[Resolved] DOS/Alureon.E ... help pleasse

[mic]

Somehow downloaded DOS/Alureon.E.  I have not been able to remove it.  In fact, only MSE identified it, but cannot remove it.  I have tried MBAM and Superantispyware to no avail.  I have an external backup to a Passport Harddrive, which is completed daily, but I do not dare restore files until this rootkit is removed.
Of course, this computer is critical to my business and livelihood and programs such as Quickbooks cannot locate their associated files.

I am familiar with this forum.  Unfortunately, I have had to get help for my children's computers in the past.  Now it's dad's turn to be a fool.

Thank you.

Michael

[mic]

Oh, I have attempted to make a HijackThis log file, but have not been able to paste it into a Notepad file.

Michael

[Hoov]

I have helped you before and you know how I work, so we can get right to the repair. There have been some changes, we no longer use hijackthis except in certain circumstances. I am hoping that you remember that we do not help users with computers with P2P. Also you mention this is a buisness computer. Is this a small business? Do you have a IT department that takes care of the computer?


We need to see some information about what is happening in your machine.  Please perform the following scan:

• Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • DDS.scr
    
• Double click on the DDS icon, allow it to run.
  
• A small box will open, with an explaination about the tool.  No input is needed, the scan is running.
• Notepad will open with the results.
• Please copy and paste both logs into your next response. You may need more than one response.
• Close the program window, and delete the program from your desktop.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet. 

Information on A/V control HERE

[mic]

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Michael at 19:33:26 on 2012-04-02
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8108.6093 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\TrueSuite\TrueSuite.Service.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Qualcomm\Gobi\GobiQDLService\GobiQDLService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k HPService
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe
C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TrueSuite\TrueSuite.TouchControl.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sony.msn.com
uDefault_Page_URL = hxxp://sony.msn.com
uInternet Settings,ProxyOverride = *.local;192.168.*.*
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TrueSuite WebStore: {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Symantec VIP Access Add-On: {c63cd127-a1cb-4d49-a4f7-d6f88a917be6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{8DE1F9BE-A055-4B4E-B4EB-4F451F45EDA4} : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{8DE1F9BE-A055-4B4E-B4EB-4F451F45EDA4}\47D6F62696C656 : DhcpNameServer = 10.176.83.252 10.184.83.252
TCP: Interfaces\{8DE1F9BE-A055-4B4E-B4EB-4F451F45EDA4}\76F676F696E666C696768647 : DhcpNameServer = 172.19.134.2
TCP: Interfaces\{C0CE057D-7894-4EB8-AB06-E07C437A8BA5} : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{FD85C2A7-AFD0-4A60-B204-76004F0E5FFC} : NameServer = 209.183.35.23 209.183.35.23
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64:     HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: TrueSuite WebStore: {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll
BHO-X64:     TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64:     URLRedirectionBHO - No File
BHO-X64: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO-X64:     IEPlugin - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64:     SmartSelect - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64:     HP Smart BHO Class - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\j843j69d.default\
FF - prefs.js: browser.startup.homepage - www.nytimes.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;C:\Windows\system32\drivers\mv61xx.sys --> C:\Windows\system32\drivers\mv61xx.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 ActiveDelayDeviceService;ActiveDelayDeviceService;C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [2011-7-27 75912]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-12 661504]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-7-12 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-7-12 1001808]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-13 135952]
R2 FPLService;TrueSuiteService;C:\Program Files\TrueSuite\TrueSuite.Service.exe [2011-4-26 294216]
R2 GobiQDLService;Qualcomm Gobi Anywhere Download Service;C:\Program Files (x86)\Qualcomm\Gobi\GobiQDLService\GobiQDLService.exe [2011-7-27 318976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-20 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-7-27 2375168]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-2-9 53248]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-8-19 1248256]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2011-7-27 199272]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-7-27 259192]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-7-27 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-27 2656280]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-7-27 552584]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-4-13 84088]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-12-22 965256]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-9-8 288256]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-9-8 1034752]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-9-8 485376]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\system32\DRIVERS\ATSwpWDF.sys --> C:\Windows\system32\DRIVERS\ATSwpWDF.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/07/27 13:40:39;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-3-2 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2010-2-24 362992]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-7-12 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gobi3kfilter;Qualcomm Gobi 3000 USB Composite Device Filter Driver;C:\Windows\system32\DRIVERS\gobi3kfilter.sys --> C:\Windows\system32\DRIVERS\gobi3kfilter.sys [?]
S3 gobi3kmbb;Qualcomm Gobi 3000 USB-NDIS 6.20 miniport;C:\Windows\system32\DRIVERS\gobi3kmbb.sys --> C:\Windows\system32\DRIVERS\gobi3kmbb.sys [?]
S3 gobi3kserial;Qualcomm Gobi 3000 USB Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\gobi3kserial.sys --> C:\Windows\system32\DRIVERS\gobi3kserial.sys [?]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-1-4 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2010-2-24 313840]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-7-27 44736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-04-03 02:28:28   125440   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com\components\TrueSuite.WLOXPCOM.dll
2012-04-03 02:28:24   69000   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F8F9553-FBC2-41FF-B156-C0420C62433C}\offreg.dll
2012-04-03 01:26:49   388096   ----a-r-   C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-03 01:26:48   --------   d-----w-   C:\Program Files (x86)\Trend Micro
2012-04-03 00:50:48   8669240   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F8F9553-FBC2-41FF-B156-C0420C62433C}\mpengine.dll
2012-03-21 20:01:01   --------   d-----w-   C:\Users\Michael\QBBackupTemp Wed, Mar 21 2012 01 01 01 PM
2012-03-14 23:27:07   --------   d-----w-   C:\Program Files\iTunes
2012-03-14 23:27:07   --------   d-----w-   C:\Program Files\iPod
2012-03-14 23:27:07   --------   d-----w-   C:\Program Files (x86)\iTunes
2012-03-13 21:25:42   5559152   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-03-13 21:25:42   3968368   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-13 21:25:41   3913584   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-03-13 21:24:00   3145728   ----a-w-   C:\Windows\System32\win32k.sys
2012-03-13 21:24:00   1544192   ----a-w-   C:\Windows\System32\DWrite.dll
2012-03-13 21:24:00   1077248   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-03-13 17:18:19   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
2012-03-13 17:18:18   826880   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-03-13 17:18:18   77312   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-03-13 17:18:18   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 17:18:18   210944   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-03-13 17:18:18   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-03-13 17:18:18   1112064   ----a-w-   C:\Windows\System32\rdpcorets.dll
2012-03-13 17:18:18   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-03-12 21:55:38   --------   d-----w-   C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
2012-03-12 21:54:41   80024   ----a-w-   C:\Windows\SysWow64\PICSDK.dll
2012-03-12 21:54:41   51360   ----a-w-   C:\Windows\SysWow64\EpPicPrt.dll
2012-03-12 21:54:41   501912   ----a-w-   C:\Windows\SysWow64\PICSDK2.dll
2012-03-12 21:54:41   108704   ----a-w-   C:\Windows\SysWow64\PICEntry.dll
2012-03-12 21:54:40   51360   ----a-w-   C:\Windows\SysWow64\EpPicMgr.dll
2012-03-12 21:54:13   282624   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2012-03-12 21:53:47   --------   d-----w-   C:\Program Files (x86)\Epson Software
2012-03-12 21:53:45   696320   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-03-12 21:53:45   57344   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-03-12 21:53:45   5632   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-03-12 21:53:45   282756   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-03-12 21:53:45   237568   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-03-12 21:53:45   163972   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-03-12 21:53:45   155648   ----a-w-   C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-03-12 21:52:40   65793   ----a-w-   C:\Windows\System32\esfwa1.bin
2012-03-12 21:52:40   266240   ----a-w-   C:\Windows\SysWow64\esinta1.dll
2012-03-12 21:52:40   236544   ----a-w-   C:\Windows\System32\esxuina1.dll
2012-03-12 21:52:40   17408   ----a-w-   C:\Windows\System32\esxcdev.dll
2012-03-12 21:52:40   168960   ----a-w-   C:\Windows\System32\esxw2_a1.dll
2012-03-12 21:52:40   128392   ----a-w-   C:\Windows\System32\esdevapp.exe
2012-03-12 21:52:40   --------   d-----w-   C:\Program Files (x86)\epson
2012-03-12 21:11:02   --------   d-----w-   C:\Program Files (x86)\Cisco
2012-03-12 21:10:19   --------   d--h--w-   C:\Windows\System32\WLANProfiles
.
==================== Find3M  ====================
.
2012-02-23 05:24:22   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 18:01:50   52736   ----a-w-   C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 18:01:50   4547944   ----a-w-   C:\Windows\System32\usbaaplrc.dll
2012-01-31 23:10:44   525544   ----a-w-   C:\Windows\System32\deployJava1.dll
2012-01-31 12:44:20   279656   ------w-   C:\Windows\System32\MpSigStub.exe
2012-01-04 19:24:42   2427392   ----a-w-   C:\Windows\System32\iwmssvc.dll
2012-01-04 19:23:52   614400   ----a-w-   C:\Windows\System32\PanIhvUi.dll
2012-01-04 19:21:00   1216512   ----a-w-   C:\Windows\System32\wlihvui.dll
2012-01-04 10:44:20   509952   ----a-w-   C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41   442880   ----a-w-   C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 19:42:30.84 ===============

[mic]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 12/22/2011 5:58:56 PM
System Uptime: 4/2/2012 7:28:12 PM (0 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz | N/A | 783/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 459 GiB total, 360.055 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP149: 4/2/2012 5:25:23 PM - Restore Operation
RP151: 4/2/2012 5:50:41 PM - Windows Update
RP152: 4/2/2012 6:26:37 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
.
8000A809
8000A809_eDocs
8000A809_Help
ABBYY FineReader 6.0 Sprint
ACID Music Studio 8.0
Adobe Acrobat  9 Standard
Adobe Acrobat 8 Professional
Adobe Acrobat 8.1.0 Professional
Adobe Acrobat 9.5.0 - CPSID_83708
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop Elements 6.0
Adobe Reader X (10.1.2)
Apple Application Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 4
BPDSoftware
BPDSoftware_Ini
BufferChm
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CyberLink PowerDVD
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery
DVD Architect Studio 5.0
Epson Copy Utility 3.5
Epson Event Manager
EPSON Perfection V600 Photo Scanner Driver Update
EPSON Scan
Gobi_Firmware
GPBaseService2
HiJackThis
HP Update
HPProductAssistant
HPSSupply
HW Gobi 3000 Driver 1.07.00.00
Intel PROSet Wireless
Intel(R) Display Audio Driver
Intel(R) Identity Protection Technology 1.1.2.0
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Fireworks MX 2004
Macromedia Flash MX 2004
Macromedia FreeHand MXa
Malwarebytes Anti-Malware version 1.60.1.1000
MarketResearch
Mesh Runtime
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Mole Setup
MotoHelper MergeModules
Mozilla Firefox 10.0.2 (x86 en-US)
Mozilla Thunderbird 10.0.2 (x86 en-US)
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
myPrintMileage (Officejet Pro 8000 A809)
Oasis2Service
OOBE
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
ProductContext
PX Profile Update
Quick Web Access
QuickBooks
QuickBooks Pro 2012
QuickTime
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Remote Cameras
Remote Keyboard
Remote Play with PlayStation 3
Renesas Electronics USB 3.0 Host Controller Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Skype™ 5.1
SmartWebPrinting
SolutionCenter
Sony Photo Go 1.0b
Sound Forge Audio Studio 10.0
SSLx86
Status
SupportSoft Assisted Service
Toolbox
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote Keyboard
VAIO - Remote Play with PlayStation®3
VAIO Care
VAIO Control Center
VAIO CPU Fan Diagnostic
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Improvement
VAIO Manual
VAIO Messenger
VAIO Mobile Broadband Setup
VAIO Sample Contents
VAIO Satisfaction Survey.
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VCCx86
Vegas Movie Studio HD Platinum 10.0
VESx86
VIPAccess
Visual Studio 2005 Tools for Office Second Edition Runtime
VIx86
VSNx86
VWSTx86
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
4/2/2012 7:39:14 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: NT AUTHORITY\SYSTEM     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 7:39:03 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume .
4/2/2012 7:30:27 PM, Error: Service Control Manager [7009]  - A timeout was reached (60000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
4/2/2012 7:28:34 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 7:28:24 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
4/2/2012 6:34:46 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: NT AUTHORITY\SYSTEM     Process Name: C:\Windows\System32\VSSVC.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 6:24:20 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 6:24:00 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom mv61xx
4/2/2012 6:22:48 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\winsxs\amd64_microsoft-windows-safedocs-main_31bf3856ad364e35_6.1.7601.17514_none_832fc1bb7d681e0d\sdclt.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 6:22:48 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\winsxs\amd64_microsoft-windows-safedocs-main_31bf3856ad364e35_6.1.7601.17514_none_832fc1bb7d681e0d\sdclt.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 6:11:23 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: NT AUTHORITY\SYSTEM     Process Name: System     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 6:00:59 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: NT AUTHORITY\SYSTEM     Process Name: C:\Windows\System32\VSSVC.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.948.0, AS: 1.123.948.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:42:34 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:42:34 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:39:17 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:39:17 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:35:52 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:35:52 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:30:22 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\wbengine.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:30:22 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\wbengine.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.877.0, AS: 1.123.877.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:24:04 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 5:17:15 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 5:17:05 PM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  Not enough storage is available to complete this operation.
4/2/2012 5:15:47 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: System     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:15:47 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: System     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:14:41 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 5:11:29 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:11:29 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\Device\HarddiskVolume4;boot:_\Device\HarddiskVolume4\;boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: Real-Time Protection     User: micsVIAO\Michael     Process Name: C:\Windows\System32\svchost.exe     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:10:35 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/2/2012 5:09:42 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: User     User: micsVIAO\Michael     Process Name: Unknown     Action: Quarantine     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x80070032     Error description: The request is not supported.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 5:09:40 PM, Error: Microsoft Antimalware [1119]  - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software.  For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.E&threatid=2147650952     Name: Trojan:DOS/Alureon.E     ID: 2147650952     Severity: Severe     Category: Trojan     Path: boot:_\\.\PHYSICALDRIVE0\Partition3 (Type 17)     Detection Origin: Local machine     Detection Type: Concrete     Detection Source: User     User: micsVIAO\Michael     Process Name: Unknown     Action: Remove     Action Status:  To finish removing malware and other potentially unwanted software, restart the computer.     To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website.      Error Code: 0x800704ec     Error description: This program is blocked by group policy. For more information, contact your system administrator.      Signature Version: AV: 1.123.916.0, AS: 1.123.916.0, NIS: 11.0.0.0     Engine Version: AM: 1.1.8202.0, NIS: 2.0.8001.0
4/2/2012 4:44:43 PM, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: D@01010004
4/2/2012 3:41:26 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
3/30/2012 2:19:43 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Behavior Monitoring     Error Code: 0x80004005     Error description: Unspecified error      Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
3/30/2012 11:09:08 PM, Error: volsnap [27]  - The shadow copies of volume F: were aborted during detection because a critical control file could not be opened.
.
==== End Of File ===========================

[mic]

Hoov,
The computer is used for my small business-- a small veterinary hospital.  I am the IT Guy, doctor and chief bottle-washer.
On the business side, I only use it for accounting purposes.

Michael

[Hoov]

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on click on the change parameters option.
  
  
  
  
  
• Once you are in there, check all four boxes and then click on the OK button.
  
  
  
  
• Now click the Start Scan button.
  
  
  
  
• This is what you will see during the scan,

• and this is what you will see when the scan is done if any threats are found. Don't change any of the recommended actions. Click the continue button.
  
  
  
  
• Once the fix is done you might see this,

• or it may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

I need you to go to the administration tools in Vista / Windows 7. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side expand the window category and then click on  System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVTX is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

[mic]

19:54:05.0504 7176   TDSS rootkit removing tool 2.7.24.0 Apr  2 2012 10:31:48
19:54:06.0112 7176   ============================================================
19:54:06.0112 7176   Current date / time: 2012/04/02 19:54:06.0112
19:54:06.0112 7176   SystemInfo:
19:54:06.0112 7176   
19:54:06.0112 7176   OS Version: 6.1.7601 ServicePack: 1.0
19:54:06.0112 7176   Product type: Workstation
19:54:06.0112 7176   ComputerName: MICSVIAO
19:54:06.0112 7176   UserName: Michael
19:54:06.0112 7176   Windows directory: C:\Windows
19:54:06.0112 7176   System windows directory: C:\Windows
19:54:06.0112 7176   Running under WOW64
19:54:06.0112 7176   Processor architecture: Intel x64
19:54:06.0112 7176   Number of processors: 4
19:54:06.0112 7176   Page size: 0x1000
19:54:06.0112 7176   Boot type: Normal boot
19:54:06.0112 7176   ============================================================
19:54:06.0736 7176   Drive \Device\Harddisk0\DR0 - Size: 0x773C800000 (476.95 Gb), SectorSize: 0x200, Cylinders: 0xF335, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:06.0752 7176   \Device\Harddisk0\DR0:
19:54:06.0752 7176   MBR used
19:54:06.0752 7176   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x241F800, BlocksNum 0x32000
19:54:06.0752 7176   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2451800, BlocksNum 0x3958D800
19:54:06.0752 7176   Initialize success
19:54:06.0752 7176   ============================================================
19:54:44.0020 7404   ============================================================
19:54:44.0020 7404   Scan started
19:54:44.0020 7404   Mode: Manual; SigCheck; TDLFS;
19:54:44.0020 7404   ============================================================
19:54:44.0207 7404   !SASCORE        (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:54:44.0472 7404   !SASCORE - ok
19:54:44.0535 7404   1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:54:44.0597 7404   1394ohci - ok
19:54:44.0597 7404   ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:54:44.0738 7404   ACDaemon - ok
19:54:44.0753 7404   ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:54:44.0831 7404   ACPI - ok
19:54:44.0831 7404   AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:54:44.0894 7404   AcpiPmi - ok
19:54:44.0909 7404   ActiveDelayDeviceService (a0c6fa0574fd2a56082201fa721bca61) C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe
19:54:45.0034 7404   ActiveDelayDeviceService - ok
19:54:45.0050 7404   AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
19:54:45.0190 7404   AdobeActiveFileMonitor6.0 - ok
19:54:45.0206 7404   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:45.0268 7404   AdobeARMservice - ok
19:54:45.0284 7404   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:54:45.0346 7404   adp94xx - ok
19:54:45.0362 7404   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:54:45.0424 7404   adpahci - ok
19:54:45.0440 7404   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:54:45.0486 7404   adpu320 - ok
19:54:45.0502 7404   AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:54:45.0611 7404   AeLookupSvc - ok
19:54:45.0627 7404   AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:54:45.0689 7404   AFD - ok
19:54:45.0689 7404   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:54:45.0720 7404   agp440 - ok
19:54:45.0736 7404   ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:54:45.0798 7404   ALG - ok
19:54:45.0814 7404   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:54:45.0830 7404   aliide - ok
19:54:45.0845 7404   AMD External Events Utility (60e410cbb927479aa762730c9031a6bd) C:\Windows\system32\atiesrxx.exe
19:54:45.0970 7404   AMD External Events Utility - ok
19:54:45.0970 7404   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:54:46.0001 7404   amdide - ok
19:54:46.0001 7404   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:54:46.0048 7404   AmdK8 - ok
19:54:46.0173 7404   amdkmdag        (8f3e65588cd16c4e26c366fda970917e) C:\Windows\system32\DRIVERS\atikmdag.sys
19:54:46.0391 7404   amdkmdag - ok
19:54:46.0407 7404   amdkmdap        (1b075adfe47632458e82df3220554710) C:\Windows\system32\DRIVERS\atikmpag.sys
19:54:46.0469 7404   amdkmdap - ok
19:54:46.0469 7404   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:54:46.0500 7404   AmdPPM - ok
19:54:46.0516 7404   amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:54:46.0532 7404   amdsata - ok
19:54:46.0547 7404   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:54:46.0578 7404   amdsbs - ok
19:54:46.0578 7404   amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:54:46.0610 7404   amdxata - ok
19:54:46.0610 7404   AMPPAL          (6d5225f0dd9eb4937a10ba05235fa6f1) C:\Windows\system32\DRIVERS\AMPPAL.sys
19:54:46.0656 7404   AMPPAL - ok
19:54:46.0672 7404   AMPPALP         (6d5225f0dd9eb4937a10ba05235fa6f1) C:\Windows\system32\DRIVERS\amppal.sys
19:54:46.0703 7404   AMPPALP - ok
19:54:46.0734 7404   AMPPALR3        (75130c273367f6aea472ba34f1d43b45) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:54:55.0143 7404   AMPPALR3 - ok
19:54:55.0159 7404   AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:54:55.0252 7404   AppID - ok
19:54:55.0252 7404   AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:54:55.0361 7404   AppIDSvc - ok
19:54:55.0377 7404   Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:54:55.0471 7404   Appinfo - ok
19:54:55.0486 7404   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:54:55.0611 7404   Apple Mobile Device - ok
19:54:55.0611 7404   AppMgmt         (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:54:55.0673 7404   AppMgmt - ok
19:54:55.0689 7404   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:54:55.0720 7404   arc - ok
19:54:55.0720 7404   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:54:55.0767 7404   arcsas - ok
19:54:55.0767 7404   ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:54:55.0798 7404   ArcSoftKsUFilter - ok
19:54:55.0829 7404   aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:54:55.0861 7404   aspnet_state - ok
19:54:55.0861 7404   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:54:55.0954 7404   AsyncMac - ok
19:54:55.0954 7404   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:54:55.0985 7404   atapi - ok
19:54:56.0001 7404   ATSwpWDF        (26970f26ebab7d5d1b795a3f9013cd80) C:\Windows\system32\DRIVERS\ATSwpWDF.sys
19:54:56.0063 7404   ATSwpWDF - ok
19:54:56.0079 7404   AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:56.0173 7404   AudioEndpointBuilder - ok
19:54:56.0188 7404   AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:54:56.0282 7404   AudioSrv - ok
19:54:56.0297 7404   AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:54:56.0360 7404   AxInstSV - ok
19:54:56.0375 7404   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:54:56.0422 7404   b06bdrv - ok
19:54:56.0438 7404   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:56.0500 7404   b57nd60a - ok
19:54:56.0516 7404   BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:54:56.0594 7404   BDESVC - ok
19:54:56.0594 7404   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:54:56.0703 7404   Beep - ok
19:54:56.0719 7404   BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:54:56.0875 7404   BFE - ok
19:54:56.0906 7404   BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:54:57.0031 7404   BITS - ok
19:54:57.0046 7404   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:54:57.0077 7404   blbdrive - ok
19:54:57.0109 7404   Bluetooth Device Monitor (e52221ff68aabb5bee32a7dee69e7eab) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:54:58.0497 7404   Bluetooth Device Monitor - ok
19:54:58.0528 7404   Bluetooth Media Service (5cfa8896a5e10b226b0606b4c84d97ae) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:54:59.0776 7404   Bluetooth Media Service - ok
19:54:59.0807 7404   Bluetooth OBEX Service (03fe8826f70fc84401b554c4004c4593) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:55:00.0868 7404   Bluetooth OBEX Service - ok
19:55:00.0884 7404   Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:55:00.0962 7404   Bonjour Service - ok
19:55:00.0977 7404   bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:55:01.0009 7404   bowser - ok
19:55:01.0009 7404   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:55:01.0040 7404   BrFiltLo - ok
19:55:01.0040 7404   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:55:01.0071 7404   BrFiltUp - ok
19:55:01.0071 7404   Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:55:01.0149 7404   Browser - ok
19:55:01.0165 7404   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:55:01.0196 7404   Brserid - ok
19:55:01.0196 7404   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:55:01.0227 7404   BrSerWdm - ok
19:55:01.0243 7404   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:55:01.0274 7404   BrUsbMdm - ok
19:55:01.0274 7404   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:55:01.0305 7404   BrUsbSer - ok
19:55:01.0305 7404   BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:55:01.0336 7404   BthEnum - ok
19:55:01.0336 7404   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:55:01.0383 7404   BTHMODEM - ok
19:55:01.0383 7404   BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:55:01.0414 7404   BthPan - ok
19:55:01.0430 7404   BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:55:01.0461 7404   BTHPORT - ok
19:55:01.0477 7404   bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:55:01.0555 7404   bthserv - ok
19:55:01.0555 7404   BTHSSecurityMgr (68389d0aa570bd089fdf7802abbc0b8c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:55:01.0586 7404   BTHSSecurityMgr - ok
19:55:01.0601 7404   BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:55:01.0633 7404   BTHUSB - ok
19:55:01.0633 7404   btmaux          (a0ca8f0493d26e67436929856e32f585) C:\Windows\system32\DRIVERS\btmaux.sys
19:55:01.0664 7404   btmaux - ok
19:55:01.0664 7404   btmhsf          (2b72e1339186a059be27bc1697f4a9c1) C:\Windows\system32\DRIVERS\btmhsf.sys
19:55:01.0695 7404   btmhsf - ok
19:55:01.0695 7404   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:55:01.0773 7404   cdfs - ok
19:55:01.0773 7404   cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:55:01.0804 7404   cdrom - ok
19:55:01.0820 7404   CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:55:01.0898 7404   CertPropSvc - ok
19:55:01.0898 7404   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:55:01.0929 7404   circlass - ok
19:55:01.0945 7404   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:55:01.0976 7404   CLFS - ok
19:55:01.0991 7404   CLKMSVC10_9EC60124 (4642b5a3e0d2e61d08163de95fc5b949) C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
19:55:02.0101 7404   CLKMSVC10_9EC60124 - ok
19:55:02.0116 7404   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:02.0147 7404   clr_optimization_v2.0.50727_32 - ok
19:55:02.0163 7404   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:55:02.0194 7404   clr_optimization_v2.0.50727_64 - ok
19:55:02.0194 7404   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:55:02.0225 7404   clr_optimization_v4.0.30319_32 - ok
19:55:02.0225 7404   clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:55:02.0257 7404   clr_optimization_v4.0.30319_64 - ok
19:55:02.0257 7404   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:55:02.0288 7404   CmBatt - ok
19:55:02.0288 7404   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:55:02.0319 7404   cmdide - ok
19:55:02.0319 7404   CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:55:02.0381 7404   CNG - ok
19:55:02.0381 7404   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:55:02.0413 7404   Compbatt - ok
19:55:02.0413 7404   CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:55:02.0444 7404   CompositeBus - ok
19:55:02.0444 7404   COMSysApp - ok
19:55:02.0459 7404   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:55:02.0475 7404   crcdisk - ok
19:55:02.0491 7404   CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:55:02.0569 7404   CryptSvc - ok
19:55:02.0584 7404   CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:55:02.0615 7404   CSC - ok
19:55:02.0631 7404   CscService      (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:55:02.0678 7404   CscService - ok
19:55:02.0693 7404   DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:55:02.0787 7404   DcomLaunch - ok
19:55:02.0803 7404   defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:55:02.0881 7404   defragsvc - ok
19:55:02.0881 7404   DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:55:02.0943 7404   DfsC - ok
19:55:02.0959 7404   Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:55:03.0037 7404   Dhcp - ok
19:55:03.0037 7404   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:55:03.0099 7404   discache - ok
19:55:03.0115 7404   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:55:03.0146 7404   Disk - ok
19:55:03.0146 7404   dmvsc           (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
19:55:03.0177 7404   dmvsc - ok
19:55:03.0177 7404   Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:55:03.0224 7404   Dnscache - ok
19:55:03.0239 7404   dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:55:03.0317 7404   dot3svc - ok
19:55:03.0317 7404   Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:55:03.0364 7404   Dot4 - ok
19:55:03.0364 7404   Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:55:03.0427 7404   Dot4Print - ok
19:55:03.0442 7404   dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:55:03.0489 7404   dot4usb - ok
19:55:03.0505 7404   DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:55:03.0629 7404   DPS - ok
19:55:03.0629 7404   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:55:03.0676 7404   drmkaud - ok
19:55:03.0707 7404   DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:55:03.0801 7404   DXGKrnl - ok
19:55:03.0801 7404   EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:55:03.0941 7404   EapHost - ok
19:55:04.0004 7404   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:55:04.0144 7404   ebdrv - ok
19:55:04.0160 7404   EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:55:04.0222 7404   EFS - ok
19:55:04.0238 7404   ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:55:04.0363 7404   ehRecvr - ok
19:55:04.0378 7404   ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:55:04.0472 7404   ehSched - ok
19:55:04.0487 7404   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:55:04.0550 7404   elxstor - ok
19:55:04.0565 7404   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:55:04.0612 7404   ErrDev - ok
19:55:04.0643 7404   EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:55:04.0784 7404   EventSystem - ok
19:55:04.0815 7404   EvtEng          (88894171b312b829150cc7b25202d70a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:55:05.0033 7404   EvtEng - ok
19:55:05.0049 7404   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:55:05.0143 7404   exfat - ok
19:55:05.0158 7404   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:55:05.0267 7404   fastfat - ok
19:55:05.0299 7404   Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:55:05.0439 7404   Fax - ok
19:55:05.0455 7404   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:55:05.0501 7404   fdc - ok
19:55:05.0501 7404   fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:55:05.0626 7404   fdPHost - ok
19:55:05.0642 7404   FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:55:05.0767 7404   FDResPub - ok
19:55:05.0782 7404   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:55:05.0813 7404   FileInfo - ok
19:55:05.0813 7404   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:55:05.0891 7404   Filetrace - ok
19:55:05.0923 7404   FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:55:06.0110 7404   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:55:06.0110 7404   FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:55:06.0110 7404   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:55:06.0157 7404   flpydisk - ok
19:55:06.0157 7404   FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:55:06.0203 7404   FltMgr - ok
19:55:06.0235 7404   FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:55:06.0328 7404   FontCache - ok
19:55:06.0328 7404   FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:06.0359 7404   FontCache3.0.0.0 - ok
19:55:06.0375 7404   FPLService      (8f46017c1442e25b2bed0377a4733ec1) C:\Program Files\TrueSuite\TrueSuite.Service.exe
19:55:06.0515 7404   FPLService - ok
19:55:06.0531 7404   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:55:06.0562 7404   FsDepends - ok
19:55:06.0562 7404   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:55:06.0593 7404   Fs_Rec - ok
19:55:06.0609 7404   fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:55:06.0656 7404   fvevol - ok
19:55:06.0656 7404   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:55:06.0703 7404   gagp30kx - ok
19:55:06.0703 7404   GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:55:06.0734 7404   GEARAspiWDM - ok
19:55:06.0734 7404   gobi3kfilter    (9495607c14f345e9632b3e1c12cea7b0) C:\Windows\system32\DRIVERS\gobi3kfilter.sys
19:55:06.0781 7404   gobi3kfilter - ok
19:55:06.0781 7404   gobi3kmbb       (4cfac59c1203a3dba7c3dcfcdd503860) C:\Windows\system32\DRIVERS\gobi3kmbb.sys
19:55:06.0843 7404   gobi3kmbb - ok
19:55:06.0859 7404   gobi3kserial    (dbb405772f1c21cb7ed51593bad5880d) C:\Windows\system32\DRIVERS\gobi3kserial.sys
19:55:06.0905 7404   gobi3kserial - ok
19:55:06.0905 7404   GobiQDLService  (96e7ae6d4d8615a7804cf0f5e4127546) C:\Program Files (x86)\Qualcomm\Gobi\GobiQDLService\GobiQDLService.exe
19:55:07.0015 7404   GobiQDLService ( UnsignedFile.Multi.Generic ) - warning
19:55:07.0015 7404   GobiQDLService - detected UnsignedFile.Multi.Generic (1)
19:55:07.0046 7404   gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:55:07.0171 7404   gpsvc - ok
19:55:07.0171 7404   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:55:07.0202 7404   hcw85cir - ok
19:55:07.0217 7404   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:55:07.0280 7404   HdAudAddService - ok
19:55:07.0280 7404   HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:55:07.0327 7404   HDAudBus - ok
19:55:07.0327 7404   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:55:07.0373 7404   HidBatt - ok
19:55:07.0373 7404   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:55:07.0420 7404   HidBth - ok
19:55:07.0420 7404   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:55:07.0467 7404   HidIr - ok
19:55:07.0467 7404   hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:55:07.0576 7404   hidserv - ok
19:55:07.0592 7404   HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:55:07.0623 7404   HidUsb - ok
19:55:07.0623 7404   hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:55:07.0732 7404   hkmsvc - ok
19:55:07.0763 7404   HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:55:07.0826 7404   HomeGroupListener - ok
19:55:07.0826 7404   HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:55:07.0888 7404   HomeGroupProvider - ok
19:55:07.0919 7404   hpqcxs08        (97aac45a375168c6a2297beeb9692e31) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:55:08.0138 7404   hpqcxs08 - ok
19:55:08.0153 7404   hpqddsvc        (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:55:08.0325 7404   hpqddsvc - ok
19:55:08.0325 7404   HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:55:08.0356 7404   HpSAMD - ok
19:55:08.0372 7404   HPSLPSVC        (1be48b0542c91487bb8a94bf2278f55d) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:55:08.0465 7404   HPSLPSVC - ok
19:55:08.0497 7404   HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:55:08.0590 7404   HTTP - ok
19:55:08.0590 7404   hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:55:08.0606 7404   hwpolicy - ok
19:55:08.0621 7404   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:55:08.0653 7404   i8042prt - ok
19:55:08.0668 7404   iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
19:55:08.0715 7404   iaStor - ok
19:55:08.0731 7404   IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:55:08.0746 7404   IAStorDataMgrSvc - ok
19:55:08.0762 7404   iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:55:08.0809 7404   iaStorV - ok
19:55:08.0809 7404   iBtFltCoex      (e049dd2969a2c0af9ff99dd5f1182695) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:55:08.0840 7404   iBtFltCoex - ok
19:55:08.0887 7404   IconMan_R       (3a0ff117b4adc5abe4d968e26a337158) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:55:09.0027 7404   IconMan_R ( UnsignedFile.Multi.Generic ) - warning
19:55:09.0027 7404   IconMan_R - detected UnsignedFile.Multi.Generic (1)
19:55:09.0043 7404   idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:55:09.0105 7404   idsvc - ok
19:55:09.0105 7404   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:55:09.0136 7404   iirsp - ok
19:55:09.0152 7404   IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:55:09.0261 7404   IKEEXT - ok
19:55:09.0308 7404   IntcAzAudAddService (1b491f385ee96f9d9ee4cb430c8cd29e) C:\Windows\system32\drivers\RTKVHD64.sys
19:55:09.0417 7404   IntcAzAudAddService - ok
19:55:09.0433 7404   IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:55:09.0464 7404   IntcDAud - ok
19:55:09.0464 7404   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:55:09.0495 7404   intelide - ok
19:55:09.0651 7404   intelkmd        (370c2a8629b30f910f740387795ddc6f) C:\Windows\system32\DRIVERS\igdpmd64.sys
19:55:09.0932 7404   intelkmd - ok
19:55:09.0947 7404   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
19:55:09.0979 7404   intelppm - ok
19:55:09.0979 7404   IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:55:10.0072 7404   IPBusEnum - ok
19:55:10.0088 7404   IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:55:10.0150 7404   IpFilterDriver - ok
19:55:10.0166 7404   iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:55:10.0275 7404   iphlpsvc - ok
19:55:10.0275 7404   IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:55:10.0322 7404   IPMIDRV - ok
19:55:10.0322 7404   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:55:10.0400 7404   IPNAT - ok
19:55:10.0431 7404   iPod Service    (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
19:55:10.0556 7404   iPod Service - ok
19:55:10.0571 7404   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:55:10.0618 7404   IRENUM - ok
19:55:10.0634 7404   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:55:10.0665 7404   isapnp - ok
19:55:10.0681 7404   iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:55:10.0727 7404   iScsiPrt - ok
19:55:10.0743 7404   jhi_service     (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
19:55:10.0852 7404   jhi_service - ok
19:55:10.0868 7404   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:55:10.0899 7404   kbdclass - ok
19:55:10.0915 7404   kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:55:10.0946 7404   kbdhid - ok
19:55:10.0961 7404   KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:11.0024 7404   KeyIso - ok
19:55:11.0024 7404   KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:55:11.0071 7404   KSecDD - ok
19:55:11.0086 7404   KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:55:11.0133 7404   KSecPkg - ok
19:55:11.0149 7404   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:55:11.0258 7404   ksthunk - ok
19:55:11.0273 7404   KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:55:11.0414 7404   KtmRm - ok
19:55:11.0429 7404   LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:55:11.0554 7404   LanmanServer - ok
19:55:11.0570 7404   LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:55:11.0679 7404   LanmanWorkstation - ok
19:55:11.0695 7404   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:55:11.0773 7404   lltdio - ok
19:55:11.0788 7404   lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:55:11.0913 7404   lltdsvc - ok
19:55:11.0913 7404   lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:55:12.0007 7404   lmhosts - ok
19:55:12.0022 7404   LMS             (e7859ba062db5e23c6dd34ad66b09f50) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:55:12.0178 7404   LMS - ok
19:55:12.0194 7404   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:55:12.0225 7404   LSI_FC - ok
19:55:12.0225 7404   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:55:12.0256 7404   LSI_SAS - ok
19:55:12.0272 7404   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:55:12.0303 7404   LSI_SAS2 - ok
19:55:12.0319 7404   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:55:12.0350 7404   LSI_SCSI - ok
19:55:12.0365 7404   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:55:12.0459 7404   luafv - ok
19:55:12.0475 7404   Macromedia Licensing Service (84b93a9f22b0acb09fe3c9f5d2f26a7e) C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
19:55:13.0660 7404   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning
19:55:13.0660 7404   Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1)
19:55:13.0676 7404   Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:55:13.0754 7404   Mcx2Svc - ok
19:55:13.0769 7404   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:55:13.0801 7404   megasas - ok
19:55:13.0816 7404   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:55:13.0879 7404   MegaSR - ok
19:55:13.0879 7404   MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:55:13.0925 7404   MEIx64 - ok
19:55:13.0941 7404   MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:55:14.0050 7404   MMCSS - ok
19:55:14.0066 7404   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:55:14.0175 7404   Modem - ok
19:55:14.0175 7404   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:55:14.0237 7404   monitor - ok
19:55:14.0237 7404   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:55:14.0284 7404   mouclass - ok
19:55:14.0284 7404   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:55:14.0331 7404   mouhid - ok
19:55:14.0347 7404   mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:55:14.0393 7404   mountmgr - ok
19:55:14.0409 7404   MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
19:55:14.0456 7404   MpFilter - ok
19:55:14.0487 7404   mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:55:14.0534 7404   mpio - ok
19:55:14.0549 7404   MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
19:55:14.0581 7404   MpNWMon - ok
19:55:14.0596 7404   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:55:14.0674 7404   mpsdrv - ok
19:55:14.0705 7404   MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:55:14.0830 7404   MpsSvc - ok
19:55:14.0830 7404   MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:55:14.0877 7404   MRxDAV - ok
19:55:14.0893 7404   mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:55:14.0939 7404   mrxsmb - ok
19:55:14.0939 7404   mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:55:14.0986 7404   mrxsmb10 - ok
19:55:15.0002 7404   mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:55:15.0049 7404   mrxsmb20 - ok
19:55:15.0049 7404   msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:55:15.0080 7404   msahci - ok
19:55:15.0095 7404   msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:55:15.0127 7404   msdsm - ok
19:55:15.0127 7404   MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:55:15.0205 7404   MSDTC - ok
19:55:15.0205 7404   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:55:15.0298 7404   Msfs - ok
19:55:15.0298 7404   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:55:15.0376 7404   mshidkmdf - ok
19:55:15.0392 7404   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:55:15.0423 7404   msisadrv - ok
19:55:15.0423 7404   MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:55:15.0532 7404   MSiSCSI - ok
19:55:15.0548 7404   msiserver - ok
19:55:15.0548 7404   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:55:15.0626 7404   MSKSSRV - ok
19:55:15.0641 7404   MsMpSvc         (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
19:55:15.0673 7404   MsMpSvc - ok
19:55:15.0673 7404   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:55:15.0735 7404   MSPCLOCK - ok
19:55:15.0751 7404   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:55:15.0813 7404   MSPQM - ok
19:55:15.0829 7404   MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:55:15.0875 7404   MsRPC - ok
19:55:15.0875 7404   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:55:15.0907 7404   mssmbios - ok
19:55:15.0907 7404   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:55:15.0985 7404   MSTEE - ok
19:55:15.0985 7404   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:55:16.0016 7404   MTConfig - ok
19:55:16.0031 7404   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:55:16.0047 7404   Mup - ok
19:55:16.0063 7404   mv61xx          (2e1bf5699d30f54bfe4ffd0efac8c93c) C:\Windows\system32\drivers\mv61xx.sys
19:55:16.0094 7404   mv61xx - ok
19:55:16.0109 7404   MyWiFiDHCPDNS   (c00f9a366c3cfa2f18ca7835e15e4c95) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:55:16.0219 7404   MyWiFiDHCPDNS - ok
19:55:16.0234 7404   napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:55:16.0328 7404   napagent - ok
19:55:16.0343 7404   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:55:16.0390 7404   NativeWifiP - ok
19:55:16.0406 7404   NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:55:16.0468 7404   NDIS - ok
19:55:16.0484 7404   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:55:16.0546 7404   NdisCap - ok
19:55:16.0562 7404   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:55:16.0624 7404   NdisTapi - ok
19:55:16.0640 7404   Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:55:16.0702 7404   Ndisuio - ok
19:55:16.0718 7404   NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:55:16.0796 7404   NdisWan - ok
19:55:16.0796 7404   NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:55:16.0858 7404   NDProxy - ok
19:55:16.0874 7404   Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
19:55:16.0905 7404   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:55:16.0905 7404   Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:55:16.0905 7404   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:55:16.0967 7404   NetBIOS - ok
19:55:16.0983 7404   NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:55:17.0045 7404   NetBT - ok
19:55:17.0045 7404   Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:17.0092 7404   Netlogon - ok
19:55:17.0108 7404   Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:55:17.0186 7404   Netman - ok
19:55:17.0186 7404   NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:17.0217 7404   NetMsmqActivator - ok
19:55:17.0233 7404   NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:17.0264 7404   NetPipeActivator - ok
19:55:17.0279 7404   netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:55:17.0357 7404   netprofm - ok
19:55:17.0373 7404   NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:17.0435 7404   NetTcpActivator - ok
19:55:17.0435 7404   NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:17.0498 7404   NetTcpPortSharing - ok
19:55:17.0638 7404   NETwNs64        (b25fe0fa523579b6fa327311a579866e) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:55:17.0935 7404   NETwNs64 - ok
19:55:17.0966 7404   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:55:17.0997 7404   nfrd960 - ok
19:55:18.0013 7404   NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:55:18.0044 7404   NisDrv - ok
19:55:18.0059 7404   NisSrv          (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
19:55:18.0153 7404   NisSrv - ok
19:55:18.0169 7404   NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:55:18.0278 7404   NlaSvc - ok
19:55:18.0278 7404   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:55:18.0371 7404   Npfs - ok
19:55:18.0371 7404   nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:55:18.0481 7404   nsi - ok
19:55:18.0481 7404   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:55:18.0574 7404   nsiproxy - ok
19:55:18.0621 7404   Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:55:18.0715 7404   Ntfs - ok
19:55:18.0715 7404   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:55:18.0808 7404   Null - ok
19:55:18.0824 7404   nusb3hub        (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:55:18.0871 7404   nusb3hub - ok
19:55:18.0886 7404   nusb3xhc        (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:55:18.0933 7404   nusb3xhc - ok
19:55:18.0949 7404   nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:55:18.0995 7404   nvraid - ok
19:55:19.0011 7404   nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:55:19.0042 7404   nvstor - ok
19:55:19.0058 7404   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:55:19.0105 7404   nv_agp - ok
19:55:19.0120 7404   Oasis2Service   (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
19:55:19.0151 7404   Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
19:55:19.0151 7404   Oasis2Service - detected UnsignedFile.Multi.Generic (1)
19:55:19.0167 7404   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:55:19.0214 7404   ohci1394 - ok
19:55:19.0229 7404   ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:55:19.0323 7404   ose - ok
19:55:19.0417 7404   osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:55:19.0978 7404   osppsvc - ok
19:55:19.0994 7404   p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:55:20.0072 7404   p2pimsvc - ok
19:55:20.0087 7404   p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:55:20.0150 7404   p2psvc - ok
19:55:20.0165 7404   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:55:20.0197 7404   Parport - ok
19:55:20.0212 7404   partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:55:20.0243 7404   partmgr - ok
19:55:20.0243 7404   PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:55:20.0321 7404   PcaSvc - ok
19:55:20.0337 7404   pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:55:20.0368 7404   pci - ok
19:55:20.0384 7404   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:55:20.0415 7404   pciide - ok
19:55:20.0415 7404   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:55:20.0462 7404   pcmcia - ok
19:55:20.0477 7404   PCTINDIS5X64 - ok
19:55:20.0477 7404   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:55:20.0509 7404   pcw - ok
19:55:20.0524 7404   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:55:20.0633 7404   PEAUTH - ok
19:55:20.0665 7404   PeerDistSvc     (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:55:20.0743 7404   PeerDistSvc - ok
19:55:20.0758 7404   PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:55:20.0836 7404   PerfHost - ok
19:55:20.0883 7404   pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:55:21.0039 7404   pla - ok
19:55:21.0070 7404   PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:55:21.0148 7404   PlugPlay - ok
19:55:21.0179 7404   PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
19:55:21.0647 7404   PMBDeviceInfoProvider - ok
19:55:21.0663 7404   Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
19:55:21.0725 7404   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
19:55:21.0725 7404   Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
19:55:21.0725 7404   PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:55:21.0788 7404   PNRPAutoReg - ok
19:55:21.0803 7404   PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:55:21.0897 7404   PNRPsvc - ok
19:55:21.0913 7404   PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:55:22.0053 7404   PolicyAgent - ok
19:55:22.0069 7404   Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:55:22.0193 7404   Power - ok
19:55:22.0209 7404   PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:55:22.0303 7404   PptpMiniport - ok
19:55:22.0303 7404   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:55:22.0349 7404   Processor - ok
19:55:22.0349 7404   ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:55:22.0459 7404   ProfSvc - ok
19:55:22.0474 7404   ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:22.0521 7404   ProtectedStorage - ok
19:55:22.0521 7404   Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:55:22.0615 7404   Psched - ok
 follow

[mic]

19:55:22.0630 7404   PxHlpa64        (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:55:22.0661 7404   PxHlpa64 - ok
19:55:22.0661 7404   QBCFMonitorService (4080e220eb20d87ae74d12570b8a8027) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
19:55:22.0693 7404   QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
19:55:22.0693 7404   QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
19:55:22.0708 7404   QBFCService     (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
19:55:22.0739 7404   QBFCService ( UnsignedFile.Multi.Generic ) - warning
19:55:22.0739 7404   QBFCService - detected UnsignedFile.Multi.Generic (1)
19:55:22.0771 7404   QBVSS           (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
19:55:22.0895 7404   QBVSS ( UnsignedFile.Multi.Generic ) - warning
19:55:22.0895 7404   QBVSS - detected UnsignedFile.Multi.Generic (1)
19:55:22.0927 7404   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:55:23.0020 7404   ql2300 - ok
19:55:23.0036 7404   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:55:23.0067 7404   ql40xx - ok
19:55:23.0083 7404   QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:55:23.0176 7404   QWAVE - ok
19:55:23.0176 7404   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:55:23.0239 7404   QWAVEdrv - ok
19:55:23.0254 7404   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:55:23.0363 7404   RasAcd - ok
19:55:23.0379 7404   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:55:23.0473 7404   RasAgileVpn - ok
19:55:23.0488 7404   RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:55:23.0629 7404   RasAuto - ok
19:55:23.0629 7404   Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:55:23.0738 7404   Rasl2tp - ok
19:55:23.0753 7404   RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:55:23.0878 7404   RasMan - ok
19:55:23.0878 7404   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:55:23.0972 7404   RasPppoe - ok
19:55:23.0987 7404   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:55:24.0065 7404   RasSstp - ok
19:55:24.0081 7404   rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:55:24.0175 7404   rdbss - ok
19:55:24.0175 7404   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:55:24.0221 7404   rdpbus - ok
19:55:24.0237 7404   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:55:24.0315 7404   RDPCDD - ok
19:55:24.0331 7404   RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:55:24.0377 7404   RDPDR - ok
19:55:24.0377 7404   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:55:24.0455 7404   RDPENCDD - ok
19:55:24.0471 7404   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:55:24.0549 7404   RDPREFMP - ok
19:55:24.0565 7404   RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
19:55:24.0596 7404   RdpVideoMiniport - ok
19:55:24.0596 7404   RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:55:24.0643 7404   RDPWD - ok
19:55:24.0643 7404   rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:55:24.0689 7404   rdyboost - ok
19:55:24.0705 7404   RegSrvc         (79b2095737f44d9573de9850d3571c37) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:55:24.0845 7404   RegSrvc - ok
19:55:24.0861 7404   RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:55:24.0955 7404   RemoteAccess - ok
19:55:24.0955 7404   RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:55:25.0048 7404   RemoteRegistry - ok
19:55:25.0064 7404   RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:55:25.0095 7404   RFCOMM - ok
19:55:25.0111 7404   Roxio UPnP Renderer 10 (65226131770b22ef24fb869ad821de47) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
19:55:25.0189 7404   Roxio UPnP Renderer 10 - ok
19:55:25.0204 7404   Roxio Upnp Server 10 (2a3d24e83e5f63bf4a0220fdd23457cb) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
19:55:25.0313 7404   Roxio Upnp Server 10 - ok
19:55:25.0329 7404   RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:55:25.0407 7404   RpcEptMapper - ok
19:55:25.0423 7404   RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:55:25.0454 7404   RpcLocator - ok
19:55:25.0469 7404   RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:55:25.0579 7404   RpcSs - ok
19:55:25.0594 7404   RSPCIESTOR      (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:55:25.0625 7404   RSPCIESTOR - ok
19:55:25.0625 7404   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:55:25.0703 7404   rspndr - ok
19:55:25.0719 7404   RTHDMIAzAudService (c618475866f6a7129f64a55961c1bb8b) C:\Windows\system32\drivers\RtHDMIVX.sys
19:55:25.0750 7404   RTHDMIAzAudService - ok
19:55:25.0766 7404   RtkAudioService (40d3496d401e5852c9a4d856d20b5475) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:55:25.0844 7404   RtkAudioService - ok
19:55:25.0859 7404   RTL8167         (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:55:25.0891 7404   RTL8167 - ok
19:55:25.0906 7404   s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:55:25.0922 7404   s3cap - ok
19:55:25.0937 7404   SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:25.0969 7404   SamSs - ok
19:55:25.0969 7404   SASDIFSV        (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:55:26.0000 7404   SASDIFSV - ok
19:55:26.0000 7404   SASKUTIL        (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:55:26.0015 7404   SASKUTIL - ok
19:55:26.0015 7404   sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:55:26.0047 7404   sbp2port - ok
19:55:26.0062 7404   SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:55:26.0140 7404   SCardSvr - ok
19:55:26.0140 7404   scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:55:26.0203 7404   scfilter - ok
19:55:26.0218 7404   Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:55:26.0327 7404   Schedule - ok
19:55:26.0327 7404   SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:55:26.0405 7404   SCPolicySvc - ok
19:55:26.0405 7404   SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:55:26.0452 7404   SDRSVC - ok
19:55:26.0452 7404   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:55:26.0515 7404   secdrv - ok
19:55:26.0515 7404   seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:55:26.0577 7404   seclogon - ok
19:55:26.0593 7404   SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:55:26.0655 7404   SENS - ok
19:55:26.0655 7404   SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:55:26.0686 7404   SensrSvc - ok
19:55:26.0702 7404   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:55:26.0717 7404   Serenum - ok
19:55:26.0733 7404   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:55:26.0749 7404   Serial - ok
19:55:26.0764 7404   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:55:26.0780 7404   sermouse - ok
19:55:26.0795 7404   SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:55:26.0858 7404   SessionEnv - ok
19:55:26.0873 7404   SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\DRIVERS\SFEP.sys
19:55:26.0889 7404   SFEP - ok
19:55:26.0889 7404   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:55:26.0920 7404   sffdisk - ok
19:55:26.0920 7404   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:55:26.0951 7404   sffp_mmc - ok
19:55:26.0951 7404   sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:55:26.0983 7404   sffp_sd - ok
19:55:26.0983 7404   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:55:27.0014 7404   sfloppy - ok
19:55:27.0014 7404   SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:55:27.0092 7404   SharedAccess - ok
19:55:27.0107 7404   ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:55:27.0170 7404   ShellHWDetection - ok
19:55:27.0185 7404   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:55:27.0201 7404   SiSRaid2 - ok
19:55:27.0201 7404   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:55:27.0232 7404   SiSRaid4 - ok
19:55:27.0232 7404   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:55:27.0295 7404   Smb - ok
19:55:27.0295 7404   SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:55:27.0341 7404   SNMPTRAP - ok
19:55:27.0341 7404   SOHCImp         (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:55:27.0419 7404   SOHCImp - ok
19:55:27.0435 7404   SOHDs           (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:55:27.0497 7404   SOHDs - ok
19:55:27.0513 7404   SpfService      (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
19:55:27.0544 7404   SpfService - ok
19:55:27.0544 7404   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:55:27.0560 7404   spldr - ok
19:55:27.0575 7404   Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:55:27.0700 7404   Spooler - ok
19:55:27.0747 7404   sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:55:27.0856 7404   sppsvc - ok
19:55:27.0872 7404   sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:55:27.0934 7404   sppuinotify - ok
19:55:27.0950 7404   srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:55:27.0981 7404   srv - ok
19:55:27.0997 7404   srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:55:28.0028 7404   srv2 - ok
19:55:28.0028 7404   srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:55:28.0059 7404   srvnet - ok
19:55:28.0059 7404   SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:55:28.0137 7404   SSDPSRV - ok
19:55:28.0137 7404   SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:55:28.0246 7404   SstpSvc - ok
19:55:28.0262 7404   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:55:28.0293 7404   stexstor - ok
19:55:28.0324 7404   stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:55:28.0418 7404   stisvc - ok
19:55:28.0433 7404   storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:55:28.0465 7404   storflt - ok
19:55:28.0480 7404   storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:55:28.0527 7404   storvsc - ok
19:55:28.0527 7404   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:55:28.0574 7404   swenum - ok
19:55:28.0589 7404   swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:55:28.0730 7404   swprv - ok
19:55:28.0745 7404   Synth3dVsc      (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
19:55:28.0792 7404   Synth3dVsc - ok
19:55:28.0823 7404   SynTP           (f96106dd94c0f917fb2213a04b13a7ce) C:\Windows\system32\DRIVERS\SynTP.sys
19:55:28.0948 7404   SynTP - ok
19:55:28.0979 7404   SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:55:29.0104 7404   SysMain - ok
19:55:29.0104 7404   TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:55:29.0182 7404   TabletInputService - ok
19:55:29.0198 7404   TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:55:29.0307 7404   TapiSrv - ok
19:55:29.0307 7404   TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:55:29.0416 7404   TBS - ok
19:55:29.0463 7404   Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:55:29.0572 7404   Tcpip - ok
19:55:29.0603 7404   TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:55:29.0713 7404   TCPIP6 - ok
19:55:29.0728 7404   tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:55:29.0806 7404   tcpipreg - ok
19:55:29.0837 7404   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:55:29.0869 7404   TDPIPE - ok
19:55:29.0869 7404   TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:55:29.0900 7404   TDTCP - ok
19:55:29.0915 7404   tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:55:30.0009 7404   tdx - ok
19:55:30.0009 7404   TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:55:30.0040 7404   TermDD - ok
19:55:30.0056 7404   terminpt        (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
19:55:30.0087 7404   terminpt - ok
19:55:30.0103 7404   TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:55:30.0227 7404   TermService - ok
19:55:30.0243 7404   Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:55:30.0305 7404   Themes - ok
19:55:30.0321 7404   THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:55:30.0415 7404   THREADORDER - ok
19:55:30.0415 7404   TPM             (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
19:55:30.0461 7404   TPM - ok
19:55:30.0461 7404   TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:55:30.0571 7404   TrkWks - ok
19:55:30.0586 7404   TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:55:30.0695 7404   TrustedInstaller - ok
19:55:30.0711 7404   tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:55:30.0789 7404   tssecsrv - ok
19:55:30.0805 7404   TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:55:30.0836 7404   TsUsbFlt - ok
19:55:30.0851 7404   TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:55:30.0883 7404   TsUsbGD - ok
19:55:30.0898 7404   tsusbhub        (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
19:55:30.0929 7404   tsusbhub - ok
19:55:30.0945 7404   tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:55:31.0039 7404   tunnel - ok
19:55:31.0054 7404   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:55:31.0085 7404   uagp35 - ok
19:55:31.0101 7404   uCamMonitor     (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:55:31.0163 7404   uCamMonitor - ok
19:55:31.0179 7404   udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:55:31.0273 7404   udfs - ok
19:55:31.0288 7404   UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:55:31.0351 7404   UI0Detect - ok
19:55:31.0351 7404   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:55:31.0397 7404   uliagpkx - ok
19:55:31.0397 7404   umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:55:31.0429 7404   umbus - ok
19:55:31.0444 7404   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:55:31.0475 7404   UmPass - ok
19:55:31.0491 7404   UmRdpService    (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:55:31.0538 7404   UmRdpService - ok
19:55:31.0600 7404   UNS             (e91f8afbd7fb96c94b266579d6bfa77a) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:55:32.0037 7404   UNS - ok
19:55:32.0053 7404   upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:55:32.0177 7404   upnphost - ok
19:55:32.0177 7404   USBAAPL64       (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:55:32.0224 7404   USBAAPL64 - ok
19:55:32.0240 7404   usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:55:32.0271 7404   usbccgp - ok
19:55:32.0271 7404   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:55:32.0318 7404   usbcir - ok
19:55:32.0333 7404   usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:55:32.0365 7404   usbehci - ok
19:55:32.0380 7404   usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:55:32.0427 7404   usbhub - ok
19:55:32.0427 7404   usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:55:32.0474 7404   usbohci - ok
19:55:32.0474 7404   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:55:32.0521 7404   usbprint - ok
19:55:32.0521 7404   usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:55:32.0567 7404   usbscan - ok
19:55:32.0583 7404   USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:55:32.0614 7404   USBSTOR - ok
19:55:32.0630 7404   usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:55:32.0661 7404   usbuhci - ok
19:55:32.0661 7404   usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:55:32.0723 7404   usbvideo - ok
19:55:32.0723 7404   UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:55:32.0833 7404   UxSms - ok
19:55:32.0833 7404   VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
19:55:32.0895 7404   VAIO Event Service - ok
19:55:32.0911 7404   VAIO Power Management (a0ae3b86395b5038a4af988826a20430) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:55:32.0989 7404   VAIO Power Management - ok
19:55:32.0989 7404   VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:33.0051 7404   VaultSvc - ok
19:55:33.0067 7404   VCFw            (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:55:33.0223 7404   VCFw - ok
19:55:33.0238 7404   VcmIAlzMgr      (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:55:33.0379 7404   VcmIAlzMgr - ok
19:55:33.0394 7404   VcmINSMgr       (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
19:55:33.0503 7404   VcmINSMgr - ok
19:55:33.0503 7404   VcmXmlIfHelper  (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
19:55:33.0550 7404   VcmXmlIfHelper - ok
19:55:33.0566 7404   VCService       (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
19:55:33.0613 7404   VCService - ok
19:55:33.0613 7404   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:55:33.0644 7404   vdrvroot - ok
19:55:33.0659 7404   vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:55:33.0769 7404   vds - ok
19:55:33.0784 7404   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:55:33.0831 7404   vga - ok
19:55:33.0831 7404   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:55:33.0925 7404   VgaSave - ok
19:55:33.0925 7404   VGPU - ok
19:55:33.0940 7404   vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:55:33.0971 7404   vhdmp - ok
19:55:33.0987 7404   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:55:34.0018 7404   viaide - ok
19:55:34.0018 7404   VIPAppService   (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
19:55:34.0127 7404   VIPAppService - ok
19:55:34.0127 7404   vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:55:34.0174 7404   vmbus - ok
19:55:34.0190 7404   VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:55:34.0221 7404   VMBusHID - ok
19:55:34.0221 7404   volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:55:34.0252 7404   volmgr - ok
19:55:34.0268 7404   volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:55:34.0299 7404   volmgrx - ok
19:55:34.0315 7404   volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:55:34.0346 7404   volsnap - ok
19:55:34.0361 7404   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:55:34.0393 7404   vsmraid - ok
19:55:34.0408 7404   VSNService      (c29fd1538cc5b048ac28de309b193c38) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
19:55:34.0486 7404   VSNService - ok
19:55:34.0517 7404   VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:55:34.0627 7404   VSS - ok
19:55:34.0658 7404   VUAgent         (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
19:55:34.0798 7404   VUAgent - ok
19:55:34.0814 7404   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:55:34.0845 7404   vwifibus - ok
19:55:34.0845 7404   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:55:34.0892 7404   vwififlt - ok
19:55:34.0892 7404   vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:55:34.0923 7404   vwifimp - ok
19:55:34.0939 7404   W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:55:35.0032 7404   W32Time - ok
19:55:35.0048 7404   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:55:35.0079 7404   WacomPen - ok
19:55:35.0079 7404   WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:55:35.0157 7404   WANARP - ok
19:55:35.0157 7404   Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:55:35.0219 7404   Wanarpv6 - ok
19:55:35.0251 7404   WatAdminSvc     (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:55:35.0609 7404   WatAdminSvc - ok
19:55:35.0625 7404   wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:55:35.0750 7404   wbengine - ok
19:55:35.0765 7404   WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:55:35.0859 7404   WbioSrvc - ok
19:55:35.0875 7404   wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:55:35.0968 7404   wcncsvc - ok
19:55:35.0968 7404   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:55:36.0046 7404   WcsPlugInService - ok
19:55:36.0046 7404   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:55:36.0077 7404   Wd - ok
19:55:36.0109 7404   WDC_SAM         (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
19:55:36.0140 7404   WDC_SAM - ok
19:55:36.0155 7404   WDDMService     (6209c98eaa7d003dbea3eb3245211342) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
19:55:36.0265 7404   WDDMService ( UnsignedFile.Multi.Generic ) - warning
19:55:36.0265 7404   WDDMService - detected UnsignedFile.Multi.Generic (1)
19:55:36.0296 7404   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:55:36.0374 7404   Wdf01000 - ok
19:55:36.0421 7404   WDFME           (a787a567b3470c91c487ece90cf7509c) C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
19:55:36.0577 7404   WDFME ( UnsignedFile.Multi.Generic ) - warning
19:55:36.0577 7404   WDFME - detected UnsignedFile.Multi.Generic (1)
19:55:36.0592 7404   WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:55:36.0655 7404   WdiServiceHost - ok
19:55:36.0670 7404   WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:55:36.0733 7404   WdiSystemHost - ok
19:55:36.0748 7404   wdkmd           (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
19:55:36.0779 7404   wdkmd - ok
19:55:36.0795 7404   WDSC            (3e2b446bfd98ee3ab236fe9e84f35489) C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
19:55:36.0857 7404   WDSC ( UnsignedFile.Multi.Generic ) - warning
19:55:36.0857 7404   WDSC - detected UnsignedFile.Multi.Generic (1)
19:55:36.0873 7404   WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:55:36.0951 7404   WebClient - ok
19:55:36.0967 7404   Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:55:37.0107 7404   Wecsvc - ok
19:55:37.0123 7404   wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:55:37.0247 7404   wercplsupport - ok
19:55:37.0263 7404   WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:55:37.0388 7404   WerSvc - ok
19:55:37.0403 7404   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:55:37.0513 7404   WfpLwf - ok
19:55:37.0528 7404   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:55:37.0559 7404   WIMMount - ok
19:55:37.0575 7404   WinDefend - ok
19:55:37.0591 7404   WinHttpAutoProxySvc - ok
19:55:37.0606 7404   Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:55:37.0715 7404   Winmgmt - ok
19:55:37.0762 7404   WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:55:37.0918 7404   WinRM - ok
19:55:37.0949 7404   Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:55:38.0043 7404   Wlansvc - ok
19:55:38.0059 7404   wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:55:38.0105 7404   wlcrasvc - ok
19:55:38.0152 7404   wlidsvc         (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:55:38.0402 7404   wlidsvc - ok
19:55:38.0402 7404   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:55:38.0449 7404   WmiAcpi - ok
19:55:38.0464 7404   wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:55:38.0527 7404   wmiApSrv - ok
19:55:38.0527 7404   WMPNetworkSvc - ok
19:55:38.0527 7404   WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:55:38.0589 7404   WPCSvc - ok
19:55:38.0605 7404   WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:55:38.0667 7404   WPDBusEnum - ok
19:55:38.0683 7404   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:55:38.0761 7404   ws2ifsl - ok
19:55:38.0761 7404   wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:55:38.0823 7404   wscsvc - ok
19:55:38.0823 7404   WSearch - ok
19:55:38.0870 7404   wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:55:39.0026 7404   wuauserv - ok
19:55:39.0026 7404   WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:55:39.0104 7404   WudfPf - ok
19:55:39.0119 7404   WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:55:39.0197 7404   WUDFRd - ok
19:55:39.0197 7404   wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:55:39.0291 7404   wudfsvc - ok
19:55:39.0307 7404   WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:55:39.0369 7404   WwanSvc - ok
19:55:39.0385 7404   MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:55:39.0385 7404   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
19:55:39.0385 7404   \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
19:55:39.0400 7404   \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:55:39.0400 7404   \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:55:39.0400 7404   Boot (0x1200)   (a4afbe2df94130638519573ac0ab7e74) \Device\Harddisk0\DR0\Partition0
19:55:39.0416 7404   \Device\Harddisk0\DR0\Partition0 - ok
19:55:39.0416 7404   Boot (0x1200)   (52c950d24abd2612d34d681e1a219c04) \Device\Harddisk0\DR0\Partition1
19:55:39.0416 7404   \Device\Harddisk0\DR0\Partition1 - ok
19:55:39.0416 7404   ============================================================
19:55:39.0416 7404   Scan finished
19:55:39.0416 7404   ============================================================
19:55:39.0431 7688   Detected object count: 15
19:55:39.0431 7688   Actual detected object count: 15
19:55:56.0920 7688   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0920 7688   FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0920 7688   GobiQDLService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0920 7688   GobiQDLService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0920 7688   IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0920 7688   IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0920 7688   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0920 7688   Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0920 7688   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0920 7688   Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0936 7688   WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0936 7688   WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0951 7688   WDFME ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0951 7688   WDFME ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0951 7688   WDSC ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0951 7688   WDSC ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:55:56.0998 7688   \Device\Harddisk0\DR0\# - copied to quarantine
19:55:57.0029 7688   \Device\Harddisk0\DR0 - copied to quarantine
19:55:59.0478 7688   \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
19:55:59.0603 7688   \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
19:55:59.0634 7688   \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
19:55:59.0634 7688   \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
19:55:59.0650 7688   \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
19:55:59.0650 7688   \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
19:55:59.0697 7688   \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
19:55:59.0744 7688   \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
19:55:59.0759 7688   \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
19:55:59.0790 7688   \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:55:59.0853 7688   \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:55:59.0900 7688   \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:55:59.0946 7688   \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:55:59.0993 7688   \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
19:55:59.0993 7688   \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
19:56:00.0009 7688   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
19:56:00.0009 7688   \Device\Harddisk0\DR0 - ok
19:56:00.0274 7688   \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
19:56:00.0274 7688   \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:56:00.0274 7688   \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:56:13.0456 4996   Deinitialize success


Event files to follow

[mic]

After running the TDSSKiller, the MSE indicated that the system has been cleaned.
Both event files are too large to attach... even in separate posts.
How should I proceed?

Michael

[mic]

Nope... false hope.. it is still there -- according to MSE.
m

[Hoov]

Don't worry about MSE, it is just reporting what TDSSKiller did. But I would like you to run TDSSKiller again and this time change this entry, TDSS File System , to copy to quarantine.

As for the event viewer log, I am going to send you a PM on what to do with them.

How is the computer running?

[mic]

Done & done.
The computer is running well, but cannot locate many files.

Michael

[Hoov]

Download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\  as below:



Changing as the next drive is processed as below:



You will get a success alert at the end. Re-boot and see if your files are present.

[Hoov]

Once your files have come back, you need to run chkdsk on your harddrive.

1. Double-click My Computer, and then right-click the hard disk that you want to check (if you have more than one, do it on all of them).
   2. Click Properties, and then click Tools.
   3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
   4. Use one of the following procedures:
          *  select the Automatically fix file system errors check box
          *  select the Scan for and attempt recovery of bad sectors check box
   5. Click Start
 
      Note If one or more of the files on the hard disk are open, you will receive the following message:
      The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
      Click Yes to schedule the disk check, and then restart your computer to start the disk check.