1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

erratic behavior and blue screen of death

Discussion in 'Virus & Other Malware Removal' started by Matt2020, Mar 31, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    Takes a very long time to start up computer. When it loads it always asks me to let microsoft virus tool remover run. When using the internet many ads show up on websites that should not be there and when I click on links in google it will sometimes redirect me to other links I did not click on. I have norton 360 but it blocks me from being able to run it. Alot of times while I am using the computer a blue screen will come up that says system crash and and I can no longer use it. I then have to shut it off and go through system restore steps to get it running again. Also the computer will not shut down properly when I select shut down from the start menu. Here is the hijackTHIS log. Thank you in advance for your help

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:45:13 PM, on 3/31/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16470)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\program files (x86)\coupon companion plugin\coupon companion plugin-bg.exe
    C:\Users\owner\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - MRI_DISABLED - (no file)
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: CrossriderApp0021804 - {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\IPS\IPSBHO.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coIEPlg.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O4 - Global Startup: MRI_DISABLED
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
    O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 15594 bytes
     
  2. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    Not Sure HiJack this worked completely last time. Also my fan is always running on my computer and it gets very hot. Here is the HIJACKTHIS log I am pretty sure worked. Thanks again

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:12:49 PM, on 3/31/2013
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16470)
    Boot mode: Normal
    Running processes:
    C:\Program Files\Sony\VAIO Care\VCSpt.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\program files (x86)\coupon companion plugin\coupon companion plugin-bg.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\owner\Downloads\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - MRI_DISABLED - (no file)
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    O2 - BHO: CrossriderApp0021804 - {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\IPS\IPSBHO.DLL
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coIEPlg.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    O4 - Global Startup: MRI_DISABLED
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
    O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
     
  3. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    Here are the dds.txt and attach.txt files.. still trying to get the ark.txt file but my computer keeps crashing and going to the blue screen before the scan is finished. Thank you

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 1.6.0_23
    Run by owner at 19:07:41 on 2013-03-31
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6125.3615 [GMT -4:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
    C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
    C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Sony\VAIO Care\VCSpt.exe
    C:\Program Files\Apoint\ApMsgFwd.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    \\.\globalroot\systemroot\svchost.exe -netsvcs
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Apoint\Apvfb.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\program files (x86)\coupon companion plugin\coupon companion plugin-bg.exe
    C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Program Files\Sony\VAIO Care\VCsystray.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    uProxyOverride = 192.168.*.*;*.local
    BHO: MRI_DISABLED - <orphaned>
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
    BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ips\ipsbho.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\coieplg.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\VAIOME~1.LNK - C:\Program Files (x86)\DDNi\Oasis\Delay.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: HideFastUserSwitching = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\2375942554134343 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\2456C6B696E6E233633453 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{6D5DBCC2-59C7-4DBE-B5C0-326033B78CF9}\24A4027596D26496 : DHCPNameServer = 192.168.1.254
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
    x64-Run: [MRT] "C:\Windows\System32\MRT.exe" /R
    x64-RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\30bml87k.default\
    FF - prefs.js: browser.startup.homepage - msn.com
    FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3\components\coFFPlgn.dll
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\components\IPSFFPl.dll
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\30bml87k.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}\plugins\npwidevinemediaoptimizer.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    FF - ExtSQL: 2013-02-11 21:08; {2d3fbcf7-be69-4433-8858-c621a8d0e58d}; C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\30bml87k.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
    .
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys [2013-1-23 493216]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys [2013-1-23 1133216]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [2013-3-21 1387608]
    R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys [2013-1-23 168096]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130329.001\IDSviA64.sys [2013-3-30 513184]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys [2013-1-23 224416]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys [2013-1-23 432800]
    R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-29 13336]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-1 398184]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-1 682344]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccsvchst.exe [2013-1-23 143928]
    R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-8-11 14112]
    R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-29 94208]
    R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-29 78848]
    R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168]
    R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104]
    R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920]
    R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-8-10 342056]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-10 39464]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-27 138912]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-1 24176]
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-29 402720]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-7-13 35840]
    S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-29 158720]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
    S3 motandroidusb;Mot ADB Interface Driver;C:\Windows\System32\drivers\motoandroid.sys [2009-7-10 31744]
    S3 Sockblkd;Sockblkd;C:\Program Files\Extegrity\Exam4\Sockblkd.sys [2010-12-6 6784]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
    .
    =============== Created Last 30 ================
    .
    2013-03-25 23:47:40 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
    2013-03-17 00:41:02 -------- d-----w- C:\fd9d91cb9bd14b3b40532ace94e9
    2013-03-02 23:55:41 -------- d-sh--w- C:\found.000
    .
    ==================== Find3M ====================
    .
    2013-03-14 01:25:48 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-03-14 01:25:48 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-01-20 01:21:04 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-01-04 05:41:01 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-01-04 05:40:54 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2013-01-04 05:37:01 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2013-01-04 05:37:00 243200 ----a-w- C:\Windows\System32\wow64.dll
    2013-01-04 05:37:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2013-01-04 05:36:33 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-01-04 05:33:49 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2013-01-04 05:30:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-01-04 05:27:03 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2013-01-04 05:27:02 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2013-01-04 05:27:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-01-04 05:27:01 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2013-01-04 05:27:00 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-01-04 05:27:00 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-01-04 05:27:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2013-01-04 04:51:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-01-04 04:51:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2013-01-04 03:22:49 3150848 ----a-w- C:\Windows\System32\win32k.sys
    2013-01-04 03:19:55 338432 ----a-w- C:\Windows\System32\conhost.exe
    2013-01-04 02:48:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-01-04 02:48:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-01-04 02:48:34 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-01-04 02:48:33 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-01-04 02:43:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-04 02:43:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2013-01-04 02:43:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-04 02:43:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    .
    ============= FINISH: 19:14:52.19 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 10/13/2010 3:45:32 PM
    System Uptime: 3/31/2013 7:00:13 PM (0 hours ago)
    .
    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz | N/A | 919/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 586 GiB total, 417.229 GiB free.
    E: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP265: 3/25/2013 7:37:16 PM - Windows Update
    RP267: 3/25/2013 11:06:09 PM - Windows Update
    RP269: 3/30/2013 12:46:28 PM - Windows Update
    RP271: 3/31/2013 2:32:28 PM - Windows Update
    RP273: 3/31/2013 3:21:03 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.5.1
    Adobe Shockwave Player 11.5
    Alps Pointing-device for VAIO
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Application Manager for VAIO
    ArcSoft WebCam Companion 3
    Best Buy pc app
    Bing Bar
    Bonjour
    Corel WinDVD
    Coupon Companion Plugin
    Coupon Printer for Windows
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Extegrity Exam 4.0
    GMATPrep(TM)
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    HP Deskjet 3050 J610 series Basic Device Software
    HP Deskjet 3050 J610 series Help
    HP Photo Creations
    HP Update
    iCloud
    Intel PROSet Wireless
    Intel WiMAX Tutorial
    Intel(R) Control Center
    Intel(R) PROSet/Wireless WiFi Software
    Intel(R) Rapid Storage Technology
    Intel(R) Turbo Boost Technology Driver
    Intel® PROSet/Wireless WiMAX Software
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 20 (64-bit)
    Java(TM) 6 Update 23
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.70.0.1100
    McAfee Security Scan Plus
    Media Gallery
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Default Manager
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Business 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server Compact 3.5 SP2 ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    MobileMe Control Panel
    MotoHelper 2.1.32 Driver 5.4.0
    MotoHelper MergeModules
    Motorola Mobile Drivers Installation 5.4.0
    Mozilla Firefox 19.0.2 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    MSXML 4.0 SP3 Parser (KB973685)
    Norton 360
    NVIDIA Display Control Panel
    NVIDIA Drivers
    Oasis2Service
    OOBE
    PlayReady PC Runtime amd64
    PMB
    PMB VAIO Edition Guide
    PMB VAIO Edition plug-in (Click to Disc)
    PMB VAIO Edition plug-in (VAIO Image Optimizer)
    PMB VAIO Edition plug-in (VAIO Movie Story)
    PVSonyDll
    QuickTime
    Realtek High Definition Audio Driver
    Remote Keyboard with PlayStation 3
    Remote Play with PlayStation 3
    Remote Play with PlayStation®3
    Renesas Electronics USB 3.0 Host Controller Driver
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
    Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
    SelectionLinks
    Skype Toolbars
    Skype™ 5.10
    TuneUp Companion 2.4.2.2
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    VAIO - Media Gallery
    VAIO - PMB VAIO Edition Guide
    VAIO - PMB VAIO Edition plug-in (Click to Disc)
    VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer)
    VAIO - PMB VAIO Edition plug-in (VAIO Movie Story)
    VAIO Care
    VAIO Control Center
    VAIO Data Restore Tool
    VAIO DVD Menu Data
    VAIO Gate
    VAIO Gate Default
    VAIO Hardware Diagnostics
    VAIO Help and Support
    VAIO Manual
    VAIO Media plus
    VAIO Media plus Opening Movie
    VAIO Movie Story Template Data
    VAIO Sample Contents
    VAIO Smart Network
    VAIO Survey
    VAIO Transfer Support
    VAIO Update
    VAIO Update Merge Module x64
    VAIO Wireless Wizard
    VU5x64
    VU5x86
    WIDCOMM Bluetooth Software
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/31/2013 7:01:34 PM, Error: Service Control Manager [7001] - The Workstation service depends on the SMB 1.x MiniRedirector service which failed to start because of the following error: The system cannot find the file specified.
    3/31/2013 7:01:34 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The dependency service or group failed to start.
    3/31/2013 7:01:34 PM, Error: Service Control Manager [7000] - The SMB 1.x MiniRedirector service failed to start due to the following error: The system cannot find the file specified.
    3/31/2013 3:22:03 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    3/31/2013 3:22:03 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
    3/31/2013 3:21:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2799494).
    3/31/2013 2:35:31 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2807986).
    3/30/2013 12:38:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SRTSP
    3/30/2013 12:37:57 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8a006d41000, 0x0000000000000000, 0xfffff800032dc04e, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 033013-56519-01.
    3/30/2013 12:37:04 PM, Error: SRTSP [4] - Error loading virus definitions.
    3/30/2013 11:45:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000357e14a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 033013-58110-01.
    3/25/2013 7:29:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.
    3/25/2013 7:29:12 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff80003266f9a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .
    3/25/2013 11:07:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WiMAXAppSrv service.
    3/24/2013 4:55:13 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    3/24/2013 4:50:59 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.
    3/24/2013 4:47:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
    3/24/2013 4:43:30 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000001000000a4, 0x0000000000000002, 0x0000000000000001, 0xfffff80003256e52). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032413-147701-01.
    3/24/2013 11:05:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000356c14a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032413-143084-01.
    3/24/2013 10:43:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
    .
    ==== End Of File ===========================
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    Malwarebytes Anti-Rootkit Tool

    1. Download Malwarebytes Anti-Rootkit from this link http://www.malwarebytes.org/products/mbar/
    2. Unzip the File to a convenient location. (Recommend the Desktop)
    3. Open the folder where the contents were unzipped to run mbar.exe

    [​IMG]

    4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

    [​IMG]

    5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

    6. The following image opens, select Next.

    [​IMG]

    7. The following image opens, select Update

    [​IMG]

    8. When the update completes select Next.

    [​IMG]

    9. In the following window ensure "Targets" are ticked. Then select "Scan"

    [​IMG]

    10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

    [​IMG]

    11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.
    12. If no threats were found you will see the following image, Select Exit:

    [​IMG]

    13. Verify that your system is now running normally, making sure that the following items are functional:
    • Internet access
    • Windows Update
    • Windows Firewall
    14. If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

    [​IMG]

    15. The following Window will open, Select "Y" from your Keyboard, tap Enter.

    [​IMG]

    16. The fix will be applied, select any key to Exit.

    [​IMG]

    15. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

    System - log
    Mbar - log Date and time of scan will also be shown

    [​IMG]
     
  5. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    Thank you so much for you help. I followed your directions but there I am still getting the same pop-ups on internet explorer and and it still asks me if I want to use microsoft virus tool remover when it boots up here are the logs you asked for. I also added the second log from when I ran it again. It said there was no maleware but again I am still having the same problems.

    Malwarebytes Anti-Rootkit BETA 1.01.0.1022
    www.malwarebytes.org
    Database version: v2013.04.02.06
    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    owner :: OWNER-VAIO [administrator]
    4/2/2013 10:38:52 AM
    mbar-log-2013-04-02 (10-38-52).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 29116
    Time elapsed: 35 minute(s), 15 second(s)
    Memory Processes Detected: 1
    c:\Windows\svchost.exe (Trojan.Agent) -> 5992 -> Delete on reboot.
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 3
    HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> Delete on reboot.
    HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> Delete on reboot.
    HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 2
    c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\U (Trojan.Siredef.C) -> Delete on reboot.
    c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8 (Trojan.Siredef.C) -> Delete on reboot.
    Files Detected: 7
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Bootstrap_0_0_6_infected.mbam (Rootkit.Pihar.c.MBR) -> Delete on reboot.
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\MBR_0_infected.mbam (Rootkit.Pihar.c.MBR) -> Delete on reboot.
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_1250263440_user.mbam (Forged physical sector) -> Delete on reboot.
    c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\@ (Trojan.Siredef.C) -> Delete on reboot.
    c:\Windows\assembly\GAC_32\Desktop.ini (Rootkit.0access) -> Delete on reboot.
    c:\windows\assembly\gac_64\desktop.ini (Rootkit.0access) -> Delete on reboot.
    c:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.
    (end)

    Malwarebytes Anti-Rootkit BETA 1.01.0.1022
    www.malwarebytes.org
    Database version: v2013.04.02.08
    Windows 7 x64 NTFS
    Internet Explorer 9.0.8112.16421
    owner :: OWNER-VAIO [administrator]
    4/2/2013 11:03:50 AM
    mbar-log-2013-04-02 (11-03-50).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 31013
    Time elapsed: 16 minute(s), 4 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1022
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7600 Windows 7 x64
    Account is Administrative
    Internet Explorer version: 9.0.8112.16421
    Java version: 1.6.0_23
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 1.729000 GHz
    Memory total: 6422454272, free: 2800537600
    ------------ Kernel report ------------
    04/02/2013 10:02:31
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\compbatt.sys
    \SystemRoot\system32\drivers\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\SYMDS64.SYS
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\ccSetx64.sys
    \SystemRoot\System32\Drivers\N360x64\1402010.016\SRTSP64.SYS
    \SystemRoot\system32\drivers\N360x64\1402010.016\SRTSPX64.SYS
    \SystemRoot\system32\drivers\N360x64\1402010.016\Ironx64.SYS
    \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130330.009\EX64.SYS
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130330.009\ENG64.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\ws2ifsl.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130329.001\IDSvia64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\drivers\blbdrive.sys
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\system32\DRIVERS\nvBridge.kmd
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\NETw5s64.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\sdbus.sys
    \SystemRoot\system32\drivers\rimssne64.sys
    \SystemRoot\system32\drivers\1394ohci.sys
    \SystemRoot\system32\drivers\risdsne64.sys
    \SystemRoot\system32\DRIVERS\yk62x64.sys
    \SystemRoot\system32\drivers\nusb3xhc.sys
    \SystemRoot\system32\drivers\USBD.SYS
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\drivers\kbdclass.sys
    \SystemRoot\system32\drivers\Apfiltr.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\SFEP.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\drivers\intelppm.sys
    \SystemRoot\system32\drivers\CmBatt.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\serscan.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\bpenum.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\system32\drivers\nusb3hub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\System32\Drivers\bpusb.sys
    \SystemRoot\system32\DRIVERS\bpmp.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\drivers\btwampfl.sys
    \SystemRoot\System32\Drivers\BTHUSB.sys
    \SystemRoot\System32\Drivers\bthport.sys
    \SystemRoot\system32\DRIVERS\rfcomm.sys
    \SystemRoot\system32\drivers\BthEnum.sys
    \SystemRoot\system32\DRIVERS\bthpan.sys
    \SystemRoot\system32\DRIVERS\btwavdt.sys
    \SystemRoot\system32\drivers\btwaudio.sys
    \SystemRoot\system32\DRIVERS\btwl2cap.sys
    \SystemRoot\system32\DRIVERS\btwrchid.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \??\C:\Windows\system32\drivers\regi.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\spsys.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\urlmon.dll
    \Windows\System32\ole32.dll
    \Windows\System32\nsi.dll
    \Windows\System32\usp10.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\lpk.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\imm32.dll
    \Windows\System32\user32.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\wininet.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\shell32.dll
    \Windows\System32\msctf.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\sechost.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\psapi.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\devobj.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa800633d060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa800600a050
    Lower Device Driver Name: \00001986\
    Driver name found: iaStor
    Initialization returned 0x0
    Load Function returned 0x0
    Downloaded database version: v2013.04.02.06
    Downloaded database version: v2013.03.25.01
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 3
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa800633d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa800633db20, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa800633d060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80060075b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800600a050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \00001986\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0xfffff8a010d7ad90, 0xfffffa800633d060, 0xfffffa8005cfe590
    Lower DeviceData: 0xfffff8a00f8e4e40, 0xfffffa800600a050, 0xfffffa80059b4890
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    MBR buffers are not equal
    MBR is forged! [5b875a22f8ce39ec096216471c83be3f]
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 9E8F16BC
    Partition information:
    Partition 0 type is Empty (0x0)
    Partition is ACTIVE.
    Partition starts at LBA: 6 Numsec = 0
    Partition is not bootable
    Infected: VBR on Empty active partition --> [Rootkit.Pihar.c.MBR]
    Changing partition to empty and not active. New active partition is 1 on drive 0 ...
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 21059584
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 21061632 Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 21266432 Numsec = 1228995248
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    MBR infection found on drive 0
    Disk Size: 640135028736 bytes
    Sector size: 512 bytes
    Scanning physical sectors of unpartitioned space on drive 0 (1-5-1250243728-1250263728)...
    Done!
    Performing system, memory and registry scan...
    Infected: HKLM\SOFTWARE\CLASSES\INTERFACE\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} --> [PUP.FaceThemes]
    Infected: HKLM\SOFTWARE\CLASSES\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} --> [PUP.FaceThemes]
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\instance.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\instance.dat" is compressed (flags = 1)
    Infected: c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\@ --> [Trojan.Siredef.C]
    Infected: c:\Windows\assembly\GAC_32\Desktop.ini --> [Rootkit.0access]
    Infected: c:\windows\assembly\gac_64\desktop.ini --> [Rootkit.0access]
    Infected: c:\Windows\svchost.exe --> [Trojan.Agent]
    Infected: c:\Windows\svchost.exe --> [Trojan.Agent]
    Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]
    Infected: c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\U --> [Trojan.Siredef.C]
    Infected: c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8 --> [Trojan.Siredef.C]
    Done!
    Scan finished
    Creating System Restore point...
    Scheduling clean up...
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    BCD Entry for BOOTEMS is missing
    Malicious Entry 26000022 for BOOTEMS present!
    Removal scheduling successful. System shutdown needed.
    System shutdown occurred
    =======================================

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1022
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7600 Windows 7 x64
    Account is Administrative
    Internet Explorer version: 9.0.8112.16421
    Java version: 1.6.0_23
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 1.729000 GHz
    Memory total: 6422454272, free: 4449230848
    Removal queue found; removal started
    Removing c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\@...
    Removing c:\Windows\assembly\GAC_32\Desktop.ini...
    Removing c:\windows\assembly\gac_64\desktop.ini...
    Removing c:\Windows\svchost.exe...
    Removing c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8\U...
    Removing c:\$Recycle.Bin\S-1-5-21-675570116-344419643-2222464658-1000\$e62d64e8d4b946dc8612be076c70aab8...
    Removal finished
    =======================================
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1022
    (c) Malwarebytes Corporation 2011-2012
    OS version: 6.1.7600 Windows 7 x64
    Account is Administrative
    Internet Explorer version: 9.0.8112.16421
    Java version: 1.6.0_23
    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 1.729000 GHz
    Memory total: 6422454272, free: 4669050880
    ------------ Kernel report ------------
    04/02/2013 10:45:57
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\compbatt.sys
    \SystemRoot\system32\drivers\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\SYMDS64.SYS
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\N360x64\1402010.016\ccSetx64.sys
    \SystemRoot\System32\Drivers\N360x64\1402010.016\SRTSP64.SYS
    \SystemRoot\system32\drivers\N360x64\1402010.016\SRTSPX64.SYS
    \SystemRoot\system32\drivers\N360x64\1402010.016\Ironx64.SYS
    \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\EX64.SYS
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\ENG64.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\ws2ifsl.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130330.001\IDSvia64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\drivers\blbdrive.sys
    \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\system32\DRIVERS\nvBridge.kmd
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\NETw5s64.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\sdbus.sys
    \SystemRoot\system32\drivers\rimssne64.sys
    \SystemRoot\system32\drivers\1394ohci.sys
    \SystemRoot\system32\drivers\risdsne64.sys
    \SystemRoot\system32\DRIVERS\yk62x64.sys
    \SystemRoot\system32\drivers\nusb3xhc.sys
    \SystemRoot\system32\drivers\USBD.SYS
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\drivers\kbdclass.sys
    \SystemRoot\system32\drivers\Apfiltr.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\drivers\SFEP.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\system32\drivers\wmiacpi.sys
    \SystemRoot\system32\drivers\intelppm.sys
    \SystemRoot\system32\drivers\CmBatt.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\serscan.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\DRIVERS\bpenum.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\system32\drivers\nusb3hub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\RTKVHD64.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\System32\Drivers\bpusb.sys
    \SystemRoot\system32\drivers\btwampfl.sys
    \SystemRoot\System32\Drivers\BTHUSB.sys
    \SystemRoot\System32\Drivers\bthport.sys
    \SystemRoot\system32\DRIVERS\bpmp.sys
    \SystemRoot\system32\DRIVERS\rfcomm.sys
    \SystemRoot\system32\drivers\BthEnum.sys
    \SystemRoot\system32\DRIVERS\bthpan.sys
    \SystemRoot\system32\DRIVERS\btwavdt.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\system32\drivers\btwaudio.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\DRIVERS\btwl2cap.sys
    \SystemRoot\system32\DRIVERS\btwrchid.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\peauth.sys
    \??\C:\Windows\system32\drivers\regi.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\comdlg32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\usp10.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\nsi.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\ole32.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\psapi.dll
    \Windows\System32\user32.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\shell32.dll
    \Windows\System32\lpk.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\msctf.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\kernel32.dll
    \Windows\System32\wininet.dll
    \Windows\System32\imm32.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\devobj.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\msasn1.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa800633e060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa800600b050
    Lower Device Driver Name: \Driver\iaStor\
    Driver name found: iaStor
    Initialization returned 0x0
    Load Function returned 0x0
    Downloaded database version: v2013.04.02.07
    Downloaded database version: v2013.04.02.08
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 3
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa800633e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa800633eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa800633e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8006008e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800600b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0xfffff8a008ca09e0, 0xfffffa800633e060, 0xfffffa800533d640
    Lower DeviceData: 0xfffff8a0083288a0, 0xfffffa800600b050, 0xfffffa800b790970
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 9E8F16BC
    Partition information:
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 21059584
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 21061632 Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 21266432 Numsec = 1228995248
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0
    Disk Size: 640135028736 bytes
    Sector size: 512 bytes
    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
    Done!
    Performing system, memory and registry scan...
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\instance.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.dat" is compressed (flags = 1)
    Read File: File "c:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\instance.dat" is compressed (flags = 1)
    Done!
    Scan finished
    =======================================
     
  6. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    did you run the Microsoft tool when it asked you to
     
  7. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    No I do not run it
     
  8. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    Run tdss killer from http://support.kaspersky.com/viruses/solutions?qid=208280684

    let it cure anything it fnds ( except SPTD.SYS or anything detected as UnsignedFile.Multi.Generic, which should be ignored) & then reboot

    post back with its log

    By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder.
    Logs have names like: UtilityName.Version_Date_Time_log.txt.
    E.g. C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt
     
  9. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    It is still having trouble starting up and is still asking me to run that virus removal program

    19:06:16.0069 1856 TDSS rootkit removing tool 2.8.16.0 Mar 21 2013 15:53:02

    19:06:16.0413 1856 ============================================================

    19:06:16.0413 1856 Current date / time: 2013/04/02 19:06:16.0413

    19:06:16.0413 1856 SystemInfo:

    19:06:16.0413 1856

    19:06:16.0413 1856 OS Version: 6.1.7600 ServicePack: 0.0

    19:06:16.0413 1856 Product type: Workstation

    19:06:16.0413 1856 ComputerName: OWNER-VAIO

    19:06:16.0413 1856 UserName: owner

    19:06:16.0413 1856 Windows directory: C:\Windows

    19:06:16.0413 1856 System windows directory: C:\Windows

    19:06:16.0413 1856 Running under WOW64

    19:06:16.0413 1856 Processor architecture: Intel x64

    19:06:16.0413 1856 Number of processors: 8

    19:06:16.0413 1856 Page size: 0x1000

    19:06:16.0413 1856 Boot type: Normal boot

    19:06:16.0413 1856 ============================================================

    19:06:21.0919 1856 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

    19:06:21.0951 1856 ============================================================

    19:06:21.0951 1856 \Device\Harddisk0\DR0:

    19:06:21.0982 1856 MBR partitions:

    19:06:21.0982 1856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1416000, BlocksNum 0x32000

    19:06:21.0982 1856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1448000, BlocksNum 0x4940FAB0

    19:06:21.0982 1856 ============================================================

    19:06:22.0138 1856 C: <-> \Device\Harddisk0\DR0\Partition2

    19:06:22.0138 1856 ============================================================

    19:06:22.0138 1856 Initialize success

    19:06:22.0138 1856 ============================================================

    19:07:17.0656 3440 ============================================================

    19:07:17.0656 3440 Scan started

    19:07:17.0656 3440 Mode: Manual;

    19:07:17.0656 3440 ============================================================

    19:07:17.0922 3440 ================ Scan system memory ========================

    19:07:17.0922 3440 System memory - ok

    19:07:17.0922 3440 ================ Scan services =============================

    19:07:19.0965 3440 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

    19:07:19.0981 3440 1394ohci - ok

    19:07:20.0199 3440 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

    19:07:20.0230 3440 ACDaemon - ok

    19:07:20.0386 3440 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\drivers\ACPI.sys

    19:07:20.0402 3440 ACPI - ok

    19:07:20.0449 3440 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

    19:07:20.0464 3440 AcpiPmi - ok

    19:07:24.0349 3440 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    19:07:24.0411 3440 AdobeFlashPlayerUpdateSvc - ok

    19:07:24.0536 3440 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

    19:07:24.0552 3440 adp94xx - ok

    19:07:24.0692 3440 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

    19:07:24.0723 3440 adpahci - ok

    19:07:25.0612 3440 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

    19:07:25.0659 3440 adpu320 - ok

    19:07:25.0753 3440 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

    19:07:25.0753 3440 AeLookupSvc - ok

    19:07:26.0002 3440 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys

    19:07:26.0018 3440 AFD - ok

    19:07:26.0112 3440 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

    19:07:26.0112 3440 agp440 - ok

    19:07:26.0299 3440 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

    19:07:26.0314 3440 ALG - ok

    19:07:26.0470 3440 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

    19:07:26.0486 3440 aliide - ok

    19:07:26.0580 3440 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

    19:07:26.0595 3440 amdide - ok

    19:07:26.0658 3440 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

    19:07:26.0673 3440 AmdK8 - ok

    19:07:26.0829 3440 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

    19:07:26.0876 3440 AmdPPM - ok

    19:07:26.0970 3440 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys

    19:07:27.0016 3440 amdsata - ok

    19:07:27.0110 3440 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

    19:07:27.0157 3440 amdsbs - ok

    19:07:27.0219 3440 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys

    19:07:27.0219 3440 amdxata - ok

    19:07:27.0438 3440 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys

    19:07:27.0438 3440 ApfiltrService - ok

    19:07:27.0594 3440 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys

    19:07:27.0594 3440 AppID - ok

    19:07:27.0687 3440 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

    19:07:27.0718 3440 AppIDSvc - ok

    19:07:27.0906 3440 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll

    19:07:27.0906 3440 Appinfo - ok

    19:07:28.0686 3440 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    19:07:28.0764 3440 Apple Mobile Device - ok

    19:07:28.0951 3440 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

    19:07:28.0951 3440 arc - ok

    19:07:29.0060 3440 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

    19:07:29.0091 3440 arcsas - ok

    19:07:29.0278 3440 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

    19:07:29.0294 3440 AsyncMac - ok

    19:07:29.0434 3440 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

    19:07:29.0481 3440 atapi - ok

    19:07:29.0668 3440 [ 08BAAA2432E81031A6C3B11AD5A67E2B ] athr C:\Windows\system32\DRIVERS\athrx.sys

    19:07:29.0731 3440 athr - ok

    19:07:30.0058 3440 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

    19:07:30.0074 3440 AudioEndpointBuilder - ok

    19:07:30.0199 3440 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll

    19:07:30.0214 3440 AudioSrv - ok

    19:07:30.0433 3440 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll

    19:07:30.0464 3440 AxInstSV - ok

    19:07:31.0010 3440 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

    19:07:31.0026 3440 b06bdrv - ok

    19:07:31.0260 3440 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

    19:07:31.0291 3440 b57nd60a - ok

    19:07:32.0164 3440 [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

    19:07:32.0196 3440 BBSvc - ok

    19:07:32.0289 3440 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

    19:07:32.0305 3440 BDESVC - ok

    19:07:32.0445 3440 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

    19:07:32.0461 3440 Beep - ok

    19:07:32.0913 3440 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll

    19:07:32.0976 3440 BFE - ok

    19:07:34.0177 3440 [ E92A3DA47BED7CC65D264235617ED46E ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys

    19:07:34.0192 3440 BHDrvx64 - ok

    19:07:34.0785 3440 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll

    19:07:34.0816 3440 BITS - ok

    19:07:35.0035 3440 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

    19:07:35.0050 3440 blbdrive - ok

    19:07:35.0565 3440 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

    19:07:35.0612 3440 Bonjour Service - ok

    19:07:35.0721 3440 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

    19:07:35.0737 3440 bowser - ok

    19:07:35.0893 3440 [ F46DD257FAD7D2D097EF32E72220A06C ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys

    19:07:35.0908 3440 bpenum - ok

    19:07:36.0127 3440 [ E82060AED0F28ED8909F2B07FA276185 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys

    19:07:36.0158 3440 bpmp - ok

    19:07:36.0252 3440 [ FC6313A5A45C1AE53D0491F0057D5A4D ] bpusb C:\Windows\system32\Drivers\bpusb.sys

    19:07:36.0267 3440 bpusb - ok

    19:07:36.0314 3440 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

    19:07:36.0330 3440 BrFiltLo - ok

    19:07:36.0408 3440 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

    19:07:36.0408 3440 BrFiltUp - ok

    19:07:36.0673 3440 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

    19:07:36.0688 3440 BridgeMP - ok

    19:07:36.0891 3440 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll

    19:07:36.0891 3440 Browser - ok

    19:07:37.0000 3440 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

    19:07:37.0032 3440 Brserid - ok

    19:07:37.0094 3440 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

    19:07:37.0141 3440 BrSerWdm - ok

    19:07:37.0297 3440 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

    19:07:37.0312 3440 BrUsbMdm - ok

    19:07:37.0344 3440 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

    19:07:37.0359 3440 BrUsbSer - ok

    19:07:37.0546 3440 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

    19:07:37.0562 3440 BthEnum - ok

    19:07:37.0780 3440 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

    19:07:37.0843 3440 BTHMODEM - ok

    19:07:37.0936 3440 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

    19:07:37.0952 3440 BthPan - ok

    19:07:38.0061 3440 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

    19:07:38.0092 3440 BTHPORT - ok

    19:07:38.0170 3440 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

    19:07:38.0170 3440 bthserv - ok

    19:07:38.0233 3440 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

    19:07:38.0248 3440 BTHUSB - ok

    19:07:38.0389 3440 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

    19:07:38.0389 3440 btwampfl - ok

    19:07:38.0467 3440 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

    19:07:38.0467 3440 btwaudio - ok

    19:07:38.0607 3440 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

    19:07:38.0607 3440 btwavdt - ok

    19:07:38.0779 3440 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    19:07:38.0810 3440 btwdins - ok

    19:07:38.0857 3440 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

    19:07:38.0857 3440 btwl2cap - ok

    19:07:38.0919 3440 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

    19:07:38.0919 3440 btwrchid - ok

    19:07:39.0013 3440 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS

    19:07:39.0013 3440 BVRPMPR5a64 - ok

    19:07:39.0247 3440 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402010.016\ccSetx64.sys

    19:07:39.0247 3440 ccSet_N360 - ok

    19:07:39.0340 3440 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

    19:07:39.0356 3440 cdfs - ok

    19:07:39.0465 3440 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

    19:07:39.0481 3440 cdrom - ok

    19:07:39.0574 3440 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll

    19:07:39.0606 3440 CertPropSvc - ok

    19:07:39.0715 3440 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

    19:07:39.0715 3440 circlass - ok

    19:07:39.0793 3440 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

    19:07:39.0840 3440 CLFS - ok

    19:07:40.0074 3440 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

    19:07:40.0089 3440 clr_optimization_v2.0.50727_32 - ok

    19:07:40.0167 3440 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

    19:07:40.0214 3440 clr_optimization_v2.0.50727_64 - ok

    19:07:40.0432 3440 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    19:07:40.0651 3440 clr_optimization_v4.0.30319_32 - ok

    19:07:40.0760 3440 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    19:07:40.0776 3440 clr_optimization_v4.0.30319_64 - ok

    19:07:40.0854 3440 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

    19:07:40.0854 3440 CmBatt - ok

    19:07:40.0916 3440 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

    19:07:40.0932 3440 cmdide - ok

    19:07:41.0010 3440 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys

    19:07:41.0025 3440 CNG - ok

    19:07:41.0072 3440 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

    19:07:41.0072 3440 Compbatt - ok

    19:07:41.0197 3440 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

    19:07:41.0197 3440 CompositeBus - ok

    19:07:41.0212 3440 COMSysApp - ok

    19:07:41.0244 3440 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

    19:07:41.0259 3440 crcdisk - ok

    19:07:41.0400 3440 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll

    19:07:41.0415 3440 CryptSvc - ok

    19:07:41.0618 3440 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll

    19:07:41.0634 3440 DcomLaunch - ok

    19:07:41.0712 3440 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

    19:07:41.0727 3440 defragsvc - ok

    19:07:41.0821 3440 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

    19:07:41.0836 3440 DfsC - ok

    19:07:41.0930 3440 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll

    19:07:41.0946 3440 Dhcp - ok

    19:07:41.0977 3440 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

    19:07:41.0977 3440 discache - ok

    19:07:42.0086 3440 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

    19:07:42.0102 3440 Disk - ok

    19:07:42.0414 3440 [ 61458C120CDDFE7514E2DB125568CA59 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

    19:07:42.0429 3440 DMAgent - ok

    19:07:42.0538 3440 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll

    19:07:42.0570 3440 Dnscache - ok

    19:07:42.0679 3440 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll

    19:07:42.0694 3440 dot3svc - ok

    19:07:42.0788 3440 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll

    19:07:42.0819 3440 DPS - ok

    19:07:42.0913 3440 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

    19:07:42.0928 3440 drmkaud - ok

    19:07:43.0147 3440 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

    19:07:43.0162 3440 DXGKrnl - ok

    19:07:43.0225 3440 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

    19:07:43.0225 3440 EapHost - ok

    19:07:44.0036 3440 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

    19:07:44.0114 3440 ebdrv - ok

    19:07:44.0457 3440 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

    19:07:44.0457 3440 eeCtrl - ok

    19:07:44.0613 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe

    19:07:44.0613 3440 EFS - ok

    19:07:44.0878 3440 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe

    19:07:44.0894 3440 ehRecvr - ok

    19:07:44.0925 3440 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

    19:07:44.0925 3440 ehSched - ok

    19:07:45.0112 3440 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

    19:07:45.0128 3440 elxstor - ok

    19:07:45.0315 3440 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

    19:07:45.0315 3440 EraserUtilRebootDrv - ok

    19:07:45.0378 3440 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

    19:07:45.0393 3440 ErrDev - ok

    19:07:45.0565 3440 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

    19:07:45.0580 3440 EventSystem - ok

    19:07:46.0111 3440 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

    19:07:46.0142 3440 EvtEng - ok

    19:07:46.0173 3440 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

    19:07:46.0189 3440 exfat - ok

    19:07:46.0314 3440 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

    19:07:46.0360 3440 fastfat - ok

    19:07:46.0594 3440 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe

    19:07:46.0610 3440 Fax - ok

    19:07:46.0672 3440 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

    19:07:46.0688 3440 fdc - ok

    19:07:46.0735 3440 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

    19:07:46.0735 3440 fdPHost - ok

    19:07:46.0766 3440 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

    19:07:46.0766 3440 FDResPub - ok

    19:07:46.0844 3440 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

    19:07:46.0860 3440 FileInfo - ok

    19:07:46.0891 3440 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

    19:07:46.0906 3440 Filetrace - ok

    19:07:46.0969 3440 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

    19:07:46.0969 3440 flpydisk - ok

    19:07:47.0031 3440 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

    19:07:47.0062 3440 FltMgr - ok

    19:07:47.0187 3440 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll

    19:07:47.0218 3440 FontCache - ok

    19:07:47.0281 3440 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

    19:07:47.0281 3440 FontCache3.0.0.0 - ok

    19:07:47.0296 3440 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

    19:07:47.0312 3440 FsDepends - ok

    19:07:47.0390 3440 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

    19:07:47.0390 3440 Fs_Rec - ok

    19:07:47.0546 3440 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

    19:07:47.0562 3440 fvevol - ok

    19:07:47.0593 3440 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

    19:07:47.0608 3440 gagp30kx - ok

    19:07:47.0640 3440 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

    19:07:47.0655 3440 GEARAspiWDM - ok

    19:07:47.0998 3440 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll

    19:07:48.0030 3440 gpsvc - ok

    19:07:48.0264 3440 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    19:07:48.0295 3440 gupdate - ok

    19:07:48.0357 3440 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    19:07:48.0357 3440 gupdatem - ok

    19:07:48.0435 3440 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    19:07:48.0451 3440 gusvc - ok

    19:07:48.0544 3440 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

    19:07:48.0560 3440 hcw85cir - ok

    19:07:48.0638 3440 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

    19:07:48.0654 3440 HdAudAddService - ok

    19:07:48.0747 3440 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

    19:07:48.0763 3440 HDAudBus - ok

    19:07:48.0794 3440 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

    19:07:48.0825 3440 HidBatt - ok

    19:07:48.0841 3440 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

    19:07:48.0856 3440 HidBth - ok

    19:07:48.0888 3440 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

    19:07:48.0903 3440 HidIr - ok

    19:07:48.0934 3440 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

    19:07:48.0950 3440 hidserv - ok

    19:07:48.0997 3440 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

    19:07:49.0012 3440 HidUsb - ok

    19:07:49.0075 3440 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll

    19:07:49.0106 3440 hkmsvc - ok

    19:07:49.0168 3440 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

    19:07:49.0200 3440 HomeGroupListener - ok

    19:07:49.0246 3440 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll

    19:07:49.0246 3440 HomeGroupProvider - ok

    19:07:49.0387 3440 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

    19:07:49.0402 3440 HpSAMD - ok

    19:07:49.0590 3440 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys

    19:07:49.0621 3440 HTTP - ok

    19:07:49.0668 3440 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

    19:07:49.0668 3440 hwpolicy - ok

    19:07:49.0792 3440 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

    19:07:49.0824 3440 i8042prt - ok

    19:07:50.0026 3440 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys

    19:07:50.0026 3440 iaStor - ok

    19:07:50.0198 3440 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    19:07:50.0198 3440 IAStorDataMgrSvc - ok

    19:07:50.0354 3440 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

    19:07:50.0370 3440 iaStorV - ok

    19:07:50.0526 3440 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

    19:07:50.0541 3440 idsvc - ok

    19:07:51.0009 3440 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130330.001\IDSvia64.sys

    19:07:51.0009 3440 IDSVia64 - ok

    19:07:51.0072 3440 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

    19:07:51.0087 3440 iirsp - ok

    19:07:51.0337 3440 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll

    19:07:51.0352 3440 IKEEXT - ok

    19:07:51.0477 3440 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\drivers\Impcd.sys

    19:07:51.0493 3440 Impcd - ok

    19:07:52.0148 3440 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

    19:07:52.0179 3440 IntcAzAudAddService - ok

    19:07:52.0226 3440 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

    19:07:52.0226 3440 intelide - ok

    19:07:52.0242 3440 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

    19:07:52.0242 3440 intelppm - ok

    19:07:52.0335 3440 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

    19:07:52.0351 3440 IPBusEnum - ok

    19:07:52.0413 3440 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

    19:07:52.0413 3440 IpFilterDriver - ok

    19:07:52.0522 3440 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

    19:07:52.0538 3440 iphlpsvc - ok

    19:07:52.0554 3440 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

    19:07:52.0554 3440 IPMIDRV - ok

    19:07:52.0600 3440 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

    19:07:52.0616 3440 IPNAT - ok

    19:07:52.0912 3440 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

    19:07:52.0928 3440 iPod Service - ok

    19:07:52.0990 3440 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

    19:07:52.0990 3440 IRENUM - ok

    19:07:53.0068 3440 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

    19:07:53.0084 3440 isapnp - ok

    19:07:53.0115 3440 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

    19:07:53.0115 3440 iScsiPrt - ok

    19:07:53.0178 3440 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    19:07:53.0178 3440 IviRegMgr - ok

    19:07:53.0240 3440 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

    19:07:53.0240 3440 kbdclass - ok

    19:07:53.0287 3440 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

    19:07:53.0302 3440 kbdhid - ok

    19:07:53.0396 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe

    19:07:53.0396 3440 KeyIso - ok

    19:07:53.0443 3440 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

    19:07:53.0458 3440 KSecDD - ok

    19:07:53.0536 3440 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

    19:07:53.0552 3440 KSecPkg - ok

    19:07:53.0599 3440 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

    19:07:53.0599 3440 ksthunk - ok

    19:07:53.0708 3440 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

    19:07:53.0724 3440 KtmRm - ok

    19:07:53.0880 3440 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll

    19:07:53.0895 3440 LanmanServer - ok

    19:07:53.0942 3440 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

    19:07:53.0958 3440 LanmanWorkstation - ok

    19:07:53.0989 3440 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

    19:07:54.0020 3440 lltdio - ok

    19:07:54.0129 3440 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

    19:07:54.0160 3440 lltdsvc - ok

    19:07:54.0223 3440 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

    19:07:54.0238 3440 lmhosts - ok

    19:07:54.0379 3440 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

    19:07:54.0410 3440 LSI_FC - ok

    19:07:54.0441 3440 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

    19:07:54.0457 3440 LSI_SAS - ok

    19:07:54.0488 3440 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

    19:07:54.0519 3440 LSI_SAS2 - ok

    19:07:54.0566 3440 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

    19:07:54.0582 3440 LSI_SCSI - ok

    19:07:54.0628 3440 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

    19:07:54.0628 3440 luafv - ok

    19:07:54.0847 3440 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

    19:07:54.0847 3440 MBAMProtector - ok

    19:07:55.0174 3440 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

    19:07:55.0174 3440 MBAMScheduler - ok

    19:07:55.0284 3440 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

    19:07:55.0284 3440 MBAMService - ok

    19:07:55.0408 3440 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe

    19:07:55.0424 3440 McComponentHostService - ok

    19:07:55.0455 3440 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

    19:07:55.0455 3440 Mcx2Svc - ok

    19:07:55.0486 3440 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

    19:07:55.0533 3440 megasas - ok

    19:07:55.0642 3440 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

    19:07:55.0642 3440 MegaSR - ok

    19:07:55.0689 3440 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

    19:07:55.0689 3440 MMCSS - ok

    19:07:55.0720 3440 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

    19:07:55.0752 3440 Modem - ok

    19:07:55.0814 3440 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

    19:07:55.0814 3440 monitor - ok

    19:07:55.0908 3440 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys

    19:07:55.0923 3440 motandroidusb - ok

    19:07:56.0126 3440 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

    19:07:56.0142 3440 MotoHelper - ok

    19:07:56.0251 3440 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

    19:07:56.0251 3440 mouclass - ok

    19:07:56.0391 3440 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

    19:07:56.0422 3440 mouhid - ok

    19:07:56.0532 3440 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

    19:07:56.0563 3440 mountmgr - ok

    19:07:56.0890 3440 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

    19:07:56.0922 3440 MozillaMaintenance - ok

    19:07:56.0953 3440 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\drivers\mpio.sys

    19:07:56.0984 3440 mpio - ok

    19:07:57.0015 3440 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

    19:07:57.0031 3440 mpsdrv - ok

    19:07:57.0312 3440 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll

    19:07:57.0343 3440 MpsSvc - ok

    19:07:57.0390 3440 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

    19:07:57.0390 3440 MRxDAV - ok

    19:07:57.0530 3440 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

    19:07:57.0577 3440 mrxsmb - ok

    19:07:57.0577 3440 mrxsmb10 - ok

    19:07:57.0608 3440 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

    19:07:57.0624 3440 mrxsmb20 - ok

    19:07:57.0686 3440 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\drivers\msahci.sys

    19:07:57.0702 3440 msahci - ok

    19:07:57.0811 3440 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\drivers\msdsm.sys

    19:07:57.0826 3440 msdsm - ok

    19:07:57.0842 3440 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

    19:07:57.0873 3440 MSDTC - ok

    19:07:57.0936 3440 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

    19:07:57.0936 3440 Msfs - ok

    19:07:58.0014 3440 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

    19:07:58.0014 3440 mshidkmdf - ok

    19:07:58.0029 3440 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

    19:07:58.0029 3440 msisadrv - ok

    19:07:58.0138 3440 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

    19:07:58.0138 3440 MSiSCSI - ok

    19:07:58.0154 3440 msiserver - ok

    19:07:58.0216 3440 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

    19:07:58.0232 3440 MSKSSRV - ok

    19:07:58.0294 3440 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

    19:07:58.0310 3440 MSPCLOCK - ok

    19:07:58.0326 3440 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

    19:07:58.0341 3440 MSPQM - ok

    19:07:58.0419 3440 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

    19:07:58.0419 3440 MsRPC - ok

    19:07:58.0450 3440 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

    19:07:58.0450 3440 mssmbios - ok

    19:07:58.0466 3440 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

    19:07:58.0466 3440 MSTEE - ok

    19:07:58.0497 3440 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

    19:07:58.0528 3440 MTConfig - ok

    19:07:58.0591 3440 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

    19:07:58.0591 3440 Mup - ok

    19:07:59.0012 3440 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.2.1.22\ccSvcHst.exe

    19:07:59.0043 3440 N360 - ok

    19:07:59.0199 3440 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll

    19:07:59.0215 3440 napagent - ok

    19:07:59.0386 3440 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

    19:07:59.0402 3440 NativeWifiP - ok

    19:07:59.0574 3440 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\ENG64.SYS

    19:07:59.0574 3440 NAVENG - ok

    19:07:59.0964 3440 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\EX64.SYS

    19:07:59.0995 3440 NAVEX15 - ok

    19:08:00.0042 3440 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys

    19:08:00.0073 3440 NDIS - ok

    19:08:00.0120 3440 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

    19:08:00.0135 3440 NdisCap - ok

    19:08:00.0213 3440 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

    19:08:00.0229 3440 NdisTapi - ok

    19:08:00.0244 3440 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

    19:08:00.0244 3440 Ndisuio - ok

    19:08:00.0338 3440 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

    19:08:00.0338 3440 NdisWan - ok

    19:08:00.0369 3440 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

    19:08:00.0369 3440 NDProxy - ok

    19:08:00.0400 3440 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

    19:08:00.0416 3440 NetBIOS - ok

    19:08:00.0494 3440 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

    19:08:00.0510 3440 NetBT - ok

    19:08:00.0572 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe

    19:08:00.0572 3440 Netlogon - ok

    19:08:00.0728 3440 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

    19:08:00.0744 3440 Netman - ok

    19:08:00.0868 3440 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

    19:08:00.0915 3440 netprofm - ok

    19:08:00.0931 3440 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

    19:08:00.0946 3440 NetTcpPortSharing - ok

    19:08:02.0725 3440 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys

    19:08:02.0943 3440 NETw5s64 - ok

    19:08:02.0974 3440 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

    19:08:02.0990 3440 nfrd960 - ok

    19:08:03.0052 3440 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll

    19:08:03.0052 3440 NlaSvc - ok

    19:08:03.0146 3440 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

    19:08:03.0162 3440 Npfs - ok

    19:08:03.0255 3440 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

    19:08:03.0271 3440 nsi - ok

    19:08:03.0302 3440 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

    19:08:03.0333 3440 nsiproxy - ok

    19:08:03.0536 3440 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

    19:08:03.0598 3440 Ntfs - ok

    19:08:03.0630 3440 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

    19:08:03.0630 3440 Null - ok

    19:08:03.0676 3440 [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys

    19:08:03.0676 3440 nusb3hub - ok

    19:08:03.0739 3440 [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys

    19:08:03.0739 3440 nusb3xhc - ok

    19:08:03.0879 3440 [ A842341EF3C702EF8208E610BE0FD1D9 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

    19:08:03.0895 3440 NVHDA - ok

    19:08:04.0909 3440 [ B4402E1D61A3015FC29BEF94BB1C81FD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

    19:08:05.0049 3440 nvlddmkm - ok

    19:08:05.0190 3440 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys

    19:08:05.0190 3440 nvraid - ok

    19:08:05.0283 3440 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys

    19:08:05.0299 3440 nvstor - ok

    19:08:05.0392 3440 [ 3446574A40B1F355B9CE636FC49DA5F1 ] nvsvc C:\Windows\system32\nvvsvc.exe

    19:08:05.0408 3440 nvsvc - ok

    19:08:05.0502 3440 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

    19:08:05.0517 3440 nv_agp - ok

    19:08:05.0751 3440 [ 567E84848445135C0F4B8DE2D121EDB8 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

    19:08:05.0751 3440 Oasis2Service - ok

    19:08:05.0798 3440 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

    19:08:05.0814 3440 ohci1394 - ok

    19:08:05.0970 3440 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    19:08:05.0985 3440 ose - ok

    19:08:06.0890 3440 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

    19:08:07.0077 3440 osppsvc - ok

    19:08:07.0218 3440 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

    19:08:07.0233 3440 p2pimsvc - ok

    19:08:07.0296 3440 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

    19:08:07.0311 3440 p2psvc - ok

    19:08:07.0342 3440 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

    19:08:07.0342 3440 Parport - ok

    19:08:07.0420 3440 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys

    19:08:07.0436 3440 partmgr - ok

    19:08:07.0514 3440 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe

    19:08:07.0545 3440 Partner Service - ok

    19:08:07.0654 3440 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

    19:08:07.0686 3440 PcaSvc - ok

    19:08:07.0701 3440 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\drivers\pci.sys

    19:08:07.0717 3440 pci - ok

    19:08:07.0764 3440 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

    19:08:07.0795 3440 pciide - ok

    19:08:07.0873 3440 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

    19:08:07.0888 3440 pcmcia - ok

    19:08:07.0951 3440 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

    19:08:07.0951 3440 pcw - ok

    19:08:08.0091 3440 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

    19:08:08.0107 3440 PEAUTH - ok

    19:08:08.0871 3440 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

    19:08:08.0871 3440 PerfHost - ok

    19:08:09.0199 3440 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll

    19:08:09.0230 3440 pla - ok

    19:08:09.0402 3440 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

    19:08:09.0417 3440 PlugPlay - ok

    19:08:09.0667 3440 [ 80E85394D8CD7F84340B1C6F4B9D698F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

    19:08:09.0729 3440 PMBDeviceInfoProvider - ok

    19:08:09.0745 3440 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

    19:08:09.0745 3440 PNRPAutoReg - ok

    19:08:09.0854 3440 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

    19:08:09.0854 3440 PNRPsvc - ok

    19:08:10.0010 3440 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

    19:08:10.0026 3440 PolicyAgent - ok

    19:08:10.0072 3440 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

    19:08:10.0088 3440 Power - ok

    19:08:10.0150 3440 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

    19:08:10.0182 3440 PptpMiniport - ok

    19:08:10.0213 3440 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

    19:08:10.0244 3440 Processor - ok

    19:08:10.0322 3440 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll

    19:08:10.0353 3440 ProfSvc - ok

    19:08:10.0369 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe

    19:08:10.0369 3440 ProtectedStorage - ok

    19:08:10.0494 3440 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

    19:08:10.0494 3440 Psched - ok

    19:08:10.0525 3440 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    19:08:10.0525 3440 PSI_SVC_2 - ok

    19:08:10.0962 3440 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

    19:08:10.0993 3440 ql2300 - ok

    19:08:11.0024 3440 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

    19:08:11.0024 3440 ql40xx - ok

    19:08:11.0071 3440 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

    19:08:11.0149 3440 QWAVE - ok

    19:08:11.0227 3440 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

    19:08:11.0242 3440 QWAVEdrv - ok

    19:08:11.0258 3440 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

    19:08:11.0274 3440 RasAcd - ok

    19:08:11.0336 3440 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

    19:08:11.0367 3440 RasAgileVpn - ok

    19:08:11.0367 3440 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

    19:08:11.0383 3440 RasAuto - ok

    19:08:11.0414 3440 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

    19:08:11.0430 3440 Rasl2tp - ok

    19:08:11.0539 3440 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll

    19:08:11.0617 3440 RasMan - ok

    19:08:11.0648 3440 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

    19:08:11.0664 3440 RasPppoe - ok

    19:08:11.0726 3440 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

    19:08:11.0742 3440 RasSstp - ok

    19:08:11.0788 3440 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

    19:08:11.0788 3440 rdbss - ok

    19:08:11.0820 3440 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

    19:08:11.0851 3440 rdpbus - ok

    19:08:11.0976 3440 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

    19:08:11.0991 3440 RDPCDD - ok

    19:08:12.0022 3440 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

    19:08:12.0038 3440 RDPENCDD - ok

    19:08:12.0069 3440 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

    19:08:12.0069 3440 RDPREFMP - ok

    19:08:12.0147 3440 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

    19:08:12.0147 3440 RDPWD - ok

    19:08:12.0225 3440 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

    19:08:12.0256 3440 rdyboost - ok

    19:08:12.0319 3440 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys

    19:08:12.0319 3440 regi - ok

    19:08:12.0709 3440 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

    19:08:12.0724 3440 RegSrvc - ok

    19:08:12.0771 3440 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

    19:08:12.0787 3440 RemoteAccess - ok

    19:08:12.0865 3440 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

    19:08:12.0880 3440 RemoteRegistry - ok

    19:08:12.0974 3440 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

    19:08:12.0974 3440 RFCOMM - ok

    19:08:13.0099 3440 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys

    19:08:13.0114 3440 rimspci - ok

    19:08:13.0224 3440 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys

    19:08:13.0239 3440 risdsnpe - ok

    19:08:13.0317 3440 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

    19:08:13.0333 3440 RpcEptMapper - ok

    19:08:13.0411 3440 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

    19:08:13.0442 3440 RpcLocator - ok

    19:08:13.0536 3440 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll

    19:08:13.0551 3440 RpcSs - ok

    19:08:13.0676 3440 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

    19:08:13.0707 3440 rspndr - ok

    19:08:13.0738 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe

    19:08:13.0738 3440 SamSs - ok

    19:08:13.0754 3440 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

    19:08:13.0785 3440 sbp2port - ok

    19:08:13.0910 3440 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

    19:08:13.0926 3440 SCardSvr - ok

    19:08:13.0988 3440 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

    19:08:14.0019 3440 scfilter - ok

    19:08:14.0160 3440 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll

    19:08:14.0175 3440 Schedule - ok

    19:08:14.0269 3440 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll

    19:08:14.0269 3440 SCPolicySvc - ok

    19:08:14.0362 3440 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys

    19:08:14.0378 3440 sdbus - ok

    19:08:14.0487 3440 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll

    19:08:14.0518 3440 SDRSVC - ok

    19:08:14.0721 3440 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

    19:08:14.0737 3440 SeaPort - ok

    19:08:14.0815 3440 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

    19:08:14.0830 3440 secdrv - ok

    19:08:14.0862 3440 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll

    19:08:14.0877 3440 seclogon - ok

    19:08:14.0940 3440 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

    19:08:14.0955 3440 SENS - ok

    19:08:14.0986 3440 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

    19:08:15.0002 3440 SensrSvc - ok

    19:08:15.0111 3440 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

    19:08:15.0127 3440 Serenum - ok

    19:08:15.0189 3440 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

    19:08:15.0220 3440 Serial - ok

    19:08:15.0330 3440 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

    19:08:15.0361 3440 sermouse - ok

    19:08:15.0408 3440 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll

    19:08:15.0439 3440 SessionEnv - ok

    19:08:15.0548 3440 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys

    19:08:15.0579 3440 SFEP - ok

    19:08:15.0610 3440 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

    19:08:15.0626 3440 sffdisk - ok

    19:08:15.0688 3440 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

    19:08:15.0704 3440 sffp_mmc - ok

    19:08:15.0720 3440 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

    19:08:15.0735 3440 sffp_sd - ok

    19:08:15.0798 3440 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

    19:08:15.0813 3440 sfloppy - ok

    19:08:15.0938 3440 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

    19:08:15.0969 3440 SharedAccess - ok

    19:08:16.0032 3440 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll

    19:08:16.0063 3440 ShellHWDetection - ok

    19:08:16.0110 3440 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

    19:08:16.0110 3440 SiSRaid2 - ok

    19:08:16.0156 3440 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

    19:08:16.0156 3440 SiSRaid4 - ok

    19:08:16.0281 3440 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

    19:08:16.0297 3440 SkypeUpdate - ok

    19:08:16.0359 3440 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

    19:08:16.0375 3440 Smb - ok

    19:08:16.0437 3440 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

    19:08:16.0437 3440 SNMPTRAP - ok

    19:08:16.0531 3440 [ 02AB5AC03A1E66C8E8ED764FF8EFFC68 ] Sockblkd C:\Program Files\Extegrity\Exam4\Sockblkd.sys

    19:08:16.0531 3440 Sockblkd - ok

    19:08:16.0624 3440 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

    19:08:16.0640 3440 SOHCImp - ok

    19:08:16.0671 3440 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

    19:08:16.0671 3440 SOHDms - ok

    19:08:16.0687 3440 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

    19:08:16.0687 3440 SOHDs - ok

    19:08:16.0765 3440 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

    19:08:16.0780 3440 SpfService - ok

    19:08:16.0812 3440 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

    19:08:16.0812 3440 spldr - ok

    19:08:16.0874 3440 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe

    19:08:16.0890 3440 Spooler - ok

    19:08:17.0014 3440 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe

    19:08:17.0061 3440 sppsvc - ok

    19:08:17.0092 3440 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

    19:08:17.0108 3440 sppuinotify - ok

    19:08:17.0358 3440 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402010.016\SRTSP64.SYS

    19:08:17.0373 3440 SRTSP - ok

    19:08:17.0389 3440 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402010.016\SRTSPX64.SYS

    19:08:17.0389 3440 SRTSPX - ok

    19:08:17.0514 3440 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys

    19:08:17.0529 3440 srv - ok

    19:08:17.0576 3440 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

    19:08:17.0592 3440 srv2 - ok

    19:08:17.0623 3440 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

    19:08:17.0638 3440 srvnet - ok

    19:08:17.0701 3440 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

    19:08:17.0701 3440 SSDPSRV - ok

    19:08:17.0732 3440 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

    19:08:17.0748 3440 SstpSvc - ok

    19:08:17.0779 3440 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

    19:08:17.0794 3440 stexstor - ok

    19:08:17.0857 3440 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

    19:08:18.0403 3440 StillCam - ok

    19:08:18.0465 3440 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll

    19:08:18.0481 3440 stisvc - ok

    19:08:18.0512 3440 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

    19:08:18.0528 3440 swenum - ok

    19:08:18.0699 3440 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

    19:08:18.0715 3440 swprv - ok

    19:08:18.0762 3440 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402010.016\SYMDS64.SYS

    19:08:18.0777 3440 SymDS - ok

    19:08:18.0808 3440 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS

    19:08:18.0824 3440 SymEFA - ok

    19:08:18.0886 3440 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

    19:08:18.0886 3440 SymEvent - ok

    19:08:18.0933 3440 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402010.016\Ironx64.SYS

    19:08:18.0933 3440 SymIRON - ok

    19:08:19.0027 3440 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS

    19:08:19.0027 3440 SymNetS - ok

    19:08:19.0261 3440 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll

    19:08:19.0292 3440 SysMain - ok

    19:08:19.0308 3440 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll

    19:08:19.0323 3440 TabletInputService - ok

    19:08:19.0370 3440 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll

    19:08:19.0370 3440 TapiSrv - ok

    19:08:19.0432 3440 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

    19:08:19.0432 3440 TBS - ok

    19:08:19.0994 3440 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys

    19:08:20.0228 3440 Tcpip - ok

    19:08:20.0602 3440 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

    19:08:20.0634 3440 TCPIP6 - ok

    19:08:20.0665 3440 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

    19:08:20.0680 3440 tcpipreg - ok

    19:08:20.0712 3440 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

    19:08:20.0727 3440 TDPIPE - ok

    19:08:20.0758 3440 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

    19:08:20.0758 3440 TDTCP - ok

    19:08:20.0790 3440 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys

    19:08:20.0790 3440 tdx - ok

    19:08:20.0852 3440 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\drivers\termdd.sys

    19:08:20.0852 3440 TermDD - ok

    19:08:20.0977 3440 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll

    19:08:21.0024 3440 TermService - ok

    19:08:21.0070 3440 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

    19:08:21.0070 3440 Themes - ok

    19:08:21.0148 3440 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

    19:08:21.0148 3440 THREADORDER - ok

    19:08:21.0195 3440 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

    19:08:21.0195 3440 TrkWks - ok

    19:08:21.0289 3440 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

    19:08:21.0304 3440 TrustedInstaller - ok

    19:08:21.0351 3440 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

    19:08:21.0367 3440 tssecsrv - ok

    19:08:21.0445 3440 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

    19:08:21.0445 3440 tunnel - ok

    19:08:21.0460 3440 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

    19:08:21.0476 3440 uagp35 - ok

    19:08:21.0601 3440 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys

    19:08:21.0601 3440 udfs - ok

    19:08:21.0648 3440 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

    19:08:21.0663 3440 UI0Detect - ok

    19:08:21.0679 3440 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

    19:08:21.0679 3440 uliagpkx - ok

    19:08:21.0741 3440 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

    19:08:21.0741 3440 umbus - ok

    19:08:21.0772 3440 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

    19:08:21.0772 3440 UmPass - ok

    19:08:21.0913 3440 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

    19:08:21.0928 3440 upnphost - ok

    19:08:22.0006 3440 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

    19:08:22.0006 3440 USBAAPL64 - ok

    19:08:22.0022 3440 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

    19:08:22.0038 3440 usbaudio - ok

    19:08:22.0053 3440 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

    19:08:22.0053 3440 usbccgp - ok

    19:08:22.0100 3440 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

    19:08:22.0100 3440 usbcir - ok

    19:08:22.0131 3440 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys

    19:08:22.0131 3440 usbehci - ok

    19:08:22.0209 3440 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

    19:08:22.0225 3440 usbhub - ok

    19:08:22.0272 3440 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys

    19:08:22.0272 3440 usbohci - ok

    19:08:22.0303 3440 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

    19:08:22.0303 3440 usbprint - ok

    19:08:22.0334 3440 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

    19:08:22.0350 3440 usbscan - ok

    19:08:22.0412 3440 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

    19:08:22.0443 3440 USBSTOR - ok

    19:08:22.0506 3440 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

    19:08:22.0506 3440 usbuhci - ok

    19:08:22.0552 3440 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

    19:08:22.0552 3440 usbvideo - ok

    19:08:22.0584 3440 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

    19:08:22.0584 3440 UxSms - ok

    19:08:22.0724 3440 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

    19:08:22.0755 3440 VAIO Event Service - ok

    19:08:22.0864 3440 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

    19:08:22.0880 3440 VAIO Power Management - ok

    19:08:22.0896 3440 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe

    19:08:22.0896 3440 VaultSvc - ok

    19:08:22.0974 3440 [ 96EFA2698D6B9E2931609A3EA73FC5DC ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

    19:08:22.0989 3440 VCFw - ok

    19:08:23.0083 3440 [ 7BEBF6A5285FFC03C34A7297A4E177CB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

    19:08:23.0114 3440 VcmIAlzMgr - ok

    19:08:23.0161 3440 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

    19:08:23.0161 3440 VcmINSMgr - ok

    19:08:23.0192 3440 [ 829A32FD1334F72429CA0515760EB7A7 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

    19:08:23.0208 3440 VcmXmlIfHelper - ok

    19:08:23.0223 3440 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

    19:08:23.0223 3440 vdrvroot - ok

    19:08:23.0395 3440 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe

    19:08:23.0410 3440 vds - ok

    19:08:23.0457 3440 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

    19:08:23.0473 3440 vga - ok

    19:08:23.0488 3440 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

    19:08:23.0488 3440 VgaSave - ok

    19:08:23.0566 3440 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

    19:08:23.0582 3440 vhdmp - ok

    19:08:23.0691 3440 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

    19:08:23.0707 3440 viaide - ok

    19:08:23.0754 3440 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\drivers\volmgr.sys

    19:08:23.0754 3440 volmgr - ok

    19:08:23.0863 3440 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

    19:08:23.0863 3440 volmgrx - ok

    19:08:23.0956 3440 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys

    19:08:23.0988 3440 volsnap - ok

    19:08:24.0066 3440 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

    19:08:24.0097 3440 vsmraid - ok

    19:08:24.0346 3440 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

    19:08:24.0362 3440 VSNService - ok

    19:08:24.0518 3440 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe

    19:08:24.0549 3440 VSS - ok

    19:08:24.0721 3440 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

    19:08:24.0736 3440 VUAgent - ok

    19:08:24.0783 3440 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

    19:08:24.0783 3440 vwifibus - ok

    19:08:24.0799 3440 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

    19:08:24.0799 3440 vwififlt - ok

    19:08:24.0846 3440 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

    19:08:24.0846 3440 W32Time - ok

    19:08:24.0877 3440 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

    19:08:24.0877 3440 WacomPen - ok

    19:08:24.0924 3440 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

    19:08:24.0924 3440 WANARP - ok

    19:08:24.0924 3440 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

    19:08:24.0924 3440 Wanarpv6 - ok

    19:08:25.0017 3440 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

    19:08:25.0033 3440 WatAdminSvc - ok

    19:08:25.0204 3440 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe

    19:08:25.0236 3440 wbengine - ok

    19:08:25.0251 3440 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

    19:08:25.0267 3440 WbioSrvc - ok

    19:08:25.0314 3440 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll

    19:08:25.0314 3440 wcncsvc - ok

    19:08:25.0329 3440 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

    19:08:25.0345 3440 WcsPlugInService - ok

    19:08:25.0360 3440 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

    19:08:25.0360 3440 Wd - ok

    19:08:25.0454 3440 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

    19:08:25.0470 3440 Wdf01000 - ok

    19:08:25.0485 3440 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

    19:08:25.0485 3440 WdiServiceHost - ok

    19:08:25.0501 3440 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

    19:08:25.0501 3440 WdiSystemHost - ok

    19:08:25.0594 3440 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll

    19:08:25.0610 3440 WebClient - ok

    19:08:25.0657 3440 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

    19:08:25.0672 3440 Wecsvc - ok

    19:08:25.0672 3440 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

    19:08:25.0688 3440 wercplsupport - ok

    19:08:25.0719 3440 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

    19:08:25.0735 3440 WerSvc - ok

    19:08:25.0782 3440 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

    19:08:25.0797 3440 WfpLwf - ok

    19:08:26.0031 3440 [ 8686E96E13F41AC9806A79CA8004FEEE ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

    19:08:26.0047 3440 WiMAXAppSrv - ok

    19:08:26.0094 3440 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

    19:08:26.0094 3440 WIMMount - ok

    19:08:26.0109 3440 WinDefend - ok

    19:08:26.0109 3440 WinHttpAutoProxySvc - ok

    19:08:26.0234 3440 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

    19:08:26.0250 3440 Winmgmt - ok

    19:08:26.0593 3440 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll

    19:08:26.0640 3440 WinRM - ok

    19:08:26.0764 3440 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

    19:08:26.0764 3440 WinUsb - ok

    19:08:26.0827 3440 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

    19:08:26.0858 3440 Wlansvc - ok

    19:08:27.0373 3440 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    19:08:27.0404 3440 wlidsvc - ok

    19:08:27.0498 3440 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

    19:08:27.0498 3440 WmiAcpi - ok

    19:08:27.0622 3440 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

    19:08:27.0654 3440 wmiApSrv - ok

    19:08:27.0716 3440 WMPNetworkSvc - ok

    19:08:27.0778 3440 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

    19:08:27.0825 3440 WPCSvc - ok

    19:08:27.0841 3440 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

    19:08:27.0856 3440 WPDBusEnum - ok

    19:08:27.0919 3440 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

    19:08:27.0934 3440 ws2ifsl - ok

    19:08:27.0997 3440 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll

    19:08:27.0997 3440 wscsvc - ok

    19:08:28.0012 3440 WSearch - ok

    19:08:28.0558 3440 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

    19:08:28.0621 3440 wuauserv - ok

    19:08:28.0652 3440 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

    19:08:28.0668 3440 WudfPf - ok

    19:08:28.0824 3440 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

    19:08:28.0839 3440 WUDFRd - ok

    19:08:28.0886 3440 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

    19:08:28.0886 3440 wudfsvc - ok

    19:08:28.0964 3440 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

    19:08:28.0995 3440 WwanSvc - ok

    19:08:29.0136 3440 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

    19:08:29.0151 3440 yukonw7 - ok

    19:08:29.0214 3440 ================ Scan global ===============================

    19:08:29.0245 3440 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

    19:08:29.0323 3440 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll

    19:08:29.0370 3440 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll

    19:08:29.0416 3440 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

    19:08:29.0463 3440 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

    19:08:29.0463 3440 [Global] - ok

    19:08:29.0463 3440 ================ Scan MBR ==================================

    19:08:29.0494 3440 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

    19:08:30.0415 3440 \Device\Harddisk0\DR0 - ok

    19:08:30.0415 3440 ================ Scan VBR ==================================

    19:08:30.0430 3440 [ 3219A0267E3B4C84A32621FCEE4AF897 ] \Device\Harddisk0\DR0\Partition1

    19:08:30.0446 3440 \Device\Harddisk0\DR0\Partition1 - ok

    19:08:30.0446 3440 [ 81D42FC928AFD12C3D83E0D07D25CC82 ] \Device\Harddisk0\DR0\Partition2

    19:08:30.0446 3440 \Device\Harddisk0\DR0\Partition2 - ok

    19:08:30.0462 3440 ============================================================

    19:08:30.0462 3440 Scan finished

    19:08:30.0462 3440 ============================================================

    19:08:30.0477 3460 Detected object count: 0

    19:08:30.0477 3460 Actual detected object count: 0
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,220
    First Name:
    Derek
    let it run
    it is the genuine Microsoft malware removal tool that was downloaded at last windows update. Obviously when it did a quick scan on download,, it detected something so has set itself to run at startup to clean up ( or attempt to )
    please post back after it has run with what it found ( if anything ) and post a new dds report after it finishes
     
  11. Matt2020

    Matt2020 Thread Starter

    Joined:
    Mar 31, 2013
    Messages:
    7
    It looks like it worked thank you for the help
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1094838

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice