MalwarebytesPro Blocking Outgoing to Potentially Malicious Site

[lazykins]

Hello,

I have Malwarebytes Pro and tonight experienced something new - blocked outgoing attempts when I opened Chrome.

2013/02/23 20:26:22 -0600 IP-BLOCK 209.59.219.60 (Type: outgoing, Port: 58350, Process: chrome.exe)

2013/02/23 20:26:22 -0600 IP-BLOCK 209.59.219.60 (Type: outgoing, Port: 58351, Process: chrome.exe)

Could someone please assist me? I've attached my DDS files.

Thank you.

Amy

dds.txt

attach.txt

[gringo_pr]

Hello lazykins

Welcome to The Forums!!

Around here they call me Gringo and I'll be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

• 
  
• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

  [*]Please do not attach logs or use code boxes, just copy and paste the text.

  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
    

  [*]Please read every post completely before doing anything.

  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
    

  [*]Please provide feedback about your experience as we go.

  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
  
  

NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

• Download Security Check by screen317 from

here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

• Please download

AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
  
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
  
• Please post the content of that logfile with your next answer.
  
• You can find the logfile at C:\AdwCleaner[s1].txt as well.
  

--RogueKiller--

• Download & SAVE to your Desktop RogueKiller or from here
  
  • Quit all programs that you may have started.
    
  • Please disconnect any USB or external drives from the computer before you run this scan!
    
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    
  • For Windows XP, double-click to start.
    
  • Wait until Prescan has finished ...
    
  • Then Click on "Scan" button
    
  • Wait until the Status box shows "Scan Finished"
    
  • click on "delete"
    
  • Wait until the Status box shows "Deleting Finished"
    
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    
  • The log should be found in RKreport[1].txt on your Desktop
    
  • Exit/Close RogueKiller+
    

Gringo

[lazykins]

Hi Gringo. Small issue. Norton doesn't like RogueKiller because its release date is less than a week ago and has quarantined it. Can I find an older copy to run?

[lazykins]

[font=courier new,courier,monospace][b] Results of screen317's Security Check version 0.99.59  [/b][/font]

[font=courier new,courier,monospace] Windows 7 Service Pack 1 x64 (UAC is enabled)  [/font]
[font=courier new,courier,monospace] Internet Explorer 9  [/font]
[font=courier new,courier,monospace][b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u] [/font]
[font=courier new,courier,monospace] Windows Firewall Enabled!  [/font]
[font=courier new,courier,monospace]Norton Internet Security   [/font]
[font=courier new,courier,monospace] [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] [/font]
[font=courier new,courier,monospace][b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u] [/font]
[font=courier new,courier,monospace] Spyder3Pro     [/font]
[font=courier new,courier,monospace] Malwarebytes Anti-Malware version 1.70.0.1100  [/font]
[font=courier new,courier,monospace]  Adobe Flash Player 11.5.502.149 [b][color=red]Flash Player out of Date![/color][/b]  [/font]
[font=courier new,courier,monospace] Adobe Reader XI  [/font]
[font=courier new,courier,monospace] Mozilla Firefox 18.0.1 [color=red][b]Firefox out of Date![/b][/color]  [/font]
[font=courier new,courier,monospace] Google Chrome 24.0.1312.56  [/font]
[font=courier new,courier,monospace] Google Chrome 24.0.1312.57  [/font]
[font=courier new,courier,monospace][b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]  [/font]
[font=courier new,courier,monospace] Norton ccSvcHst.exe [/font]
[font=courier new,courier,monospace] Malwarebytes Anti-Malware mbamservice.exe  [/font]
[font=courier new,courier,monospace] Malwarebytes Anti-Malware mbamgui.exe  [/font]
[font=courier new,courier,monospace] Malwarebytes' Anti-Malware mbamscheduler.exe   [/font]
[font=courier new,courier,monospace][b][u]`````````````````System Health check`````````````````[/b][/u] [/font]
[font=courier new,courier,monospace] Total Fragmentation on Drive C: 0% [/font]
[font=courier new,courier,monospace][b][u]````````````````````End of Log``````````````````````[/b][/u] [/font]

[lazykins]

Sorry, that was a mess.

Results of screen317's Security Check version 0.99.59

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Norton Internet Security

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Spyder3Pro

Malwarebytes Anti-Malware version 1.70.0.1100

Adobe Flash Player 11.5.502.149 Flash Player out of Date!

Adobe Reader XI

Mozilla Firefox 18.0.1 Firefox out of Date!

Google Chrome 24.0.1312.56

Google Chrome 24.0.1312.57

````````Process Check: objlist.exe by Laurent````````

Norton ccSvcHst.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

[gringo_pr]

Turn off norton for now while you download it

[lazykins]

Okay, I will do that.

------------------------

# AdwCleaner v2.113 - Logfile created 02/23/2013 at 21:46:33

# Updated 23/02/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Amy - AMY-VAIO

# Boot Mode : Normal

# Running from : C:\Users\Amy\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\y6p002qo.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s3].txt - [1162 octets] - [23/02/2013 21:46:33]

########## EOF - C:\AdwCleaner[s3].txt - [1222 octets] ##########

[lazykins]

I recognize these items as the bloatware that's been on my machine since birth. You are the first MWB person who has recommended deletion, so I did.

RogueKiller V8.5.2 [Feb 23 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Amy [Admin rights]

Mode : Remove -- Date : 02/23/2013 21:56:24

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [-] -> DELETED

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM641JI +++++

--- User ---

[MBR] cae727cc932c97fbfbf3724d3d046dbd

[bSP] c5d814433ae4eed9956ebbd676454237 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10283 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21061632 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 21266432 | Size: 600095 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_02232013_02d2156.txt >>

RKreport[1]_S_02232013_02d2155.txt ; RKreport[2]_D_02232013_02d2156.txt

[gringo_pr]

Hello lazykins

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
  
• let me know of any problems you may have had
  
• How is the computer doing now?
  

Gringo

[lazykins]

Just wanted to give you an update. Combofix is running, went through all the stages and has been preparing Log report for about a half hour. I seem to recall last time I ran it I waited a good hour, even though the on-screen instructions tell you 10 min unless you are badly infected. I wasn't badly infected last time.

[gringo_pr]

no problem I will be here

[lazykins]

And here it is! I had no problems.

-------------------

ComboFix 13-02-23.01 - Amy 02/23/2013 22:17:54.2.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6125.3833 [GMT -6:00]

Running from: c:\users\Amy\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2013-01-24 to 2013-02-24 )))))))))))))))))))))))))))))))

.

.

2013-02-24 04:35 . 2013-02-24 04:35 -------- d-----w- c:\users\Test\AppData\Local\temp

2013-02-24 04:35 . 2013-02-24 04:35 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-02-24 04:35 . 2013-02-24 04:35 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-16 18:57 . 2013-02-16 18:58 -------- d-----w- c:\users\Amy\AppData\Roaming\nvda

2013-02-14 09:03 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-14 09:03 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-14 09:00 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll

2013-02-13 14:01 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-13 14:01 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-02-13 14:01 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-02-13 14:00 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 14:00 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll

2013-02-13 14:00 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2013-02-13 14:00 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2013-02-13 14:00 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2013-02-13 14:00 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2013-02-13 14:00 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe

2013-02-13 14:00 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 14:00 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-02-02 15:43 . 2013-02-02 15:43 -------- d-----w- c:\program files (x86)\NEC Display Solutions

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-14 09:09 . 2010-10-10 17:38 70004024 ----a-w- c:\windows\system32\MRT.exe

2013-02-08 00:59 . 2012-10-08 13:32 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-02-08 00:59 . 2011-05-17 17:11 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-04 04:43 . 2013-02-13 14:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-12-30 19:13 . 2012-12-30 19:13 74703 ----a-w- c:\windows\SysWow64\mfc45.dll

2012-12-16 17:11 . 2012-12-21 09:00 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 14:45 . 2012-12-21 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-21 09:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-16 14:13 . 2012-12-21 09:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-14 22:49 . 2010-10-13 20:40 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-07 13:20 . 2013-01-09 09:52 441856 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 13:15 . 2013-01-09 09:52 2746368 ----a-w- c:\windows\system32\gameux.dll

2012-12-07 12:26 . 2013-01-09 09:52 308736 ----a-w- c:\windows\SysWow64\Wpc.dll

2012-12-07 12:20 . 2013-01-09 09:52 2576384 ----a-w- c:\windows\SysWow64\gameux.dll

2012-12-07 11:20 . 2013-01-09 09:52 30720 ----a-w- c:\windows\system32\usk.rs

2012-12-07 11:20 . 2013-01-09 09:52 43520 ----a-w- c:\windows\system32\csrr.rs

2012-12-07 11:20 . 2013-01-09 09:52 23552 ----a-w- c:\windows\system32\oflc.rs

2012-12-07 11:20 . 2013-01-09 09:52 45568 ----a-w- c:\windows\system32\oflc-nz.rs

2012-12-07 11:20 . 2013-01-09 09:52 44544 ----a-w- c:\windows\system32\pegibbfc.rs

2012-12-07 11:20 . 2013-01-09 09:52 20480 ----a-w- c:\windows\system32\pegi-fi.rs

2012-12-07 11:20 . 2013-01-09 09:52 20480 ----a-w- c:\windows\system32\pegi-pt.rs

2012-12-07 11:19 . 2013-01-09 09:52 20480 ----a-w- c:\windows\system32\pegi.rs

2012-12-07 11:19 . 2013-01-09 09:52 46592 ----a-w- c:\windows\system32\fpb.rs

2012-12-07 11:19 . 2013-01-09 09:52 40960 ----a-w- c:\windows\system32\cob-au.rs

2012-12-07 11:19 . 2013-01-09 09:52 21504 ----a-w- c:\windows\system32\grb.rs

2012-12-07 11:19 . 2013-01-09 09:52 15360 ----a-w- c:\windows\system32\djctq.rs

2012-12-07 11:19 . 2013-01-09 09:52 55296 ----a-w- c:\windows\system32\cero.rs

2012-12-07 11:19 . 2013-01-09 09:52 51712 ----a-w- c:\windows\system32\esrb.rs

2012-12-07 10:46 . 2013-01-09 09:52 43520 ----a-w- c:\windows\SysWow64\csrr.rs

2012-12-07 10:46 . 2013-01-09 09:52 30720 ----a-w- c:\windows\SysWow64\usk.rs

2012-12-07 10:46 . 2013-01-09 09:52 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs

2012-12-07 10:46 . 2013-01-09 09:52 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs

2012-12-07 10:46 . 2013-01-09 09:52 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs

2012-12-07 10:46 . 2013-01-09 09:52 23552 ----a-w- c:\windows\SysWow64\oflc.rs

2012-12-07 10:46 . 2013-01-09 09:52 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs

2012-12-07 10:46 . 2013-01-09 09:52 46592 ----a-w- c:\windows\SysWow64\fpb.rs

2012-12-07 10:46 . 2013-01-09 09:52 20480 ----a-w- c:\windows\SysWow64\pegi.rs

2012-12-07 10:46 . 2013-01-09 09:52 21504 ----a-w- c:\windows\SysWow64\grb.rs

2012-12-07 10:46 . 2013-01-09 09:52 40960 ----a-w- c:\windows\SysWow64\cob-au.rs

2012-12-07 10:46 . 2013-01-09 09:52 15360 ----a-w- c:\windows\SysWow64\djctq.rs

2012-12-07 10:46 . 2013-01-09 09:52 55296 ----a-w- c:\windows\SysWow64\cero.rs

2012-12-07 10:46 . 2013-01-09 09:52 51712 ----a-w- c:\windows\SysWow64\esrb.rs

2012-11-30 05:45 . 2013-01-09 09:51 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-11-30 05:45 . 2013-01-09 09:51 243200 ----a-w- c:\windows\system32\wow64.dll

2012-11-30 05:45 . 2013-01-09 09:51 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2012-11-30 05:43 . 2013-01-09 09:51 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2012-11-30 05:41 . 2013-01-09 09:51 424448 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 05:41 . 2013-01-09 09:51 1161216 ----a-w- c:\windows\system32\kernel32.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-11-30 05:38 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-11-30 04:53 . 2013-01-09 09:51 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll

2012-11-30 04:45 . 2013-01-09 09:51 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

2012-11-30 04:45 . 2013-01-09 09:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-11 39408]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

"googletalk"="c:\users\Amy\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-15 623992]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]

"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]

"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-04-28 5955000]

"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2012-04-28 1171304]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]

.

c:\users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Epson scanner Registration.lnk - e:\common\EpsonReg\Ereg.exe [N/A]

SpectraView II Gamma Loader.lnk - c:\program files (x86)\NEC Display Solutions\SpectraView II\SpectraView.exe [2011-9-30 3624104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2010-11-30 295606]

Adobe Acrobat Synchronizer.lnk - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2012-6-24 738968]

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]

Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]

Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLinkedConnections"= 1 (0x1)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-21 342056]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-21 39464]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-07-16 158720]

R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-03-30 237328]

R3 NDSPCIIO;NDSPCIIO;c:\windows\system32\DRIVERS\NDSPCIIO64.SYS [x]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-21 108400]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-21 67952]

R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2007-12-12 15360]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 157160]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 177128]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-10 1255736]

R4 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]

S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-06-24 137312]

S0 SMR162;Symantec SMR Utility Service 1.6.2;c:\windows\System32\drivers\SMR162.SYS [2011-04-07 90232]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]

S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-06-24 211552]

S0 vidsflt67;Acronis Disk Storage Filter (67);c:\windows\system32\DRIVERS\vsflt67.sys [2012-06-24 146528]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130222.001\IDSvia64.sys [2012-09-01 513184]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]

S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-06-24 3459024]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [2010-06-07 408576]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]

S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2012-08-06 156672]

S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-04-28 5914912]

S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-03-26 3647272]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-09 836608]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [2010-06-07 911872]

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-06-24 367200]

S3 bpenum;bpenum;c:\windows\system32\DRIVERS\bpenum.sys [2010-05-17 71168]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys [2010-05-17 175104]

S3 bpusb;bpusb;c:\windows\system32\Drivers\bpusb.sys [2010-05-17 81920]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-04-27 184968]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]

S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-07 304496]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2012-10-26 1286784]

S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-01-25 18216]

S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-06-23 402720]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-02-01 03:34 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 00:59]

.

2013-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 03:48]

.

2013-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 03:48]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-12-18 01:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-21 10775584]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-06-21 2040352]

"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-06-08 1441792]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-04-28 403112]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = 127.0.0.1;*.local

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\y6p002qo.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - ExtSQL: !HIDDEN! 2010-10-18 10:36; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

ShellIconOverlayIdentifiers- - (no file)

ShellIconOverlayIdentifiers- - (no file)

ShellIconOverlayIdentifiers- - (no file)

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-3850635917-1597292309-2435745105-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-3850635917-1597292309-2435745105-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-02-23 23:09:27

ComboFix-quarantined-files.txt 2013-02-24 05:09

.

Pre-Run: 399,629,688,832 bytes free

Post-Run: 399,635,763,200 bytes free

.

- - End Of File - - DC9E4DBFFC6309AAD6C5C2276E284C72

[gringo_pr]

Hello lazykins

First I need you to go Google Sync and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also

restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome

After you have Chrome reinstalled please check things out and let me know how it is doing.

Gringo

[lazykins]

After reinstalling Chrome, I was taken immediately to the sign in/sync page. Did you want me to sync? Thank you.

[lazykins]

bad news. it blocked another outgoing process. new address this time.

[gringo_pr]

did you clear synce before you uninstalled?

gringo

[lazykins]

This happened when accessing www.google.com and I was not signed into my google account this time.

[gringo_pr]

Hello lazykins

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
• Put a checkmark beside loaded modules.
  
• A reboot will be needed to apply the changes. Do it.
  
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  
• Then click on Change parameters in TDSSKiller.
  
• Check all boxes then click OK.
  
• Click the Start Scan button.
  
• The scan should take no longer than 2 minutes.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
• If malicious objects are found, they will show in the Scan results
  
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it or you can upload it here and send me the link - http://www.speedyshare.com/
  

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit

2.Unzip the contents to a folder in a convenient location.

3.Open the folder where the contents were unzipped and run mbar.exe

4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.

6.Wait while the system shuts down and the cleanup process is performed.

7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

• •Internet access
  •Windows Update
  •Windows Firewall

9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.

10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo

[lazykins]

Here's the TDSS report

------------------------------

23:46:06.0016 5464 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

23:46:06.0468 5464 ============================================================

23:46:06.0468 5464 Current date / time: 2013/02/23 23:46:06.0468

23:46:06.0468 5464 SystemInfo:

23:46:06.0468 5464

23:46:06.0468 5464 OS Version: 6.1.7601 ServicePack: 1.0

23:46:06.0468 5464 Product type: Workstation

23:46:06.0468 5464 ComputerName: AMY-VAIO

23:46:06.0468 5464 UserName: Amy

23:46:06.0468 5464 Windows directory: C:\Windows

23:46:06.0468 5464 System windows directory: C:\Windows

23:46:06.0468 5464 Running under WOW64

23:46:06.0468 5464 Processor architecture: Intel x64

23:46:06.0468 5464 Number of processors: 8

23:46:06.0468 5464 Page size: 0x1000

23:46:06.0468 5464 Boot type: Normal boot

23:46:06.0468 5464 ============================================================

23:46:07.0030 5464 BG loaded

23:46:08.0262 5464 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

23:46:08.0293 5464 ============================================================

23:46:08.0293 5464 \Device\Harddisk0\DR0:

23:46:08.0340 5464 MBR partitions:

23:46:08.0340 5464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1416000, BlocksNum 0x32000

23:46:08.0340 5464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1448000, BlocksNum 0x4940FAB0

23:46:08.0340 5464 ============================================================

23:46:08.0605 5464 C: <-> \Device\Harddisk0\DR0\Partition2

23:46:08.0605 5464 ============================================================

23:46:08.0605 5464 Initialize success

23:46:08.0605 5464 ============================================================

23:46:37.0464 4772 ============================================================

23:46:37.0464 4772 Scan started

23:46:37.0464 4772 Mode: Manual; SigCheck; TDLFS;

23:46:37.0464 4772 ============================================================

23:46:43.0068 4772 ================ Scan system memory ========================

23:46:43.0068 4772 System memory - ok

23:46:43.0069 4772 ================ Scan services =============================

23:46:48.0541 4772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

23:46:50.0461 4772 1394ohci - ok

23:46:50.0922 4772 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

23:46:51.0815 4772 ACDaemon - ok

23:46:51.0947 4772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

23:46:52.0456 4772 ACPI - ok

23:46:52.0529 4772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

23:46:53.0893 4772 AcpiPmi - ok

23:46:54.0636 4772 [ 0B3601ECEA5D6D41CCAE143355892061 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

23:46:54.0663 4772 AcrSch2Svc - ok

23:46:55.0620 4772 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

23:46:55.0840 4772 Adobe Version Cue CS3 - ok

23:46:56.0126 4772 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

23:46:56.0136 4772 AdobeARMservice - ok

23:46:59.0041 4772 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

23:47:00.0275 4772 AdobeFlashPlayerUpdateSvc - ok

23:47:00.0509 4772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

23:47:00.0725 4772 adp94xx - ok

23:47:01.0609 4772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

23:47:01.0779 4772 adpahci - ok

23:47:02.0062 4772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

23:47:02.0317 4772 adpu320 - ok

23:47:02.0474 4772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

23:47:07.0842 4772 AeLookupSvc - ok

23:47:08.0339 4772 [ B794DD8ACC5CC76177156463DAB4BEBB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys

23:47:08.0575 4772 afcdp - ok

23:47:09.0643 4772 [ 5555E5CE43DE53FE4C2F19A1163C49A0 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

23:47:09.0690 4772 afcdpsrv - ok

23:47:09.0877 4772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

23:47:10.0501 4772 AFD - ok

23:47:10.0704 4772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

23:47:11.0110 4772 agp440 - ok

23:47:11.0157 4772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

23:47:12.0873 4772 ALG - ok

23:47:13.0029 4772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

23:47:13.0200 4772 aliide - ok

23:47:13.0294 4772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

23:47:13.0699 4772 amdide - ok

23:47:13.0777 4772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

23:47:14.0121 4772 AmdK8 - ok

23:47:14.0183 4772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

23:47:14.0433 4772 AmdPPM - ok

23:47:14.0573 4772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

23:47:14.0947 4772 amdsata - ok

23:47:15.0103 4772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

23:47:15.0197 4772 amdsbs - ok

23:47:15.0275 4772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

23:47:15.0478 4772 amdxata - ok

23:47:15.0696 4772 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys

23:47:16.0648 4772 androidusb - ok

23:47:17.0334 4772 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys

23:47:17.0350 4772 ApfiltrService - ok

23:47:17.0833 4772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

23:47:23.0715 4772 AppID - ok

23:47:23.0762 4772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

23:47:23.0840 4772 AppIDSvc - ok

23:47:23.0918 4772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

23:47:24.0011 4772 Appinfo - ok

23:47:24.0308 4772 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

23:47:24.0308 4772 Apple Mobile Device - ok

23:47:24.0432 4772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

23:47:24.0510 4772 arc - ok

23:47:24.0557 4772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

23:47:24.0635 4772 arcsas - ok

23:47:25.0244 4772 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

23:47:25.0509 4772 aspnet_state - ok

23:47:25.0587 4772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

23:47:25.0727 4772 AsyncMac - ok

23:47:25.0758 4772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

23:47:25.0805 4772 atapi - ok

23:47:26.0133 4772 [ 08BAAA2432E81031A6C3B11AD5A67E2B ] athr C:\Windows\system32\DRIVERS\athrx.sys

23:47:26.0320 4772 athr - ok

23:47:26.0554 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

23:47:26.0648 4772 AudioEndpointBuilder - ok

23:47:26.0663 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

23:47:26.0710 4772 AudioSrv - ok

23:47:26.0772 4772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

23:47:27.0116 4772 AxInstSV - ok

23:47:27.0240 4772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

23:47:27.0318 4772 b06bdrv - ok

23:47:27.0428 4772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

23:47:27.0584 4772 b57nd60a - ok

23:47:27.0833 4772 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

23:47:28.0036 4772 BBSvc - ok

23:47:28.0114 4772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

23:47:28.0410 4772 BDESVC - ok

23:47:28.0442 4772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

23:47:28.0566 4772 Beep - ok

23:47:28.0832 4772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

23:47:28.0894 4772 BFE - ok

23:47:29.0409 4772 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130208.001\BHDrvx64.sys

23:47:42.0996 4772 BHDrvx64 - ok

23:47:43.0480 4772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

23:47:43.0652 4772 BITS - ok

23:47:43.0683 4772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

23:47:43.0932 4772 blbdrive - ok

23:47:44.0088 4772 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

23:47:44.0104 4772 Bonjour Service - ok

23:47:44.0213 4772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

23:47:44.0728 4772 bowser - ok

23:47:44.0775 4772 [ F46DD257FAD7D2D097EF32E72220A06C ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys

23:47:45.0040 4772 bpenum - ok

23:47:45.0134 4772 [ E82060AED0F28ED8909F2B07FA276185 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys

23:47:45.0321 4772 bpmp - ok

23:47:45.0368 4772 [ FC6313A5A45C1AE53D0491F0057D5A4D ] bpusb C:\Windows\system32\Drivers\bpusb.sys

23:47:45.0539 4772 bpusb - ok

23:47:45.0617 4772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

23:47:46.0070 4772 BrFiltLo - ok

23:47:46.0148 4772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

23:47:46.0210 4772 BrFiltUp - ok

23:47:46.0460 4772 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

23:47:46.0662 4772 BridgeMP - ok

23:47:46.0834 4772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

23:47:46.0990 4772 Browser - ok

23:47:47.0115 4772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

23:47:47.0302 4772 Brserid - ok

23:47:47.0411 4772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

23:47:47.0567 4772 BrSerWdm - ok

23:47:47.0645 4772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

23:47:48.0004 4772 BrUsbMdm - ok

23:47:48.0129 4772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

23:47:48.0238 4772 BrUsbSer - ok

23:47:48.0347 4772 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

23:47:48.0971 4772 BthEnum - ok

23:47:49.0096 4772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

23:47:49.0190 4772 BTHMODEM - ok

23:47:49.0252 4772 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

23:47:49.0330 4772 BthPan - ok

23:47:49.0517 4772 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

23:47:49.0689 4772 BTHPORT - ok

23:47:49.0751 4772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

23:47:49.0876 4772 bthserv - ok

23:47:49.0985 4772 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

23:47:50.0126 4772 BTHUSB - ok

23:47:50.0313 4772 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

23:47:50.0375 4772 btwampfl - ok

23:47:50.0484 4772 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

23:47:50.0578 4772 btwaudio - ok

23:47:50.0703 4772 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

23:47:50.0765 4772 btwavdt - ok

23:47:51.0592 4772 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

23:47:51.0623 4772 btwdins - ok

23:47:51.0686 4772 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

23:47:51.0779 4772 btwl2cap - ok

23:47:51.0826 4772 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

23:47:51.0904 4772 btwrchid - ok

23:47:51.0998 4772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

23:47:52.0091 4772 cdfs - ok

23:47:52.0169 4772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

23:47:52.0200 4772 cdrom - ok

23:47:52.0263 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

23:47:52.0356 4772 CertPropSvc - ok

23:47:52.0434 4772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

23:47:52.0544 4772 circlass - ok

23:47:52.0653 4772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

23:47:52.0700 4772 CLFS - ok

23:47:53.0027 4772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

23:47:53.0074 4772 clr_optimization_v2.0.50727_32 - ok

23:47:53.0682 4772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

23:47:53.0714 4772 clr_optimization_v2.0.50727_64 - ok

23:47:54.0369 4772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

23:47:55.0055 4772 clr_optimization_v4.0.30319_32 - ok

23:47:55.0086 4772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

23:47:55.0180 4772 clr_optimization_v4.0.30319_64 - ok

23:47:55.0211 4772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

23:47:55.0305 4772 CmBatt - ok

23:47:55.0336 4772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

23:47:55.0352 4772 cmdide - ok

23:47:55.0523 4772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

23:47:55.0570 4772 CNG - ok

23:47:55.0617 4772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

23:47:55.0664 4772 Compbatt - ok

23:47:55.0726 4772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

23:47:55.0773 4772 CompositeBus - ok

23:47:55.0788 4772 COMSysApp - ok

23:47:55.0835 4772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

23:47:55.0913 4772 crcdisk - ok

23:47:56.0007 4772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

23:47:56.0132 4772 CryptSvc - ok

23:47:56.0256 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

23:47:56.0319 4772 DcomLaunch - ok

23:47:56.0412 4772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

23:47:56.0537 4772 defragsvc - ok

23:47:56.0584 4772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

23:47:56.0771 4772 DfsC - ok

23:47:56.0896 4772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

23:47:57.0052 4772 Dhcp - ok

23:47:57.0114 4772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

23:47:57.0224 4772 discache - ok

23:47:57.0239 4772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

23:47:57.0255 4772 Disk - ok

23:47:57.0426 4772 [ 61458C120CDDFE7514E2DB125568CA59 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

23:47:57.0458 4772 DMAgent ( UnsignedFile.Multi.Generic ) - warning

23:47:57.0458 4772 DMAgent - detected UnsignedFile.Multi.Generic (1)

23:47:57.0567 4772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

23:47:57.0676 4772 Dnscache - ok

23:47:57.0770 4772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

23:47:57.0879 4772 dot3svc - ok

23:47:57.0957 4772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

23:47:58.0066 4772 DPS - ok

23:47:58.0128 4772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

23:47:58.0160 4772 drmkaud - ok

23:47:58.0472 4772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

23:47:58.0487 4772 DXGKrnl - ok

23:47:58.0550 4772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

23:47:58.0612 4772 EapHost - ok

23:47:59.0548 4772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

23:47:59.0673 4772 ebdrv - ok

23:47:59.0891 4772 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

23:47:59.0907 4772 eeCtrl - ok

23:47:59.0969 4772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

23:48:00.0078 4772 EFS - ok

23:48:00.0437 4772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

23:48:00.0546 4772 ehRecvr - ok

23:48:00.0593 4772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

23:48:00.0734 4772 ehSched - ok

23:48:00.0921 4772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

23:48:00.0968 4772 elxstor - ok

23:48:01.0311 4772 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

23:48:01.0389 4772 EpsonCustomerParticipation - ok

23:48:01.0560 4772 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

23:48:01.0592 4772 EraserUtilRebootDrv - ok

23:48:01.0654 4772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

23:48:01.0732 4772 ErrDev - ok

23:48:01.0919 4772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

23:48:01.0966 4772 EventSystem - ok

23:48:02.0356 4772 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

23:48:02.0372 4772 EvtEng - ok

23:48:02.0418 4772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

23:48:02.0528 4772 exfat - ok

23:48:02.0621 4772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

23:48:02.0715 4772 fastfat - ok

23:48:02.0918 4772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

23:48:03.0011 4772 Fax - ok

23:48:03.0058 4772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

23:48:03.0120 4772 fdc - ok

23:48:03.0198 4772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

23:48:03.0292 4772 fdPHost - ok

23:48:03.0308 4772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

23:48:03.0386 4772 FDResPub - ok

23:48:03.0401 4772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

23:48:03.0432 4772 FileInfo - ok

23:48:03.0464 4772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

23:48:03.0526 4772 Filetrace - ok

23:48:03.0713 4772 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

23:48:03.0744 4772 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

23:48:03.0744 4772 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

23:48:03.0776 4772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

23:48:03.0978 4772 flpydisk - ok

23:48:04.0103 4772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

23:48:04.0119 4772 FltMgr - ok

23:48:04.0228 4772 [ D4463A74E1BFBF3FB9B4FC6CF5390152 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys

23:48:04.0290 4772 fltsrv - ok

23:48:04.0353 4772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

23:48:04.0649 4772 FontCache - ok

23:48:04.0758 4772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

23:48:04.0790 4772 FontCache3.0.0.0 - ok

23:48:04.0821 4772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

23:48:04.0836 4772 FsDepends - ok

23:48:04.0930 4772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

23:48:05.0024 4772 Fs_Rec - ok

23:48:05.0117 4772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

23:48:05.0148 4772 fvevol - ok

23:48:05.0195 4772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

23:48:05.0226 4772 gagp30kx - ok

23:48:05.0273 4772 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

23:48:05.0304 4772 GEARAspiWDM - ok

23:48:05.0398 4772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

23:48:05.0460 4772 gpsvc - ok

23:48:05.0616 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:48:05.0616 4772 gupdate - ok

23:48:05.0694 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

23:48:05.0710 4772 gupdatem - ok

23:48:05.0741 4772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

23:48:05.0897 4772 hcw85cir - ok

23:48:06.0006 4772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

23:48:06.0084 4772 HdAudAddService - ok

23:48:06.0131 4772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

23:48:06.0162 4772 HDAudBus - ok

23:48:06.0240 4772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

23:48:06.0272 4772 HidBatt - ok

23:48:06.0318 4772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

23:48:06.0381 4772 HidBth - ok

23:48:06.0396 4772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

23:48:06.0443 4772 HidIr - ok

23:48:06.0521 4772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

23:48:06.0584 4772 hidserv - ok

23:48:06.0630 4772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

23:48:06.0646 4772 HidUsb - ok

23:48:06.0708 4772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

23:48:06.0802 4772 hkmsvc - ok

23:48:06.0880 4772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

23:48:06.0989 4772 HomeGroupListener - ok

23:48:07.0083 4772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

23:48:07.0130 4772 HomeGroupProvider - ok

23:48:07.0457 4772 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

23:48:07.0473 4772 hpqcxs08 - ok

23:48:07.0535 4772 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

23:48:07.0551 4772 hpqddsvc - ok

23:48:07.0598 4772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

23:48:07.0629 4772 HpSAMD - ok

23:48:07.0847 4772 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL

23:48:07.0894 4772 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning

23:48:07.0894 4772 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)

23:48:08.0066 4772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

23:48:08.0190 4772 HTTP - ok

23:48:08.0253 4772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

23:48:08.0300 4772 hwpolicy - ok

23:48:08.0362 4772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

23:48:08.0378 4772 i8042prt - ok

23:48:08.0565 4772 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys

23:48:08.0580 4772 iaStor - ok

23:48:08.0768 4772 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

23:48:08.0768 4772 IAStorDataMgrSvc - ok

23:48:08.0939 4772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

23:48:09.0017 4772 iaStorV - ok

23:48:09.0298 4772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

23:48:09.0376 4772 idsvc - ok

23:48:09.0610 4772 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130222.001\IDSvia64.sys

23:48:09.0641 4772 IDSVia64 - ok

23:48:09.0719 4772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

23:48:09.0735 4772 iirsp - ok

23:48:09.0953 4772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

23:48:10.0016 4772 IKEEXT - ok

23:48:10.0078 4772 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\drivers\Impcd.sys

23:48:10.0187 4772 Impcd - ok

23:48:10.0842 4772 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

23:48:10.0874 4772 IntcAzAudAddService - ok

23:48:10.0889 4772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

23:48:10.0905 4772 intelide - ok

23:48:10.0952 4772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

23:48:10.0983 4772 intelppm - ok

23:48:11.0014 4772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

23:48:11.0061 4772 IPBusEnum - ok

23:48:11.0123 4772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:48:11.0186 4772 IpFilterDriver - ok

23:48:11.0342 4772 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

23:48:11.0451 4772 iphlpsvc - ok

23:48:11.0498 4772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

23:48:11.0560 4772 IPMIDRV - ok

23:48:11.0607 4772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

23:48:11.0669 4772 IPNAT - ok

23:48:11.0903 4772 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

23:48:11.0934 4772 iPod Service - ok

23:48:11.0950 4772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

23:48:12.0200 4772 IRENUM - ok

23:48:12.0231 4772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

23:48:12.0262 4772 isapnp - ok

23:48:12.0356 4772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

23:48:12.0387 4772 iScsiPrt - ok

23:48:12.0434 4772 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

23:48:12.0449 4772 IviRegMgr - ok

23:48:12.0496 4772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

23:48:12.0512 4772 kbdclass - ok

23:48:12.0527 4772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

23:48:12.0590 4772 kbdhid - ok

23:48:12.0605 4772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

23:48:12.0621 4772 KeyIso - ok

23:48:12.0683 4772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

23:48:12.0730 4772 KSecDD - ok

23:48:12.0808 4772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

23:48:12.0855 4772 KSecPkg - ok

23:48:12.0902 4772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

23:48:12.0980 4772 ksthunk - ok

23:48:13.0089 4772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

23:48:13.0182 4772 KtmRm - ok

23:48:13.0276 4772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

23:48:13.0370 4772 LanmanServer - ok

23:48:13.0463 4772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

23:48:13.0510 4772 LanmanWorkstation - ok

23:48:13.0541 4772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

23:48:13.0604 4772 lltdio - ok

23:48:13.0666 4772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

23:48:13.0791 4772 lltdsvc - ok

23:48:13.0791 4772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

23:48:13.0822 4772 lmhosts - ok

23:48:13.0884 4772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

23:48:13.0900 4772 LSI_FC - ok

23:48:13.0931 4772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

23:48:13.0994 4772 LSI_SAS - ok

23:48:14.0040 4772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

23:48:14.0087 4772 LSI_SAS2 - ok

23:48:14.0118 4772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

23:48:14.0181 4772 LSI_SCSI - ok

23:48:14.0212 4772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

23:48:14.0274 4772 luafv - ok

23:48:14.0384 4772 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

23:48:14.0430 4772 MBAMProtector - ok

23:48:14.0789 4772 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

23:48:14.0805 4772 MBAMScheduler - ok

23:48:15.0039 4772 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

23:48:15.0054 4772 MBAMService - ok

23:48:15.0335 4772 [ 98E19D3FCAAE0236816E4942C5771F89 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe

23:48:15.0351 4772 McComponentHostServiceSony - ok

23:48:15.0413 4772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

23:48:15.0507 4772 Mcx2Svc - ok

23:48:15.0538 4772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

23:48:15.0569 4772 megasas - ok

23:48:15.0678 4772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

23:48:15.0710 4772 MegaSR - ok

23:48:15.0756 4772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

23:48:15.0788 4772 MMCSS - ok

23:48:15.0834 4772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

23:48:15.0928 4772 Modem - ok

23:48:15.0975 4772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

23:48:16.0022 4772 monitor - ok

23:48:16.0068 4772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

23:48:16.0068 4772 mouclass - ok

23:48:16.0115 4772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

23:48:16.0162 4772 mouhid - ok

23:48:16.0240 4772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

23:48:16.0271 4772 mountmgr - ok

23:48:16.0427 4772 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

23:48:16.0474 4772 MozillaMaintenance - ok

23:48:16.0505 4772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

23:48:16.0536 4772 mpio - ok

23:48:16.0568 4772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

23:48:16.0614 4772 mpsdrv - ok

23:48:16.0880 4772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

23:48:16.0942 4772 MpsSvc - ok

23:48:17.0004 4772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

23:48:17.0067 4772 MRxDAV - ok

23:48:17.0129 4772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

23:48:17.0238 4772 mrxsmb - ok

23:48:17.0301 4772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:48:17.0348 4772 mrxsmb10 - ok

23:48:17.0394 4772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:48:17.0457 4772 mrxsmb20 - ok

23:48:17.0488 4772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

23:48:17.0504 4772 msahci - ok

23:48:17.0550 4772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

23:48:17.0582 4772 msdsm - ok

23:48:17.0628 4772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

23:48:17.0691 4772 MSDTC - ok

23:48:17.0738 4772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

23:48:17.0784 4772 Msfs - ok

23:48:17.0800 4772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

23:48:17.0831 4772 mshidkmdf - ok

23:48:17.0862 4772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

23:48:17.0894 4772 msisadrv - ok

23:48:17.0972 4772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

23:48:18.0050 4772 MSiSCSI - ok

23:48:18.0050 4772 msiserver - ok

23:48:18.0065 4772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

23:48:18.0206 4772 MSKSSRV - ok

23:48:18.0252 4772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

23:48:18.0315 4772 MSPCLOCK - ok

23:48:18.0330 4772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

23:48:18.0393 4772 MSPQM - ok

23:48:18.0518 4772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

23:48:18.0564 4772 MsRPC - ok

23:48:18.0596 4772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

23:48:18.0611 4772 mssmbios - ok

23:48:18.0689 4772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

23:48:18.0736 4772 MSTEE - ok

23:48:18.0767 4772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

23:48:18.0814 4772 MTConfig - ok

23:48:18.0845 4772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

23:48:18.0861 4772 Mup - ok

23:48:18.0970 4772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

23:48:19.0017 4772 napagent - ok

23:48:19.0110 4772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

23:48:19.0188 4772 NativeWifiP - ok

23:48:19.0422 4772 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130223.009\ENG64.SYS

23:48:19.0454 4772 NAVENG - ok

23:48:19.0937 4772 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130223.009\EX64.SYS

23:48:19.0968 4772 NAVEX15 - ok

23:48:20.0265 4772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

23:48:20.0296 4772 NDIS - ok

23:48:20.0312 4772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

23:48:20.0374 4772 NdisCap - ok

23:48:20.0405 4772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

23:48:20.0436 4772 NdisTapi - ok

23:48:20.0483 4772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

23:48:20.0546 4772 Ndisuio - ok

23:48:20.0624 4772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

23:48:20.0686 4772 NdisWan - ok

23:48:20.0733 4772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

23:48:20.0811 4772 NDProxy - ok

23:48:20.0889 4772 NDSPCIIO - ok

23:48:20.0982 4772 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

23:48:21.0014 4772 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

23:48:21.0014 4772 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

23:48:21.0060 4772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

23:48:21.0154 4772 NetBIOS - ok

23:48:21.0232 4772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

23:48:21.0294 4772 NetBT - ok

23:48:21.0357 4772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

23:48:21.0372 4772 Netlogon - ok

23:48:21.0513 4772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

23:48:21.0606 4772 Netman - ok

23:48:21.0700 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:48:22.0012 4772 NetMsmqActivator - ok

23:48:22.0043 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:48:22.0043 4772 NetPipeActivator - ok

23:48:22.0184 4772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

23:48:22.0230 4772 netprofm - ok

23:48:22.0371 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:48:22.0371 4772 NetTcpActivator - ok

23:48:22.0386 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

23:48:22.0402 4772 NetTcpPortSharing - ok

23:48:24.0773 4772 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys

23:48:25.0007 4772 NETw5s64 - ok

23:48:25.0054 4772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

23:48:25.0070 4772 nfrd960 - ok

23:48:25.0226 4772 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

23:48:25.0241 4772 NIS - ok

23:48:25.0335 4772 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

23:48:25.0366 4772 NlaSvc - ok

23:48:25.0428 4772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

23:48:25.0538 4772 Npfs - ok

23:48:25.0569 4772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

23:48:25.0600 4772 nsi - ok

23:48:25.0709 4772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

23:48:25.0787 4772 nsiproxy - ok

23:48:26.0255 4772 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

23:48:26.0458 4772 Ntfs - ok

23:48:26.0520 4772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

23:48:26.0692 4772 Null - ok

23:48:26.0708 4772 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

23:48:26.0926 4772 nusb3hub - ok

23:48:27.0020 4772 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys

23:48:27.0051 4772 nusb3xhc - ok

23:48:27.0176 4772 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

23:48:27.0222 4772 NVHDA - ok

23:48:29.0001 4772 [ FBE6AC1C3591CB67543FAD15ABD26BCB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

23:48:29.0235 4772 nvlddmkm - ok

23:48:29.0344 4772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

23:48:29.0375 4772 nvraid - ok

23:48:29.0453 4772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

23:48:29.0484 4772 nvstor - ok

23:48:29.0781 4772 [ 147B0D17255FD796F990CC6F745605C5 ] nvsvc C:\Windows\system32\nvvsvc.exe

23:48:29.0812 4772 nvsvc - ok

23:48:29.0843 4772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

23:48:29.0952 4772 nv_agp - ok

23:48:30.0140 4772 [ 07D0A535A44DD048EE346853B0BB9349 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

23:48:30.0155 4772 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning

23:48:30.0155 4772 Oasis2Service - detected UnsignedFile.Multi.Generic (1)

23:48:30.0186 4772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

23:48:30.0218 4772 ohci1394 - ok

23:48:30.0374 4772 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

23:48:30.0420 4772 ose - ok

23:48:31.0200 4772 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

23:48:31.0497 4772 osppsvc - ok

23:48:31.0590 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

23:48:31.0668 4772 p2pimsvc - ok

23:48:31.0793 4772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

23:48:31.0824 4772 p2psvc - ok

23:48:31.0902 4772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

23:48:31.0949 4772 Parport - ok

23:48:32.0012 4772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

23:48:32.0058 4772 partmgr - ok

23:48:32.0074 4772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

23:48:32.0105 4772 PcaSvc - ok

23:48:32.0152 4772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

23:48:32.0183 4772 pci - ok

23:48:32.0214 4772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

23:48:32.0230 4772 pciide - ok

23:48:32.0308 4772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

23:48:32.0339 4772 pcmcia - ok

23:48:32.0370 4772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

23:48:32.0729 4772 pcw - ok

23:48:32.0760 4772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

23:48:32.0807 4772 PEAUTH - ok

23:48:33.0275 4772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

23:48:33.0306 4772 PerfHost - ok

23:48:33.0369 4772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

23:48:33.0447 4772 pla - ok

23:48:33.0603 4772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

23:48:33.0681 4772 PlugPlay - ok

23:48:33.0868 4772 [ E9605A180001A6B5551112D91DE92CA1 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

23:48:34.0008 4772 PMBDeviceInfoProvider - ok

23:48:34.0040 4772 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

23:48:34.0071 4772 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

23:48:34.0071 4772 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

23:48:34.0118 4772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

23:48:34.0149 4772 PNRPAutoReg - ok

23:48:34.0180 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

23:48:34.0196 4772 PNRPsvc - ok

23:48:34.0383 4772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

23:48:34.0461 4772 PolicyAgent - ok

23:48:34.0539 4772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

23:48:34.0601 4772 Power - ok

23:48:34.0648 4772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

23:48:34.0695 4772 PptpMiniport - ok

23:48:34.0757 4772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

23:48:34.0804 4772 Processor - ok

23:48:34.0913 4772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

23:48:35.0147 4772 ProfSvc - ok

23:48:35.0178 4772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

23:48:35.0178 4772 ProtectedStorage - ok

23:48:35.0288 4772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

23:48:35.0350 4772 Psched - ok

23:48:35.0397 4772 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

23:48:35.0397 4772 PSI_SVC_2 - ok

23:48:35.0662 4772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

23:48:35.0912 4772 ql2300 - ok

23:48:35.0943 4772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

23:48:36.0036 4772 ql40xx - ok

23:48:36.0083 4772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

23:48:36.0099 4772 QWAVE - ok

23:48:36.0146 4772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

23:48:36.0224 4772 QWAVEdrv - ok

23:48:36.0286 4772 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll

23:48:36.0302 4772 RapiMgr - ok

23:48:36.0317 4772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

23:48:36.0504 4772 RasAcd - ok

23:48:36.0536 4772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

23:48:36.0598 4772 RasAgileVpn - ok

23:48:36.0645 4772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

23:48:36.0723 4772 RasAuto - ok

23:48:36.0770 4772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

23:48:36.0863 4772 Rasl2tp - ok

23:48:36.0957 4772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

23:48:36.0988 4772 RasMan - ok

23:48:37.0019 4772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

23:48:37.0066 4772 RasPppoe - ok

23:48:37.0082 4772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

23:48:37.0128 4772 RasSstp - ok

23:48:37.0222 4772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

23:48:37.0284 4772 rdbss - ok

23:48:37.0331 4772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

23:48:37.0394 4772 rdpbus - ok

23:48:37.0425 4772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

23:48:37.0472 4772 RDPCDD - ok

23:48:37.0487 4772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

23:48:37.0550 4772 RDPENCDD - ok

23:48:37.0565 4772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

23:48:37.0612 4772 RDPREFMP - ok

23:48:37.0690 4772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

23:48:37.0846 4772 RDPWD - ok

23:48:37.0908 4772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

23:48:38.0064 4772 rdyboost - ok

23:48:38.0096 4772 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys

23:48:38.0142 4772 regi - ok

23:48:38.0220 4772 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

23:48:38.0236 4772 RegSrvc - ok

23:48:38.0283 4772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

23:48:38.0345 4772 RemoteAccess - ok

23:48:38.0392 4772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

23:48:38.0501 4772 RemoteRegistry - ok

23:48:38.0595 4772 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

23:48:38.0657 4772 RFCOMM - ok

23:48:38.0704 4772 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys

23:48:38.0829 4772 rimspci - ok

23:48:38.0844 4772 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys

23:48:38.0891 4772 risdsnpe - ok

23:48:38.0907 4772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

23:48:38.0954 4772 RpcEptMapper - ok

23:48:38.0969 4772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

23:48:38.0985 4772 RpcLocator - ok

23:48:39.0156 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll

23:48:39.0188 4772 RpcSs - ok

23:48:39.0297 4772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

23:48:39.0375 4772 rspndr - ok

23:48:39.0406 4772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

23:48:39.0422 4772 SamSs - ok

23:48:39.0453 4772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

23:48:39.0578 4772 sbp2port - ok

23:48:39.0609 4772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

23:48:39.0656 4772 SCardSvr - ok

23:48:39.0718 4772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

23:48:39.0796 4772 scfilter - ok

23:48:40.0061 4772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

23:48:40.0248 4772 Schedule - ok

23:48:40.0295 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

23:48:40.0311 4772 SCPolicySvc - ok

23:48:40.0404 4772 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

23:48:40.0482 4772 sdbus - ok

23:48:40.0576 4772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

23:48:40.0670 4772 SDRSVC - ok

23:48:40.0872 4772 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

23:48:40.0888 4772 SeaPort - ok

23:48:40.0935 4772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

23:48:40.0982 4772 secdrv - ok

23:48:41.0013 4772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

23:48:41.0044 4772 seclogon - ok

23:48:41.0075 4772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

23:48:41.0122 4772 SENS - ok

23:48:41.0169 4772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

23:48:41.0418 4772 SensrSvc - ok

23:48:41.0434 4772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

23:48:41.0496 4772 Serenum - ok

23:48:41.0559 4772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

23:48:41.0574 4772 Serial - ok

23:48:41.0606 4772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

23:48:41.0637 4772 sermouse - ok

23:48:41.0684 4772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

23:48:41.0762 4772 SessionEnv - ok

23:48:41.0808 4772 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys

23:48:41.0949 4772 SFEP - ok

23:48:41.0964 4772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

23:48:42.0042 4772 sffdisk - ok

23:48:42.0089 4772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

23:48:42.0152 4772 sffp_mmc - ok

23:48:42.0198 4772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

23:48:42.0261 4772 sffp_sd - ok

23:48:42.0308 4772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

23:48:42.0339 4772 sfloppy - ok

23:48:42.0495 4772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

23:48:42.0542 4772 SharedAccess - ok

23:48:42.0713 4772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

23:48:42.0776 4772 ShellHWDetection - ok

23:48:42.0807 4772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

23:48:42.0963 4772 SiSRaid2 - ok

23:48:43.0025 4772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

23:48:43.0056 4772 SiSRaid4 - ok

23:48:43.0462 4772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

23:48:43.0540 4772 Smb - ok

23:48:43.0587 4772 [ 367BC6CD6C781B56FCF6218CD5999DC3 ] SMR162 C:\Windows\system32\drivers\SMR162.SYS

23:48:43.0618 4772 SMR162 - ok

23:48:43.0696 4772 [ F26AAD9ADFC9B62AC59A004A913C92DA ] snapman C:\Windows\system32\DRIVERS\snapman.sys

23:48:43.0712 4772 snapman - ok

23:48:43.0758 4772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

23:48:43.0821 4772 SNMPTRAP - ok

23:48:43.0961 4772 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

23:48:44.0024 4772 SOHCImp - ok

23:48:44.0086 4772 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

23:48:44.0148 4772 SOHDms - ok

23:48:44.0180 4772 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

23:48:44.0242 4772 SOHDs - ok

23:48:44.0351 4772 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

23:48:44.0398 4772 SpfService - ok

23:48:44.0445 4772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

23:48:44.0460 4772 spldr - ok

23:48:44.0632 4772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

23:48:44.0804 4772 Spooler - ok

23:48:44.0991 4772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

23:48:45.0100 4772 sppsvc - ok

23:48:45.0147 4772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

23:48:45.0209 4772 sppuinotify - ok

23:48:45.0240 4772 [ D8B882C520FC83547E22014FF5EC66D7 ] Spyder3 C:\Windows\system32\DRIVERS\Spyder3.sys

23:48:45.0287 4772 Spyder3 - ok

23:48:45.0568 4772 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS

23:48:45.0615 4772 SRTSP - ok

23:48:45.0630 4772 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS

23:48:45.0677 4772 SRTSPX - ok

23:48:45.0833 4772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

23:48:45.0958 4772 srv - ok

23:48:46.0098 4772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

23:48:46.0145 4772 srv2 - ok

23:48:46.0176 4772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

23:48:46.0223 4772 srvnet - ok

23:48:46.0270 4772 [ D52282225D5BD73A9CBF420699D1A0FE ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys

23:48:46.0332 4772 ssadbus - ok

23:48:46.0395 4772 [ F7936AC6E8437E10E1AE488CE21F3086 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys

23:48:46.0473 4772 ssadmdfl - ok

23:48:46.0488 4772 [ 1FE033372A58C67B3ECCA903FC637B36 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys

23:48:46.0676 4772 ssadmdm - ok

23:48:46.0722 4772 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys

23:48:46.0769 4772 sscdbus - ok

23:48:46.0800 4772 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys

23:48:46.0847 4772 sscdmdfl - ok

23:48:47.0003 4772 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys

23:48:47.0066 4772 sscdmdm - ok

23:48:47.0097 4772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

23:48:47.0159 4772 SSDPSRV - ok

23:48:47.0222 4772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

23:48:47.0268 4772 SstpSvc - ok

23:48:47.0315 4772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

23:48:47.0362 4772 stexstor - ok

23:48:47.0424 4772 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

23:48:47.0534 4772 StillCam - ok

23:48:47.0658 4772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

23:48:47.0705 4772 stisvc - ok

23:48:47.0736 4772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

23:48:47.0752 4772 swenum - ok

23:48:48.0158 4772 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

23:48:48.0173 4772 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

23:48:48.0173 4772 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

23:48:48.0345 4772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

23:48:48.0407 4772 swprv - ok

23:48:48.0641 4772 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe

23:48:48.0704 4772 Symantec RemoteAssist - ok

23:48:48.0860 4772 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS

23:48:48.0922 4772 SymDS - ok

23:48:49.0016 4772 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS

23:48:49.0031 4772 SymEFA - ok

23:48:49.0109 4772 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

23:48:49.0156 4772 SymEvent - ok

23:48:49.0234 4772 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS

23:48:49.0281 4772 SymIRON - ok

23:48:49.0374 4772 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS

23:48:49.0406 4772 SymNetS - ok

23:48:50.0295 4772 [ CAAEB44422474ED5C13D988AE7CA4A1C ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

23:48:50.0560 4772 syncagentsrv - ok

23:48:50.0950 4772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

23:48:51.0012 4772 SysMain - ok

23:48:51.0059 4772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

23:48:51.0090 4772 TabletInputService - ok

23:48:51.0777 4772 [ FFDF8B9B796E5243214233A8DB622E3D ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe

23:48:51.0870 4772 TabletServiceWacom - ok

23:48:52.0011 4772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

23:48:52.0104 4772 TapiSrv - ok

23:48:52.0136 4772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

23:48:52.0167 4772 TBS - ok

23:48:52.0650 4772 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

23:48:52.0728 4772 Tcpip - ok

23:48:52.0775 4772 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

23:48:52.0806 4772 TCPIP6 - ok

23:48:52.0853 4772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

23:48:52.0916 4772 tcpipreg - ok

23:48:52.0947 4772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

23:48:53.0040 4772 TDPIPE - ok

23:48:53.0337 4772 [ 7BC43335C778370FD0040D5224D8EDEB ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys

23:48:53.0415 4772 tdrpman - ok

23:48:53.0477 4772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

23:48:53.0586 4772 TDTCP - ok

23:48:53.0633 4772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

23:48:53.0680 4772 tdx - ok

23:48:53.0758 4772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

23:48:53.0820 4772 TermDD - ok

23:48:53.0930 4772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

23:48:53.0992 4772 TermService - ok

23:48:54.0039 4772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

23:48:54.0086 4772 Themes - ok

23:48:54.0164 4772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

23:48:54.0195 4772 THREADORDER - ok

23:48:54.0413 4772 [ 7D68EAB50DF8B71408B645BA8581800E ] timounter C:\Windows\system32\DRIVERS\timntr.sys

23:48:54.0476 4772 timounter - ok

23:48:54.0538 4772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

23:48:54.0585 4772 TrkWks - ok

23:48:54.0694 4772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

23:48:54.0788 4772 TrustedInstaller - ok

23:48:54.0834 4772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

23:48:54.0897 4772 tssecsrv - ok

23:48:54.0959 4772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

23:48:54.0990 4772 TsUsbFlt - ok

23:48:55.0022 4772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

23:48:55.0068 4772 tunnel - ok

23:48:55.0100 4772 [ 1A006963644C7FDE5BE60036F3A43E68 ] TVICHW32 C:\Windows\system32\DRIVERS\TVICHW32.SYS

23:48:55.0131 4772 TVICHW32 - ok

23:48:55.0146 4772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

23:48:55.0162 4772 uagp35 - ok

23:48:55.0271 4772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

23:48:55.0318 4772 udfs - ok

23:48:55.0380 4772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

23:48:55.0396 4772 UI0Detect - ok

23:48:55.0427 4772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

23:48:55.0443 4772 uliagpkx - ok

23:48:55.0474 4772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

23:48:55.0505 4772 umbus - ok

23:48:55.0552 4772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

23:48:55.0583 4772 UmPass - ok

23:48:55.0614 4772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

23:48:55.0661 4772 upnphost - ok

23:48:55.0708 4772 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

23:48:55.0770 4772 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

23:48:55.0770 4772 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

23:48:55.0817 4772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

23:48:55.0958 4772 usbccgp - ok

23:48:56.0020 4772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

23:48:56.0082 4772 usbcir - ok

23:48:56.0160 4772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

23:48:56.0301 4772 usbehci - ok

23:48:56.0363 4772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

23:48:56.0410 4772 usbhub - ok

23:48:56.0441 4772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

23:48:56.0519 4772 usbohci - ok

23:48:56.0550 4772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

23:48:56.0597 4772 usbprint - ok

23:48:56.0644 4772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

23:48:56.0753 4772 usbscan - ok

23:48:56.0800 4772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

23:48:56.0894 4772 USBSTOR - ok

23:48:56.0909 4772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

23:48:56.0940 4772 usbuhci - ok

23:48:56.0972 4772 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

23:48:56.0987 4772 usbvideo - ok

23:48:57.0034 4772 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys

23:48:57.0112 4772 usb_rndisx - ok

23:48:57.0143 4772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

23:48:57.0174 4772 UxSms - ok

23:48:57.0268 4772 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

23:48:57.0268 4772 VAIO Event Service - ok

23:48:57.0424 4772 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

23:48:57.0440 4772 VAIO Power Management - ok

23:48:57.0455 4772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

23:48:57.0471 4772 VaultSvc - ok

23:48:57.0518 4772 [ 96EFA2698D6B9E2931609A3EA73FC5DC ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

23:48:57.0549 4772 VCFw - ok

23:48:57.0705 4772 [ 7BEBF6A5285FFC03C34A7297A4E177CB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

23:48:57.0767 4772 VcmIAlzMgr - ok

23:48:57.0892 4772 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

23:48:57.0939 4772 VcmINSMgr - ok

23:48:58.0064 4772 [ 829A32FD1334F72429CA0515760EB7A7 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

23:48:58.0126 4772 VcmXmlIfHelper - ok

23:48:58.0266 4772 [ 8F0840FF3A11D6B3F767AD6C79AC2A40 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe

23:48:58.0313 4772 VCService - ok

23:48:58.0344 4772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

23:48:58.0344 4772 vdrvroot - ok

23:48:58.0454 4772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

23:48:58.0500 4772 vds - ok

23:48:58.0547 4772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

23:48:58.0578 4772 vga - ok

23:48:58.0594 4772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

23:48:58.0641 4772 VgaSave - ok

23:48:58.0734 4772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

23:48:58.0766 4772 vhdmp - ok

23:48:58.0828 4772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

23:48:58.0922 4772 viaide - ok

23:48:59.0109 4772 [ ACBCBD8421920D20F1F40B6F76A4C213 ] vididr C:\Windows\system32\DRIVERS\vididr.sys

23:48:59.0156 4772 vididr - ok

23:48:59.0265 4772 [ 905DD422D28A32FACE8AE695B3823843 ] vidsflt67 C:\Windows\system32\DRIVERS\vsflt67.sys

23:48:59.0327 4772 vidsflt67 - ok

23:48:59.0374 4772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

23:48:59.0405 4772 volmgr - ok

23:48:59.0546 4772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

23:48:59.0592 4772 volmgrx - ok

23:48:59.0733 4772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

23:48:59.0826 4772 volsnap - ok

23:48:59.0904 4772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

23:48:59.0982 4772 vsmraid - ok

23:49:00.0154 4772 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

23:49:00.0216 4772 VSNService ( UnsignedFile.Multi.Generic ) - warning

23:49:00.0216 4772 VSNService - detected UnsignedFile.Multi.Generic (1)

23:49:00.0497 4772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

23:49:00.0575 4772 VSS - ok

23:49:01.0059 4772 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe

23:49:01.0074 4772 VUAgent - ok

23:49:01.0121 4772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

23:49:01.0199 4772 vwifibus - ok

23:49:01.0277 4772 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

23:49:01.0340 4772 vwififlt - ok

23:49:01.0371 4772 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

23:49:01.0402 4772 vwifimp - ok

23:49:01.0496 4772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

23:49:01.0542 4772 W32Time - ok

23:49:01.0589 4772 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys

23:49:01.0636 4772 wacmoumonitor - ok

23:49:01.0683 4772 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys

23:49:01.0714 4772 wacommousefilter - ok

23:49:01.0776 4772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

23:49:01.0808 4772 WacomPen - ok

23:49:01.0823 4772 [ BB9D431C8D025BA13E60ADDDCFF04F1A ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys

23:49:01.0839 4772 wacomvhid - ok

23:49:01.0932 4772 [ 8B4255329EDFBA3ECFBD0714476FAD38 ] WacomVKHid C:\Windows\system32\DRIVERS\WacomVKHid.sys

23:49:01.0964 4772 WacomVKHid - ok

23:49:02.0010 4772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

23:49:02.0073 4772 WANARP - ok

23:49:02.0088 4772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

23:49:02.0120 4772 Wanarpv6 - ok

23:49:02.0556 4772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

23:49:02.0619 4772 WatAdminSvc - ok

23:49:03.0071 4772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

23:49:03.0258 4772 wbengine - ok

23:49:03.0321 4772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

23:49:03.0336 4772 WbioSrvc - ok

23:49:03.0477 4772 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll

23:49:03.0555 4772 WcesComm - ok

23:49:03.0664 4772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

23:49:03.0742 4772 wcncsvc - ok

23:49:03.0789 4772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

23:49:03.0945 4772 WcsPlugInService - ok

23:49:03.0992 4772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

23:49:04.0054 4772 Wd - ok

23:49:04.0241 4772 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

23:49:04.0319 4772 Wdf01000 - ok

23:49:04.0397 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

23:49:05.0489 4772 WdiServiceHost - ok

23:49:05.0520 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

23:49:05.0536 4772 WdiSystemHost - ok

23:49:05.0598 4772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

23:49:05.0645 4772 WebClient - ok

23:49:05.0676 4772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

23:49:05.0723 4772 Wecsvc - ok

23:49:05.0754 4772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

23:49:05.0817 4772 wercplsupport - ok

23:49:05.0879 4772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

23:49:06.0020 4772 WerSvc - ok

23:49:06.0051 4772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

23:49:06.0176 4772 WfpLwf - ok

23:49:06.0503 4772 [ 8686E96E13F41AC9806A79CA8004FEEE ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

23:49:06.0519 4772 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - warning

23:49:06.0519 4772 WiMAXAppSrv - detected UnsignedFile.Multi.Generic (1)

23:49:06.0550 4772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

23:49:06.0566 4772 WIMMount - ok

23:49:06.0597 4772 WinDefend - ok

23:49:06.0628 4772 WinHttpAutoProxySvc - ok

23:49:06.0940 4772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

23:49:06.0971 4772 Winmgmt - ok

23:49:07.0439 4772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

23:49:07.0517 4772 WinRM - ok

23:49:07.0626 4772 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

23:49:07.0798 4772 WinUsb - ok

23:49:07.0985 4772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

23:49:08.0001 4772 Wlansvc - ok

23:49:08.0422 4772 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

23:49:08.0453 4772 wlidsvc - ok

23:49:08.0484 4772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

23:49:08.0531 4772 WmiAcpi - ok

23:49:08.0625 4772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

23:49:08.0703 4772 wmiApSrv - ok

23:49:08.0765 4772 WMPNetworkSvc - ok

23:49:08.0812 4772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

23:49:08.0906 4772 WPCSvc - ok

23:49:08.0999 4772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

23:49:09.0015 4772 WPDBusEnum - ok

23:49:09.0077 4772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

23:49:09.0108 4772 ws2ifsl - ok

23:49:09.0280 4772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

23:49:09.0358 4772 wscsvc - ok

23:49:09.0405 4772 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

23:49:09.0483 4772 WSDPrintDevice - ok

23:49:09.0561 4772 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys

23:49:09.0639 4772 WSDScan - ok

23:49:09.0639 4772 WSearch - ok

23:49:10.0263 4772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

23:49:12.0213 4772 wuauserv - ok

23:49:12.0275 4772 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

23:49:12.0369 4772 WudfPf - ok

23:49:12.0385 4772 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

23:49:12.0400 4772 WUDFRd - ok

23:49:12.0416 4772 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

23:49:12.0447 4772 wudfsvc - ok

23:49:12.0494 4772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

23:49:12.0509 4772 WwanSvc - ok

23:49:12.0697 4772 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

23:49:12.0728 4772 YahooAUService - ok

23:49:12.0743 4772 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

23:49:12.0759 4772 yukonw7 - ok

23:49:12.0806 4772 ================ Scan global ===============================

23:49:12.0915 4772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

23:49:13.0211 4772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

23:49:13.0274 4772 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

23:49:13.0305 4772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

23:49:13.0336 4772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

23:49:13.0336 4772 [Global] - ok

23:49:13.0336 4772 ================ Scan MBR ==================================

23:49:13.0352 4772 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

23:49:16.0160 4772 \Device\Harddisk0\DR0 - ok

23:49:16.0160 4772 ================ Scan VBR ==================================

23:49:16.0222 4772 [ 3219A0267E3B4C84A32621FCEE4AF897 ] \Device\Harddisk0\DR0\Partition1

23:49:16.0253 4772 \Device\Harddisk0\DR0\Partition1 - ok

23:49:16.0285 4772 [ 81D42FC928AFD12C3D83E0D07D25CC82 ] \Device\Harddisk0\DR0\Partition2

23:49:16.0300 4772 \Device\Harddisk0\DR0\Partition2 - ok

23:49:16.0300 4772 ================ Scan active images ========================

23:49:16.0300 4772 ============================================================

23:49:16.0300 4772 Scan finished

23:49:16.0300 4772 ============================================================

23:49:16.0316 2060 Detected object count: 10

23:49:16.0316 2060 Actual detected object count: 10

23:49:36.0845 2060 DMAgent ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 DMAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0845 2060 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0845 2060 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0861 2060 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0861 2060 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0861 2060 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0861 2060 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:49:36.0861 2060 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - skipped by user

23:49:36.0861 2060 WiMAXAppSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:56:37.0521 5276 Deinitialize success

[gringo_pr]

ok run mbar now

[lazykins]

Just finished. It reported no malware found. Is there a report somewhere?

[gringo_pr]

Hello lazykins

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

• Double click on OTL.exe to run it.
  
• Under Output, ensure that Minimal Output is selected.
  
• Under Extra Registry section, select Use SafeList.
  
• Click the Scan All Users checkbox.
  
• Click on Run Scan at the top left hand corner.
  
• When done, two Notepad files will open.
  
  • OTL.txt <-- Will be opened and the that I need posted back here
    
  • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
    

  [*]Please post the contents of OTL.txt in your next reply.

Gringo

[lazykins]

Well I seem to be having a big problem. I can't connect to my network on that machine. I'm writing you from another computer. Same network. I've rebooted the router. I've rebooted the machine. Don't know what to try next?

[lazykins]

Fixed it. It was my repeater. Shouldn't have been connecting to that but chose it anyway.

[lazykins]

I ran OTL but MWB forums was down. Will post log in morning.