:15:44.0491 0148 Boot type: Normal boot
14:15:44.0491 0148 ============================================================
14:15:46.0021 0148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:15:46.0041 0148 \Device\Harddisk0\DR0:
14:15:46.0041 0148 MBR partitions:
14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1320800, BlocksNum 0x32000
14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1352800, BlocksNum 0x1F351830
14:15:46.0061 0148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206A5000, BlocksNum 0x19CE0800
14:15:46.0101 0148 C: <-> \Device\Harddisk0\DR0\Partition1
14:15:46.0131 0148 D: <-> \Device\Harddisk0\DR0\Partition2
14:15:46.0131 0148 Initialize success
14:15:46.0131 0148 ============================================================
14:16:12.0263 3588 ============================================================
14:16:12.0263 3588 Scan started
14:16:12.0263 3588 Mode: Manual; SigCheck; TDLFS;
14:16:12.0263 3588 ============================================================
14:16:12.0943 3588 !SASCORE	    (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:16:13.0113 3588 !SASCORE - ok
14:16:13.0233 3588 1394ohci	    (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:16:13.0373 3588 1394ohci - ok
14:16:13.0443 3588 ACDaemon	    (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:16:13.0583 3588 ACDaemon - ok
14:16:13.0673 3588 ACPI		    (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:16:13.0733 3588 ACPI - ok
14:16:13.0773 3588 AcpiPmi		 (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:16:13.0913 3588 AcpiPmi - ok
14:16:14.0063 3588 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:16:14.0093 3588 AdobeARMservice - ok
14:16:14.0193 3588 adp94xx		 (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:16:14.0263 3588 adp94xx - ok
14:16:14.0315 3588 adpahci		 (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:16:14.0365 3588 adpahci - ok
14:16:14.0405 3588 adpu320		 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:16:14.0455 3588 adpu320 - ok
14:16:14.0485 3588 AeLookupSvc	 (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:16:14.0785 3588 AeLookupSvc - ok
14:16:14.0885 3588 AFD			 (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:16:15.0005 3588 AFD - ok
14:16:15.0067 3588 agp440		  (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:16:15.0085 3588 agp440 - ok
14:16:15.0122 3588 ALG			 (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:16:15.0180 3588 ALG - ok
14:16:15.0232 3588 aliide		  (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:16:15.0274 3588 aliide - ok
14:16:15.0311 3588 AMD External Events Utility (8318a3b3ce74b851082af2c0745e979e) C:\Windows\system32\atiesrxx.exe
14:16:15.0441 3588 AMD External Events Utility - ok
14:16:15.0545 3588 amdide		  (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:16:15.0573 3588 amdide - ok
14:16:15.0623 3588 AmdK8		   (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:16:15.0702 3588 AmdK8 - ok
14:16:16.0009 3588 amdkmdag	    (2d597c853db5ea1b1f6d98610039bb50) C:\Windows\system32\DRIVERS\atipmdag.sys
14:16:16.0208 3588 amdkmdag - ok
14:16:16.0308 3588 amdkmdap	    (04d770537e5ac5c4676b9a83cb21ec0a) C:\Windows\system32\DRIVERS\atikmpag.sys
14:16:16.0352 3588 amdkmdap - ok
14:16:16.0397 3588 AmdPPM		  (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
14:16:16.0437 3588 AmdPPM - ok
14:16:16.0483 3588 amdsata		 (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:16:16.0501 3588 amdsata - ok
14:16:16.0545 3588 amdsbs		  (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:16:16.0567 3588 amdsbs - ok
14:16:16.0601 3588 amdxata		 (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:16:16.0619 3588 amdxata - ok
14:16:16.0654 3588 amd_sata	    (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\drivers\amd_sata.sys
14:16:16.0668 3588 amd_sata - ok
14:16:16.0708 3588 amd_xata	    (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\drivers\amd_xata.sys
14:16:16.0721 3588 amd_xata - ok
14:16:16.0769 3588 ApfiltrService  (29d63d80f23da504baa2db5d260dd4bd) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:16:16.0788 3588 ApfiltrService - ok
14:16:16.0830 3588 AppID		   (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:16:17.0039 3588 AppID - ok
14:16:17.0113 3588 AppIDSvc	    (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:16:17.0179 3588 AppIDSvc - ok
14:16:17.0226 3588 Appinfo		 (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:16:17.0292 3588 Appinfo - ok
14:16:17.0347 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:16:17.0362 3588 Apple Mobile Device - ok
14:16:17.0460 3588 arc			 (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:16:17.0478 3588 arc - ok
14:16:17.0601 3588 arcsas		  (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:16:17.0620 3588 arcsas - ok
14:16:17.0770 3588 aswFsBlk	    (4a57b2c375d82cbeb28454e0460d65ad) C:\Windows\system32\drivers\aswFsBlk.sys
14:16:17.0785 3588 aswFsBlk - ok
14:16:17.0927 3588 aswMonFlt	   (0dfa8428e92fa0398a4557077e03d0be) C:\Windows\system32\drivers\aswMonFlt.sys
14:16:17.0949 3588 aswMonFlt - ok
14:16:18.0138 3588 aswRdr		  (061bf40c947848b6f4a478c600b0298c) C:\Windows\system32\drivers\aswRdr.sys
14:16:18.0162 3588 aswRdr - ok
14:16:18.0315 3588 aswSnx		  (9597c6e9091369ef4b94956478d545bf) C:\Windows\system32\drivers\aswSnx.sys
14:16:18.0335 3588 aswSnx - ok
14:16:18.0486 3588 aswSP		   (6b31b59c48a5f45e9f26de37acae7db4) C:\Windows\system32\drivers\aswSP.sys
14:16:18.0507 3588 aswSP - ok
14:16:18.0707 3588 aswTdi		  (5c06c8ed0627a970dc7a4b6624f3bd08) C:\Windows\system32\drivers\aswTdi.sys
14:16:18.0721 3588 aswTdi - ok
14:16:18.0828 3588 AsyncMac	    (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:16:18.0924 3588 AsyncMac - ok
14:16:19.0035 3588 atapi		   (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:16:19.0060 3588 atapi - ok
14:16:19.0133 3588 athr		    (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
14:16:19.0247 3588 athr - ok
14:16:19.0364 3588 AtiPcie		 (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
14:16:19.0391 3588 AtiPcie - ok
14:16:19.0477 3588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:16:19.0653 3588 AudioEndpointBuilder - ok
14:16:19.0675 3588 AudioSrv	    (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:16:19.0755 3588 AudioSrv - ok
14:16:19.0876 3588 avast! Antivirus (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0893 3588 avast! Antivirus - ok
14:16:19.0926 3588 avast! Mail Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0943 3588 avast! Mail Scanner - ok
14:16:19.0963 3588 avast! Web Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:16:19.0983 3588 avast! Web Scanner - ok
14:16:20.0124 3588 AxInstSV	    (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:16:20.0245 3588 AxInstSV - ok
14:16:20.0352 3588 b06bdrv		 (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:16:20.0429 3588 b06bdrv - ok
14:16:20.0484 3588 b57nd60a	    (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:16:20.0562 3588 b57nd60a - ok
14:16:20.0640 3588 BDESVC		  (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:16:20.0730 3588 BDESVC - ok
14:16:20.0828 3588 Beep		    (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:16:20.0938 3588 Beep - ok
14:16:20.0997 3588 BFE			 (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:16:21.0108 3588 BFE - ok
14:16:21.0179 3588 BITS		    (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:16:21.0368 3588 BITS - ok
14:16:21.0478 3588 blbdrive	    (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
14:16:21.0541 3588 blbdrive - ok
14:16:21.0648 3588 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
14:16:21.0692 3588 Bonjour Service - ok
14:16:21.0781 3588 bowser		  (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:16:21.0815 3588 bowser - ok
14:16:21.0852 3588 BrFiltLo	    (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:16:21.0906 3588 BrFiltLo - ok
14:16:21.0950 3588 BrFiltUp	    (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:16:22.0003 3588 BrFiltUp - ok
14:16:22.0048 3588 Browser		 (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:16:22.0171 3588 Browser - ok
14:16:22.0387 3588 Browser Defender Update Service (9d5fd177db76a7f5d6b8678870820d3c) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
14:16:22.0443 3588 Browser Defender Update Service - ok
14:16:22.0539 3588 Brserid		 (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:16:22.0633 3588 Brserid - ok
14:16:22.0692 3588 BrSerWdm	    (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:16:22.0760 3588 BrSerWdm - ok
14:16:22.0797 3588 BrUsbMdm	    (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:16:22.0853 3588 BrUsbMdm - ok
14:16:22.0902 3588 BrUsbSer	    (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:16:22.0965 3588 BrUsbSer - ok
14:16:23.0015 3588 bthav		   (0b2ee8b36081c1039ea3d20b952a8ddc) C:\Windows\system32\drivers\bthav.sys
14:16:23.0080 3588 bthav - ok
14:16:23.0142 3588 BTHBUS		  (f3371daab1c4ec83ab8841b9abdf8261) C:\Windows\system32\DRIVERS\bthbus.sys
14:16:23.0240 3588 BTHBUS - ok
14:16:23.0289 3588 BthEnum		 (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:16:23.0379 3588 BthEnum - ok
14:16:23.0465 3588 BTHMODEM	    (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:16:23.0547 3588 BTHMODEM - ok
14:16:23.0600 3588 BthPan		  (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:16:23.0666 3588 BthPan - ok
14:16:23.0721 3588 BTHPORT		 (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:16:23.0797 3588 BTHPORT - ok
14:16:23.0826 3588 bthserv		 (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:16:23.0898 3588 bthserv - ok
14:16:23.0955 3588 BTHUSB		  (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:16:23.0999 3588 BTHUSB - ok
14:16:24.0041 3588 btwaudio	    (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
14:16:24.0057 3588 btwaudio - ok
14:16:24.0094 3588 btwavdt		 (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys
14:16:24.0110 3588 btwavdt - ok
14:16:24.0180 3588 btwdins		 (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:16:24.0247 3588 btwdins - ok
14:16:24.0347 3588 btwl2cap	    (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:16:24.0381 3588 btwl2cap - ok
14:16:24.0420 3588 btwrchid	    (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
14:16:24.0454 3588 btwrchid - ok
14:16:24.0595 3588 ccSet_NST	   (a8ad33c9dd88c810cac00acc7f4329fb) C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
14:16:24.0636 3588 ccSet_NST - ok
14:16:24.0686 3588 cdfs		    (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:16:24.0820 3588 cdfs - ok
14:16:24.0871 3588 cdrom		   (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:16:24.0939 3588 cdrom - ok
14:16:24.0996 3588 CertPropSvc	 (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:16:25.0121 3588 CertPropSvc - ok
14:16:25.0174 3588 circlass	    (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:16:25.0255 3588 circlass - ok
14:16:25.0309 3588 CLFS		    (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:16:25.0411 3588 CLFS - ok
14:16:25.0492 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:16:25.0535 3588 clr_optimization_v2.0.50727_32 - ok
14:16:25.0584 3588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:16:25.0627 3588 clr_optimization_v2.0.50727_64 - ok
14:16:25.0688 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:16:25.0771 3588 clr_optimization_v4.0.30319_32 - ok
14:16:25.0879 3588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:16:25.0916 3588 clr_optimization_v4.0.30319_64 - ok
14:16:25.0976 3588 CmBatt		  (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:16:26.0046 3588 CmBatt - ok
14:16:26.0111 3588 cmdide		  (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:16:26.0151 3588 cmdide - ok
14:16:26.0216 3588 CNG			 (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:16:26.0291 3588 CNG - ok
14:16:26.0365 3588 Compbatt	    (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:16:26.0386 3588 Compbatt - ok
14:16:26.0433 3588 CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:16:26.0475 3588 CompositeBus - ok
14:16:26.0488 3588 COMSysApp - ok
14:16:26.0533 3588 crcdisk		 (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:16:26.0548 3588 crcdisk - ok
14:16:26.0603 3588 CryptSvc	    (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:16:26.0765 3588 CryptSvc - ok
14:16:27.0024 3588 CSIScanner	  (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe
14:16:27.0160 3588 CSIScanner - ok
14:16:27.0280 3588 cvhsvc		  (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:16:27.0360 3588 cvhsvc - ok
14:16:27.0472 3588 DcomLaunch	  (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:16:27.0657 3588 DcomLaunch - ok
14:16:27.0713 3588 defragsvc	   (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:16:27.0872 3588 defragsvc - ok
14:16:27.0934 3588 DfsC		    (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:16:28.0046 3588 DfsC - ok
14:16:28.0099 3588 Dhcp		    (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:16:28.0257 3588 Dhcp - ok
14:16:28.0302 3588 discache	    (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:16:28.0400 3588 discache - ok
14:16:28.0445 3588 Disk		    (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:16:28.0488 3588 Disk - ok
14:16:28.0542 3588 Dnscache	    (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:16:28.0606 3588 Dnscache - ok
14:16:28.0661 3588 dot3svc		 (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:16:28.0726 3588 dot3svc - ok
14:16:28.0777 3588 DPS			 (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:16:28.0852 3588 DPS - ok
14:16:28.0901 3588 drmkaud		 (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:16:28.0973 3588 drmkaud - ok
14:16:29.0120 3588 DrvAgent64	  (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
14:16:29.0164 3588 DrvAgent64 - ok
14:16:29.0274 3588 DXGKrnl		 (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:16:29.0337 3588 DXGKrnl - ok
14:16:29.0374 3588 EapHost		 (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:16:29.0473 3588 EapHost - ok
14:16:29.0599 3588 ebdrv		   (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:16:29.0829 3588 ebdrv - ok
14:16:29.0941 3588 EFS			 (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:16:30.0041 3588 EFS - ok
14:16:30.0131 3588 ehRecvr		 (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:16:30.0251 3588 ehRecvr - ok
14:16:30.0311 3588 ehSched		 (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:16:30.0371 3588 ehSched - ok
14:16:30.0453 3588 elxstor		 (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:16:30.0513 3588 elxstor - ok
14:16:30.0563 3588 ErrDev		  (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:16:30.0633 3588 ErrDev - ok
14:16:30.0795 3588 EventSystem	 (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:16:30.0975 3588 EventSystem - ok
14:16:31.0025 3588 exfat		   (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:16:31.0169 3588 exfat - ok
14:16:31.0207 3588 fastfat		 (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:16:31.0277 3588 fastfat - ok
14:16:31.0417 3588 Fax			 (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:16:31.0535 3588 Fax - ok
14:16:31.0579 3588 fdc			 (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:16:31.0619 3588 fdc - ok
14:16:31.0679 3588 fdPHost		 (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:16:31.0739 3588 fdPHost - ok
14:16:31.0759 3588 FDResPub	    (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:16:31.0839 3588 FDResPub - ok
14:16:31.0889 3588 FileInfo	    (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:16:31.0899 3588 FileInfo - ok
14:16:31.0929 3588 Filetrace	   (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:16:31.0999 3588 Filetrace - ok
14:16:32.0039 3588 flpydisk	    (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:16:32.0089 3588 flpydisk - ok
14:16:32.0139 3588 FltMgr		  (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:16:32.0169 3588 FltMgr - ok
14:16:32.0219 3588 FontCache	   (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
14:16:32.0339 3588 FontCache - ok
14:16:32.0479 3588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:16:32.0509 3588 FontCache3.0.0.0 - ok
14:16:32.0599 3588 FsDepends	   (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:16:32.0639 3588 FsDepends - ok
14:16:32.0799 3588 FSProFilter	 (8197c85348a33bccfe80dd6e2db53903) C:\Windows\system32\Drivers\FSPFltd.sys
14:16:32.0839 3588 FSProFilter - ok
14:16:32.0959 3588 fssfltr		 (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
14:16:32.0989 3588 fssfltr - ok
14:16:33.0139 3588 fsssvc		  (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:16:33.0199 3588 fsssvc - ok
14:16:33.0309 3588 Fs_Rec		  (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
14:16:33.0359 3588 Fs_Rec - ok
14:16:33.0469 3588 fvevol		  (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:16:33.0529 3588 fvevol - ok
14:16:33.0671 3588 gagp30kx	    (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:16:33.0718 3588 gagp30kx - ok
14:16:33.0863 3588 GEARAspiWDM	 (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:16:33.0883 3588 GEARAspiWDM - ok
14:16:34.0015 3588 GGSAFERDriver - ok
14:16:34.0125 3588 gpsvc		   (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:16:34.0225 3588 gpsvc - ok
14:16:34.0355 3588 GPU-Z - ok
14:16:34.0425 3588 gupdate		 (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:16:34.0445 3588 gupdate - ok
14:16:34.0465 3588 gupdatem	    (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:16:34.0495 3588 gupdatem - ok
14:16:34.0585 3588 hcw85cir	    (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:16:34.0645 3588 hcw85cir - ok
14:16:34.0825 3588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:16:34.0875 3588 HdAudAddService - ok
14:16:34.0995 3588 HDAudBus	    (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:16:35.0045 3588 HDAudBus - ok
14:16:35.0095 3588 HidBatt		 (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:16:35.0165 3588 HidBatt - ok
14:16:35.0217 3588 HidBth		  (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:16:35.0277 3588 HidBth - ok
14:16:35.0327 3588 HidIr		   (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:16:35.0387 3588 HidIr - ok
14:16:35.0437 3588 hidserv		 (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:16:35.0587 3588 hidserv - ok
14:16:35.0667 3588 HidUsb		  (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:16:35.0717 3588 HidUsb - ok
14:16:35.0767 3588 hkmsvc		  (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:16:35.0867 3588 hkmsvc - ok
14:16:35.0907 3588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:16:35.0969 3588 HomeGroupListener - ok
14:16:36.0009 3588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:16:36.0069 3588 HomeGroupProvider - ok
14:16:36.0129 3588 HpSAMD		  (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:16:36.0179 3588 HpSAMD - ok
14:16:36.0231 3588 HTTP		    (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:16:36.0333 3588 HTTP - ok
14:16:36.0463 3588 hwpolicy	    (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:16:36.0503 3588 hwpolicy - ok
14:16:36.0563 3588 i8042prt	    (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:16:36.0603 3588 i8042prt - ok
14:16:36.0675 3588 iaStorV		 (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:16:36.0705 3588 iaStorV - ok
14:16:36.0815 3588 idsvc		   (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:16:36.0855 3588 idsvc - ok
14:16:36.0917 3588 iirsp		   (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:16:36.0947 3588 iirsp - ok
14:16:37.0019 3588 IKEEXT		  (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:16:37.0129 3588 IKEEXT - ok
14:16:37.0291 3588 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys
14:16:37.0341 3588 IntcAzAudAddService - ok
14:16:37.0395 3588 intelide	    (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:16:37.0413 3588 intelide - ok
14:16:37.0453 3588 intelppm	    (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
14:16:37.0493 3588 intelppm - ok
14:16:37.0553 3588 IPBusEnum	   (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:16:37.0633 3588 IPBusEnum - ok
14:16:37.0693 3588 IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:16:37.0773 3588 IpFilterDriver - ok
14:16:37.0823 3588 iphlpsvc	    (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:16:37.0913 3588 iphlpsvc - ok
14:16:37.0983 3588 IPMIDRV		 (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:16:38.0003 3588 IPMIDRV - ok
14:16:38.0043 3588 IPNAT		   (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:16:38.0123 3588 IPNAT - ok
14:16:38.0233 3588 iPod Service    (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe
14:16:38.0263 3588 iPod Service - ok
14:16:38.0383 3588 IRENUM		  (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:16:38.0433 3588 IRENUM - ok
14:16:38.0563 3588 isapnp		  (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:16:38.0583 3588 isapnp - ok
14:16:38.0673 3588 iScsiPrt	    (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:16:38.0723 3588 iScsiPrt - ok
14:16:38.0823 3588 kbdclass	    (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:16:38.0843 3588 kbdclass - ok
14:16:38.0933 3588 kbdhid		  (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:16:39.0003 3588 kbdhid - ok
14:16:39.0103 3588 KeyIso		  (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:16:39.0173 3588 KeyIso - ok
14:16:39.0245 3588 KSecDD		  (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:16:39.0295 3588 KSecDD - ok
14:16:39.0395 3588 KSecPkg		 (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:16:39.0435 3588 KSecPkg - ok
14:16:39.0525 3588 ksthunk		 (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:16:39.0675 3588 ksthunk - ok
14:16:39.0847 3588 KtmRm		   (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:16:40.0017 3588 KtmRm - ok
14:16:40.0277 3588 LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:16:40.0427 3588 LanmanServer - ok
14:16:40.0547 3588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:16:40.0627 3588 LanmanWorkstation - ok
14:16:40.0737 3588 lltdio		  (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:16:40.0867 3588 lltdio - ok
14:16:41.0017 3588 lltdsvc		 (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:16:41.0197 3588 lltdsvc - ok
14:16:41.0327 3588 lmhosts		 (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:16:41.0457 3588 lmhosts - ok
14:16:41.0617 3588 LSI_FC		  (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:16:41.0657 3588 LSI_FC - ok
14:16:41.0797 3588 LSI_SAS		 (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:16:41.0837 3588 LSI_SAS - ok
14:16:41.0987 3588 LSI_SAS2	    (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:16:42.0027 3588 LSI_SAS2 - ok
14:16:42.0170 3588 LSI_SCSI	    (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:16:42.0218 3588 LSI_SCSI - ok
14:16:42.0393 3588 luafv		   (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:16:42.0498 3588 luafv - ok
14:16:42.0689 3588 MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
14:16:42.0731 3588 MBAMProtector - ok
14:16:43.0007 3588 MBAMService	 (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:16:43.0071 3588 MBAMService - ok
14:16:43.0211 3588 Mcx2Svc		 (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:16:43.0304 3588 Mcx2Svc - ok
14:16:43.0611 3588 megasas		 (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:16:43.0666 3588 megasas - ok
14:16:43.0805 3588 MegaSR		  (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:16:43.0859 3588 MegaSR - ok
14:16:44.0036 3588 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:16:44.0074 3588 Microsoft Office Groove Audit Service - ok
14:16:44.0181 3588 MMCSS		   (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:16:44.0322 3588 MMCSS - ok
14:16:44.0448 3588 Modem		   (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:16:44.0567 3588 Modem - ok
14:16:44.0711 3588 monitor		 (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:16:44.0761 3588 monitor - ok
14:16:44.0916 3588 mouclass	    (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:16:44.0959 3588 mouclass - ok
14:16:45.0053 3588 mouhid		  (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:16:45.0128 3588 mouhid - ok
14:16:45.0281 3588 mountmgr	    (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:16:45.0327 3588 mountmgr - ok
14:16:45.0435 3588 mpio		    (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:16:45.0483 3588 mpio - ok
14:16:45.0621 3588 mpsdrv		  (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:16:45.0741 3588 mpsdrv - ok
14:16:45.0914 3588 MpsSvc		  (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:16:46.0090 3588 MpsSvc - ok
14:16:46.0255 3588 MRxDAV		  (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:16:46.0340 3588 MRxDAV - ok
14:16:46.0490 3588 mrxsmb		  (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:16:46.0585 3588 mrxsmb - ok
14:16:46.0734 3588 mrxsmb10	    (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:16:46.0817 3588 mrxsmb10 - ok
14:16:46.0967 3588 mrxsmb20	    (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:16:47.0018 3588 mrxsmb20 - ok
14:16:47.0162 3588 msahci		  (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:16:47.0208 3588 msahci - ok
14:16:47.0307 3588 msdsm		   (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:16:47.0354 3588 msdsm - ok
14:16:47.0491 3588 MSDTC		   (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:16:47.0580 3588 MSDTC - ok
14:16:47.0799 3588 Msfs		    (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:16:47.0896 3588 Msfs - ok
14:16:48.0069 3588 mshidkmdf	   (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:16:48.0196 3588 mshidkmdf - ok
14:16:48.0341 3588 msisadrv	    (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:16:48.0381 3588 msisadrv - ok
14:16:48.0476 3588 MSiSCSI		 (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:16:48.0583 3588 MSiSCSI - ok
14:16:48.0658 3588 msiserver - ok
14:16:48.0716 3588 MSKSSRV		 (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:16:48.0847 3588 MSKSSRV - ok
14:16:49.0009 3588 MSPCLOCK	    (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:16:49.0112 3588 MSPCLOCK - ok
14:16:49.0249 3588 MSPQM		   (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:16:49.0380 3588 MSPQM - ok
14:16:49.0543 3588 MsRPC		   (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:16:49.0602 3588 MsRPC - ok
14:16:49.0714 3588 mssmbios	    (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:16:49.0736 3588 mssmbios - ok
14:16:49.0797 3588 MSTEE		   (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:16:49.0931 3588 MSTEE - ok
14:16:49.0993 3588 MTConfig	    (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:16:50.0059 3588 MTConfig - ok
14:16:50.0104 3588 Mup			 (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:16:50.0149 3588 Mup - ok
14:16:50.0209 3588 napagent	    (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:16:50.0318 3588 napagent - ok
14:16:50.0379 3588 NativeWifiP	 (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:16:50.0474 3588 NativeWifiP - ok
14:16:50.0546 3588 NDIS		    (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:16:50.0647 3588 NDIS - ok
14:16:50.0707 3588 NdisCap		 (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:16:50.0778 3588 NdisCap - ok
14:16:50.0811 3588 NdisTapi	    (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:16:50.0859 3588 NdisTapi - ok
14:16:50.0907 3588 Ndisuio		 (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:16:50.0975 3588 Ndisuio - ok
14:16:51.0125 3588 NdisWan		 (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:16:51.0195 3588 NdisWan - ok
14:16:51.0279 3588 NDProxy		 (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:16:51.0325 3588 NDProxy - ok
14:16:51.0495 3588 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:16:51.0526 3588 Nero BackItUp Scheduler 4.0 - ok
14:16:51.0649 3588 NetBIOS		 (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:16:51.0701 3588 NetBIOS - ok
14:16:51.0855 3588 NetBT		   (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:16:51.0927 3588 NetBT - ok
14:16:52.0086 3588 Netlogon	    (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:16:52.0109 3588 Netlogon - ok
14:16:52.0218 3588 Netman		  (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:16:52.0324 3588 Netman - ok
14:16:52.0469 3588 netprofm	    (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:16:52.0644 3588 netprofm - ok
14:16:52.0759 3588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:16:52.0796 3588 NetTcpPortSharing - ok
14:16:52.0921 3588 nfrd960		 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:16:52.0944 3588 nfrd960 - ok
14:16:53.0108 3588 NlaSvc		  (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:16:53.0218 3588 NlaSvc - ok
14:16:53.0438 3588 nmwcd		   (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
14:16:53.0493 3588 nmwcd - ok
14:16:53.0710 3588 nmwcdc		  (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys
14:16:53.0810 3588 nmwcdc - ok
14:16:53.0980 3588 Npfs		    (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:16:54.0045 3588 Npfs - ok
14:16:54.0172 3588 nsi			 (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:16:54.0232 3588 nsi - ok
14:16:54.0404 3588 nsiproxy	    (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:16:54.0504 3588 nsiproxy - ok
14:16:54.0644 3588 NSL			 (e127420b7feb65c7f279eaac183bbc0e) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
14:16:54.0684 3588 NSL - ok
14:16:54.0864 3588 Ntfs		    (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:16:54.0940 3588 Ntfs - ok
14:16:55.0096 3588 Null		    (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:16:55.0216 3588 Null - ok
14:16:55.0386 3588 nvraid		  (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:16:55.0416 3588 nvraid - ok
14:16:55.0566 3588 nvstor		  (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:16:55.0616 3588 nvstor - ok
14:16:55.0768 3588 nv_agp		  (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:16:55.0828 3588 nv_agp - ok
14:16:55.0940 3588 Oasis2Service   (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
14:16:55.0995 3588 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
14:16:55.0995 3588 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
14:16:56.0152 3588 odserv		  (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:16:56.0202 3588 odserv - ok
14:16:56.0352 3588 ohci1394	    (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:16:56.0452 3588 ohci1394 - ok
14:16:56.0542 3588 ose			 (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:16:56.0582 3588 ose - ok
14:16:56.0774 3588 osppsvc		 (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:16:57.0034 3588 osppsvc - ok
14:16:57.0144 3588 p2pimsvc	    (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:16:57.0264 3588 p2pimsvc - ok
14:16:57.0306 3588 p2psvc		  (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:16:57.0346 3588 p2psvc - ok
14:16:57.0386 3588 Parport		 (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:16:57.0426 3588 Parport - ok
14:16:57.0476 3588 partmgr		 (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:16:57.0496 3588 partmgr - ok
14:16:57.0546 3588 PcaSvc		  (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:16:57.0616 3588 PcaSvc - ok
14:16:57.0686 3588 pci			 (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:16:57.0736 3588 pci - ok
14:16:57.0776 3588 pciide		  (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:16:57.0816 3588 pciide - ok
14:16:57.0862 3588 pcmcia		  (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:16:57.0878 3588 pcmcia - ok
14:16:57.0918 3588 PCTBD		   (99a3a277a99c437283324067970e1d37) C:\Windows\system32\Drivers\PCTBD64.sys
14:16:57.0938 3588 PCTBD - ok
14:16:58.0008 3588 PCTCore		 (dbb55b4da79a6f59b63e233907ba6bae) C:\Windows\system32\drivers\PCTCore64.sys
14:16:58.0038 3588 PCTCore - ok
14:16:58.0130 3588 pctDS		   (ba1f42a42f405f62ceff6b69a2797f7c) C:\Windows\system32\drivers\pctDS64.sys
14:16:58.0160 3588 pctDS - ok
14:16:58.0230 3588 pctEFA		  (146cc91c93ced13e7fe40e8d8615be39) C:\Windows\system32\drivers\pctEFA64.sys
14:16:58.0290 3588 pctEFA - ok
14:16:58.0360 3588 PCTSD		   (afa19eff0197c474379ed904e25a995d) C:\Windows\system32\Drivers\PCTSD64.sys
14:16:58.0380 3588 PCTSD - ok
14:16:58.0420 3588 pcw			 (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:16:58.0440 3588 pcw - ok
14:16:58.0470 3588 PEAUTH		  (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:16:58.0581 3588 PEAUTH - ok
14:16:58.0636 3588 PerfHost	    (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:16:58.0702 3588 PerfHost - ok
14:16:58.0824 3588 pla			 (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:16:58.0944 3588 pla - ok
14:16:59.0114 3588 PlugPlay	    (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:16:59.0204 3588 PlugPlay - ok
14:16:59.0324 3588 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:16:59.0364 3588 PMBDeviceInfoProvider - ok
14:16:59.0464 3588 PNRPAutoReg	 (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:16:59.0504 3588 PNRPAutoReg - ok
14:16:59.0574 3588 PNRPsvc		 (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:16:59.0624 3588 PNRPsvc - ok
14:16:59.0764 3588 PolicyAgent	 (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:16:59.0963 3588 PolicyAgent - ok
14:17:00.0086 3588 Power		   (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:17:00.0276 3588 Power - ok
14:17:00.0386 3588 PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:17:00.0501 3588 PptpMiniport - ok
14:17:00.0638 3588 Processor	   (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:17:00.0708 3588 Processor - ok
14:17:00.0878 3588 ProfSvc		 (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:17:01.0028 3588 ProfSvc - ok
14:17:01.0208 3588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:01.0268 3588 ProtectedStorage - ok
14:17:01.0428 3588 Psched		  (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:17:01.0528 3588 Psched - ok
14:17:01.0648 3588 PxHlpa64	    (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
14:17:01.0688 3588 PxHlpa64 - ok
14:17:01.0858 3588 pxkbf		   (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys
14:17:01.0904 3588 pxkbf - ok
14:17:02.0120 3588 pxrts		   (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys
14:17:02.0140 3588 pxrts - ok
14:17:02.0332 3588 pxscan		  (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys
14:17:02.0342 3588 pxscan - ok
14:17:02.0522 3588 ql2300		  (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:17:02.0614 3588 ql2300 - ok
14:17:02.0766 3588 ql40xx		  (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:17:02.0796 3588 ql40xx - ok
14:17:02.0926 3588 QWAVE		   (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:17:02.0986 3588 QWAVE - ok
14:17:03.0166 3588 QWAVEdrv	    (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:17:03.0206 3588 QWAVEdrv - ok
14:17:03.0346 3588 RasAcd		  (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:17:03.0416 3588 RasAcd - ok
14:17:03.0556 3588 RasAgileVpn	 (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:17:03.0633 3588 RasAgileVpn - ok
14:17:03.0778 3588 RasAuto		 (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:17:03.0858 3588 RasAuto - ok
14:17:04.0018 3588 Rasl2tp		 (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:17:04.0078 3588 Rasl2tp - ok
14:17:04.0250 3588 RasMan		  (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:17:04.0410 3588 RasMan - ok
14:17:04.0570 3588 RasPppoe	    (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:17:04.0708 3588 RasPppoe - ok
14:17:04.0812 3588 RasSstp		 (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:17:04.0962 3588 RasSstp - ok
14:17:05.0142 3588 rdbss		   (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:17:05.0244 3588 rdbss - ok
14:17:05.0414 3588 rdpbus		  (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
14:17:05.0494 3588 rdpbus - ok
14:17:05.0674 3588 RDPCDD		  (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:17:05.0764 3588 RDPCDD - ok
14:17:05.0934 3588 RDPENCDD	    (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:17:06.0026 3588 RDPENCDD - ok
14:17:06.0186 3588 RDPREFMP	    (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:17:06.0286 3588 RDPREFMP - ok
14:17:06.0466 3588 RDPWD		   (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:17:06.0566 3588 RDPWD - ok
14:17:06.0766 3588 rdyboost	    (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:17:06.0816 3588 rdyboost - ok
14:17:06.0986 3588 RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:17:07.0098 3588 RemoteAccess - ok
14:17:07.0278 3588 RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:17:07.0428 3588 RemoteRegistry - ok
14:17:07.0598 3588 RFCOMM		  (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:17:07.0650 3588 RFCOMM - ok
14:17:07.0800 3588 RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:17:07.0940 3588 RpcEptMapper - ok
14:17:08.0100 3588 RpcLocator	  (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:17:08.0190 3588 RpcLocator - ok
14:17:08.0390 3588 RpcSs		   (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:17:08.0472 3588 RpcSs - ok
14:17:08.0612 3588 rspndr		  (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:17:08.0702 3588 rspndr - ok
14:17:08.0874 3588 RSUSBSTOR	   (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys
14:17:08.0904 3588 RSUSBSTOR - ok
14:17:09.0054 3588 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
14:17:09.0094 3588 RTHDMIAzAudService - ok
14:17:09.0264 3588 RTL8167		 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:17:09.0314 3588 RTL8167 - ok
14:17:09.0506 3588 SamSs		   (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:09.0546 3588 SamSs - ok
14:17:09.0686 3588 SASDIFSV	    (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:17:09.0716 3588 SASDIFSV - ok
14:17:09.0776 3588 SASKUTIL	    (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:17:09.0806 3588 SASKUTIL - ok
14:17:09.0906 3588 sbp2port	    (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:17:09.0936 3588 sbp2port - ok
14:17:09.0986 3588 SCardSvr	    (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:17:10.0056 3588 SCardSvr - ok
14:17:10.0116 3588 scfilter	    (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:17:10.0186 3588 scfilter - ok
14:17:10.0276 3588 Schedule	    (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:17:10.0418 3588 Schedule - ok
14:17:10.0538 3588 SCPolicySvc	 (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:17:10.0618 3588 SCPolicySvc - ok
14:17:10.0798 3588 sdAuxService    (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
14:17:10.0848 3588 sdAuxService - ok
14:17:10.0908 3588 sdCoreService   (697e0a2a300ee8719cafae55b4771053) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
14:17:10.0948 3588 sdCoreService - ok
14:17:11.0040 3588 SDRSVC		  (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:17:11.0140 3588 SDRSVC - ok
14:17:11.0210 3588 secdrv		  (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:17:11.0341 3588 secdrv - ok
14:17:11.0402 3588 seclogon	    (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:17:11.0542 3588 seclogon - ok
14:17:11.0572 3588 SENS		    (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:17:11.0682 3588 SENS - ok
14:17:11.0722 3588 SensrSvc	    (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:17:11.0782 3588 SensrSvc - ok
14:17:11.0834 3588 Serenum		 (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
14:17:11.0874 3588 Serenum - ok
14:17:11.0954 3588 Serial		  (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
14:17:12.0014 3588 Serial - ok
14:17:12.0064 3588 sermouse	    (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:17:12.0124 3588 sermouse - ok
14:17:12.0406 3588 SessionEnv	  (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:17:12.0556 3588 SessionEnv - ok
14:17:12.0646 3588 SFEP		    (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
14:17:12.0726 3588 SFEP - ok
14:17:12.0816 3588 sffdisk		 (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:17:12.0916 3588 sffdisk - ok
14:17:12.0946 3588 sffp_mmc	    (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:17:12.0976 3588 sffp_mmc - ok
14:17:13.0016 3588 sffp_sd		 (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:17:13.0076 3588 sffp_sd - ok
14:17:13.0138 3588 sfloppy		 (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:17:13.0168 3588 sfloppy - ok
14:17:13.0218 3588 Sftfs		   (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
14:17:13.0248 3588 Sftfs - ok
14:17:13.0360 3588 sftlist		 (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:17:13.0390 3588 sftlist - ok
14:17:13.0512 3588 Sftplay		 (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:17:13.0542 3588 Sftplay - ok
14:17:13.0569 3588 Sftredir	    (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:17:13.0584 3588 Sftredir - ok
14:17:13.0624 3588 Sftvol		  (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
14:17:13.0644 3588 Sftvol - ok
14:17:13.0734 3588 sftvsa		  (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:17:13.0754 3588 sftvsa - ok
14:17:13.0894 3588 SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:17:13.0964 3588 SharedAccess - ok
14:17:14.0154 3588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:17:14.0244 3588 ShellHWDetection - ok
14:17:14.0404 3588 SiSRaid2	    (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:17:14.0424 3588 SiSRaid2 - ok
14:17:14.0564 3588 SiSRaid4	    (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:17:14.0594 3588 SiSRaid4 - ok
14:17:14.0758 3588 Smb			 (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:17:14.0818 3588 Smb - ok
14:17:14.0960 3588 SNMPTRAP	    (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:17:15.0030 3588 SNMPTRAP - ok
14:17:15.0160 3588 SOHCImp		 (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:17:15.0170 3588 SOHCImp - ok
14:17:15.0332 3588 SOHDms		  (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
14:17:15.0352 3588 SOHDms - ok
14:17:15.0422 3588 SOHDs		   (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:17:15.0442 3588 SOHDs - ok
14:17:15.0542 3588 SpfService	  (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:17:15.0562 3588 SpfService - ok
14:17:15.0682 3588 spldr		   (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:17:15.0702 3588 spldr - ok
14:17:15.0754 3588 Spooler		 (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:17:15.0834 3588 Spooler - ok
14:17:15.0954 3588 sppsvc		  (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:17:16.0146 3588 sppsvc - ok
14:17:16.0258 3588 sppuinotify	 (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:17:16.0350 3588 sppuinotify - ok
14:17:16.0420 3588 srv			 (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:17:16.0480 3588 srv - ok
14:17:16.0560 3588 srv2		    (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:17:16.0610 3588 srv2 - ok
14:17:16.0710 3588 srvnet		  (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:17:16.0740 3588 srvnet - ok
14:17:16.0850 3588 SSDPSRV		 (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:17:16.0940 3588 SSDPSRV - ok
14:17:17.0050 3588 SstpSvc		 (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:17:17.0150 3588 SstpSvc - ok
14:17:17.0190 3588 stexstor	    (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:17:17.0210 3588 stexstor - ok
14:17:17.0300 3588 stisvc		  (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:17:17.0420 3588 stisvc - ok
14:17:17.0500 3588 swenum		  (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:17:17.0540 3588 swenum - ok
14:17:17.0750 3588 SwitchBoard	 (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:17:17.0830 3588 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:17:17.0830 3588 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:17:17.0950 3588 swprv		   (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:17:18.0070 3588 swprv - ok
14:17:18.0240 3588 SysMain		 (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:17:18.0402 3588 SysMain - ok
14:17:18.0514 3588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:17:18.0604 3588 TabletInputService - ok
14:17:18.0724 3588 TapiSrv		 (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:17:18.0846 3588 TapiSrv - ok
14:17:18.0978 3588 TBS			 (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:17:19.0088 3588 TBS - ok
14:17:19.0208 3588 Tcpip		   (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:17:19.0358 3588 Tcpip - ok
14:17:19.0470 3588 TCPIP6		  (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:17:19.0520 3588 TCPIP6 - ok
14:17:19.0580 3588 tcpipreg	    (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:17:19.0703 3588 tcpipreg - ok
14:17:19.0752 3588 TDPIPE		  (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:17:19.0802 3588 TDPIPE - ok
14:17:19.0862 3588 TDTCP		   (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:17:19.0922 3588 TDTCP - ok
14:17:19.0982 3588 tdx			 (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:17:20.0102 3588 tdx - ok
14:17:20.0172 3588 TermDD		  (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:17:20.0212 3588 TermDD - ok
14:17:20.0292 3588 TermService	 (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:17:20.0452 3588 TermService - ok
14:17:20.0562 3588 Themes		  (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:17:20.0622 3588 Themes - ok
14:17:20.0672 3588 THREADORDER	 (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:17:20.0752 3588 THREADORDER - ok
14:17:20.0792 3588 TrkWks		  (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:17:20.0892 3588 TrkWks - ok
14:17:20.0982 3588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:17:21.0112 3588 TrustedInstaller - ok
14:17:21.0172 3588 tssecsrv	    (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:17:21.0265 3588 tssecsrv - ok
14:17:21.0314 3588 TsUsbFlt	    (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:17:21.0334 3588 TsUsbFlt - ok
14:17:21.0384 3588 tunnel		  (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:17:21.0484 3588 tunnel - ok
14:17:21.0534 3588 uagp35		  (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:17:21.0584 3588 uagp35 - ok
14:17:21.0644 3588 udfs		    (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:17:21.0790 3588 udfs - ok
14:17:21.0866 3588 UI0Detect	   (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:17:21.0896 3588 UI0Detect - ok
14:17:21.0956 3588 uliagpkx	    (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:17:21.0976 3588 uliagpkx - ok
14:17:22.0026 3588 umbus		   (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:17:22.0076 3588 umbus - ok
14:17:22.0156 3588 UmPass		  (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:17:22.0228 3588 UmPass - ok
14:17:22.0460 3588 upnphost	    (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:17:22.0582 3588 upnphost - ok
14:17:22.0764 3588 upperdev	    (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:17:22.0834 3588 upperdev - ok
14:17:22.0984 3588 USBAAPL64	   (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
14:17:23.0047 3588 USBAAPL64 - ok
14:17:23.0256 3588 usbccgp		 (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:17:23.0306 3588 usbccgp - ok
14:17:23.0446 3588 usbcir		  (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:17:23.0476 3588 usbcir - ok
14:17:23.0598 3588 usbehci		 (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:17:23.0628 3588 usbehci - ok
14:17:23.0748 3588 usbfilter	   (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
14:17:23.0768 3588 usbfilter - ok
14:17:23.0968 3588 usbhub		  (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:17:24.0018 3588 usbhub - ok
14:17:24.0168 3588 usbohci		 (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:17:24.0218 3588 usbohci - ok
14:17:24.0398 3588 usbprint	    (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
14:17:24.0478 3588 usbprint - ok
14:17:24.0628 3588 usbser		  (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
14:17:24.0688 3588 usbser - ok
14:17:24.0858 3588 UsbserFilt	  (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:17:24.0898 3588 UsbserFilt - ok
14:17:25.0068 3588 USBSTOR		 (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:17:25.0148 3588 USBSTOR - ok
14:17:25.0318 3588 usbuhci		 (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
14:17:25.0358 3588 usbuhci - ok
14:17:25.0553 3588 usbvideo	    (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:17:25.0609 3588 usbvideo - ok
14:17:25.0786 3588 UxSms		   (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:17:25.0984 3588 UxSms - ok
14:17:26.0141 3588 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
14:17:26.0168 3588 VAIO Entertainment TV Device Arbitration Service - ok
14:17:26.0363 3588 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
14:17:26.0396 3588 VAIO Event Service - ok
14:17:26.0563 3588 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:17:26.0602 3588 VAIO Power Management - ok
14:17:26.0718 3588 VaultSvc	    (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:17:26.0753 3588 VaultSvc - ok
14:17:26.0887 3588 VBoxDrv		 (81952471021f6a6f56dda6ed6b5dd638) C:\Windows\system32\DRIVERS\VBoxDrv.sys
14:17:26.0933 3588 VBoxDrv - ok
14:17:27.0062 3588 VBoxNetAdp	  (c9f86aeb504355541ec9820e3155e253) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:17:27.0093 3588 VBoxNetAdp - ok
14:17:27.0249 3588 VBoxNetFlt	  (64715ce639d05d753bcd86f5abf4d82a) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:17:27.0287 3588 VBoxNetFlt - ok
14:17:27.0434 3588 VBoxUSB		 (4831ee295c9911b0236867931be493f1) C:\Windows\system32\Drivers\VBoxUSB.sys
14:17:27.0474 3588 VBoxUSB - ok
14:17:27.0638 3588 VBoxUSBMon	  (edeb78b6a969107a66a5af145ac0a43f) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
14:17:27.0648 3588 VBoxUSBMon - ok
14:17:27.0818 3588 VCFw		    (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
14:17:27.0848 3588 VCFw - ok
14:17:28.0018 3588 VcmIAlzMgr	  (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
14:17:28.0048 3588 VcmIAlzMgr - ok
14:17:28.0180 3588 VcmINSMgr	   (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
14:17:28.0200 3588 VcmINSMgr - ok
14:17:28.0390 3588 VcmXmlIfHelper  (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
14:17:28.0410 3588 VcmXmlIfHelper - ok
14:17:28.0760 3588 VCService	   (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
14:17:28.0780 3588 VCService - ok
14:17:28.0890 3588 vdrvroot	    (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:17:28.0910 3588 vdrvroot - ok
14:17:28.0980 3588 vds			 (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:17:29.0072 3588 vds - ok
14:17:29.0172 3588 vga			 (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:17:29.0212 3588 vga - ok
14:17:29.0314 3588 VgaSave		 (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:17:29.0384 3588 VgaSave - ok
14:17:29.0536 3588 vhdmp		   (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:17:29.0556 3588 vhdmp - ok
14:17:29.0628 3588 viaide		  (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:17:29.0638 3588 viaide - ok
14:17:29.0668 3588 volmgr		  (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:17:29.0698 3588 volmgr - ok
14:17:29.0790 3588 volmgrx		 (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:17:29.0830 3588 volmgrx - ok
14:17:29.0970 3588 volsnap		 (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:17:30.0020 3588 volsnap - ok
14:17:30.0120 3588 vsmraid		 (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:17:30.0150 3588 vsmraid - ok
14:17:30.0372 3588 VSS			 (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:17:30.0494 3588 VSS - ok
14:17:30.0667 3588 VUAgent		 (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
14:17:30.0698 3588 VUAgent - ok
14:17:30.0830 3588 vwifibus	    (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:17:30.0890 3588 vwifibus - ok
14:17:31.0003 3588 vwififlt	    (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:17:31.0053 3588 vwififlt - ok
14:17:31.0204 3588 vwifimp		 (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:17:31.0224 3588 vwifimp - ok
14:17:31.0466 3588 W32Time		 (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:17:31.0558 3588 W32Time - ok
14:17:31.0700 3588 WacomPen	    (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:17:31.0750 3588 WacomPen - ok
14:17:31.0940 3588 WANARP		  (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:17:32.0020 3588 WANARP - ok
14:17:32.0030 3588 Wanarpv6	    (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:17:32.0082 3588 Wanarpv6 - ok
14:17:32.0242 3588 WatAdminSvc	 (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:17:32.0302 3588 WatAdminSvc - ok
14:17:32.0462 3588 wbengine	    (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:17:32.0594 3588 wbengine - ok
14:17:32.0724 3588 WbioSrvc	    (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:17:32.0806 3588 WbioSrvc - ok
14:17:32.0936 3588 wcncsvc		 (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:17:33.0036 3588 wcncsvc - ok
14:17:33.0156 3588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:17:33.0219 3588 WcsPlugInService - ok
14:17:33.0268 3588 Wd			  (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:17:33.0288 3588 Wd - ok
14:17:33.0368 3588 Wdf01000	    (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:17:33.0398 3588 Wdf01000 - ok
14:17:33.0438 3588 WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:17:33.0510 3588 WdiServiceHost - ok
14:17:33.0522 3588 WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:17:33.0558 3588 WdiSystemHost - ok
14:17:33.0715 3588 WebClient	   (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:17:33.0772 3588 WebClient - ok
14:17:33.0872 3588 Wecsvc		  (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:17:33.0964 3588 Wecsvc - ok
14:17:34.0064 3588 wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:17:34.0144 3588 wercplsupport - ok
14:17:34.0234 3588 WerSvc		  (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:17:34.0384 3588 WerSvc - ok
14:17:34.0454 3588 WfpLwf		  (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:17:34.0514 3588 WfpLwf - ok
14:17:34.0534 3588 WIMMount	    (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:17:34.0564 3588 WIMMount - ok
14:17:34.0614 3588 WinDefend - ok
14:17:34.0714 3588 WindowBlinds    (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
14:17:34.0764 3588 WindowBlinds - ok
14:17:34.0814 3588 WinHttpAutoProxySvc - ok
14:17:34.0934 3588 Winmgmt		 (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:17:35.0064 3588 Winmgmt - ok
14:17:35.0264 3588 WinRM		   (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:17:35.0464 3588 WinRM - ok
14:17:35.0646 3588 WinUsb		  (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:17:35.0726 3588 WinUsb - ok
14:17:35.0886 3588 Wlansvc		 (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:17:36.0046 3588 Wlansvc - ok
14:17:36.0156 3588 wlcrasvc	    (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:17:36.0176 3588 wlcrasvc - ok
14:17:36.0278 3588 wlidsvc		 (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:17:36.0348 3588 wlidsvc - ok
14:17:36.0450 3588 WmiAcpi		 (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:17:36.0520 3588 WmiAcpi - ok
14:17:36.0630 3588 wmiApSrv	    (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:17:36.0712 3588 wmiApSrv - ok
14:17:36.0784 3588 WMPNetworkSvc - ok
14:17:36.0884 3588 WPCSvc		  (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:17:36.0924 3588 WPCSvc - ok
14:17:36.0974 3588 WPDBusEnum	  (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:17:37.0004 3588 WPDBusEnum - ok
14:17:37.0074 3588 ws2ifsl		 (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:17:37.0184 3588 ws2ifsl - ok
14:17:37.0294 3588 wscsvc		  (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:17:37.0414 3588 wscsvc - ok
14:17:37.0504 3588 WSearch - ok
14:17:37.0656 3588 wuauserv	    (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:17:37.0878 3588 wuauserv - ok
14:17:37.0988 3588 WudfPf		  (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:17:38.0088 3588 WudfPf - ok
14:17:38.0128 3588 WUDFRd		  (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:17:38.0208 3588 WUDFRd - ok
14:17:38.0258 3588 wudfsvc		 (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:17:38.0398 3588 wudfsvc - ok
14:17:38.0458 3588 WwanSvc		 (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:17:38.0548 3588 WwanSvc - ok
14:17:38.0638 3588 MBR (0x1B8)	 (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:17:38.0858 3588 \Device\Harddisk0\DR0 - ok
14:17:38.0868 3588 Boot (0x1200)   (263c0ff3e51adaecd439148ccfe93a1e) \Device\Harddisk0\DR0\Partition0
14:17:38.0868 3588 \Device\Harddisk0\DR0\Partition0 - ok
14:17:38.0898 3588 Boot (0x1200)   (da14fde0126e5bf1db56a5158c69884c) \Device\Harddisk0\DR0\Partition1
14:17:38.0908 3588 \Device\Harddisk0\DR0\Partition1 - ok
14:17:38.0928 3588 Boot (0x1200)   (1c2307a2554ef25fd814817fa3fca47c) \Device\Harddisk0\DR0\Partition2
14:17:38.0938 3588 \Device\Harddisk0\DR0\Partition2 - ok
14:17:38.0938 3588 ============================================================
14:17:38.0938 3588 Scan finished
14:17:38.0938 3588 ============================================================
14:17:38.0968 2912 Detected object count: 2
14:17:38.0968 2912 Actual detected object count: 2
14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip [/size][/font][/color]
[color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]

Maurice Naggar · April 22, 2012

I will be moving this topic to the Malware-removal forum. Your system has the searchqu malware.

I'd like for you to tell me what these 2 things are:

RegTweaker

Norton Safe Web Lite

P.S. Going forward, do NOT enclose the logs in quote or code blocks. The way you had them makes it harder to look at.

Edited April 22, 2012 by Maurice Naggar
Note added

Maurice Naggar · April 22, 2012

Your logs showed some peer-to-peer filesharing apps: uTorrent. I must ask you to de-install it and any other 'torrent app AND to confirm having done so.

The use of P-2-P programs/ filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

rock2death · April 22, 2012

Hi, can you post the link. Ohh that searchqu.com? i also saw that on my cousins PC, i thought it just a normal website, do you know how am i became infected with that malware?

RegTweaker i just downloaded that and tried if it can clean my registry.

That Norton Safe Web Lite, just tried it too. I apologize for not mentioning this Norton.

rock2death · April 22, 2012

Thanks for the info, de-installation done.

Maurice Naggar · April 23, 2012

Regarding "registry cleaners": They are generally not needed. Can be dangerous to use for the untrained, especially so if the "cleaner" does not have undo features or backup copies.

See Should I Use a Registry Cleaner?

Let's have you do the following:

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

Go to your Desktop
Double-Click the Computer icon.
From the menu options, Select Tools, then Folder Options.
Next click the View tab.
Locate and uncheck Hide file extensions for known file types.
Locate and uncheck Hide protected operating system files (Recommended).
Locate and click Show hidden files and folders and drives.
Click Apply > OK.

Step 3

Download OTL by OldTimer & SAVE to your Desktop: http://oldtimer.geekstogo.com/OTL.exe

Please double-click OTL.exe to run it. (Note: If you are running on Windows 7 or Vista, right-click on the file and choose Run As Administrator).
Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
*****************************************************************
:processes
killallprocesses
:files
recycler /alldrives
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{99079a25-328f-4bd4-be04-00955acaa0a7}"=-
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[Reboot]
*****************************************************************
Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
Close any browser(s) windows that may be open.
Using your mouse, click on the red-lettered button Run Fix.
Once you see a message box "Fix complete! Click OK to open the fix log."
Click the OK button
The log will open in Notepad (your default text editor).
Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.

If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Reply with copy of contents of OTL MovedFiles log

rock2death · April 25, 2012

Hi why im banned on the link that you post? it says

You have been permanently banned from this board.

Please contact the (email address removed) for more information.

A ban has been issued on your IP address

Below is the log of OTL

...

All processes killed

========== PROCESSES ==========

========== FILES ==========

recycler not found in C:\

recycler not found in D:\

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.

========== COMMANDS ==========

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: a

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: boinc_master

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Guest

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Janiero

->Temp folder emptied: 524976 bytes

->Temporary Internet Files folder emptied: 8628243 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 2824 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 61762 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66784 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 9.00 mb

Restore point Set: OTL Restore Point

[EMPTYFLASH]

User: a

->Flash cache emptied: 0 bytes

User: Administrator

User: All Users

User: boinc_master

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Guest

->Flash cache emptied: 0 bytes

User: Janiero

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.42.0 log created on 04252012_122702

Files\Folders moved on Reboot...

C:\Users\Janiero\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Files\Folders moved on Reboot...

C:\Users\Janiero\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Edited April 25, 2012 by Maurice Naggar
removed email address

Mbam causing Google Chrome to crash and computer hang-Bandoo Searchqu pest

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites