Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
police ukash virus on vista laptop
Options
-
02-12-2012 4:21pm#1Hi Guys
I'm looking for some help as I'm having problems after being hit with the police ukash virus.
I've a Sony Vaio running Vista Home Premium 32-bit SP2.
I've tried following various online advice but I've still got problems.
When I try to start normally, I get a startup repair window saying, 'repairing disk errors'. Then a normal desktop opens, but if I try to use Internet Explorer, I get a small orange box saying 'MS Windows not responding', and the keyboard is frozen. The only thing I can do is hit the power button to turn the laptop off.
At the moment, I have the laptop started in 'safe mode with networking'.
I can open 'internet explorer' browser & go from site to site, but I can not do a download.( I tried to download 'kaspersky').
I've seen the boards.ie sticky msg saying to get 'erunt' from aumha.org, but the description says not for vista, so I did not try to download it.
Any help on what to do is very much appreciated and many many thanks.0
Comments
-
can you download combofix onto a usb key from another pc and run it from your usb key on the infected pc ?
http://www.bleepingcomputer.com/download/combofix/0 -
Thanks ASJ
Do you want me to run combofix from the infected pc in 'safe mode with networking' ??0 -
yes please, it should give you a log, post that here too0
-
combofix has detected the following realtime scanners to be active..
avg anti-virus free edition 2012..
pls disable before clicking 'ok'..
When i run the avg desktop icon, it opens avg command line composer..
What's the best way to disable avg ??0 -
I opened windows manager..
On the 'services' tab I see AVG watchdog & AVG IDS Agent,
Both services are already stopped.0 -
Advertisement
-
can you ignore the warning and click OK, combofix should run then0
-
How do I disable avg before clicking 'ok' to run combofix??
thanks.0 -
-
ComboFix 12-12-01.02 - Amanda 02/12/2012 16:46:48.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.2938.2180 [GMT 0:00]
Running from: F:\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\122
c:\programdata\122\{B120A751-6189-4CFB-A20D-F9C5A8D56D9A}.swf
c:\users\Amanda\AppData\Local\{D7302823-F385-452B-8FF1-783F01F140A2}
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((((( Files Created from 2012-11-02 to 2012-12-02 )))))))))))))))))))))))))))))))
.
.
2012-12-02 16:53 . 2012-12-02 16:53
d
w- c:\users\Amanda\AppData\Local\temp
2012-12-02 16:53 . 2012-12-02 16:53
d
w- c:\users\Default\AppData\Local\temp
2012-12-02 13:43 . 2012-12-02 13:43
d
w- C:\found.001
2012-12-01 21:16 . 2012-12-01 21:16
d
w- C:\found.000
2012-11-29 21:39 . 2012-10-08 07:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-29 21:39 . 2012-10-08 08:37 140960 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-11-29 21:39 . 2012-10-08 07:45 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-11-29 21:39 . 2012-10-08 07:43 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-29 20:33 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-29 20:31 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-29 20:13 . 2012-09-24 23:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-11 19:11 . 2012-11-12 21:30 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-11-10 13:28 . 2012-11-10 17:55
d
w- c:\programdata\HitmanPro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-30 21:29 . 2012-04-03 12:25 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-30 21:29 . 2011-06-25 10:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-24 18:20 . 2011-12-19 21:45 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-24 18:20 . 2010-05-09 13:46 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-13 13:28 . 2012-10-10 08:30 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-11-06 270336]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-22 150040]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-22 145944]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-27 30192]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-22 170520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-11-06 02:32 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Skype"="c:\program files\Skype\Phone\Skype.exe" /minimized /regrun
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Skytel"=c:\windows\Skytel.exe
"RtHDVCpl"=c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 21:29]
.
2012-08-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1562115350-1141212535-3118800956-1003Core1cd8078a1ab8544.job
- c:\users\Amanda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-02 15:12]
.
2012-10-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1562115350-1141212535-3118800956-1003UA.job
- c:\users\Amanda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-02 15:12]
.
.
Supplementary Scan
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-02 16:53
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
LOCKED REGISTRY KEYS
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-12-02 16:55:43
ComboFix-quarantined-files.txt 2012-12-02 16:55
.
Pre-Run: 187,301,109,760 bytes free
Post-Run: 187,237,208,064 bytes free
.
- - End Of File - - 401EC5547DA1A8D3498670626FED97440 -
not seeing much, do you have any logs from MBAM/malwarebytes ? They are in the Logs tab in the program
also do this
download and run TDSSKiller
http://www.bleepingcomputer.com/download/tdsskiller/
and ASWMbr
http://www.bleepingcomputer.com/download/aswmbr/
post the logs from them too.0 -
Advertisement
-
tdsskiller log & swmbr log to follow.
No mbam logs I'm afraid.
I do have a HitMAnPro log which I'll put up.0 -
19:22:05.0021 1600 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:22:05.0302 1600 ============================================================
19:22:05.0302 1600 Current date / time: 2012/12/02 19:22:05.0302
19:22:05.0302 1600 SystemInfo:
19:22:05.0302 1600
19:22:05.0302 1600 OS Version: 6.0.6002 ServicePack: 2.0
19:22:05.0302 1600 Product type: Workstation
19:22:05.0302 1600 ComputerName: AMANDA-PC1
19:22:05.0302 1600 UserName: Amanda
19:22:05.0302 1600 Windows directory: C:\Windows
19:22:05.0302 1600 System windows directory: C:\Windows
19:22:05.0302 1600 Processor architecture: Intel x86
19:22:05.0302 1600 Number of processors: 2
19:22:05.0302 1600 Page size: 0x1000
19:22:05.0302 1600 Boot type: Safe boot with network
19:22:05.0302 1600 ============================================================
19:22:05.0692 1600 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:22:05.0692 1600 Drive \Device\Harddisk3\DR6 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:22:05.0692 1600 ============================================================
19:22:05.0692 1600 \Device\Harddisk0\DR0:
19:22:05.0692 1600 MBR partitions:
19:22:05.0692 1600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x132F800, BlocksNum 0x1BE95970
19:22:05.0692 1600 \Device\Harddisk3\DR6:
19:22:05.0692 1600 MBR partitions:
19:22:05.0692 1600 \Device\Harddisk3\DR6\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3BBFE0
19:22:05.0692 1600 ============================================================
19:22:05.0739 1600 C: <-> \Device\Harddisk0\DR0\Partition1
19:22:05.0739 1600 ============================================================
19:22:05.0739 1600 Initialize success
19:22:05.0739 1600 ============================================================
19:22:14.0568 1500 ============================================================
19:22:14.0568 1500 Scan started
19:22:14.0568 1500 Mode: Manual;
19:22:14.0568 1500 ============================================================
19:22:14.0802 1500 ================ Scan system memory ========================
19:22:14.0802 1500 System memory - ok
19:22:14.0802 1500 ================ Scan services =============================
19:22:14.0974 1500 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:22:14.0974 1500 ACDaemon - ok
19:22:15.0208 1500 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:22:15.0208 1500 ACPI - ok
19:22:15.0301 1500 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:22:15.0301 1500 AdobeARMservice - ok
19:22:15.0379 1500 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:22:15.0379 1500 AdobeFlashPlayerUpdateSvc - ok
19:22:15.0473 1500 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:22:15.0473 1500 adp94xx - ok
19:22:15.0504 1500 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:22:15.0504 1500 adpahci - ok
19:22:15.0535 1500 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:22:15.0551 1500 adpu160m - ok
19:22:15.0582 1500 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:22:15.0582 1500 adpu320 - ok
19:22:15.0660 1500 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:22:15.0660 1500 AeLookupSvc - ok
19:22:15.0723 1500 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:22:15.0723 1500 AFD - ok
19:22:15.0769 1500 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:22:15.0769 1500 agp440 - ok
19:22:15.0801 1500 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:22:15.0801 1500 aic78xx - ok
19:22:15.0832 1500 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:22:15.0832 1500 ALG - ok
19:22:15.0847 1500 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:22:15.0847 1500 aliide - ok
19:22:15.0879 1500 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:22:15.0879 1500 amdagp - ok
19:22:15.0894 1500 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:22:15.0894 1500 amdide - ok
19:22:15.0925 1500 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:22:15.0925 1500 AmdK7 - ok
19:22:15.0957 1500 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:22:15.0957 1500 AmdK8 - ok
19:22:16.0003 1500 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:22:16.0003 1500 Appinfo - ok
19:22:16.0066 1500 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:22:16.0066 1500 Apple Mobile Device - ok
19:22:16.0113 1500 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:22:16.0113 1500 arc - ok
19:22:16.0175 1500 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:22:16.0175 1500 arcsas - ok
19:22:16.0206 1500 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:22:16.0206 1500 ArcSoftKsUFilter - ok
19:22:16.0222 1500 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:22:16.0222 1500 AsyncMac - ok
19:22:16.0237 1500 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
19:22:16.0237 1500 atapi - ok
19:22:16.0300 1500 [ 600EFE56F37ADBD65A0FB076B50D1B8D ] athr C:\Windows\system32\DRIVERS\athr.sys
19:22:16.0315 1500 athr - ok
19:22:16.0471 1500 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:22:16.0487 1500 atikmdag - ok
19:22:16.0534 1500 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:22:16.0534 1500 AudioEndpointBuilder - ok
19:22:16.0549 1500 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:22:16.0549 1500 Audiosrv - ok
19:22:16.0768 1500 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
19:22:16.0799 1500 AVGIDSAgent - ok
19:22:16.0861 1500 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:22:16.0861 1500 AVGIDSDriver - ok
19:22:16.0877 1500 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
19:22:16.0877 1500 AVGIDSFilter - ok
19:22:16.0924 1500 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
19:22:16.0924 1500 AVGIDSHX - ok
19:22:16.0971 1500 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:22:16.0971 1500 AVGIDSShim - ok
19:22:17.0017 1500 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:22:17.0017 1500 Avgldx86 - ok
19:22:17.0064 1500 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:22:17.0064 1500 Avgmfx86 - ok
19:22:17.0095 1500 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:22:17.0095 1500 Avgrkx86 - ok
19:22:17.0127 1500 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:22:17.0127 1500 Avgtdix - ok
19:22:17.0158 1500 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
19:22:17.0173 1500 avgwd - ok
19:22:17.0236 1500 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:22:17.0236 1500 BcmSqlStartupSvc - ok
19:22:17.0267 1500 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:22:17.0267 1500 Beep - ok
19:22:17.0314 1500 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:22:17.0314 1500 BFE - ok
19:22:17.0376 1500 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
19:22:17.0392 1500 BITS - ok
19:22:17.0407 1500 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:22:17.0407 1500 blbdrive - ok
19:22:17.0548 1500 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:22:17.0548 1500 Bonjour Service - ok
19:22:17.0579 1500 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:22:17.0579 1500 bowser - ok
19:22:17.0626 1500 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:22:17.0626 1500 BrFiltLo - ok
19:22:17.0641 1500 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:22:17.0641 1500 BrFiltUp - ok
19:22:17.0673 1500 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:22:17.0673 1500 Browser - ok
19:22:17.0704 1500 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:22:17.0704 1500 Brserid - ok
19:22:17.0719 1500 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:22:17.0735 1500 BrSerWdm - ok
19:22:17.0751 1500 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:22:17.0751 1500 BrUsbMdm - ok
19:22:17.0751 1500 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:22:17.0751 1500 BrUsbSer - ok
19:22:17.0797 1500 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:22:17.0797 1500 BthEnum - ok
19:22:17.0844 1500 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:22:17.0844 1500 BTHMODEM - ok
19:22:17.0875 1500 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:22:17.0875 1500 BthPan - ok
19:22:17.0938 1500 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:22:17.0938 1500 BTHPORT - ok
19:22:17.0985 1500 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:22:17.0985 1500 BthServ - ok
19:22:18.0000 1500 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:22:18.0000 1500 BTHUSB - ok
19:22:18.0094 1500 catchme - ok
19:22:18.0141 1500 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:22:18.0141 1500 cdfs - ok
19:22:18.0172 1500 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:22:18.0172 1500 cdrom - ok
19:22:18.0219 1500 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:22:18.0219 1500 CertPropSvc - ok
19:22:18.0234 1500 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:22:18.0234 1500 circlass - ok
19:22:18.0265 1500 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:22:18.0281 1500 CLFS - ok
19:22:18.0343 1500 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:22:18.0343 1500 clr_optimization_v2.0.50727_32 - ok
19:22:18.0406 1500 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:22:18.0406 1500 clr_optimization_v4.0.30319_32 - ok
19:22:18.0453 1500 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:22:18.0453 1500 CmBatt - ok
19:22:18.0468 1500 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:22:18.0468 1500 cmdide - ok
19:22:18.0499 1500 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:22:18.0499 1500 Compbatt - ok
19:22:18.0499 1500 COMSysApp - ok
19:22:18.0515 1500 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:22:18.0531 1500 crcdisk - ok
19:22:18.0562 1500 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:22:18.0562 1500 Crusoe - ok
19:22:18.0609 1500 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:22:18.0609 1500 CryptSvc - ok
19:22:18.0687 1500 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:22:18.0687 1500 DcomLaunch - ok
19:22:18.0733 1500 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:22:18.0733 1500 DfsC - ok
19:22:18.0827 1500 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:22:18.0843 1500 DFSR - ok
19:22:18.0889 1500 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:22:18.0889 1500 Dhcp - ok
19:22:18.0921 1500 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:22:18.0921 1500 disk - ok
19:22:18.0983 1500 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
19:22:18.0983 1500 DMICall - ok
19:22:19.0014 1500 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:22:19.0014 1500 Dnscache - ok
19:22:19.0061 1500 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:22:19.0061 1500 dot3svc - ok
19:22:19.0123 1500 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:22:19.0123 1500 Dot4 - ok
19:22:19.0139 1500 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:22:19.0139 1500 Dot4Print - ok
19:22:19.0170 1500 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:22:19.0170 1500 dot4usb - ok
19:22:19.0186 1500 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:22:19.0186 1500 DPS - ok
19:22:19.0217 1500 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:22:19.0217 1500 drmkaud - ok
19:22:19.0264 1500 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:22:19.0279 1500 DXGKrnl - ok
19:22:19.0311 1500 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:22:19.0311 1500 E1G60 - ok
19:22:19.0342 1500 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:22:19.0342 1500 EapHost - ok
19:22:19.0373 1500 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:22:19.0373 1500 Ecache - ok
19:22:19.0451 1500 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:22:19.0451 1500 ehRecvr - ok
19:22:19.0467 1500 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:22:19.0467 1500 ehSched - ok
19:22:19.0482 1500 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:22:19.0482 1500 ehstart - ok
19:22:19.0545 1500 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:22:19.0545 1500 elxstor - ok
19:22:19.0607 1500 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:22:19.0607 1500 EMDMgmt - ok
19:22:19.0654 1500 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:22:19.0654 1500 ErrDev - ok
19:22:19.0685 1500 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:22:19.0685 1500 EventSystem - ok
19:22:19.0747 1500 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:22:19.0747 1500 exfat - ok
19:22:19.0794 1500 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:22:19.0794 1500 fastfat - ok
19:22:19.0825 1500 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:22:19.0825 1500 fdc - ok
19:22:19.0857 1500 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:22:19.0872 1500 fdPHost - ok
19:22:19.0888 1500 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:22:19.0888 1500 FDResPub - ok
19:22:19.0919 1500 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:22:19.0919 1500 FileInfo - ok
19:22:19.0935 1500 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:22:19.0935 1500 Filetrace - ok
19:22:19.0966 1500 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:22:19.0966 1500 flpydisk - ok
19:22:19.0997 1500 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:22:19.0997 1500 FltMgr - ok
19:22:20.0091 1500 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:22:20.0091 1500 FontCache - ok
19:22:20.0153 1500 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:22:20.0153 1500 FontCache3.0.0.0 - ok
19:22:20.0184 1500 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:22:20.0184 1500 Fs_Rec - ok
19:22:20.0215 1500 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:22:20.0215 1500 gagp30kx - ok
19:22:20.0278 1500 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:22:20.0278 1500 GEARAspiWDM - ok
19:22:20.0309 1500 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
19:22:20.0309 1500 giveio - ok
19:22:20.0371 1500 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:22:20.0371 1500 GoogleDesktopManager-051210-111108 - ok
19:22:20.0418 1500 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:22:20.0418 1500 gpsvc - ok
19:22:20.0481 1500 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:22:20.0481 1500 HdAudAddService - ok
19:22:20.0527 1500 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:22:20.0543 1500 HDAudBus - ok
19:22:20.0559 1500 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:22:20.0559 1500 HidBth - ok
19:22:20.0574 1500 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:22:20.0574 1500 HidIr - ok
19:22:20.0605 1500 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
19:22:20.0605 1500 hidserv - ok
19:22:20.0637 1500 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:22:20.0637 1500 HidUsb - ok
19:22:20.0668 1500 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:22:20.0668 1500 hkmsvc - ok
19:22:20.0683 1500 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:22:20.0699 1500 HpCISSs - ok
19:22:20.0777 1500 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:22:20.0777 1500 hpqcxs08 - ok
19:22:20.0793 1500 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:22:20.0808 1500 hpqddsvc - ok
19:22:20.0839 1500 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:22:20.0839 1500 HSFHWAZL - ok
19:22:20.0902 1500 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:22:20.0902 1500 HSF_DPV - ok
19:22:20.0933 1500 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:22:20.0933 1500 HSXHWAZL - ok
19:22:20.0964 1500 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:22:20.0980 1500 HTTP - ok
19:22:21.0011 1500 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:22:21.0011 1500 i2omp - ok
19:22:21.0042 1500 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:22:21.0042 1500 i8042prt - ok
19:22:21.0089 1500 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:22:21.0089 1500 iaStor - ok
19:22:21.0120 1500 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:22:21.0120 1500 iaStorV - ok
19:22:21.0198 1500 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:22:21.0198 1500 idsvc - ok
19:22:21.0292 1500 [ CE5FF5D5E3F4CA974E36DC24C15474D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:22:21.0307 1500 igfx - ok
19:22:21.0339 1500 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:22:21.0339 1500 iirsp - ok
19:22:21.0370 1500 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:22:21.0370 1500 IKEEXT - ok
19:22:21.0495 1500 [ 4A0F260DF9A5333C07F4AB40CA9D4F4B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:22:21.0510 1500 IntcAzAudAddService - ok
19:22:21.0526 1500 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:22:21.0541 1500 intelide - ok
19:22:21.0573 1500 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:22:21.0573 1500 intelppm - ok
19:22:21.0604 1500 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:22:21.0604 1500 IPBusEnum - ok
19:22:21.0635 1500 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:22:21.0635 1500 IpFilterDriver - ok
19:22:21.0682 1500 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:22:21.0682 1500 iphlpsvc - ok
19:22:21.0697 1500 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:22:21.0697 1500 IPMIDRV - ok
19:22:21.0729 1500 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:22:21.0729 1500 IPNAT - ok
19:22:21.0791 1500 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:22:21.0791 1500 iPod Service - ok
19:22:21.0822 1500 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:22:21.0822 1500 IRENUM - ok
19:22:21.0838 1500 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:22:21.0838 1500 isapnp - ok
19:22:21.0869 1500 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:22:21.0869 1500 iScsiPrt - ok
19:22:21.0885 1500 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:22:21.0885 1500 iteatapi - ok
19:22:21.0916 1500 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:22:21.0916 1500 iteraid - ok
19:22:21.0931 1500 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:22:21.0931 1500 kbdclass - ok
19:22:21.0947 1500 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:22:21.0947 1500 kbdhid - ok
19:22:21.0978 1500 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:22:21.0978 1500 KeyIso - ok
19:22:22.0009 1500 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:22:22.0009 1500 KSecDD - ok
19:22:22.0072 1500 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:22:22.0072 1500 KtmRm - ok
19:22:22.0119 1500 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
19:22:22.0119 1500 LanmanServer - ok
19:22:22.0150 1500 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:22:22.0150 1500 LanmanWorkstation - ok
19:22:22.0197 1500 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:22:22.0197 1500 lltdio - ok
19:22:22.0228 1500 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:22:22.0228 1500 lltdsvc - ok
19:22:22.0259 1500 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:22:22.0259 1500 lmhosts - ok
19:22:22.0275 1500 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:22:22.0275 1500 LSI_FC - ok
19:22:22.0290 1500 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:22:22.0290 1500 LSI_SAS - ok
19:22:22.0321 1500 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:22:22.0321 1500 LSI_SCSI - ok
19:22:22.0368 1500 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:22:22.0368 1500 luafv - ok
19:22:22.0415 1500 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
19:22:22.0415 1500 MBAMSwissArmy - ok
19:22:22.0446 1500 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:22:22.0446 1500 Mcx2Svc - ok
19:22:22.0493 1500 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:22:22.0493 1500 mdmxsdk - ok
19:22:22.0524 1500 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:22:22.0524 1500 megasas - ok
19:22:22.0555 1500 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:22:22.0555 1500 MegaSR - ok
19:22:22.0571 1500 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:22:22.0571 1500 MMCSS - ok
19:22:22.0587 1500 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:22:22.0587 1500 Modem - ok
19:22:22.0618 1500 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:22:22.0618 1500 monitor - ok
19:22:22.0633 1500 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:22:22.0633 1500 mouclass - ok
19:22:22.0665 1500 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:22:22.0665 1500 mouhid - ok
19:22:22.0680 1500 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:22:22.0680 1500 MountMgr - ok
19:22:22.0711 1500 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:22:22.0711 1500 mpio - ok
19:22:22.0727 1500 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:22:22.0727 1500 mpsdrv - ok
19:22:22.0774 1500 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:22:22.0774 1500 MpsSvc - ok
19:22:22.0789 1500 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:22:22.0789 1500 Mraid35x - ok
19:22:22.0836 1500 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:22:22.0836 1500 MRxDAV - ok
19:22:22.0883 1500 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:22:22.0883 1500 mrxsmb - ok
19:22:22.0930 1500 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:22:22.0930 1500 mrxsmb10 - ok
19:22:22.0961 1500 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:22:22.0961 1500 mrxsmb20 - ok
19:22:23.0008 1500 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:22:23.0008 1500 msahci - ok
19:22:23.0070 1500 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:22:23.0070 1500 MSCSPTISRV - ok
19:22:23.0101 1500 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:22:23.0101 1500 msdsm - ok
19:22:23.0133 1500 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:22:23.0133 1500 MSDTC - ok
19:22:23.0179 1500 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:22:23.0179 1500 Msfs - ok
19:22:23.0211 1500 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:22:23.0211 1500 msisadrv - ok
19:22:23.0242 1500 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:22:23.0242 1500 MSiSCSI - ok
19:22:23.0257 1500 msiserver - ok
19:22:23.0289 1500 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:22:23.0289 1500 MSKSSRV - ok
19:22:23.0304 1500 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:22:23.0320 1500 MSPCLOCK - ok
19:22:23.0335 1500 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:22:23.0335 1500 MSPQM - ok
19:22:23.0367 1500 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:22:23.0367 1500 MsRPC - ok
19:22:23.0398 1500 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:22:23.0398 1500 mssmbios - ok
19:22:23.0460 1500 MSSQL$MSSMLBIZ - ok
19:22:23.0507 1500 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:22:23.0507 1500 MSSQLServerADHelper - ok
19:22:23.0538 1500 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:22:23.0538 1500 MSTEE - ok
19:22:23.0569 1500 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:22:23.0569 1500 Mup - ok
19:22:23.0601 1500 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:22:23.0601 1500 napagent - ok
19:22:23.0647 1500 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:22:23.0647 1500 NativeWifiP - ok
19:22:23.0694 1500 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:22:23.0710 1500 NDIS - ok
19:22:23.0741 1500 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:22:23.0741 1500 NdisTapi - ok
19:22:23.0757 1500 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:22:23.0757 1500 Ndisuio - ok
19:22:23.0772 1500 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:22:23.0788 1500 NdisWan - ok
19:22:23.0788 1500 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:22:23.0788 1500 NDProxy - ok
19:22:23.0835 1500 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:22:23.0835 1500 Net Driver HPZ12 - ok
19:22:23.0850 1500 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:22:23.0850 1500 NetBIOS - ok
19:22:23.0881 1500 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:22:23.0881 1500 netbt - ok
19:22:23.0897 1500 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:22:23.0897 1500 Netlogon - ok
19:22:23.0928 1500 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:22:23.0944 1500 Netman - ok
19:22:23.0959 1500 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:22:23.0959 1500 netprofm - ok
19:22:24.0006 1500 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:22:24.0006 1500 NetTcpPortSharing - ok
19:22:24.0037 1500 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:22:24.0037 1500 nfrd960 - ok
19:22:24.0053 1500 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:22:24.0053 1500 NlaSvc - ok
19:22:24.0100 1500 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:22:24.0100 1500 Npfs - ok
19:22:24.0131 1500 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:22:24.0131 1500 nsi - ok
19:22:24.0147 1500 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:22:24.0147 1500 nsiproxy - ok
19:22:24.0209 1500 [ D7443616495851EC5B94574822773E80 ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe
19:22:24.0209 1500 NSUService - ok
19:22:24.0271 1500 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:22:24.0287 1500 Ntfs - ok
19:22:24.0303 1500 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:22:24.0303 1500 ntrigdigi - ok
19:22:24.0318 1500 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:22:24.0318 1500 Null - ok
19:22:24.0349 1500 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:22:24.0349 1500 nvraid - ok
19:22:24.0365 1500 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:22:24.0381 1500 nvstor - ok
19:22:24.0396 1500 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:22:24.0396 1500 nv_agp - ok
19:22:24.0443 1500 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:22:24.0443 1500 ohci1394 - ok
19:22:24.0505 1500 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:22:24.0505 1500 ose - ok
19:22:24.0677 1500 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:22:24.0693 1500 osppsvc - ok
19:22:24.0755 1500 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:22:24.0755 1500 p2pimsvc - ok
19:22:24.0786 1500 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:22:24.0786 1500 p2psvc - ok
19:22:24.0817 1500 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:22:24.0817 1500 PACSPTISVR - ok
19:22:24.0833 1500 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:22:24.0833 1500 Parport - ok
19:22:24.0880 1500 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:22:24.0880 1500 partmgr - ok
19:22:24.0895 1500 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:22:24.0895 1500 Parvdm - ok
19:22:24.0927 1500 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:22:24.0927 1500 PcaSvc - ok
19:22:24.0958 1500 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:22:24.0973 1500 pci - ok
19:22:24.0989 1500 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:22:24.0989 1500 pciide - ok
19:22:25.0020 1500 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:22:25.0020 1500 pcmcia - ok
19:22:25.0083 1500 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:22:25.0083 1500 PEAUTH - ok
19:22:25.0161 1500 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:22:25.0161 1500 pla - ok
19:22:25.0207 1500 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:22:25.0207 1500 PlugPlay - ok
19:22:25.0254 1500 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:22:25.0254 1500 Pml Driver HPZ12 - ok
19:22:25.0270 1500 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:22:25.0285 1500 PNRPAutoReg - ok
19:22:25.0301 1500 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:22:25.0301 1500 PNRPsvc - ok
19:22:25.0332 1500 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:22:25.0332 1500 PolicyAgent - ok
19:22:25.0363 1500 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:22:25.0363 1500 PptpMiniport - ok
19:22:25.0379 1500 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:22:25.0379 1500 Processor - ok
19:22:25.0410 1500 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:22:25.0410 1500 ProfSvc - ok
19:22:25.0426 1500 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:22:25.0426 1500 ProtectedStorage - ok
19:22:25.0457 1500 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:22:25.0457 1500 PSched - ok
19:22:25.0488 1500 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:22:25.0488 1500 PxHelp20 - ok
19:22:25.0551 1500 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:22:25.0551 1500 ql2300 - ok
19:22:25.0597 1500 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:22:25.0597 1500 ql40xx - ok
19:22:25.0629 1500 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:22:25.0629 1500 QWAVE - ok
19:22:25.0644 1500 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:22:25.0644 1500 QWAVEdrv - ok
19:22:25.0816 1500 [ 3AF684252780CF87DC2809F85B8F7591 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys
19:22:25.0816 1500 RapportCerberus_43926 - ok
19:22:25.0894 1500 [ 093B6A040BCF3FD4A0FFF397BAF28330 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
19:22:25.0894 1500 RapportEI - ok
19:22:25.0972 1500 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
19:22:25.0972 1500 RapportIaso - ok
19:22:25.0987 1500 [ 660436FBE447EBC73873EF2B0B2094B4 ] RapportKELL C:\Windows\system32\Drivers\RapportKELL.sys
19:22:25.0987 1500 RapportKELL - ok
19:22:26.0034 1500 [ 61B37C0B3FD7DA7414C20D917469BFFF ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
19:22:26.0034 1500 RapportMgmtService - ok
19:22:26.0065 1500 [ 3DE33A522BB73E161F20D444687E978B ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
19:22:26.0065 1500 RapportPG - ok
19:22:26.0081 1500 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:22:26.0081 1500 RasAcd - ok
19:22:26.0112 1500 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:22:26.0112 1500 RasAuto - ok
19:22:26.0143 1500 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:22:26.0143 1500 Rasl2tp - ok
19:22:26.0190 1500 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:22:26.0190 1500 RasMan - ok
19:22:26.0221 1500 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:22:26.0221 1500 RasPppoe - ok
19:22:26.0237 1500 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:22:26.0237 1500 RasSstp - ok
19:22:26.0268 1500 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:22:26.0268 1500 rdbss - ok
19:22:26.0284 1500 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:22:26.0284 1500 RDPCDD - ok
19:22:26.0331 1500 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:22:26.0331 1500 rdpdr - ok
19:22:26.0331 1500 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:22:26.0346 1500 RDPENCDD - ok
19:22:26.0377 1500 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:22:26.0377 1500 RDPWD - ok
19:22:26.0409 1500 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:22:26.0424 1500 RemoteAccess - ok
19:22:26.0455 1500 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:22:26.0455 1500 RemoteRegistry - ok
19:22:26.0502 1500 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:22:26.0502 1500 RFCOMM - ok
19:22:26.0533 1500 [ D0C2A0CE1091E08EFB7CCBA6CEA4C3F9 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
19:22:26.0533 1500 rimsptsk - ok
19:22:26.0549 1500 [ 53EA7C7D1D3C4B11AE0EA7C8D75C4E82 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys
19:22:26.0549 1500 risdptsk - ok
19:22:26.0596 1500 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:22:26.0596 1500 RpcLocator - ok
19:22:26.0611 1500 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:22:26.0611 1500 RpcSs - ok
19:22:26.0643 1500 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:22:26.0643 1500 rspndr - ok
19:22:26.0689 1500 [ 65330E78C17DB8A99A7FF1BA3C8824B6 ] RtkAudioService C:\Windows\RtkAudioService.exe
19:22:26.0689 1500 RtkAudioService - ok
19:22:26.0705 1500 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:22:26.0705 1500 SamSs - ok
19:22:26.0736 1500 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:22:26.0736 1500 sbp2port - ok
19:22:26.0767 1500 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:22:26.0783 1500 SCardSvr - ok
19:22:26.0830 1500 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:22:26.0845 1500 Schedule - ok
19:22:26.0861 1500 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:22:26.0861 1500 SCPolicySvc - ok
19:22:26.0908 1500 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:22:26.0908 1500 sdbus - ok
19:22:26.0939 1500 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:22:26.0939 1500 SDRSVC - ok
19:22:26.0955 1500 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:22:26.0955 1500 secdrv - ok
19:22:26.0970 1500 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:22:26.0970 1500 seclogon - ok
19:22:26.0986 1500 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
19:22:27.0001 1500 SENS - ok
19:22:27.0017 1500 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:22:27.0017 1500 Serenum - ok
19:22:27.0033 1500 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:22:27.0033 1500 Serial - ok
19:22:27.0048 1500 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:22:27.0064 1500 sermouse - ok
19:22:27.0095 1500 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:22:27.0095 1500 SessionEnv - ok
19:22:27.0142 1500 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
19:22:27.0157 1500 SFEP - ok
19:22:27.0173 1500 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:22:27.0173 1500 sffdisk - ok
19:22:27.0189 1500 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:22:27.0189 1500 sffp_mmc - ok
19:22:27.0204 1500 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:22:27.0220 1500 sffp_sd - ok
19:22:27.0251 1500 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:22:27.0251 1500 sfloppy - ok
19:22:27.0298 1500 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:22:27.0298 1500 SharedAccess - ok
19:22:27.0345 1500 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:22:27.0345 1500 ShellHWDetection - ok
19:22:27.0376 1500 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:22:27.0376 1500 sisagp - ok
19:22:27.0391 1500 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:22:27.0391 1500 SiSRaid2 - ok
19:22:27.0423 1500 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:22:27.0423 1500 SiSRaid4 - ok
19:22:27.0547 1500 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:22:27.0563 1500 slsvc - ok
19:22:27.0610 1500 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:22:27.0610 1500 SLUINotify - ok
19:22:27.0641 1500 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:22:27.0641 1500 Smb - ok
19:22:27.0688 1500 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:22:27.0688 1500 SNMPTRAP - ok
19:22:27.0735 1500 [ 1A9DD46C547646A54CDB4065C1996A07 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
19:22:27.0735 1500 SOHCImp - ok
19:22:27.0750 1500 [ 2E1B0D8278BB616148DDCA13DAE87544 ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
19:22:27.0750 1500 SOHDms - ok
19:22:27.0781 1500 [ 892529EE03211C35AEA7132E119F4862 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
19:22:27.0781 1500 SOHDs - ok
19:22:27.0797 1500 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:22:27.0797 1500 spldr - ok
19:22:27.0828 1500 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:22:27.0828 1500 Spooler - ok
19:22:27.0859 1500 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:22:27.0859 1500 SPTISRV - ok
19:22:27.0906 1500 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:22:27.0906 1500 SQLBrowser - ok
19:22:27.0953 1500 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:22:27.0953 1500 SQLWriter - ok
19:22:28.0000 1500 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:22:28.0000 1500 srv - ok
19:22:28.0047 1500 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:22:28.0047 1500 srv2 - ok
19:22:28.0062 1500 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:22:28.0062 1500 srvnet - ok
19:22:28.0078 1500 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:22:28.0078 1500 SSDPSRV - ok
19:22:28.0125 1500 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:22:28.0125 1500 SstpSvc - ok
19:22:28.0171 1500 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:22:28.0171 1500 stisvc - ok
19:22:28.0203 1500 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:22:28.0203 1500 swenum - ok
19:22:28.0234 1500 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:22:28.0249 1500 swprv - ok
19:22:28.0265 1500 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:22:28.0265 1500 Symc8xx - ok
19:22:28.0296 1500 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:22:28.0296 1500 Sym_hi - ok
19:22:28.0312 1500 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:22:28.0312 1500 Sym_u3 - ok
19:22:28.0359 1500 [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:22:28.0359 1500 SynTP - ok
19:22:28.0390 1500 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:22:28.0405 1500 SysMain - ok
19:22:28.0437 1500 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:22:28.0437 1500 TabletInputService - ok
19:22:28.0468 1500 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:22:28.0483 1500 TapiSrv - ok
19:22:28.0499 1500 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:22:28.0499 1500 TBS - ok
19:22:28.0577 1500 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:22:28.0577 1500 Tcpip - ok
19:22:28.0593 1500 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:22:28.0608 1500 Tcpip6 - ok
19:22:28.0639 1500 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:22:28.0639 1500 tcpipreg - ok
19:22:28.0671 1500 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:22:28.0671 1500 TDPIPE - ok
19:22:28.0686 1500 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:22:28.0686 1500 TDTCP - ok
19:22:28.0717 1500 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:22:28.0717 1500 tdx - ok
19:22:28.0733 1500 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:22:28.0733 1500 TermDD - ok
19:22:28.0764 1500 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:22:28.0764 1500 TermService - ok
19:22:28.0780 1500 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:22:28.0780 1500 Themes - ok
19:22:28.0811 1500 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:22:28.0811 1500 THREADORDER - ok
19:22:28.0827 1500 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:22:28.0827 1500 TrkWks - ok
19:22:28.0889 1500 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:22:28.0889 1500 TrustedInstaller - ok
19:22:28.0920 1500 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:22:28.0920 1500 tssecsrv - ok
19:22:28.0936 1500 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:22:28.0936 1500 tunmp - ok
19:22:28.0967 1500 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:22:28.0967 1500 tunnel - ok
19:22:28.0998 1500 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:22:28.0998 1500 uagp35 - ok
19:22:29.0045 1500 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:22:29.0045 1500 uCamMonitor - ok
19:22:29.0076 1500 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:22:29.0076 1500 udfs - ok
19:22:29.0123 1500 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:22:29.0123 1500 UI0Detect - ok
19:22:29.0123 1500 UIUSys - ok
19:22:29.0170 1500 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:22:29.0170 1500 uliagpkx - ok
19:22:29.0185 1500 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:22:29.0185 1500 uliahci - ok
19:22:29.0217 1500 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:22:29.0217 1500 UlSata - ok
19:22:29.0248 1500 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:22:29.0248 1500 ulsata2 - ok
19:22:29.0263 1500 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:22:29.0263 1500 umbus - ok
19:22:29.0326 1500 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:22:29.0326 1500 upnphost - ok
19:22:29.0357 1500 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:22:29.0357 1500 USBAAPL - ok
19:22:29.0404 1500 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:22:29.0404 1500 usbccgp - ok
19:22:29.0435 1500 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:22:29.0435 1500 usbcir - ok
19:22:29.0466 1500 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:22:29.0466 1500 usbehci - ok
19:22:29.0482 1500 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:22:29.0482 1500 usbhub - ok
19:22:29.0513 1500 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:22:29.0513 1500 usbohci - ok
19:22:29.0560 1500 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:22:29.0560 1500 usbprint - ok
19:22:29.0591 1500 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:22:29.0591 1500 usbscan - ok
19:22:29.0622 1500 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:22:29.0622 1500 USBSTOR - ok
19:22:29.0669 1500 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:22:29.0669 1500 usbuhci - ok
19:22:29.0685 1500 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:22:29.0685 1500 usbvideo - ok
19:22:29.0716 1500 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:22:29.0716 1500 UxSms - ok
19:22:29.0778 1500 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:22:29.0778 1500 VAIO Entertainment TV Device Arbitration Service - ok
19:22:29.0809 1500 [ 2C3DBB9B671AB95245DED1EFC5276CE9 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe
19:22:29.0809 1500 VAIO Event Service - ok
19:22:29.0872 1500 [ DDD94D264CDA81B90580E2D41F295575 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:22:29.0872 1500 VAIO Power Management - ok
19:22:29.0919 1500 [ 7773EB681E99217FD92E5E8A5A199AE5 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:22:29.0919 1500 VCFw - ok
19:22:29.0965 1500 [ 27888F132D2EE0B72B28093A5F5F20EB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:22:29.0965 1500 VcmIAlzMgr - ok
19:22:29.0997 1500 [ EE9ABFC2F8F2DCDC624B6A9D5CF3B19D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
19:22:29.0997 1500 VcmXmlIfHelper - ok
19:22:29.0997 1500 Vcsw - ok
19:22:30.0059 1500 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:22:30.0059 1500 vds - ok
19:22:30.0090 1500 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:22:30.0090 1500 vga - ok
19:22:30.0106 1500 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:22:30.0106 1500 VgaSave - ok
19:22:30.0137 1500 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:22:30.0137 1500 viaagp - ok
19:22:30.0153 1500 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:22:30.0153 1500 ViaC7 - ok
19:22:30.0168 1500 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:22:30.0168 1500 viaide - ok
19:22:30.0199 1500 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:22:30.0199 1500 volmgr - ok
19:22:30.0231 1500 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:22:30.0231 1500 volmgrx - ok
19:22:30.0277 1500 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:22:30.0277 1500 volsnap - ok
19:22:30.0309 1500 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:22:30.0309 1500 vsmraid - ok
19:22:30.0371 1500 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:22:30.0371 1500 VSS - ok
19:22:30.0418 1500 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
19:22:30.0418 1500 VzCdbSvc - ok
19:22:30.0433 1500 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:22:30.0433 1500 W32Time - ok
19:22:30.0480 1500 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:22:30.0480 1500 WacomPen - ok
19:22:30.0496 1500 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:22:30.0496 1500 Wanarp - ok
19:22:30.0511 1500 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:22:30.0511 1500 Wanarpv6 - ok
19:22:30.0558 1500 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:22:30.0558 1500 wcncsvc - ok
19:22:30.0589 1500 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:22:30.0589 1500 WcsPlugInService - ok
19:22:30.0621 1500 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:22:30.0621 1500 Wd - ok
19:22:30.0636 1500 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:22:30.0636 1500 Wdf01000 - ok
19:22:30.0652 1500 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:22:30.0667 1500 WdiServiceHost - ok
19:22:30.0667 1500 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:22:30.0667 1500 WdiSystemHost - ok
19:22:30.0699 1500 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:22:30.0699 1500 WebClient - ok
19:22:30.0745 1500 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:22:30.0761 1500 Wecsvc - ok
19:22:30.0792 1500 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:22:30.0792 1500 wercplsupport - ok
19:22:30.0823 1500 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:22:30.0823 1500 WerSvc - ok
19:22:30.0870 1500 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:22:30.0870 1500 WimFltr - ok
19:22:30.0901 1500 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:22:30.0901 1500 winachsf - ok
19:22:30.0964 1500 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:22:30.0979 1500 WinDefend - ok
19:22:30.0979 1500 WinHttpAutoProxySvc - ok
19:22:31.0042 1500 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:22:31.0042 1500 Winmgmt - ok
19:22:31.0104 1500 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:22:31.0120 1500 WinRM - ok
19:22:31.0167 1500 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:22:31.0167 1500 Wlansvc - ok
19:22:31.0198 1500 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:22:31.0198 1500 WmiAcpi - ok
19:22:31.0229 1500 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:22:31.0245 1500 wmiApSrv - ok
19:22:31.0307 1500 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:22:31.0323 1500 WMPNetworkSvc - ok
19:22:31.0354 1500 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:22:31.0354 1500 WPCSvc - ok
19:22:31.0385 1500 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:22:31.0385 1500 WPDBusEnum - ok
19:22:31.0416 1500 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:22:31.0416 1500 WpdUsb - ok
19:22:31.0494 1500 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:22:31.0510 1500 WPFFontCache_v0400 - ok
19:22:31.0541 1500 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:22:31.0541 1500 ws2ifsl - ok
19:22:31.0572 1500 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
19:22:31.0572 1500 wscsvc - ok
19:22:31.0572 1500 WSearch - ok
19:22:31.0666 1500 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:22:31.0666 1500 wuauserv - ok
19:22:31.0697 1500 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:22:31.0697 1500 WUDFRd - ok
19:22:31.0728 1500 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:22:31.0744 1500 wudfsvc - ok
19:22:31.0759 1500 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:22:31.0759 1500 XAudio - ok
19:22:31.0791 1500 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:22:31.0791 1500 XAudioService - ok
19:22:31.0822 1500 [ 7D4CCA3659FA0780603206E3D12A993F ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:22:31.0822 1500 yukonwlh - ok
19:22:31.0837 1500 ================ Scan global ===============================
19:22:31.0869 1500 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:22:31.0931 1500 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:22:31.0931 1500 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:22:31.0978 1500 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:22:31.0978 1500 [Global] - ok
19:22:31.0978 1500 ================ Scan MBR ==================================
19:22:31.0993 1500 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:22:32.0181 1500 \Device\Harddisk0\DR0 - ok
19:22:32.0196 1500 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk3\DR6
19:22:32.0212 1500 \Device\Harddisk3\DR6 - ok
19:22:32.0212 1500 =============0 -
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-02 19:25:48
19:25:48.335 OS Version: Windows 6.0.6002 Service Pack 2
19:25:48.335 Number of processors: 2 586 0xF0D
19:25:48.335 ComputerName: AMANDA-PC1 UserName: Amanda
19:25:53.499 Initialize success
19:26:29.223 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:26:29.223 Disk 0 Vendor: TOSHIBA_ LV01 Size: 238475MB BusType: 3
19:26:29.223 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006a
19:26:29.223 Disk 1 Vendor: RICOH 01 Size: 238475MB BusType: 0
19:26:29.223 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006b
19:26:29.238 Disk 2 Vendor: RICOH 02 Size: 238475MB BusType: 0
19:26:29.285 Disk 0 MBR read successfully
19:26:29.285 Disk 0 MBR scan
19:26:29.285 Disk 0 Windows VISTA default MBR code
19:26:29.301 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9822 MB offset 2048
19:26:29.316 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 228651 MB offset 20117504
19:26:29.316 Disk 0 scanning sectors +488395120
19:26:29.394 Disk 0 scanning C:\Windows\system32\drivers
19:26:36.679 Service scanning
19:27:02.014 Modules scanning
19:27:06.912 Disk 0 trace - called modules:
19:27:06.928 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
19:27:06.943 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8cb21030]
19:27:06.943 3 CLASSPNP.SYS[909ac8b3] -> nt!IofCallDriver -> [0x8c5bb288]
19:27:06.943 5 acpi.sys[88e996bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8c081028]
19:27:06.959 Scan finished successfully
19:27:28.783 Disk 0 MBR has been saved successfully to "F:\MBR.dat"
19:27:28.799 The log file has been saved successfully to "F:\aswMBR_log.txt"0 -
HitmanPro 3.6.2.173 www.hitmanpro.com Computer name . . . . : AMANDA-PC1 Windows . . . . . . . : 6.0.2.6002.X86/2 Safe Mode Boot . . . : MINIMAL User name . . . . . . : AMANDA-PC1\Amanda UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2012-11-10 13:29:20 Scan mode . . . . . . : Normal Scan duration . . . . : 5m 56s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : No connection Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 1 Objects scanned . . . : 1,749,274 Files scanned . . . . : 36,563 Remnants scanned . . : 363,693 files / 1,349,018 keys Suspicious files ____________________________________________________________ C:\Windows\system32\javaws.exe Size . . . . . . . : 246,760 bytes Age . . . . . . . : 46.8 days (2012-09-24 18:21:20) Entropy . . . . . : 6.5 SHA-256 . . . . . : EE85C4973B8CF5071F378DF0E7B9883840D972CE774BAE2A8F7A949A2C930235 Product . . . . . : Java(TM) Platform SE 7 U7 Publisher . . . . : Oracle Corporation Description . . . : Java(TM) Web Start Launcher Version . . . . . : 10.7.2.11 Copyright . . . . : Copyright © 2012 RSA Key Size . . . : 1024 Authenticode . . . : Invalid Fuzzy . . . . . . : 22.0 Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.0 -
Do I need to download & run MBAM/malwarebytes??
thanks.0 -
hows the pc running now ? Boot into normal mode and check0
-
Ok,
I've shut down the laptop,
I've powered on,
'welcome vista home premium' screen,
normal desktop,
launched IE browser to homepage http://ie.msn.com
A small orange 'security alert' window has popped up,
'you are about to leave a secure internet connection.
It will be possible for others to view info you send.
Do you want to continue Yes or No ??'0 -
that hasn't always been there right ?
download malwarebytes
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
update it run a quick scan post that log0 -
Yes, I haven't seen that security alert popup before.
I'll try malwarebytes. thanks.0 -
Ok,
I've shut down the laptop,
I've powered on,
'welcome vista home premium' screen,
normal desktop,
launched IE browser to homepage http://ie.msn.com
A small orange 'security alert' window has popped up,
'you are about to leave a secure internet connection.
It will be possible for others to view info you send.
Do you want to continue Yes or No ??'
I picked 'NO'.
MBAM results to follow.0 -
Advertisement
-
After I hit 'NO' ,
on top of screen above the address bar,
I see Internet Explorer ( Not Responding).
the file, edit, view , etc command bar is greyed out.
the cursor has changed to a swirling round blue circle..
Do i still try to run MBAM ??0 -
yeah go ahead with mbam, go into safe mode with networking if you need to.0
-
I cannot do anything from the keyboard
I did ctrl-alt-del & I got a blank screen.
I hit power button to shut laptop off.
On startup, I've selected safe mode with networking.
From another pc ,I've put mbam on a usb stick.
I'm in safe mode with networking & I'm installing mbam from usb stick.
Updating mbam, successful.
Performing quick scan.0 -
currently scanning c:\windows\system32\wsmplpxy.dll,
its been stuck on this for over 5 minutes.0 -
the scan shouldn't take longer than 10 minutes. Try not to use the PC when its scanning.0
-
Hi ASJ
I'n not using the pc at all, just letting mbam run,
its still showing ,
objects scanned 51667,
objects detected ,0
quick scan time elapsed 3min,34sec
currently scanning c:\windows\system32\wsmplpxy.dll for 15 minutes now.0 -
It's probably frozen, close MBAM down and try do it once more. If it gets stuck again do this step
Download OTL to your Desktop- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click the Quick Scan button. Do not change any settings. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files here
0 -
laptop seemed frozen.
I had to use power button to turn it off.
I'm running mbam again ( i'm in safe mode with networking).
This time, mbam has paused at,
objects scanned 51674,
objects detected ,0
quick scan time elapsed 3min,36sec
currently scanning c:\windows\system32\wsqmcons.exe and carried on scanning.
Now mbam has paused at,
objects scanned 52108,
objects detected ,0
quick scan time elapsed 5min,44sec
currently scanning c:\windows\system32\oobe\msoobe.exe
Laptop has frozen again.
I'll start again & try OTL.0 -
Hi
I'm in safe mode with networking,
I launch InternetExplorer
I get the security alert,
'you are about to leave a secure internet connection.
It will be possible for others to view info you send.
Do you want to continue Yes or No ??'
but its in a grey box ( it was orange earlier)
I picked YES.
I downloaded OTL & put it on desktop.
OTL quick scan running..0 -
Advertisement
-
Hi
It looks like OTL has got stuck,
Screen shows
Looking for newly created files c:\windows\system32\wsqmcons.exe...( see post #29 where this file is also mentioned )
and the screen time has stuck at 21:53.0
Advertisement