Possible Backdoor Trojan

[tqh]

Hello MB Forum. Need a little help. I have one computer that was diagnosed as having at least one backdoor trojan by one of your experts. See here if needed:

http://forums.malwarebytes.org/index.php?showtopic=113790&hl=&fromsearch=1

None of my scans showed anything until we got to Dr. Web-CureIt. I have a Sony laptop that I am concerned about as well. I had a similar problem 2 months ago (e.g., AVAST false positive; MBAM log clean, etc.). However, we did not run Dr. Web-CureIt. What I would like to do is make sure this system is clean so I have at least one clean system. I would appreciate any help you can give me. Thanks.

Here are the requested logs:

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.14.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

iop :: FLOYD00 [administrator]

8/14/2012 12:08:50 PM

mbam-log-2012-08-14 (12-08-50).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 269834

Time elapsed: 2 minute(s), 57 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by iop at 12:29:02 on 2012-08-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3935.2566 [GMT -5:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\pnusbvirtualhubwssrv.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Apoint\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Windows\SysWOW64\PNUSBCLITRAY.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\SysWOW64\PNTray.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe

C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [pnusbclitray] pnusbclitray.exe

mRun: [<NO NAME>]

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?

lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjE0MDg2MzM2LUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtUUlYMS

s0LVgyMDEwKzItRjEwTTEwRCsxLUxJQys3Ny1GTDEwKzEtU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtRERUKzA"&"prod=90"&"ver=10.0.1390

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth

Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to &Evernote - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll/2000

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component

\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00105-0000-0005-ABCDEFFEDCBC}

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live

\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:

\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:

\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote

\Evernote3.5\enbar.dll

Trusted Zone: tamu.edu\voal

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{1B4C9337-1350-489A-8601-C7E07B94A658} : DhcpNameServer = 208.180.42.100 208.180.42.68

TCP: Interfaces\{75AF77AA-0AAC-44FE-B6A7-C34C198998B7} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{75AF77AA-0AAC-44FE-B6A7-C34C198998B7}\2456C6B696E6F5560336231683 : DhcpNameServer = 172.16.0.1

Notify: VESWinlogon - VESWinlogon.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files

\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin

\jp2ssv.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

mRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup

mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [pnusbclitray] pnusbclitray.exe

mRun-x64: [(Default)]

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?

lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjE0MDg2MzM2LUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtUUlYMS

s0LVgyMDEwKzItRjEwTTEwRCsxLUxJQys3Ny1GTDEwKzEtU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtRERUKzA"&"prod=90"&"ver=10.0.1390

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\iop\AppData\Roaming\Mozilla\Firefox\Profiles\6oc1p2vb.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbb85fe&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\iop\AppData\Roaming\Move Networks\plugins\npqmp071502000008.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys

[?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-6 44808]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-6 655944]

R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 pnpnptool;Quest RDP PnP Driver;\??\C:\Windows\system32\Drivers\pnpnptool.sys --> C:\Windows\system32\Drivers\pnpnptool.sys

[?]

R2 pnusbvirtualhubwssrv;Quest USB Hub Client Service;C:\Windows\system32\pnusbvirtualhubwssrv.exe --> C:\Windows

\system32\pnusbvirtualhubwssrv.exe [?]

R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2007-4-17 11032]

R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-11-25 189984]

R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-5-16 259192]

R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-11-25 104960]

R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

[2009-9-14 642416]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows

\system32\DRIVERS\ArcSoftKsUFilter.sys [?]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows

\system32\drivers\IntcHdmi.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 pnusbd;Quest RDP USB Driver;\??\C:\Windows\system32\Drivers\pnusbd.sys --> C:\Windows\system32\Drivers\pnusbd.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-25 571248]

R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-5-16 44736]

R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS

\vwifimp.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:

\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31

362992]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

[2012-5-5 113120]

S3 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-3-30

43010392]

S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-

8-31 313840]

S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-11-25

120104]

S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-11-25

70952]

S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-11-25

427304]

S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-11-25 75048]

S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-11-25

91432]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager

\VcmIAlzMgr.exe [2009-11-25 480624]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service

Manager\VcmINSMgr.exe [2009-11-25 361840]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

[2009-11-25 110960]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat

\WatAdminSvc.exe [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared

\sqladhlp.exe [2009-3-30 47128]

S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE

[2009-3-30 366936]

.

=============== Created Last 30 ================

.

2012-08-13 20:41:25 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-08-13 20:41:25 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-07-30 20:30:59 -------- d-----w- C:\Users\iop\AppData\Roaming\TeamViewer

2012-07-23 02:02:24 -------- d-----w- C:\Dissertation Self-Efficacy

.

==================== Find3M ====================

.

2012-07-30 22:20:25 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-30 22:20:25 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr

2012-06-19 02:53:49 848 ----a-w- C:\Windows\wininit.tmp

2012-06-19 01:54:28 18768 ----a-w- C:\Windows\SysWow64\drivers\SECDRV.SYS

2012-06-18 21:22:34 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll

2012-06-18 21:22:34 839096 ----a-w- C:\Windows\System32\deployJava1.dll

2012-06-18 21:21:12 772592 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2012-06-18 21:21:12 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

.

============= FINISH: 12:29:37.54 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 3/23/2010 4:42:24 AM

System Uptime: 8/14/2012 11:58:12 AM (1 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 287 GiB total, 221.864 GiB free.

E: is Removable

F: is Removable

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP383: 7/11/2012 3:01:08 AM - Windows Update

RP384: 7/18/2012 4:31:47 PM - Scheduled Checkpoint

RP385: 7/26/2012 1:01:03 AM - Scheduled Checkpoint

RP386: 7/30/2012 4:38:18 PM - Restore Operation

RP387: 8/7/2012 2:06:36 AM - Scheduled Checkpoint

RP388: 8/13/2012 3:37:05 PM - VAIO Care Automatic Restore Point

RP389: 8/13/2012 3:41:27 PM - Windows Update

RP391: 8/13/2012 5:20:07 PM - Revo Uninstaller Pro's restore point - Command & Conquer Red Alert 2

.

==== Installed Programs ======================

.

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

ArcSoft Magic-i Visual Effects 2

ArcSoft WebCam Companion 3

avast! Free Antivirus

Command & Conquer Red Alert 2

Compatibility Pack for the 2007 Office system

Corel WinDVD

Coupon Printer for Windows

Deus Ex

Deus Ex - Invisible War

Deus Ex: Human Revolution

Evernote

HLM 7 for Windows (X86 Student)

HP Envy 100 D410 series Help

HP Photo Creations

HP Update

Java 6 Update 32

Java 7 Update 5

Junk Mail filter update

Malwarebytes Anti-Malware version 1.62.0.1300

Media Gallery

Microsoft Choice Guard

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

Move Media Player

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NTREGOPT 1.1j

Oasis2Service

PMB

PMB VAIO Edition Guide

PMB VAIO Edition plug-in (Click to Disc)

PMB VAIO Edition plug-in (VAIO Image Optimizer)

PMB VAIO Edition plug-in (VAIO Movie Story)

QuickBooks Financial Center

Realtek High Definition Audio Driver

Roxio Central Audio

Roxio Central Copy

Roxio Central Core

Roxio Central Data

Roxio Central Tools

Roxio Easy Media Creator 10 LJ

Roxio Easy Media Creator Home

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Service Pack 1 for SQL Server 2008 (KB968369)

Setting Utility Series

SmartWi Connection Utility

Sony Home Network Library

Sql Server Customer Experience Improvement Program

Steam

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Office 2007 (KB934528)

Update for Office System 2007 Setup (KB929722)

VAIO Care

VAIO Content Metadata Intelligent Analyzing Manager

VAIO Content Metadata Intelligent Network Service Manager

VAIO Content Metadata Manager Settings

VAIO Content Metadata XML Interface Library

VAIO Content Monitoring Settings

VAIO Control Center

VAIO Data Restore Tool

VAIO DVD Menu Data

VAIO Entertainment Platform

VAIO Event Service

VAIO Hardware Diagnostics

VAIO Help and Support

VAIO Media plus

VAIO Media plus Opening Movie

VAIO Messenger

VAIO Movie Story Template Data

VAIO OOBE and Startup Assistant

VAIO Original Function Settings

VAIO Personalization Manager

VAIO Power Management

VAIO Quick Web Access

VAIO Sample Contents

VAIO Survey

VAIO Transfer Support

VAIO Update

VAIO Wallpaper Contents

VAIO Window Organizer

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.11

VU5x86

vWorkspace Connector for Web Access

Westwood Shared Internet Components

WinASO Registry Optimizer 4.7.5

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

8/14/2012 11:59:21 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to

load: SABKUTIL

8/14/2012 11:58:40 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for

the Roxio Upnp Server 10 service to connect.

8/13/2012 9:36:03 PM, Error: Service Control Manager [7034] - The Quest USB Hub Client Service service terminated

unexpectedly. It has done this 1 time(s).

8/13/2012 5:14:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for

the Windows Live ID Sign-in Assistant service to connect.

8/13/2012 5:14:31 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start

due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[tqh]

Thanks for the reply and your help. Here is the report:

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: iop [Admin rights]

Mode: Scan -- Date: 08/14/2012 13:37:24

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVS-26VAT0 +++++

--- User ---

[MBR] 66ca1cabab75826394cdee209d4f460c

[bSP] 09e7744afc31920bc08bb5dd60d26bee : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 11497 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 23547904 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 23752704 | Size: 293646 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

Looks OK, lets run a couple of scans to make sure..........

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[tqh]

Thanks for the quick reply. Hope this isn't too big. Here is the log:

13:59:49.0985 5920 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

13:59:50.0407 5920 ============================================================

13:59:50.0407 5920 Current date / time: 2012/08/14 13:59:50.0407

13:59:50.0407 5920 SystemInfo:

13:59:50.0407 5920

13:59:50.0407 5920 OS Version: 6.1.7601 ServicePack: 1.0

13:59:50.0407 5920 Product type: Workstation

13:59:50.0407 5920 ComputerName: FLOYD00

13:59:50.0407 5920 UserName: iop

13:59:50.0407 5920 Windows directory: C:\Windows

13:59:50.0407 5920 System windows directory: C:\Windows

13:59:50.0407 5920 Running under WOW64

13:59:50.0407 5920 Processor architecture: Intel x64

13:59:50.0407 5920 Number of processors: 2

13:59:50.0407 5920 Page size: 0x1000

13:59:50.0407 5920 Boot type: Normal boot

13:59:50.0407 5920 ============================================================

13:59:50.0937 5920 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:59:50.0953 5920 ============================================================

13:59:50.0953 5920 \Device\Harddisk0\DR0:

13:59:50.0953 5920 MBR partitions:

13:59:50.0953 5920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1675000, BlocksNum 0x32000

13:59:50.0953 5920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16A7000, BlocksNum 0x23D872B0

13:59:50.0953 5920 ============================================================

13:59:50.0984 5920 C: <-> \Device\Harddisk0\DR0\Partition2

13:59:50.0984 5920 ============================================================

13:59:50.0984 5920 Initialize success

13:59:50.0984 5920 ============================================================

14:01:01.0121 5664 ============================================================

14:01:01.0121 5664 Scan started

14:01:01.0121 5664 Mode: Manual; SigCheck; TDLFS;

14:01:01.0121 5664 ============================================================

14:01:01.0511 5664 ================ Scan services =============================

14:01:01.0574 5664 [ ad647cdd6b6a0994e1d08b22d6d6cf37 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

14:01:01.0636 5664 !SASCORE - ok

14:01:01.0792 5664 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

14:01:01.0886 5664 1394ohci - ok

14:01:01.0979 5664 [ 769db4f484957cc98153b3c1b5d1162f ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

14:01:02.0026 5664 ACDaemon - ok

14:01:02.0057 5664 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

14:01:02.0073 5664 ACPI - ok

14:01:02.0104 5664 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

14:01:02.0182 5664 AcpiPmi - ok

14:01:02.0260 5664 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

14:01:02.0276 5664 AdobeARMservice - ok

14:01:02.0323 5664 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

14:01:02.0354 5664 adp94xx - ok

14:01:02.0385 5664 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

14:01:02.0401 5664 adpahci - ok

14:01:02.0416 5664 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

14:01:02.0432 5664 adpu320 - ok

14:01:02.0479 5664 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

14:01:02.0635 5664 AeLookupSvc - ok

14:01:02.0681 5664 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

14:01:02.0759 5664 AFD - ok

14:01:02.0791 5664 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

14:01:02.0806 5664 agp440 - ok

14:01:02.0822 5664 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

14:01:02.0853 5664 ALG - ok

14:01:02.0869 5664 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

14:01:02.0884 5664 aliide - ok

14:01:02.0900 5664 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

14:01:02.0915 5664 amdide - ok

14:01:02.0931 5664 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

14:01:03.0009 5664 AmdK8 - ok

14:01:03.0040 5664 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

14:01:03.0087 5664 AmdPPM - ok

14:01:03.0103 5664 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

14:01:03.0134 5664 amdsata - ok

14:01:03.0165 5664 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

14:01:03.0181 5664 amdsbs - ok

14:01:03.0196 5664 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

14:01:03.0212 5664 amdxata - ok

14:01:03.0243 5664 [ 56bd886820c4aedf493cfcdf1ccfb004 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys

14:01:03.0259 5664 ApfiltrService - ok

14:01:03.0290 5664 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

14:01:03.0493 5664 AppID - ok

14:01:03.0524 5664 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

14:01:03.0602 5664 AppIDSvc - ok

14:01:03.0633 5664 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

14:01:03.0711 5664 Appinfo - ok

14:01:03.0742 5664 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys

14:01:03.0758 5664 arc - ok

14:01:03.0789 5664 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys

14:01:03.0805 5664 arcsas - ok

14:01:03.0820 5664 [ c130bc4a51b1382b2be8e44579ec4c0a ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

14:01:03.0836 5664 ArcSoftKsUFilter - ok

14:01:03.0836 5664 [ df59b8e8df0bd2e0e303778a3806a17d ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys

14:01:03.0851 5664 aswFsBlk - ok

14:01:03.0883 5664 [ f8e6ab4f876feff69250f2e0c29ef004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys

14:01:03.0898 5664 aswMonFlt - ok

14:01:03.0914 5664 [ aa92bc4bcba40ca3aa3ffd1be24f0c09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys

14:01:03.0914 5664 aswRdr - ok

14:01:03.0961 5664 [ f06e230e1e8ca9437a6474b7b551cd37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys

14:01:03.0992 5664 aswSnx - ok

14:01:04.0023 5664 [ 3610ca74a69e380424f0452dec5c1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys

14:01:04.0039 5664 aswSP - ok

14:01:04.0039 5664 [ 87de3e31cb0091d22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys

14:01:04.0054 5664 aswTdi - ok

14:01:04.0085 5664 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

14:01:04.0148 5664 AsyncMac - ok

14:01:04.0179 5664 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

14:01:04.0195 5664 atapi - ok

14:01:04.0241 5664 [ 0acc06fcf46f64ed4f11e57ee461c1f4 ] athr C:\Windows\system32\DRIVERS\athrx.sys

14:01:04.0304 5664 athr - ok

14:01:04.0460 5664 [ de0ede41bc530f1759c6fffcb8c7a0cf ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

14:01:04.0569 5664 atikmdag - ok

14:01:04.0631 5664 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

14:01:04.0741 5664 AudioEndpointBuilder - ok

14:01:04.0756 5664 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

14:01:04.0803 5664 AudioSrv - ok

14:01:04.0865 5664 [ 2f7c0f3e39c45e0127fb78b2f18a41f3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

14:01:04.0881 5664 avast! Antivirus - ok

14:01:04.0928 5664 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

14:01:04.0975 5664 AxInstSV - ok

14:01:05.0021 5664 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

14:01:05.0053 5664 b06bdrv - ok

14:01:05.0084 5664 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

14:01:05.0162 5664 b57nd60a - ok

14:01:05.0177 5664 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

14:01:05.0224 5664 BDESVC - ok

14:01:05.0240 5664 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

14:01:05.0333 5664 Beep - ok

14:01:05.0380 5664 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

14:01:05.0474 5664 BFE - ok

14:01:05.0536 5664 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll

14:01:05.0661 5664 BITS - ok

14:01:05.0708 5664 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

14:01:05.0739 5664 blbdrive - ok

14:01:05.0786 5664 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

14:01:05.0817 5664 bowser - ok

14:01:05.0848 5664 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

14:01:05.0911 5664 BrFiltLo - ok

14:01:05.0926 5664 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

14:01:05.0957 5664 BrFiltUp - ok

14:01:05.0989 5664 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll

14:01:06.0051 5664 Browser - ok

14:01:06.0082 5664 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

14:01:06.0113 5664 Brserid - ok

14:01:06.0129 5664 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

14:01:06.0176 5664 BrSerWdm - ok

14:01:06.0191 5664 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

14:01:06.0238 5664 BrUsbMdm - ok

14:01:06.0254 5664 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

14:01:06.0269 5664 BrUsbSer - ok

14:01:06.0301 5664 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

14:01:06.0347 5664 BthEnum - ok

14:01:06.0379 5664 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

14:01:06.0410 5664 BTHMODEM - ok

14:01:06.0441 5664 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

14:01:06.0488 5664 BthPan - ok

14:01:06.0503 5664 [ 64c198198501f7560ee41d8d1efa7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

14:01:06.0581 5664 BTHPORT - ok

14:01:06.0628 5664 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

14:01:06.0691 5664 bthserv - ok

14:01:06.0722 5664 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

14:01:06.0753 5664 BTHUSB - ok

14:01:06.0784 5664 [ 4bdbdb86abba924e029fb2683be7c505 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

14:01:06.0800 5664 btwaudio - ok

14:01:06.0831 5664 [ 5c849bd7c78791c5cee9f4651d7fe38d ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

14:01:06.0847 5664 btwavdt - ok

14:01:06.0893 5664 [ 31da517946ffe416442e864592548f8a ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

14:01:06.0925 5664 btwdins - ok

14:01:06.0940 5664 [ 6149301dc3f81d6f9667a3fbac410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

14:01:06.0956 5664 btwl2cap - ok

14:01:06.0956 5664 [ 3e1991afa851a36dc978b0a1b0535c8b ] btwrchid C:\Windows\system32\drivers\btwrchid.sys

14:01:06.0971 5664 btwrchid - ok

14:01:06.0987 5664 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

14:01:07.0034 5664 cdfs - ok

14:01:07.0081 5664 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

14:01:07.0112 5664 cdrom - ok

14:01:07.0174 5664 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

14:01:07.0252 5664 CertPropSvc - ok

14:01:07.0283 5664 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys

14:01:07.0315 5664 circlass - ok

14:01:07.0346 5664 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

14:01:07.0361 5664 CLFS - ok

14:01:07.0439 5664 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:01:07.0455 5664 clr_optimization_v2.0.50727_32 - ok

14:01:07.0486 5664 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:01:07.0502 5664 clr_optimization_v2.0.50727_64 - ok

14:01:07.0580 5664 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:01:07.0611 5664 clr_optimization_v4.0.30319_32 - ok

14:01:07.0642 5664 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:01:07.0658 5664 clr_optimization_v4.0.30319_64 - ok

14:01:07.0689 5664 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

14:01:07.0736 5664 CmBatt - ok

14:01:07.0751 5664 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

14:01:07.0767 5664 cmdide - ok

14:01:07.0814 5664 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

14:01:07.0829 5664 CNG - ok

14:01:07.0861 5664 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

14:01:07.0892 5664 Compbatt - ok

14:01:07.0923 5664 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

14:01:07.0954 5664 CompositeBus - ok

14:01:07.0970 5664 COMSysApp - ok

14:01:08.0001 5664 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

14:01:08.0017 5664 crcdisk - ok

14:01:08.0048 5664 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

14:01:08.0079 5664 CryptSvc - ok

14:01:08.0110 5664 [ a5d3d53178394cc7a8a26bb532575b59 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys

14:01:08.0126 5664 dc3d - ok

14:01:08.0204 5664 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

14:01:08.0282 5664 DcomLaunch - ok

14:01:08.0329 5664 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

14:01:08.0407 5664 defragsvc - ok

14:01:08.0438 5664 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

14:01:08.0500 5664 DfsC - ok

14:01:08.0531 5664 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

14:01:08.0609 5664 Dhcp - ok

14:01:08.0641 5664 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

14:01:08.0687 5664 discache - ok

14:01:08.0734 5664 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys

14:01:08.0750 5664 Disk - ok

14:01:08.0797 5664 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

14:01:08.0828 5664 Dnscache - ok

14:01:08.0875 5664 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

14:01:08.0937 5664 dot3svc - ok

14:01:08.0968 5664 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

14:01:09.0031 5664 DPS - ok

14:01:09.0046 5664 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

14:01:09.0062 5664 drmkaud - ok

14:01:09.0109 5664 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

14:01:09.0171 5664 DXGKrnl - ok

14:01:09.0202 5664 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

14:01:09.0249 5664 EapHost - ok

14:01:09.0358 5664 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys

14:01:09.0514 5664 ebdrv - ok

14:01:09.0561 5664 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

14:01:09.0608 5664 EFS - ok

14:01:09.0686 5664 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

14:01:09.0733 5664 ehRecvr - ok

14:01:09.0764 5664 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

14:01:09.0811 5664 ehSched - ok

14:01:09.0842 5664 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

14:01:09.0889 5664 elxstor - ok

14:01:09.0904 5664 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

14:01:09.0935 5664 ErrDev - ok

14:01:09.0982 5664 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

14:01:10.0029 5664 EventSystem - ok

14:01:10.0060 5664 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

14:01:10.0107 5664 exfat - ok

14:01:10.0138 5664 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

14:01:10.0201 5664 fastfat - ok

14:01:10.0232 5664 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

14:01:10.0294 5664 Fax - ok

14:01:10.0310 5664 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys

14:01:10.0357 5664 fdc - ok

14:01:10.0372 5664 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

14:01:10.0419 5664 fdPHost - ok

14:01:10.0450 5664 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

14:01:10.0513 5664 FDResPub - ok

14:01:10.0528 5664 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

14:01:10.0544 5664 FileInfo - ok

14:01:10.0575 5664 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

14:01:10.0622 5664 Filetrace - ok

14:01:10.0637 5664 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

14:01:10.0653 5664 flpydisk - ok

14:01:10.0684 5664 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

14:01:10.0731 5664 FltMgr - ok

14:01:10.0778 5664 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

14:01:10.0840 5664 FontCache - ok

14:01:10.0903 5664 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:01:10.0918 5664 FontCache3.0.0.0 - ok

14:01:10.0934 5664 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

14:01:10.0949 5664 FsDepends - ok

14:01:10.0981 5664 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

14:01:10.0996 5664 Fs_Rec - ok

14:01:11.0043 5664 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

14:01:11.0059 5664 fvevol - ok

14:01:11.0074 5664 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

14:01:11.0090 5664 gagp30kx - ok

14:01:11.0137 5664 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

14:01:11.0215 5664 gpsvc - ok

14:01:11.0230 5664 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

14:01:11.0261 5664 hcw85cir - ok

14:01:11.0324 5664 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

14:01:11.0355 5664 HdAudAddService - ok

14:01:11.0386 5664 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

14:01:11.0417 5664 HDAudBus - ok

14:01:11.0449 5664 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

14:01:11.0480 5664 HidBatt - ok

14:01:11.0495 5664 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

14:01:11.0527 5664 HidBth - ok

14:01:11.0542 5664 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

14:01:11.0589 5664 HidIr - ok

14:01:11.0636 5664 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll

14:01:11.0714 5664 hidserv - ok

14:01:11.0729 5664 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

14:01:11.0761 5664 HidUsb - ok

14:01:11.0792 5664 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

14:01:11.0839 5664 hkmsvc - ok

14:01:11.0885 5664 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

14:01:11.0917 5664 HomeGroupListener - ok

14:01:11.0963 5664 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

14:01:12.0010 5664 HomeGroupProvider - ok

14:01:12.0057 5664 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

14:01:12.0088 5664 HpSAMD - ok

14:01:12.0135 5664 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

14:01:12.0229 5664 HTTP - ok

14:01:12.0291 5664 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

14:01:12.0322 5664 hwpolicy - ok

14:01:12.0369 5664 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

14:01:12.0385 5664 i8042prt - ok

14:01:12.0463 5664 [ 7548066df68a8a1a56b043359f915f37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

14:01:12.0494 5664 IAANTMON - ok

14:01:12.0525 5664 [ 1d004cb1da6323b1f55caef7f94b61d9 ] iaStor C:\Windows\system32\drivers\iaStor.sys

14:01:12.0541 5664 iaStor - ok

14:01:12.0587 5664 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

14:01:12.0619 5664 iaStorV - ok

14:01:12.0681 5664 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:01:12.0712 5664 idsvc - ok

14:01:12.0915 5664 [ 2d18c9e1f23970de32d78d3b1cdda0a7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

14:01:13.0149 5664 igfx - ok

14:01:13.0196 5664 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

14:01:13.0211 5664 iirsp - ok

14:01:13.0258 5664 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

14:01:13.0352 5664 IKEEXT - ok

14:01:13.0430 5664 [ b16fc828ce7a76a8f1ce682e6ead2627 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

14:01:13.0461 5664 IntcAzAudAddService - ok

14:01:13.0492 5664 [ 88a20fa54c73ded4e8dac764e9130ae9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys

14:01:13.0539 5664 IntcHdmiAddService - ok

14:01:13.0570 5664 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

14:01:13.0601 5664 intelide - ok

14:01:13.0633 5664 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

14:01:13.0664 5664 intelppm - ok

14:01:13.0695 5664 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

14:01:13.0773 5664 IPBusEnum - ok

14:01:13.0804 5664 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:01:13.0898 5664 IpFilterDriver - ok

14:01:13.0929 5664 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

14:01:14.0023 5664 iphlpsvc - ok

14:01:14.0054 5664 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

14:01:14.0085 5664 IPMIDRV - ok

14:01:14.0116 5664 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

14:01:14.0179 5664 IPNAT - ok

14:01:14.0210 5664 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

14:01:14.0288 5664 IRENUM - ok

14:01:14.0303 5664 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

14:01:14.0319 5664 isapnp - ok

14:01:14.0366 5664 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

14:01:14.0397 5664 iScsiPrt - ok

14:01:14.0413 5664 [ 213822072085b5bbad9af30ab577d817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

14:01:14.0428 5664 IviRegMgr - ok

14:01:14.0444 5664 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

14:01:14.0444 5664 kbdclass - ok

14:01:14.0491 5664 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

14:01:14.0522 5664 kbdhid - ok

14:01:14.0537 5664 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

14:01:14.0553 5664 KeyIso - ok

14:01:14.0584 5664 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

14:01:14.0600 5664 KSecDD - ok

14:01:14.0631 5664 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

14:01:14.0647 5664 KSecPkg - ok

14:01:14.0678 5664 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

14:01:14.0756 5664 ksthunk - ok

14:01:14.0803 5664 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

14:01:14.0881 5664 KtmRm - ok

14:01:14.0927 5664 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll

14:01:14.0990 5664 LanmanServer - ok

14:01:15.0005 5664 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

14:01:15.0068 5664 LanmanWorkstation - ok

14:01:15.0083 5664 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

14:01:15.0146 5664 lltdio - ok

14:01:15.0193 5664 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

14:01:15.0239 5664 lltdsvc - ok

14:01:15.0255 5664 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

14:01:15.0302 5664 lmhosts - ok

14:01:15.0317 5664 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

14:01:15.0333 5664 LSI_FC - ok

14:01:15.0364 5664 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

14:01:15.0395 5664 LSI_SAS - ok

14:01:15.0427 5664 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

14:01:15.0442 5664 LSI_SAS2 - ok

14:01:15.0489 5664 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

14:01:15.0505 5664 LSI_SCSI - ok

14:01:15.0520 5664 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

14:01:15.0583 5664 luafv - ok

14:01:15.0614 5664 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

14:01:15.0629 5664 MBAMProtector - ok

14:01:15.0692 5664 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

14:01:15.0739 5664 MBAMService - ok

14:01:15.0770 5664 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

14:01:15.0801 5664 Mcx2Svc - ok

14:01:15.0817 5664 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys

14:01:15.0832 5664 megasas - ok

14:01:15.0863 5664 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

14:01:15.0879 5664 MegaSR - ok

14:01:15.0910 5664 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

14:01:16.0004 5664 MMCSS - ok

14:01:16.0019 5664 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

14:01:16.0066 5664 Modem - ok

14:01:16.0082 5664 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

14:01:16.0144 5664 monitor - ok

14:01:16.0160 5664 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

14:01:16.0175 5664 mouclass - ok

14:01:16.0207 5664 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

14:01:16.0238 5664 mouhid - ok

14:01:16.0269 5664 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

14:01:16.0285 5664 mountmgr - ok

14:01:16.0347 5664 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

14:01:16.0378 5664 MozillaMaintenance - ok

14:01:16.0441 5664 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

14:01:16.0472 5664 mpio - ok

14:01:16.0487 5664 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

14:01:16.0534 5664 mpsdrv - ok

14:01:16.0565 5664 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

14:01:16.0659 5664 MpsSvc - ok

14:01:16.0690 5664 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

14:01:16.0753 5664 MRxDAV - ok

14:01:16.0799 5664 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

14:01:16.0846 5664 mrxsmb - ok

14:01:16.0893 5664 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:01:16.0940 5664 mrxsmb10 - ok

14:01:16.0987 5664 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:01:17.0002 5664 mrxsmb20 - ok

14:01:17.0018 5664 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

14:01:17.0033 5664 msahci - ok

14:01:17.0049 5664 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

14:01:17.0080 5664 msdsm - ok

14:01:17.0111 5664 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

14:01:17.0189 5664 MSDTC - ok

14:01:17.0221 5664 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

14:01:17.0267 5664 Msfs - ok

14:01:17.0283 5664 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

14:01:17.0330 5664 mshidkmdf - ok

14:01:17.0361 5664 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

14:01:17.0377 5664 msisadrv - ok

14:01:17.0408 5664 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

14:01:17.0455 5664 MSiSCSI - ok

14:01:17.0455 5664 msiserver - ok

14:01:17.0486 5664 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

14:01:17.0533 5664 MSKSSRV - ok

14:01:17.0548 5664 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

14:01:17.0595 5664 MSPCLOCK - ok

14:01:17.0611 5664 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

14:01:17.0673 5664 MSPQM - ok

14:01:17.0704 5664 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

14:01:17.0751 5664 MsRPC - ok

14:01:17.0767 5664 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

14:01:17.0782 5664 mssmbios - ok

14:01:17.0829 5664 MSSQL$DDNI - ok

14:01:17.0907 5664 [ f1761c8fb2b25a32c6d63e36bb88c3ae ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

14:01:17.0923 5664 MSSQLServerADHelper100 - ok

14:01:17.0938 5664 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

14:01:18.0016 5664 MSTEE - ok

14:01:18.0032 5664 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

14:01:18.0047 5664 MTConfig - ok

14:01:18.0063 5664 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

14:01:18.0079 5664 Mup - ok

14:01:18.0125 5664 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

14:01:18.0188 5664 napagent - ok

14:01:18.0219 5664 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

14:01:18.0250 5664 NativeWifiP - ok

14:01:18.0297 5664 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

14:01:18.0359 5664 NDIS - ok

14:01:18.0375 5664 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

14:01:18.0422 5664 NdisCap - ok

14:01:18.0422 5664 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

14:01:18.0469 5664 NdisTapi - ok

14:01:18.0500 5664 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

14:01:18.0547 5664 Ndisuio - ok

14:01:18.0578 5664 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

14:01:18.0656 5664 NdisWan - ok

14:01:18.0687 5664 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

14:01:18.0718 5664 NDProxy - ok

14:01:18.0734 5664 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

14:01:18.0796 5664 NetBIOS - ok

14:01:18.0827 5664 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

14:01:18.0890 5664 NetBT - ok

14:01:18.0921 5664 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

14:01:18.0937 5664 Netlogon - ok

14:01:18.0968 5664 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

14:01:19.0046 5664 Netman - ok

14:01:19.0077 5664 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

14:01:19.0139 5664 netprofm - ok

14:01:19.0171 5664 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:01:19.0202 5664 NetTcpPortSharing - ok

14:01:19.0233 5664 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

14:01:19.0249 5664 nfrd960 - ok

14:01:19.0280 5664 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

14:01:19.0342 5664 NlaSvc - ok

14:01:19.0373 5664 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

14:01:19.0420 5664 Npfs - ok

14:01:19.0467 5664 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

14:01:19.0514 5664 nsi - ok

14:01:19.0529 5664 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

14:01:19.0592 5664 nsiproxy - ok

14:01:19.0670 5664 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

14:01:19.0748 5664 Ntfs - ok

14:01:19.0779 5664 [ 317020d31f1696334679b9d0416eb62e ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

14:01:19.0795 5664 NuidFltr - ok

14:01:19.0810 5664 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

14:01:19.0842 5664 Null - ok

14:01:19.0857 5664 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

14:01:19.0873 5664 nvraid - ok

14:01:19.0920 5664 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

14:01:19.0951 5664 nvstor - ok

14:01:19.0966 5664 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

14:01:19.0998 5664 nv_agp - ok

14:01:20.0076 5664 [ 07571684567859da796a566cc78ffa74 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

14:01:20.0091 5664 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning

14:01:20.0091 5664 Oasis2Service - detected UnsignedFile.Multi.Generic (1)

14:01:20.0185 5664 [ 84de1dd996b48b05ace31ad015fa108a ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

14:01:20.0216 5664 odserv - ok

14:01:20.0247 5664 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

14:01:20.0278 5664 ohci1394 - ok

14:01:20.0310 5664 [ 5a432a042dae460abe7199b758e8606c ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:01:20.0325 5664 ose - ok

14:01:20.0341 5664 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

14:01:20.0388 5664 p2pimsvc - ok

14:01:20.0419 5664 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

14:01:20.0450 5664 p2psvc - ok

14:01:20.0466 5664 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys

14:01:20.0481 5664 Parport - ok

14:01:20.0512 5664 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

14:01:20.0528 5664 partmgr - ok

14:01:20.0544 5664 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

14:01:20.0590 5664 PcaSvc - ok

14:01:20.0622 5664 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

14:01:20.0653 5664 pci - ok

14:01:20.0668 5664 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

14:01:20.0684 5664 pciide - ok

14:01:20.0715 5664 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

14:01:20.0746 5664 pcmcia - ok

14:01:20.0778 5664 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

14:01:20.0793 5664 pcw - ok

14:01:20.0824 5664 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

14:01:20.0918 5664 PEAUTH - ok

14:01:21.0012 5664 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

14:01:21.0043 5664 PerfHost - ok

14:01:21.0121 5664 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

14:01:21.0246 5664 pla - ok

14:01:21.0292 5664 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

14:01:21.0355 5664 PlugPlay - ok

14:01:21.0448 5664 [ 627fa58adc043704f9d14ca44340956f ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

14:01:21.0480 5664 PMBDeviceInfoProvider - ok

14:01:21.0511 5664 [ 8f1c23fef6667f123586f1f022fc2059 ] pnpnptool C:\Windows\system32\Drivers\pnpnptool.sys

14:01:21.0526 5664 pnpnptool - ok

14:01:21.0558 5664 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

14:01:21.0589 5664 PNRPAutoReg - ok

14:01:21.0620 5664 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

14:01:21.0636 5664 PNRPsvc - ok

14:01:21.0667 5664 [ 970528b300192f608bfc4f9ac3c18601 ] pnusbd C:\Windows\system32\Drivers\pnusbd.sys

14:01:21.0667 5664 pnusbd - ok

14:01:21.0698 5664 [ 0317bb3ea6590d48695acd45181d5da0 ] pnusbvirtualhubwssrv C:\Windows\system32\pnusbvirtualhubwssrv.exe

14:01:21.0729 5664 pnusbvirtualhubwssrv ( UnsignedFile.Multi.Generic ) - warning

14:01:21.0729 5664 pnusbvirtualhubwssrv - detected UnsignedFile.Multi.Generic (1)

14:01:21.0760 5664 [ 4f0878fd62d5f7444c5f1c4c66d9d293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys

14:01:21.0776 5664 Point64 - ok

14:01:21.0823 5664 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

14:01:21.0916 5664 PolicyAgent - ok

14:01:21.0948 5664 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

14:01:21.0994 5664 Power - ok

14:01:22.0026 5664 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

14:01:22.0088 5664 PptpMiniport - ok

14:01:22.0135 5664 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys

14:01:22.0166 5664 Processor - ok

14:01:22.0213 5664 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

14:01:22.0260 5664 ProfSvc - ok

14:01:22.0275 5664 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

14:01:22.0306 5664 ProtectedStorage - ok

14:01:22.0338 5664 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

14:01:22.0384 5664 Psched - ok

14:01:22.0416 5664 [ a6a7ad767bf5141665f5c675f671b3e1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

14:01:22.0431 5664 PSI_SVC_2 - ok

14:01:22.0462 5664 [ aed797cca02783296c68aa10d0cff8a9 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

14:01:22.0478 5664 PxHlpa64 - ok

14:01:22.0540 5664 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

14:01:22.0650 5664 ql2300 - ok

14:01:22.0665 5664 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

14:01:22.0681 5664 ql40xx - ok

14:01:22.0712 5664 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

14:01:22.0743 5664 QWAVE - ok

14:01:22.0774 5664 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

14:01:22.0806 5664 QWAVEdrv - ok

14:01:22.0821 5664 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

14:01:22.0868 5664 RasAcd - ok

14:01:22.0884 5664 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

14:01:22.0915 5664 RasAgileVpn - ok

14:01:22.0946 5664 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

14:01:22.0993 5664 RasAuto - ok

14:01:23.0024 5664 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

14:01:23.0071 5664 Rasl2tp - ok

14:01:23.0118 5664 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

14:01:23.0164 5664 RasMan - ok

14:01:23.0180 5664 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

14:01:23.0227 5664 RasPppoe - ok

14:01:23.0242 5664 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

14:01:23.0305 5664 RasSstp - ok

14:01:23.0336 5664 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

14:01:23.0398 5664 rdbss - ok

14:01:23.0414 5664 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

14:01:23.0445 5664 rdpbus - ok

14:01:23.0476 5664 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

14:01:23.0539 5664 RDPCDD - ok

14:01:23.0570 5664 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

14:01:23.0617 5664 RDPENCDD - ok

14:01:23.0648 5664 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

14:01:23.0679 5664 RDPREFMP - ok

14:01:23.0710 5664 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

14:01:23.0757 5664 RDPWD - ok

14:01:23.0788 5664 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

14:01:23.0804 5664 rdyboost - ok

14:01:23.0835 5664 [ 4d9afddda0efe97cdbfd3b5fa48b05f6 ] regi C:\Windows\system32\drivers\regi.sys

14:01:23.0851 5664 regi - ok

14:01:23.0882 5664 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

14:01:23.0944 5664 RemoteAccess - ok

14:01:23.0976 5664 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

14:01:24.0022 5664 RemoteRegistry - ok

14:01:24.0054 5664 [ 9c3ac71a9934b884fac567a8807e9c4d ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys

14:01:24.0054 5664 Revoflt - ok

14:01:24.0100 5664 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

14:01:24.0132 5664 RFCOMM - ok

14:01:24.0147 5664 [ 258aadb43e3f3468b5cf8cb0f84872c2 ] rimsptsk C:\Windows\system32\drivers\rimssn64.sys

14:01:24.0194 5664 rimsptsk - ok

14:01:24.0225 5664 [ 71e182a0de1cecb3f912960716345405 ] risdptsk C:\Windows\system32\drivers\risdsn64.sys

14:01:24.0288 5664 risdptsk - ok

14:01:24.0334 5664 [ d151224bc11078895a60fa970728ff59 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

14:01:24.0366 5664 Roxio UPnP Renderer 10 - ok

14:01:24.0381 5664 [ 5022a927944878bd750960bd21e751af ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe

14:01:24.0397 5664 Roxio Upnp Server 10 - ok

14:01:24.0428 5664 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

14:01:24.0475 5664 RpcEptMapper - ok

14:01:24.0506 5664 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

14:01:24.0537 5664 RpcLocator - ok

14:01:24.0584 5664 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll

14:01:24.0631 5664 RpcSs - ok

14:01:24.0662 5664 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

14:01:24.0724 5664 rspndr - ok

14:01:24.0787 5664 [ 01e6a1e53e39a0b1e2b6ae62bf52e8ec ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

14:01:24.0802 5664 RtkAudioService - ok

14:01:24.0818 5664 SABKUTIL - ok

14:01:24.0849 5664 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

14:01:24.0865 5664 SamSs - ok

14:01:24.0912 5664 [ 99df79c258b3342b6c8a5f802998de56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

14:01:24.0912 5664 SASDIFSV - ok

14:01:24.0927 5664 [ 2859c35c0651e8eb0d86d48e740388f2 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

14:01:24.0943 5664 SASKUTIL - ok

14:01:24.0974 5664 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

14:01:24.0990 5664 sbp2port - ok

14:01:25.0021 5664 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

14:01:25.0068 5664 SCardSvr - ok

14:01:25.0099 5664 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

14:01:25.0146 5664 scfilter - ok

14:01:25.0224 5664 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

14:01:25.0348 5664 Schedule - ok

14:01:25.0380 5664 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

14:01:25.0426 5664 SCPolicySvc - ok

14:01:25.0458 5664 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

14:01:25.0489 5664 sdbus - ok

14:01:25.0520 5664 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

14:01:25.0551 5664 SDRSVC - ok

14:01:25.0598 5664 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

14:01:25.0629 5664 secdrv - ok

14:01:25.0660 5664 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

14:01:25.0738 5664 seclogon - ok

14:01:25.0770 5664 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll

14:01:25.0832 5664 SENS - ok

14:01:25.0863 5664 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

14:01:25.0894 5664 SensrSvc - ok

14:01:25.0910 5664 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\drivers\serenum.sys

14:01:25.0941 5664 Serenum - ok

14:01:25.0972 5664 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\drivers\serial.sys

14:01:25.0988 5664 Serial - ok

14:01:26.0019 5664 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

14:01:26.0050 5664 sermouse - ok

14:01:26.0113 5664 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

14:01:26.0160 5664 SessionEnv - ok

14:01:26.0191 5664 [ 70f9c476b62de4f2823e918a6c181ade ] SFEP C:\Windows\system32\drivers\SFEP.sys

14:01:26.0222 5664 SFEP - ok

14:01:26.0253 5664 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

14:01:26.0300 5664 sffdisk - ok

14:01:26.0316 5664 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

14:01:26.0331 5664 sffp_mmc - ok

14:01:26.0347 5664 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

14:01:26.0362 5664 sffp_sd - ok

14:01:26.0394 5664 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

14:01:26.0425 5664 sfloppy - ok

14:01:26.0472 5664 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

14:01:26.0534 5664 SharedAccess - ok

14:01:26.0612 5664 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

14:01:26.0690 5664 ShellHWDetection - ok

14:01:26.0721 5664 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

14:01:26.0737 5664 SiSRaid2 - ok

14:01:26.0768 5664 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

14:01:26.0784 5664 SiSRaid4 - ok

14:01:26.0815 5664 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

14:01:26.0846 5664 Smb - ok

14:01:26.0893 5664 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

14:01:26.0908 5664 SNMPTRAP - ok

14:01:27.0002 5664 [ 98886c88a1cb13d61672ae2c638b7e1c ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

14:01:27.0018 5664 SOHCImp - ok

14:01:27.0064 5664 [ 442a13f395546f4564c377296d43b564 ] SOHDBSvr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

14:01:27.0080 5664 SOHDBSvr - ok

14:01:27.0127 5664 [ 556681be668d71dc162391a45422b52c ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

14:01:27.0142 5664 SOHDms - ok

14:01:27.0158 5664 [ 72b46103e4111439109acf5882627c24 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

14:01:27.0174 5664 SOHDs - ok

14:01:27.0205 5664 [ 725b6e9cd1959271ac993dc035e1606d ] SOHPlMgr C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

14:01:27.0220 5664 SOHPlMgr - ok

14:01:27.0236 5664 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

14:01:27.0252 5664 spldr - ok

14:01:27.0298 5664 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe

14:01:27.0361 5664 Spooler - ok

14:01:27.0486 5664 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

14:01:27.0673 5664 sppsvc - ok

14:01:27.0704 5664 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

14:01:27.0751 5664 sppuinotify - ok

14:01:27.0813 5664 [ a687b5b326afcfcf182c4931d1ff9771 ] SQLAgent$DDNI C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE

14:01:27.0844 5664 SQLAgent$DDNI - ok

14:01:27.0907 5664 [ b54b48f6d92423440c264e91225c5ff1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

14:01:27.0938 5664 SQLBrowser - ok

14:01:27.0985 5664 [ 6d65985945b03ca59b67d0b73702fc7b ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

14:01:28.0000 5664 SQLWriter - ok

14:01:28.0047 5664 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

14:01:28.0125 5664 srv - ok

14:01:28.0172 5664 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

14:01:28.0219 5664 srv2 - ok

14:01:28.0234 5664 [ 0c4540311e11664b245a263e1154cef8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

14:01:28.0266 5664 SrvHsfHDA - ok

14:01:28.0312 5664 [ 02071d207a9858fbe3a48cbfd59c4a04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

14:01:28.0422 5664 SrvHsfV92 - ok

14:01:28.0468 5664 [ 18e40c245dbfaf36fd0134a7ef2df396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

14:01:28.0531 5664 SrvHsfWinac - ok

14:01:28.0562 5664 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

14:01:28.0593 5664 srvnet - ok

14:01:28.0640 5664 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

14:01:28.0718 5664 SSDPSRV - ok

14:01:28.0734 5664 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

14:01:28.0780 5664 SstpSvc - ok

14:01:28.0796 5664 Steam Client Service - ok

14:01:28.0843 5664 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys

14:01:28.0858 5664 stexstor - ok

14:01:28.0890 5664 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

14:01:28.0936 5664 StillCam - ok

14:01:28.0983 5664 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

14:01:29.0077 5664 stisvc - ok

14:01:29.0108 5664 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

14:01:29.0124 5664 swenum - ok

14:01:29.0155 5664 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

14:01:29.0233 5664 swprv - ok

14:01:29.0311 5664 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

14:01:29.0420 5664 SysMain - ok

14:01:29.0467 5664 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

14:01:29.0514 5664 TabletInputService - ok

14:01:29.0545 5664 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

14:01:29.0607 5664 TapiSrv - ok

14:01:29.0654 5664 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

14:01:29.0685 5664 TBS - ok

14:01:29.0763 5664 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

14:01:29.0872 5664 Tcpip - ok

14:01:29.0919 5664 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

14:01:29.0966 5664 TCPIP6 - ok

14:01:30.0013 5664 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

14:01:30.0075 5664 tcpipreg - ok

14:01:30.0106 5664 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

14:01:30.0153 5664 TDPIPE - ok

14:01:30.0184 5664 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

14:01:30.0200 5664 TDTCP - ok

14:01:30.0247 5664 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

14:01:30.0278 5664 tdx - ok

14:01:30.0340 5664 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

14:01:30.0372 5664 TermDD - ok

14:01:30.0418 5664 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

14:01:30.0543 5664 TermService - ok

14:01:30.0590 5664 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

14:01:30.0637 5664 Themes - ok

14:01:30.0668 5664 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

14:01:30.0730 5664 THREADORDER - ok

14:01:30.0746 5664 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

14:01:30.0808 5664 TrkWks - ok

14:01:30.0871 5664 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

14:01:30.0918 5664 TrustedInstaller - ok

14:01:30.0964 5664 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

14:01:31.0027 5664 tssecsrv - ok

14:01:31.0058 5664 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

14:01:31.0089 5664 TsUsbFlt - ok

14:01:31.0120 5664 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

14:01:31.0167 5664 tunnel - ok

14:01:31.0198 5664 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

14:01:31.0214 5664 uagp35 - ok

14:01:31.0276 5664 [ 63f6d08c54d5b3c1b12a6172032055c7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

14:01:31.0292 5664 uCamMonitor - ok

14:01:31.0339 5664 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

14:01:31.0386 5664 udfs - ok

14:01:31.0432 5664 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

14:01:31.0448 5664 UI0Detect - ok

14:01:31.0479 5664 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

14:01:31.0495 5664 uliagpkx - ok

14:01:31.0526 5664 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys

14:01:31.0588 5664 umbus - ok

14:01:31.0620 5664 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys

14:01:31.0666 5664 UmPass - ok

14:01:31.0713 5664 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

14:01:31.0760 5664 upnphost - ok

14:01:31.0791 5664 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

14:01:31.0838 5664 usbccgp - ok

14:01:31.0869 5664 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

14:01:31.0885 5664 usbcir - ok

14:01:31.0916 5664 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

14:01:31.0932 5664 usbehci - ok

14:01:31.0978 5664 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

14:01:32.0010 5664 usbhub - ok

14:01:32.0041 5664 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\drivers\usbohci.sys

14:01:32.0056 5664 usbohci - ok

14:01:32.0088 5664 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\drivers\usbprint.sys

14:01:32.0119 5664 usbprint - ok

14:01:32.0150 5664 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:01:32.0181 5664 USBSTOR - ok

14:01:32.0212 5664 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

14:01:32.0244 5664 usbuhci - ok

14:01:32.0290 5664 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

14:01:32.0322 5664 usbvideo - ok

14:01:32.0353 5664 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

14:01:32.0400 5664 UxSms - ok

14:01:32.0478 5664 [ 4e7135d6d0127067e4cfee12259f895d ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

14:01:32.0493 5664 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning

14:01:32.0493 5664 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)

14:01:32.0571 5664 [ 6b31c9cb94927dbeeb62e15275f4cc54 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

14:01:32.0587 5664 VAIO Event Service - ok

14:01:32.0680 5664 [ b8c9a7010afd5cbbe194cb9ef7c4fd14 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

14:01:32.0712 5664 VAIO Power Management - ok

14:01:32.0727 5664 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

14:01:32.0743 5664 VaultSvc - ok

14:01:32.0868 5664 [ 6a740f5ff3246c3be3dd317299efc88e ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

14:01:32.0899 5664 VCFw - ok

14:01:32.0977 5664 [ fd03ac6cd1571aa8b2ff56d3c600e26e ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

14:01:32.0992 5664 VcmIAlzMgr - ok

14:01:33.0055 5664 [ 9d9b34b430b4dc683112f59c80d20ab8 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

14:01:33.0086 5664 VcmINSMgr - ok

14:01:33.0133 5664 [ dfe10c68ef4684f7754fcca39a4cc6ba ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

14:01:33.0148 5664 VcmXmlIfHelper - ok

14:01:33.0195 5664 [ d347d3abe070aa09c22fc37121555d52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe

14:01:33.0211 5664 VCService - ok

14:01:33.0242 5664 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

14:01:33.0258 5664 vdrvroot - ok

14:01:33.0304 5664 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

14:01:33.0367 5664 vds - ok

14:01:33.0398 5664 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

14:01:33.0414 5664 vga - ok

14:01:33.0429 5664 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

14:01:33.0476 5664 VgaSave - ok

14:01:33.0523 5664 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

14:01:33.0554 5664 vhdmp - ok

14:01:33.0585 5664 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

14:01:33.0601 5664 viaide - ok

14:01:33.0648 5664 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

14:01:33.0679 5664 volmgr - ok

14:01:33.0710 5664 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

14:01:33.0726 5664 volmgrx - ok

14:01:33.0757 5664 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

14:01:33.0772 5664 volsnap - ok

14:01:33.0819 5664 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

14:01:33.0835 5664 vsmraid - ok

14:01:33.0897 5664 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

14:01:34.0038 5664 VSS - ok

14:01:34.0116 5664 [ fb4a1695d2d74f9c92ca5e84795cdbe1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

14:01:34.0162 5664 VUAgent - ok

14:01:34.0194 5664 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

14:01:34.0240 5664 vwifibus - ok

14:01:34.0272 5664 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

14:01:34.0303 5664 vwififlt - ok

14:01:34.0334 5664 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

14:01:34.0350 5664 vwifimp - ok

14:01:34.0396 5664 [ d8bef4ac1eac809dbdbd441d6cff6c4c ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

14:01:34.0428 5664 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning

14:01:34.0428 5664 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)

14:01:34.0490 5664 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

14:01:34.0568 5664 W32Time - ok

14:01:34.0599 5664 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys

14:01:34.0630 5664 WacomPen - ok

14:01:34.0724 5664 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

14:01:34.0786 5664 WANARP - ok

14:01:34.0802 5664 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

14:01:34.0833 5664 Wanarpv6 - ok

14:01:34.0911 5664 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

14:01:34.0989 5664 WatAdminSvc - ok

14:01:35.0052 5664 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

14:01:35.0145 5664 wbengine - ok

14:01:35.0176 5664 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

14:01:35.0208 5664 WbioSrvc - ok

14:01:35.0239 5664 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

14:01:35.0301 5664 wcncsvc - ok

14:01:35.0317 5664 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

14:01:35.0348 5664 WcsPlugInService - ok

14:01:35.0364 5664 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys

14:01:35.0379 5664 Wd - ok

14:01:35.0410 5664 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

14:01:35.0457 5664 Wdf01000 - ok

14:01:35.0473 5664 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

14:01:35.0504 5664 WdiServiceHost - ok

14:01:35.0520 5664 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

14:01:35.0535 5664 WdiSystemHost - ok

14:01:35.0582 5664 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

14:01:35.0613 5664 WebClient - ok

14:01:35.0644 5664 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

14:01:35.0707 5664 Wecsvc - ok

14:01:35.0738 5664 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

14:01:35.0785 5664 wercplsupport - ok

14:01:35.0800 5664 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

14:01:35.0863 5664 WerSvc - ok

14:01:35.0878 5664 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

14:01:35.0925 5664 WfpLwf - ok

14:01:35.0956 5664 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

14:01:35.0972 5664 WIMMount - ok

14:01:36.0003 5664 WinDefend - ok

14:01:36.0019 5664 WinHttpAutoProxySvc - ok

14:01:36.0081 5664 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

14:01:36.0144 5664 Winmgmt - ok

14:01:36.0237 5664 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

14:01:36.0378 5664 WinRM - ok

14:01:36.0456 5664 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

14:01:36.0565 5664 Wlansvc - ok

14:01:36.0690 5664 [ 98f138897ef4246381d197cb81846d62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:01:36.0736 5664 wlidsvc - ok

14:01:36.0783 5664 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

14:01:36.0830 5664 WmiAcpi - ok

14:01:36.0877 5664 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

14:01:36.0924 5664 wmiApSrv - ok

14:01:36.0955 5664 WMPNetworkSvc - ok

14:01:36.0986 5664 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

14:01:37.0002 5664 WPCSvc - ok

14:01:37.0033 5664 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

14:01:37.0064 5664 WPDBusEnum - ok

14:01:37.0095 5664 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

14:01:37.0126 5664 ws2ifsl - ok

14:01:37.0158 5664 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll

14:01:37.0189 5664 wscsvc - ok

14:01:37.0204 5664 WSearch - ok

14:01:37.0314 5664 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

14:01:37.0438 5664 wuauserv - ok

14:01:37.0470 5664 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

14:01:37.0516 5664 WudfPf - ok

14:01:37.0548 5664 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

14:01:37.0626 5664 WUDFRd - ok

14:01:37.0657 5664 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

14:01:37.0688 5664 wudfsvc - ok

14:01:37.0735 5664 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

14:01:37.0782 5664 WwanSvc - ok

14:01:37.0828 5664 [ 6affd75c6807b3dd3ab018e27b88ef95 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

14:01:37.0906 5664 yukonw7 - ok

14:01:37.0938 5664 ================ Scan global ===============================

14:01:38.0000 5664 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

14:01:38.0047 5664 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

14:01:38.0078 5664 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

14:01:38.0109 5664 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

14:01:38.0156 5664 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

14:01:38.0156 5664 [Global] - ok

14:01:38.0156 5664 ================ Scan MBR ==================================

14:01:38.0172 5664 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

14:01:38.0530 5664 \Device\Harddisk0\DR0 - ok

14:01:38.0530 5664 ================ Scan VBR ==================================

14:01:38.0546 5664 Boot (0x1200) (631932ff26a83dda42366d6ab2084517) \Device\Harddisk0\DR0\Partition1

14:01:38.0546 5664 \Device\Harddisk0\DR0\Partition1 - ok

14:01:38.0577 5664 Boot (0x1200) (1eb86ea66713a00d3a82360972bb03e9) \Device\Harddisk0\DR0\Partition2

14:01:38.0577 5664 \Device\Harddisk0\DR0\Partition2 - ok

14:01:38.0577 5664 ============================================================

14:01:38.0577 5664 Scan finished

14:01:38.0577 5664 ============================================================

14:01:38.0593 4212 Detected object count: 4

14:01:38.0593 4212 Actual detected object count: 4

14:04:51.0716 4212 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:04:51.0716 4212 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:04:51.0716 4212 pnusbvirtualhubwssrv ( UnsignedFile.Multi.Generic ) - skipped by user

14:04:51.0716 4212 pnusbvirtualhubwssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:04:51.0716 4212 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:04:51.0716 4212 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

14:04:51.0716 4212 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user

14:04:51.0716 4212 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

[MrCharlie]

That scan was clean.......

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[tqh]

Alright, seemed to run fine. Here you go...

ComboFix 12-08-14.03 - iop 08/14/2012 14:30:17.4.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3935.2435 [GMT -5:00]

Running from: c:\users\iop\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-07-14 to 2012-08-14 )))))))))))))))))))))))))))))))

.

.

2012-08-13 20:41 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-08-13 20:41 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-08-08 19:09 . 2012-08-08 19:11 -------- d-----w- c:\users\akdfjdsle

2012-07-30 20:30 . 2012-07-30 20:30 -------- d-----w- c:\users\iop\AppData\Roaming\TeamViewer

2012-07-28 01:58 . 2012-07-28 01:58 -------- d-----w- c:\users\JH\AppData\Local\Macromedia

2012-07-25 08:49 . 2012-07-25 08:49 -------- d-----w- c:\users\JH\AppData\Local\Adobe

2012-07-23 02:02 . 2012-07-30 19:31 -------- d-----w- C:\Dissertation Self-Efficacy

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-30 22:20 . 2012-04-06 04:12 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-30 22:20 . 2011-08-12 05:07 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-11 08:04 . 2010-03-23 09:19 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-07-03 18:46 . 2010-05-26 14:15 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-03 16:21 . 2012-02-24 18:23 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2012-07-03 16:21 . 2011-07-16 04:35 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-07-03 16:21 . 2011-07-16 04:34 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-07-03 16:21 . 2011-07-16 04:34 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-07-03 16:21 . 2011-07-16 04:34 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2012-07-03 16:21 . 2011-07-16 04:35 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-07-03 16:21 . 2011-07-16 04:34 41224 ----a-w- c:\windows\avastSS.scr

2012-07-03 16:21 . 2011-07-16 04:34 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe

2012-07-03 16:21 . 2011-07-16 04:34 285328 ----a-w- c:\windows\system32\aswBoot.exe

2012-06-19 02:53 . 2011-02-05 01:39 848 ----a-w- c:\windows\wininit.tmp

2012-06-19 01:54 . 2012-06-19 01:53 18768 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS

2012-06-18 21:22 . 2012-06-18 21:22 268720 ----a-w- c:\windows\system32\javaws.exe

2012-06-18 21:22 . 2012-06-18 21:22 189360 ----a-w- c:\windows\system32\javaw.exe

2012-06-18 21:22 . 2012-06-18 21:22 188840 ----a-w- c:\windows\system32\java.exe

2012-06-18 21:22 . 2012-06-18 21:22 955840 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-06-18 21:22 . 2011-03-17 04:48 839096 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-18 21:21 . 2012-06-11 01:12 772592 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2012-06-18 21:21 . 2010-04-17 02:04 687600 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-06-12 03:08 . 2012-07-11 08:08 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-06-09 05:43 . 2012-07-10 22:46 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-10 22:46 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-10 22:46 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-10 22:46 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-10 22:46 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-10 22:46 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-10 22:46 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-21 16:48 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 16:48 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 16:48 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 16:48 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 16:48 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 16:48 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 16:48 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 20:19 . 2012-06-21 16:48 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 20:15 . 2012-06-21 16:48 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 12:49 . 2012-07-11 08:02 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:17 . 2012-07-11 08:02 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:12 . 2012-07-11 08:02 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-11 08:02 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-11 08:02 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-11 08:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-11 08:02 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-11 08:02 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-11 08:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-11 08:02 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-11 08:02 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-11 08:03 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-11 08:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-11 08:02 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-11 08:02 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-11 08:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-11 08:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-11 08:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-11 08:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 05:50 . 2012-07-10 22:46 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-10 22:46 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:48 . 2012-07-10 22:46 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:45 . 2012-07-10 22:46 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-10 22:46 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-10 22:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-10 22:46 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-10 22:46 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-10 22:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-10-05 80384]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"pnusbclitray"="pnusbclitray.exe" [2010-12-09 67560]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg&inst=NzctNjE0MDg2MzM2LUZQOSs2LUJBUjlHKzEtVEI5KzItRkwrOS1GMTBNKzUtUUlYMSs0LVgyMDEwKzItRjEwTTEwRCsxLUxJQys3Ny1GTDEwKzEtU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtVFVHKzMtRERUKzA∏=90&ver=10.0.1390" [?]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-11-05 02:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R1 SABKUTIL;SABKUTIL;C:\SASKUTIL.SYS [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-10-21 35104]

R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]

R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-16 120104]

R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-16 70952]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-16 427304]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-16 75048]

R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-16 91432]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-02 361840]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-09-09 110960]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-29 1255736]

R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]

R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

S2 pnpnptool;Quest RDP PnP Driver;c:\windows\system32\Drivers\pnpnptool.sys [2011-07-11 52040]

S2 pnusbvirtualhubwssrv;Quest USB Hub Client Service;c:\windows\system32\pnusbvirtualhubwssrv.exe [2011-07-11 477000]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-09-17 189984]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-15 642416]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-10-22 139264]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 pnusbd;Quest RDP USB Driver;c:\windows\system32\Drivers\pnusbd.sys [2011-07-11 37320]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]

S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-19 571248]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-07-31 393216]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 78466606

*Deregistered* - 78466606

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-22 165912]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-22 387608]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-22 365592]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-17 7938080]

"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-09-17 1833504]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

.

------- Supplementary Scan -------

.

uStart Page = about:blank

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

uInternet Settings,ProxyOverride = *.local

IE: Add to &Evernote - c:\program files (x86)\Evernote\Evernote3.5\enbar.dll/2000

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

Trusted Zone: tamu.edu\voal

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\iop\AppData\Roaming\Mozilla\Firefox\Profiles\6oc1p2vb.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbb85fe&v=6.103.018.001&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-08-14 14:39:29

ComboFix-quarantined-files.txt 2012-08-14 19:39

.

Pre-Run: 238,174,134,272 bytes free

Post-Run: 237,871,853,568 bytes free

.

- - End Of File - - 3E6CCF7F9331DD9AD9607F07E41A2B96

[MrCharlie]

It looks OK........

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

[tqh]

Great MrC. The computer is behaving fine. What prompted me to post about this computer was because I was hoping to make sure that the same backdoor trojan(s) that have infected my Desktop have not also infected my laptop. These computers are on the same network and I frequently move files from one computer to the other using external drives (EHDD, etc.). Dr.Web-CureIt detected remnants of a backdoor or the actual backdoor (not really sure) on the Desk comp. I didn't want to run it without any guidance on this system. Not sure if that makes sense or not.

I performed a quick scan. I checked all boxes under the "Settings" tab.

MBAM log:

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.14.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

iop :: FLOYD00 [administrator]

8/14/2012 3:03:32 PM

mbam-log-2012-08-14 (15-03-32).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 276522

Time elapsed: 3 minute(s), 2 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[MrCharlie]

Great

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassociates.com/OT-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, etc....

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[tqh]

Thanks MrC. That was quick. Everything looks good? Should I stop worrying about backdoor trojans? What is the safest way to move files from the computer that had the trojan(s) to this computer? I'm strongly considering reformatting the other computer and want to safely move files off of it.

[MrCharlie]

That was quick. Everything looks good?

Yes

Should I stop worrying about backdoor trojans?

Yes

What is the safest way to move files from the computer that had the trojan(s) to this computer?

USB flash drive > get protected first:

http://research.pand...utoRun-Vaccine/

I'm strongly considering reformatting the other computer and want to safely move files off of it.

OK, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!