Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow to boot, Firefox Crashing Frequently, OTL Freezes and will not co

Started by M624 , Dec 30 2012 03:13 PM

  • Please log in to reply

#1
M624
Posted 30 December 2012 - 03:13 PM

M624

    Member

  • Member
  • PipPip
  • 71 posts
Hello,
First I cannot run the OTL. Every time I run it it stops when it is scanning the Firefox settings and just freezes. I tried shutting Firefox down and rebooting but nothing? When I rebooted after two failed OTL run attempts I had two "ghost" icons on the desktop labeled desktop.ini
Not sure if its relevant but pasting the info here.

FIRST HAS

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799
[LocalizedFileNames]
Norton 360 Premier Edition.lnk=@C:\PROGRA~1\NORTON~1\Branding\muis.dll,-109
Norton 360.lnk=@C:\PROGRA~1\NORTON~1\Branding\muis.dll,-109

SECOND HAS


[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183
[LocalizedFileNames]
Internet Explorer.lnk=@%windir%\System32\ie4uinit.exe,-731



Firefox is my most commonly used web browser, it has been crashing frequently but thought it was because I was running too many tabs open.
The first major problem is it takes 6-15 min for the Windows login screen to pop up once I start the computer. Once I login the start-up isn't too bad. I'm guessing its some kind of Malware? Also when I try to open PowerPoint I get an error (attached) but once I click OK the program open and has no further problems?

I have Norton 360 and ran a full system scan and the start-up manager to try and stop some of the start up programs. Took the computer into Office max yesterday for a diagnostic and attached the report that came from that. I did the clean-up and scans after that though so not sure what else it could be. Bought the CTRLCenter PC Protection from Office Max but have not used it as I'm not sure if I want to remove Norton and install McAfee, nor if I really want to spend the $150.
I've used G2G in the past with great success so hoping you can help me again.
Thank you!
Cherie


ctrlcenter PC Checkup Report Sunday, December 30, 2012 10:31 AM
Your overall PC health status
POOR
2 Critical Problems Unsolved, 1 Suggestion
Please review the results below
Our Recommendation:
Diagnostic and Software Repair + In-store Data Backup + Platinum Tune-up
With this service your ctrlcenter technician will back up your data prior to service and use the latest diagnostic and resolution techniques to troubleshoot and repair your PC.
Call now at
1-888-869-3917
and talk to our experienced Personal Technology Expert
Detailed Report
performance Status: POOR

Junk Files
2.20 GB of junk files found
Removing junk files from your computer enables your PC to run faster and helps you reclaim valuable hard disk space.
Total junk files found : 2.20 GB. (Approximate size)
Firefox cache 21.27 KB
Internet Explorer cache 22122.30 KB
Recycle bin 2276705.42 KB
Temporary files 5278.83 KB
Windows Optimization
15 problem(s) identified
Optimizes and maintains your PC to run faster by turning off unwanted services and system settings.
Windows Optimization
Recycle bin size configuration Not Optimal
Internet Explorer simultaneous downloads settings Not Optimal
Microsoft DFS Replication service Not Optimal
Microsoft Distributed Link Tracking Service Not Optimal
Internet connection sharing service Not Optimal
Microsoft ISCSI Service Not Optimal
Microsoft Problem and Report service Not Optimal
Microsoft SNMP Trap service Not Optimal
Microsoft WinHTTP Web Proxy Auto Discovery Service Not Optimal
CD ROM Autoplay Not Optimal
Microsoft Windows Mail Splash Screen Not Optimal
Firefox cache size Configuration Not Optimal
Internet Explorer cache size Configuration Not Optimal
Windows Vista critical services Not Optimal
Network Settings Not Optimal
Disk Space
Optimal

security Status: POOR

Malware Symptoms
Found
Your system may be infected with malware. Verify your Antivirus is up-to-date and rescan your computer. If problem persists contact our ctrlcenter Personal Technology Experts or visit your closest Office Max store.
Quick Malware Scan
Optimal
Antivirus
Optimal
Antispyware
Optimal
Firewall
Optimal
Windows Update
Optimal

data Status: GOOD

Data Backup Software
Optimal
System Restore Check
Optimal

system Status: GOOD

Service Pack
Optimal
Processor
Optimal
Physical Memory
Optimal
Video Graphics Card
Optimal

Windows 8 Readiness Status: GOOD

Processor
Optimal
Physical Memory
Optimal
Disk Space
Optimal
Video Graphical Card
Optimal

For any other PC related problems visit ctrlcenter.support.com or CALL 1-888-869-3917
Windows is a registered trademark of Microsoft Corporation in the United States and other countries.

Attached Thumbnails

  • PP error when opening.jpg

  • 0

Advertisements

#2
RKinner
Posted 30 December 2012 - 07:27 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Your ghosts are visible just because OTL turn on view hidden files. Nothing to worry about.

See if you can run any of these scans. If one won't work try the next.

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Right click on TDSSKiller.exe and select Run As Administrator to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Right-click mbam-setup.exe and select Run As Administrator to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow



(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


Copy the text in the code box:

DRIVES
nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINT

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.



Download, Save and Run (win 7 or Vista => Right click and Run as Admin.) farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

Ron
  • 0

#3
M624
Posted 30 December 2012 - 10:06 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Ran the aswMBR just took a long time to download Avast and to run. The Fix button did not highlight.
Here is the log

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-30 20:11:54
-----------------------------
20:11:54.736 OS Version: Windows 6.0.6002 Service Pack 2
20:11:54.736 Number of processors: 2 586 0x1706
20:11:54.737 ComputerName: CHERIE UserName: Cherie
20:12:01.182 Initialize success
20:53:52.802 AVAST engine defs: 12123001
21:08:49.912 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
21:08:49.915 Disk 0 Vendor: FUJITSU_ 0000 Size: 190782MB BusType: 3
21:08:49.923 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006b
21:08:49.927 Disk 1 Vendor: ( Size: 190782MB BusType: 0
21:08:49.931 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006c
21:08:49.935 Disk 2 Vendor: ( Size: 190782MB BusType: 0
21:08:49.956 Disk 0 MBR read successfully
21:08:49.962 Disk 0 MBR scan
21:08:50.082 Disk 0 Windows VISTA default MBR code
21:08:50.108 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10524 MB offset 2048
21:08:50.126 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 180256 MB offset 21555200
21:08:50.137 Disk 0 scanning sectors +390719920
21:08:50.265 Disk 0 scanning C:\Windows\system32\drivers
21:09:08.737 Service scanning
21:10:10.175 Modules scanning
21:10:25.931 AVAST engine scan C:\Windows
21:10:32.124 AVAST engine scan C:\Windows\system32
21:15:32.178 AVAST engine scan C:\Windows\system32\drivers
21:15:56.401 AVAST engine scan C:\Users\Cherie
21:30:14.916 File: C:\Users\Cherie\Games\Misc Games\Corruption Test.exe **INFECTED** Win32:Malware-gen
21:48:52.860 AVAST engine scan C:\ProgramData
22:04:17.714 Scan finished successfully
22:05:27.706 Disk 0 MBR has been saved successfully to "C:\Users\Cherie\Desktop\MBR.dat"
22:05:27.713 The log file has been saved successfully to "C:\Users\Cherie\Desktop\aswMBR.txt"
  • 0

#4
RKinner
Posted 31 December 2012 - 12:34 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
If C:\Users\Cherie\Games\Misc Games\Corruption Test.exe is still there then you should delete it.
  • 0

#5
M624
Posted 31 December 2012 - 03:23 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Thank you!
I have removed it, although its been on the computer for years and never popped up on any other G2G scans...hmmm, odd?
Computer is still very slow to boot and programs still running slow and freezing.
  • 0

#6
RKinner
Posted 31 December 2012 - 03:45 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Go on and try the other steps and perhaps we can see why it is so slow.
  • 0

#7
M624
Posted 31 December 2012 - 05:06 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Here is the Combo Fix Log. Let me know if I need to continue with another scan.

ComboFix 12-12-31.01 - Cherie 12/31/2012 16:24:21.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1189 [GMT -6:00]
Running from: c:\users\Cherie\Desktop\ComboFix.exe
AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-31 )))))))))))))))))))))))))))))))
.
.
2012-12-31 22:34 . 2012-12-31 22:34 -------- d-----w- c:\users\Cherie\AppData\Local\temp
2012-12-31 22:34 . 2012-12-31 22:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-31 16:30 . 2012-12-31 16:30 -------- d-----w- c:\program files\Windows Portable Devices
2012-12-31 15:43 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-12-31 15:43 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-12-31 15:43 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-12-31 15:37 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-31 15:37 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-31 15:37 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-31 15:28 . 2012-12-31 15:28 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-12-31 15:27 . 2012-12-31 15:27 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-12-31 15:27 . 2012-12-31 15:27 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-12-31 15:27 . 2012-12-31 15:27 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-12-31 15:27 . 2012-12-31 15:27 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-12-31 15:27 . 2012-12-31 15:27 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-12-31 15:27 . 2012-12-31 15:27 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-12-31 15:27 . 2012-12-31 15:27 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-12-31 15:11 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-31 15:11 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-31 15:11 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-31 15:11 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-31 15:11 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-31 15:11 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-31 15:11 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-31 15:11 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-31 15:11 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-31 15:11 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-31 15:11 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-31 15:02 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-31 15:02 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-31 11:55 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-12-31 11:55 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-12-31 11:55 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-12-31 11:55 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-12-31 11:55 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-12-31 11:55 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-12-31 11:55 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-31 11:55 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-12-31 11:54 . 2011-04-21 13:55 508416 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-12-31 11:54 . 2009-06-17 13:23 30208 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-12-31 11:54 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-12-31 11:54 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-31 11:52 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-12-31 11:52 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-12-31 11:52 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-12-31 11:52 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-12-31 11:52 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-12-31 11:52 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-12-31 11:51 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-12-31 11:51 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-31 11:51 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-31 11:51 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-12-31 11:51 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-12-31 11:51 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-31 11:50 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-12-31 11:50 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-12-31 11:50 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-12-31 11:50 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-12-31 11:50 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-12-31 11:50 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-12-31 11:50 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-12-31 11:50 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-12-31 11:50 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-12-31 11:50 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-12-31 11:49 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-12-31 11:49 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-12-31 11:48 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-12-31 11:47 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-12-31 11:47 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-12-31 11:47 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-12-31 11:47 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-31 11:47 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-12-31 11:47 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-12-31 11:47 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-12-31 11:47 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-12-31 11:47 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-12-31 11:22 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-12-31 10:59 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-12-31 10:59 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-31 10:59 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-31 10:59 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-12-31 10:59 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-12-31 10:59 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-12-31 10:59 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-12-31 10:59 . 2012-06-02 21:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-31 10:59 . 2012-06-02 21:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-12-30 21:31 . 2012-12-30 21:31 -------- d-----w- c:\program files\CCleaner
2012-12-30 17:19 . 2012-12-30 17:20 -------- d-----w- c:\windows\system32\ca-ES
2012-12-30 17:19 . 2012-12-30 17:19 -------- d-----w- c:\windows\system32\eu-ES
2012-12-30 17:19 . 2012-12-30 17:19 -------- d-----w- c:\windows\system32\vi-VN
2012-12-28 21:21 . 2012-12-30 16:23 -------- d-----w- c:\users\Cherie\AppData\Roaming\QuickScan
2012-12-28 21:20 . 2012-12-30 16:29 -------- d-----w- c:\users\Cherie\AppData\Roaming\OpswatLogs
2012-12-28 03:57 . 2012-08-21 19:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-28 03:56 . 2012-12-28 03:56 -------- d-----w- c:\program files\Mozilla Plugins
2012-12-28 03:56 . 2012-12-28 03:56 -------- d-----w- c:\program files\iTunesMiniPlayer.Resources
2012-12-28 03:56 . 2012-12-28 03:56 -------- d-----w- c:\program files\iTunesHelper.Resources
2012-12-28 03:54 . 2012-12-28 03:55 -------- d-----w- c:\program files\iTunes.Resources
2012-12-28 03:54 . 2012-12-28 03:54 -------- d-----w- c:\program files\iPod
2012-12-28 03:52 . 2012-12-28 03:56 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-28 03:52 . 2012-12-28 03:54 -------- d-----w- c:\program files\CD Configuration
2012-12-12 19:57 . 2012-12-12 19:57 293344 ----a-w- c:\program files\iTunesOutlookAddIn.dll
2012-12-12 19:57 . 2012-12-12 19:57 405472 ----a-w- c:\program files\iTunesAdmin.dll
2012-12-12 19:57 . 2012-12-12 19:57 152544 ----a-w- c:\program files\iTunesHelper.exe
2012-12-12 19:57 . 2012-12-12 19:57 148960 ----a-w- c:\program files\iTunesHelper.dll
2012-12-12 19:57 . 2012-12-12 19:57 117728 ----a-w- c:\program files\iTunesMiniPlayer.dll
2012-12-12 19:57 . 2012-12-12 19:57 9789408 ----a-w- c:\program files\iTunes.exe
2012-12-12 19:57 . 2012-12-12 19:57 782840 ----a-w- c:\program files\gnsdk_sdkmanager.dll
2012-12-12 19:57 . 2012-12-12 19:57 3015160 ----a-w- c:\program files\gnsdk_dsp.dll
2012-12-12 19:57 . 2012-12-12 19:57 269304 ----a-w- c:\program files\gnsdk_submit.dll
2012-12-12 19:57 . 2012-12-12 19:57 22747616 ----a-w- c:\program files\iTunes.dll
2012-12-12 19:57 . 2012-12-12 19:57 226296 ----a-w- c:\program files\gnsdk_musicid.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-31 15:27 . 2012-12-31 15:27 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
2012-12-30 19:23 . 2012-05-11 16:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-30 19:23 . 2011-06-26 16:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-31 21:53 . 2012-10-31 21:53 112528 ----a-w- c:\program files\ITDetector.ocx
2012-10-08 15:44 . 2012-10-08 15:44 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-08 15:44 . 2012-08-03 02:00 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-08 15:44 . 2011-03-25 18:12 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-07 14:41 . 2011-03-25 04:36 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}"= "c:\program files\Swagbucks2\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Swagbucks2\prxtbSwag.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}"= "c:\program files\Swagbucks2\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{F6F9D189-F5D3-4CDE-9901-4944CF9B2B1E}"= "c:\program files\Swagbucks2\prxtbSwag.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2007-12-01 00:06 303104 ------w- c:\ddi\OverIcon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"GoogleChromeAutoLaunch_182A077789D37C7DA9A5650D3C1D56FE"="c:\users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-12-05 1242728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-06-10 118784]
"VWLASU"="c:\program files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe" [2007-10-13 45056]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-30 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-30 81920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 04:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2012-01-03 22:31 1391272 ----a-w- c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 20:13 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-22 13:04 133104 ----atw- c:\users\Cherie\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
2009-11-19 22:19 598016 ----a-r- c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 14:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Center Access Bar]
2007-09-06 23:38 53248 ----a-w- c:\program files\Sony\VAIO Center Access Bar\VCAB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Cherie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunesHelper.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 19:23]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-26 17:09]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-26 17:09]
.
2012-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2337267849-1452406365-3508456928-1000Core1cd936cc593c800.job
- c:\users\Cherie\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-22 13:04]
.
2012-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2337267849-1452406365-3508456928-1000UA.job
- c:\users\Cherie\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-22 13:04]
.
2012-12-30 c:\windows\Tasks\ReclaimerUpdateFiles_Cherie.job
- c:\users\Cherie\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-21 16:05]
.
2012-12-31 c:\windows\Tasks\ReclaimerUpdateXML_Cherie.job
- c:\users\Cherie\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-21 16:05]
.
2012-12-31 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Cherie.job
- c:\users\Cherie\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-21 16:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT3247692
uInternet Settings,ProxyOverride = *.local
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1
DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab
FF - ProfilePath - c:\users\Cherie\AppData\Roaming\Mozilla\Firefox\Profiles\2880qdxt.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3247692&SearchSource=13&CUI=SB_CUI
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3247692&SearchSource=2&q=
FF - ExtSQL: 2012-11-07 13:46; {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}; c:\users\Cherie\AppData\Roaming\Mozilla\Firefox\Profiles\2880qdxt.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
FF - ExtSQL: 2012-11-20 17:32; {f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}; c:\users\Cherie\AppData\Roaming\Mozilla\Firefox\Profiles\2880qdxt.default\extensions\{f6f9d189-f5d3-4cde-9901-4944cf9b2b1e}
FF - ExtSQL: !HIDDEN! 2009-08-23 11:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Amazon Kindle - c:\users\Cherie\AppData\Local\Amazon\Kindle For PC\application\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-31 16:34
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\N360]
"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\NAT]
"ImagePath"="\"c:\program files\Norton Anti-Theft\Engine\1.1.0.23\ccSvcHst.exe\" /s \"NAT\" /m \"c:\program files\Norton Anti-Theft\Engine\1.1.0.23\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3696)
c:\ddi\overicon.dll
.
Completion time: 2012-12-31 16:37:55
ComboFix-quarantined-files.txt 2012-12-31 22:37
.
Pre-Run: 16,441,516,032 bytes free
Post-Run: 16,496,898,048 bytes free
.
- - End Of File - - 3E74A12509CAF321D9C3FEF08A94F771
  • 0

#8
RKinner
Posted 31 December 2012 - 06:26 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Do all of the scans. Each looks for a different type of infection or problem.
  • 0

#9
M624
Posted 31 December 2012 - 07:16 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
TDSS Killer Report

19:13:13.0644 5576 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:13:14.0611 5576 ============================================================
19:13:14.0611 5576 Current date / time: 2012/12/31 19:13:14.0611
19:13:14.0611 5576 SystemInfo:
19:13:14.0611 5576
19:13:14.0611 5576 OS Version: 6.0.6002 ServicePack: 2.0
19:13:14.0611 5576 Product type: Workstation
19:13:14.0611 5576 ComputerName: CHERIE
19:13:14.0611 5576 UserName: Cherie
19:13:14.0611 5576 Windows directory: C:\Windows
19:13:14.0611 5576 System windows directory: C:\Windows
19:13:14.0611 5576 Processor architecture: Intel x86
19:13:14.0611 5576 Number of processors: 2
19:13:14.0611 5576 Page size: 0x1000
19:13:14.0611 5576 Boot type: Normal boot
19:13:14.0611 5576 ============================================================
19:13:15.0298 5576 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:13:15.0454 5576 ============================================================
19:13:15.0454 5576 \Device\Harddisk0\DR0:
19:13:15.0454 5576 MBR partitions:
19:13:15.0454 5576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x148E800, BlocksNum 0x160101B0
19:13:15.0454 5576 ============================================================
19:13:15.0501 5576 C: <-> \Device\Harddisk0\DR0\Partition1
19:13:15.0501 5576 ============================================================
19:13:15.0501 5576 Initialize success
19:13:15.0501 5576 ============================================================
19:13:29.0433 5488 ============================================================
19:13:29.0433 5488 Scan started
19:13:29.0433 5488 Mode: Manual;
19:13:29.0433 5488 ============================================================
19:13:30.0881 5488 ================ Scan system memory ========================
19:13:30.0881 5488 System memory - ok
19:13:30.0881 5488 ================ Scan services =============================
19:13:31.0474 5488 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:13:31.0490 5488 ACPI - ok
19:13:31.0599 5488 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
19:13:31.0630 5488 AdobeActiveFileMonitor6.0 - ok
19:13:31.0724 5488 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:13:31.0724 5488 AdobeARMservice - ok
19:13:31.0802 5488 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:13:31.0802 5488 AdobeFlashPlayerUpdateSvc - ok
19:13:31.0849 5488 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:13:31.0849 5488 adp94xx - ok
19:13:31.0880 5488 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:13:31.0880 5488 adpahci - ok
19:13:31.0927 5488 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:13:31.0927 5488 adpu160m - ok
19:13:31.0942 5488 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:13:31.0942 5488 adpu320 - ok
19:13:31.0973 5488 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:13:31.0973 5488 AeLookupSvc - ok
19:13:32.0036 5488 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:13:32.0036 5488 AFD - ok
19:13:32.0067 5488 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:13:32.0067 5488 agp440 - ok
19:13:32.0161 5488 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:13:32.0161 5488 aic78xx - ok
19:13:32.0192 5488 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:13:32.0192 5488 ALG - ok
19:13:32.0207 5488 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
19:13:32.0207 5488 aliide - ok
19:13:32.0254 5488 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:13:32.0254 5488 amdagp - ok
19:13:32.0270 5488 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
19:13:32.0270 5488 amdide - ok
19:13:32.0317 5488 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:13:32.0332 5488 AmdK7 - ok
19:13:32.0363 5488 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:13:32.0363 5488 AmdK8 - ok
19:13:32.0426 5488 [ 18BFF317BDB10C64A35E1CA85F1EC051 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:13:32.0426 5488 ApfiltrService - ok
19:13:32.0473 5488 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:13:32.0473 5488 Appinfo - ok
19:13:32.0551 5488 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:13:32.0551 5488 Apple Mobile Device - ok
19:13:32.0613 5488 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
19:13:32.0629 5488 arc - ok
19:13:32.0644 5488 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:13:32.0644 5488 arcsas - ok
19:13:32.0675 5488 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:13:32.0675 5488 AsyncMac - ok
19:13:32.0738 5488 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:13:32.0738 5488 atapi - ok
19:13:32.0800 5488 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:13:32.0800 5488 AudioEndpointBuilder - ok
19:13:32.0800 5488 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:13:32.0816 5488 Audiosrv - ok
19:13:32.0847 5488 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:13:32.0847 5488 Beep - ok
19:13:32.0878 5488 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:13:32.0878 5488 BFE - ok
19:13:33.0143 5488 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20121130.005\BHDrvx86.sys
19:13:33.0175 5488 BHDrvx86 - ok
19:13:33.0237 5488 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
19:13:33.0268 5488 BITS - ok
19:13:33.0268 5488 blbdrive - ok
19:13:33.0331 5488 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:13:33.0346 5488 Bonjour Service - ok
19:13:33.0393 5488 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:13:33.0393 5488 bowser - ok
19:13:33.0409 5488 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:13:33.0424 5488 BrFiltLo - ok
19:13:33.0424 5488 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:13:33.0424 5488 BrFiltUp - ok
19:13:33.0471 5488 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:13:33.0487 5488 Browser - ok
19:13:33.0502 5488 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:13:33.0502 5488 Brserid - ok
19:13:33.0565 5488 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\Windows\system32\Drivers\BrSerIf.sys
19:13:33.0565 5488 BrSerIf - ok
19:13:33.0580 5488 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:13:33.0580 5488 BrSerWdm - ok
19:13:33.0596 5488 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:13:33.0596 5488 BrUsbMdm - ok
19:13:33.0611 5488 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\Windows\system32\Drivers\BrUsbSer.sys
19:13:33.0611 5488 BrUsbSer - ok
19:13:33.0658 5488 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:13:33.0658 5488 BthEnum - ok
19:13:33.0689 5488 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:13:33.0689 5488 BTHMODEM - ok
19:13:33.0752 5488 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:13:33.0752 5488 BthPan - ok
19:13:33.0783 5488 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:13:33.0814 5488 BTHPORT - ok
19:13:33.0845 5488 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:13:33.0861 5488 BthServ - ok
19:13:33.0892 5488 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:13:33.0892 5488 BTHUSB - ok
19:13:33.0923 5488 [ F2195899900E358614FA535EA503373E ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:13:33.0923 5488 btwaudio - ok
19:13:33.0939 5488 [ 769DFBE72448B31221DB818A049760A5 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:13:33.0939 5488 btwavdt - ok
19:13:33.0970 5488 [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:13:33.0970 5488 btwl2cap - ok
19:13:33.0986 5488 [ 9FA7311CE621683AAB68A324E623F9B2 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:13:33.0986 5488 btwrchid - ok
19:13:34.0017 5488 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
19:13:34.0017 5488 BVRPMPR5 - ok
19:13:34.0095 5488 catchme - ok
19:13:34.0204 5488 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360 C:\Windows\system32\drivers\N360\0604000.009\ccSetx86.sys
19:13:34.0204 5488 ccSet_N360 - ok
19:13:34.0251 5488 ccSet_NAT - ok
19:13:34.0313 5488 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:13:34.0313 5488 cdfs - ok
19:13:34.0376 5488 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:13:34.0376 5488 cdrom - ok
19:13:34.0391 5488 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:13:34.0391 5488 CertPropSvc - ok
19:13:34.0438 5488 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
19:13:34.0438 5488 circlass - ok
19:13:34.0469 5488 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:13:34.0485 5488 CLFS - ok
19:13:34.0563 5488 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:13:34.0625 5488 clr_optimization_v2.0.50727_32 - ok
19:13:34.0703 5488 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:13:34.0797 5488 clr_optimization_v4.0.30319_32 - ok
19:13:34.0828 5488 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:13:34.0828 5488 CmBatt - ok
19:13:34.0859 5488 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:13:34.0859 5488 cmdide - ok
19:13:34.0906 5488 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:13:34.0906 5488 Compbatt - ok
19:13:34.0937 5488 COMSysApp - ok
19:13:34.0937 5488 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:13:34.0937 5488 crcdisk - ok
19:13:34.0953 5488 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:13:34.0953 5488 Crusoe - ok
19:13:35.0000 5488 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:13:35.0000 5488 CryptSvc - ok
19:13:35.0078 5488 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:13:35.0093 5488 DcomLaunch - ok
19:13:35.0125 5488 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:13:35.0125 5488 DfsC - ok
19:13:35.0234 5488 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:13:35.0296 5488 DFSR - ok
19:13:35.0437 5488 [ 73FC5BC52572084EC1241514CF6230A0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:13:35.0437 5488 dg_ssudbus - ok
19:13:35.0483 5488 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:13:35.0483 5488 Dhcp - ok
19:13:35.0530 5488 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:13:35.0530 5488 disk - ok
19:13:35.0546 5488 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
19:13:35.0546 5488 DMICall - ok
19:13:35.0608 5488 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:13:35.0608 5488 Dnscache - ok
19:13:35.0671 5488 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:13:35.0671 5488 dot3svc - ok
19:13:35.0717 5488 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:13:35.0733 5488 DPS - ok
19:13:35.0749 5488 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:13:35.0749 5488 drmkaud - ok
19:13:35.0858 5488 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:13:35.0858 5488 DXGKrnl - ok
19:13:35.0905 5488 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:13:35.0920 5488 E1G60 - ok
19:13:35.0967 5488 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:13:35.0967 5488 EapHost - ok
19:13:36.0029 5488 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:13:36.0029 5488 Ecache - ok
19:13:36.0155 5488 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:13:36.0155 5488 eeCtrl - ok
19:13:36.0244 5488 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:13:36.0250 5488 ehRecvr - ok
19:13:36.0283 5488 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:13:36.0286 5488 ehSched - ok
19:13:36.0296 5488 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:13:36.0297 5488 ehstart - ok
19:13:36.0362 5488 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:13:36.0367 5488 elxstor - ok
19:13:36.0480 5488 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:13:36.0503 5488 EMDMgmt - ok
19:13:36.0597 5488 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:13:36.0599 5488 EraserUtilRebootDrv - ok
19:13:36.0666 5488 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:13:36.0671 5488 EventSystem - ok
19:13:36.0715 5488 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:13:36.0717 5488 exfat - ok
19:13:36.0771 5488 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:13:36.0773 5488 fastfat - ok
19:13:36.0808 5488 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:13:36.0809 5488 fdc - ok
19:13:36.0842 5488 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:13:36.0843 5488 fdPHost - ok
19:13:36.0871 5488 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:13:36.0873 5488 FDResPub - ok
19:13:36.0913 5488 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:13:36.0915 5488 FileInfo - ok
19:13:36.0959 5488 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:13:36.0961 5488 Filetrace - ok
19:13:37.0003 5488 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:13:37.0026 5488 FLEXnet Licensing Service - ok
19:13:37.0040 5488 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:13:37.0041 5488 flpydisk - ok
19:13:37.0086 5488 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:13:37.0090 5488 FltMgr - ok
19:13:37.0185 5488 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:13:37.0191 5488 FontCache - ok
19:13:37.0258 5488 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:13:37.0260 5488 FontCache3.0.0.0 - ok
19:13:37.0351 5488 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
19:13:37.0355 5488 FreeAgentGoNext Service - ok
19:13:37.0398 5488 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:13:37.0399 5488 Fs_Rec - ok
19:13:37.0427 5488 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:13:37.0429 5488 gagp30kx - ok
19:13:37.0459 5488 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:13:37.0461 5488 GEARAspiWDM - ok
19:13:37.0516 5488 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:13:37.0539 5488 gpsvc - ok
19:13:37.0596 5488 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:13:37.0598 5488 gupdate - ok
19:13:37.0604 5488 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:13:37.0605 5488 gupdatem - ok
19:13:37.0634 5488 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:13:37.0639 5488 HdAudAddService - ok
19:13:37.0692 5488 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:13:37.0715 5488 HDAudBus - ok
19:13:37.0745 5488 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:13:37.0747 5488 HidBth - ok
19:13:37.0773 5488 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:13:37.0775 5488 HidIr - ok
19:13:37.0833 5488 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
19:13:37.0835 5488 hidserv - ok
19:13:37.0878 5488 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:13:37.0879 5488 HidUsb - ok
19:13:37.0918 5488 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:13:37.0921 5488 hkmsvc - ok
19:13:37.0954 5488 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:13:37.0954 5488 HpCISSs - ok
19:13:37.0970 5488 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:13:37.0986 5488 HSFHWAZL - ok
19:13:38.0032 5488 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:13:38.0079 5488 HSF_DPV - ok
19:13:38.0095 5488 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:13:38.0095 5488 HSXHWAZL - ok
19:13:38.0126 5488 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:13:38.0126 5488 HTCAND32 - ok
19:13:38.0188 5488 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:13:38.0188 5488 HTTP - ok
19:13:38.0220 5488 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:13:38.0220 5488 i2omp - ok
19:13:38.0282 5488 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:13:38.0282 5488 i8042prt - ok
19:13:38.0298 5488 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:13:38.0298 5488 iaStor - ok
19:13:38.0344 5488 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:13:38.0344 5488 iaStorV - ok
19:13:38.0422 5488 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:13:38.0438 5488 IDriverT - ok
19:13:38.0578 5488 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:13:38.0610 5488 idsvc - ok
19:13:38.0719 5488 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20121230.001\IDSvix86.sys
19:13:38.0719 5488 IDSVix86 - ok
19:13:38.0734 5488 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:13:38.0734 5488 iirsp - ok
19:13:38.0797 5488 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:13:38.0797 5488 IKEEXT - ok
19:13:38.0844 5488 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
19:13:38.0844 5488 intelide - ok
19:13:38.0875 5488 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:13:38.0875 5488 intelppm - ok
19:13:38.0922 5488 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:13:38.0922 5488 IPBusEnum - ok
19:13:38.0968 5488 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:13:38.0968 5488 IpFilterDriver - ok
19:13:39.0015 5488 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:13:39.0015 5488 iphlpsvc - ok
19:13:39.0031 5488 IpInIp - ok
19:13:39.0046 5488 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:13:39.0062 5488 IPMIDRV - ok
19:13:39.0093 5488 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:13:39.0093 5488 IPNAT - ok
19:13:39.0156 5488 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:13:39.0171 5488 iPod Service - ok
19:13:39.0234 5488 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:13:39.0249 5488 IRENUM - ok
19:13:39.0265 5488 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:13:39.0280 5488 isapnp - ok
19:13:39.0312 5488 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:13:39.0327 5488 iScsiPrt - ok
19:13:39.0343 5488 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:13:39.0358 5488 iteatapi - ok
19:13:39.0374 5488 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:13:39.0374 5488 iteraid - ok
19:13:39.0421 5488 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:13:39.0421 5488 IviRegMgr - ok
19:13:39.0468 5488 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:13:39.0468 5488 kbdclass - ok
19:13:39.0499 5488 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:13:39.0514 5488 kbdhid - ok
19:13:39.0546 5488 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:13:39.0546 5488 KeyIso - ok
19:13:39.0592 5488 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:13:39.0608 5488 KSecDD - ok
19:13:39.0670 5488 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:13:39.0670 5488 KtmRm - ok
19:13:39.0764 5488 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
19:13:39.0764 5488 LanmanServer - ok
19:13:39.0811 5488 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:13:39.0811 5488 LanmanWorkstation - ok
19:13:39.0858 5488 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:13:39.0858 5488 lltdio - ok
19:13:39.0904 5488 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:13:39.0920 5488 lltdsvc - ok
19:13:39.0951 5488 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:13:39.0951 5488 lmhosts - ok
19:13:39.0967 5488 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:13:39.0967 5488 LSI_FC - ok
19:13:39.0982 5488 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:13:39.0998 5488 LSI_SAS - ok
19:13:40.0014 5488 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:13:40.0014 5488 LSI_SCSI - ok
19:13:40.0076 5488 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:13:40.0076 5488 luafv - ok
19:13:40.0092 5488 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:13:40.0092 5488 Mcx2Svc - ok
19:13:40.0123 5488 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:13:40.0138 5488 mdmxsdk - ok
19:13:40.0154 5488 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
19:13:40.0154 5488 megasas - ok
19:13:40.0216 5488 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:13:40.0216 5488 MMCSS - ok
19:13:40.0248 5488 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:13:40.0248 5488 Modem - ok
19:13:40.0294 5488 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:13:40.0294 5488 monitor - ok
19:13:40.0310 5488 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:13:40.0310 5488 mouclass - ok
19:13:40.0357 5488 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:13:40.0372 5488 mouhid - ok
19:13:40.0419 5488 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:13:40.0419 5488 MountMgr - ok
19:13:40.0497 5488 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:13:40.0513 5488 MozillaMaintenance - ok
19:13:40.0544 5488 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
19:13:40.0544 5488 mpio - ok
19:13:40.0591 5488 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:13:40.0591 5488 mpsdrv - ok
19:13:40.0653 5488 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:13:40.0653 5488 MpsSvc - ok
19:13:40.0700 5488 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:13:40.0700 5488 Mraid35x - ok
19:13:40.0747 5488 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:13:40.0747 5488 MRxDAV - ok
19:13:40.0794 5488 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:13:40.0809 5488 mrxsmb - ok
19:13:40.0950 5488 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:13:40.0950 5488 mrxsmb10 - ok
19:13:40.0965 5488 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:13:40.0965 5488 mrxsmb20 - ok
19:13:40.0996 5488 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
19:13:40.0996 5488 msahci - ok
19:13:41.0043 5488 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:13:41.0043 5488 MSCSPTISRV - ok
19:13:41.0059 5488 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:13:41.0059 5488 msdsm - ok
19:13:41.0106 5488 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:13:41.0106 5488 MSDTC - ok
19:13:41.0184 5488 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:13:41.0184 5488 Msfs - ok
19:13:41.0230 5488 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:13:41.0230 5488 msisadrv - ok
19:13:41.0293 5488 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:13:41.0293 5488 MSiSCSI - ok
19:13:41.0293 5488 msiserver - ok
19:13:41.0340 5488 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:13:41.0340 5488 MSKSSRV - ok
19:13:41.0418 5488 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:13:41.0418 5488 MSPCLOCK - ok
19:13:41.0464 5488 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:13:41.0464 5488 MSPQM - ok
19:13:41.0511 5488 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:13:41.0527 5488 MsRPC - ok
19:13:41.0574 5488 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:13:41.0574 5488 mssmbios - ok
19:13:41.0589 5488 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:13:41.0589 5488 MSTEE - ok
19:13:41.0698 5488 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:13:41.0698 5488 Mup - ok
19:13:41.0792 5488 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe
19:13:41.0808 5488 N360 - ok
19:13:41.0839 5488 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:13:41.0854 5488 napagent - ok
19:13:41.0901 5488 NAT - ok
19:13:41.0932 5488 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:13:41.0932 5488 NativeWifiP - ok
19:13:42.0042 5488 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121231.004\NAVENG.SYS
19:13:42.0042 5488 NAVENG - ok
19:13:42.0120 5488 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20121231.004\NAVEX15.SYS
19:13:42.0166 5488 NAVEX15 - ok
19:13:42.0213 5488 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:13:42.0244 5488 NDIS - ok
19:13:42.0276 5488 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:13:42.0276 5488 NdisTapi - ok
19:13:42.0322 5488 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:13:42.0322 5488 Ndisuio - ok
19:13:42.0369 5488 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:13:42.0369 5488 NdisWan - ok
19:13:42.0432 5488 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:13:42.0447 5488 NDProxy - ok
19:13:42.0447 5488 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:13:42.0447 5488 NetBIOS - ok
19:13:42.0525 5488 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:13:42.0525 5488 netbt - ok
19:13:42.0541 5488 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:13:42.0541 5488 Netlogon - ok
19:13:42.0603 5488 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:13:42.0603 5488 Netman - ok
19:13:42.0650 5488 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:13:42.0650 5488 netprofm - ok
19:13:42.0697 5488 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:13:42.0697 5488 NetTcpPortSharing - ok
19:13:42.0868 5488 [ 25ACCCFC33DD448B9D3037C5E439E830 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
19:13:42.0915 5488 NETw4v32 - ok
19:13:42.0946 5488 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:13:42.0962 5488 nfrd960 - ok
19:13:43.0040 5488 [ CCC9F57D8BDB89F0D0995131A656DE31 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
19:13:43.0040 5488 NitroReaderDriverReadSpool2 - ok
19:13:43.0087 5488 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:13:43.0087 5488 NlaSvc - ok
19:13:43.0134 5488 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:13:43.0134 5488 Npfs - ok
19:13:43.0180 5488 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:13:43.0180 5488 nsi - ok
19:13:43.0243 5488 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:13:43.0243 5488 nsiproxy - ok
19:13:43.0321 5488 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:13:43.0352 5488 Ntfs - ok
19:13:43.0383 5488 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:13:43.0383 5488 ntrigdigi - ok
19:13:43.0446 5488 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:13:43.0446 5488 Null - ok
19:13:43.0758 5488 [ 39D8F5A92427C57309355199592EAD9F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:13:43.0945 5488 nvlddmkm - ok
19:13:43.0960 5488 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:13:43.0960 5488 nvraid - ok
19:13:43.0976 5488 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:13:43.0992 5488 nvstor - ok
19:13:44.0023 5488 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:13:44.0023 5488 nv_agp - ok
19:13:44.0023 5488 NwlnkFlt - ok
19:13:44.0038 5488 NwlnkFwd - ok
19:13:44.0132 5488 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:13:44.0132 5488 odserv - ok
19:13:44.0194 5488 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:13:44.0194 5488 ohci1394 - ok
19:13:44.0241 5488 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:13:44.0241 5488 ose - ok
19:13:44.0319 5488 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:13:44.0335 5488 p2pimsvc - ok
19:13:44.0382 5488 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:13:44.0382 5488 p2psvc - ok
19:13:44.0413 5488 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:13:44.0428 5488 PACSPTISVR - ok
19:13:44.0444 5488 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:13:44.0460 5488 Parport - ok
19:13:44.0506 5488 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:13:44.0506 5488 partmgr - ok
19:13:44.0506 5488 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:13:44.0506 5488 Parvdm - ok
19:13:44.0553 5488 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:13:44.0553 5488 PcaSvc - ok
19:13:44.0600 5488 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:13:44.0600 5488 pci - ok
19:13:44.0631 5488 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:13:44.0631 5488 pciide - ok
19:13:44.0678 5488 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:13:44.0678 5488 pcmcia - ok
19:13:44.0725 5488 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:13:44.0756 5488 PEAUTH - ok
19:13:44.0850 5488 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:13:44.0912 5488 pla - ok
19:13:44.0974 5488 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:13:44.0990 5488 PlugPlay - ok
19:13:45.0037 5488 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:13:45.0037 5488 PNRPAutoReg - ok
19:13:45.0084 5488 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:13:45.0084 5488 PNRPsvc - ok
19:13:45.0115 5488 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:13:45.0130 5488 PolicyAgent - ok
19:13:45.0177 5488 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:13:45.0177 5488 PptpMiniport - ok
19:13:45.0208 5488 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
19:13:45.0240 5488 Processor - ok
19:13:45.0271 5488 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:13:45.0271 5488 ProfSvc - ok
19:13:45.0302 5488 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:13:45.0302 5488 ProtectedStorage - ok
19:13:45.0364 5488 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
19:13:45.0364 5488 ProtexisLicensing - ok
19:13:45.0411 5488 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:13:45.0411 5488 PSched - ok
19:13:45.0474 5488 [ 785E1032C8F3C8C60AA8E2B7FE377869 ] PTDMBus C:\Windows\system32\DRIVERS\PTDMBus.sys
19:13:45.0474 5488 PTDMBus - ok
19:13:45.0536 5488 [ 924C2B2DCA76D2BD7D44B3BB968B344F ] PTDMMdm C:\Windows\system32\DRIVERS\PTDMMdm.sys
19:13:45.0536 5488 PTDMMdm - ok
19:13:45.0583 5488 [ 58AD3CCDD567FA45FD94AF15229ACE7C ] PTDMVsp C:\Windows\system32\DRIVERS\PTDMVsp.sys
19:13:45.0583 5488 PTDMVsp - ok
19:13:45.0615 5488 [ 49F773DECBCD6A555C7A8694D37D232E ] PTDMWWAN C:\Windows\system32\DRIVERS\PTDMWWAN.sys
19:13:45.0615 5488 PTDMWWAN - ok
19:13:45.0626 5488 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:13:45.0628 5488 PxHelp20 - ok
19:13:45.0884 5488 [ FAD2DD41B0C6DA123106AFC8098705AC ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
19:13:45.0886 5488 QBCFMonitorService - ok
19:13:45.0923 5488 [ BAB30D2799754F6EA22F0B9076311793 ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
19:13:45.0926 5488 QBFCService - ok
19:13:45.0960 5488 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:13:45.0993 5488 ql2300 - ok
19:13:46.0024 5488 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:13:46.0027 5488 ql40xx - ok
19:13:46.0084 5488 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:13:46.0090 5488 QWAVE - ok
19:13:46.0135 5488 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:13:46.0137 5488 QWAVEdrv - ok
19:13:46.0169 5488 [ 619FEE09714903EF72F0FB80882CC946 ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
19:13:46.0171 5488 R5U870FLx86 - ok
19:13:46.0190 5488 [ 3F75BA4B7E81A42781B725657883A2B4 ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
19:13:46.0191 5488 R5U870FUx86 - ok
19:13:46.0234 5488 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:13:46.0236 5488 RasAcd - ok
19:13:46.0288 5488 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:13:46.0292 5488 RasAuto - ok
19:13:46.0342 5488 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:13:46.0344 5488 Rasl2tp - ok
19:13:46.0395 5488 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:13:46.0404 5488 RasMan - ok
19:13:46.0445 5488 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:13:46.0446 5488 RasPppoe - ok
19:13:46.0495 5488 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:13:46.0498 5488 RasSstp - ok
19:13:46.0559 5488 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:13:46.0564 5488 rdbss - ok
19:13:46.0614 5488 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:13:46.0615 5488 RDPCDD - ok
19:13:46.0650 5488 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:13:46.0655 5488 rdpdr - ok
19:13:46.0662 5488 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:13:46.0664 5488 RDPENCDD - ok
19:13:46.0725 5488 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:13:46.0729 5488 RDPWD - ok
19:13:46.0774 5488 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
19:13:46.0775 5488 regi - ok
19:13:46.0826 5488 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:13:46.0829 5488 RemoteAccess - ok
19:13:46.0875 5488 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:13:46.0878 5488 RemoteRegistry - ok
19:13:46.0926 5488 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:13:46.0929 5488 RFCOMM - ok
19:13:46.0935 5488 RimUsb - ok
19:13:46.0968 5488 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
19:13:46.0970 5488 RimVSerPort - ok
19:13:47.0022 5488 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:13:47.0024 5488 ROOTMODEM - ok
19:13:47.0056 5488 RoxLiveShare9 - ok
19:13:47.0088 5488 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:13:47.0090 5488 RpcLocator - ok
19:13:47.0157 5488 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
19:13:47.0162 5488 RpcSs - ok
19:13:47.0216 5488 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:13:47.0219 5488 rspndr - ok
19:13:47.0233 5488 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:13:47.0234 5488 SamSs - ok
19:13:47.0280 5488 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:13:47.0283 5488 sbp2port - ok
19:13:47.0337 5488 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:13:47.0340 5488 SCardSvr - ok
19:13:47.0404 5488 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:13:47.0525 5488 Schedule - ok
19:13:47.0546 5488 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:13:47.0548 5488 SCPolicySvc - ok
19:13:47.0589 5488 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:13:47.0593 5488 SDRSVC - ok
19:13:47.0606 5488 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:13:47.0607 5488 secdrv - ok
19:13:47.0658 5488 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:13:47.0660 5488 seclogon - ok
19:13:47.0681 5488 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
19:13:47.0684 5488 SENS - ok
19:13:47.0723 5488 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:13:47.0724 5488 Serenum - ok
19:13:47.0741 5488 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:13:47.0743 5488 Serial - ok
19:13:47.0759 5488 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:13:47.0761 5488 sermouse - ok
19:13:47.0815 5488 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:13:47.0818 5488 SessionEnv - ok
19:13:47.0849 5488 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
19:13:47.0850 5488 SFEP - ok
19:13:47.0863 5488 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:13:47.0864 5488 sffdisk - ok
19:13:47.0884 5488 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:13:47.0885 5488 sffp_mmc - ok
19:13:47.0896 5488 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:13:47.0897 5488 sffp_sd - ok
19:13:47.0913 5488 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:13:47.0915 5488 sfloppy - ok
19:13:47.0955 5488 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:13:47.0961 5488 SharedAccess - ok
19:13:48.0013 5488 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:13:48.0019 5488 ShellHWDetection - ok
19:13:48.0050 5488 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:13:48.0051 5488 sisagp - ok
19:13:48.0078 5488 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:13:48.0079 5488 SiSRaid2 - ok
19:13:48.0101 5488 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:13:48.0103 5488 SiSRaid4 - ok
19:13:48.0181 5488 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:13:48.0185 5488 SkypeUpdate - ok
19:13:48.0325 5488 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:13:48.0431 5488 slsvc - ok
19:13:48.0480 5488 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:13:48.0484 5488 SLUINotify - ok
19:13:48.0530 5488 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:13:48.0532 5488 Smb - ok
19:13:48.0567 5488 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:13:48.0569 5488 SNMPTRAP - ok
19:13:48.0620 5488 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:13:48.0621 5488 spldr - ok
19:13:48.0686 5488 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:13:48.0690 5488 Spooler - ok
19:13:48.0713 5488 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:13:48.0715 5488 SPTISRV - ok
19:13:48.0789 5488 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\N360\0604000.009\SRTSP.SYS
19:13:48.0812 5488 SRTSP - ok
19:13:48.0839 5488 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\N360\0604000.009\SRTSPX.SYS
19:13:48.0840 5488 SRTSPX - ok
19:13:48.0896 5488 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:13:48.0902 5488 srv - ok
19:13:48.0958 5488 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:13:48.0962 5488 srv2 - ok
19:13:48.0992 5488 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:13:48.0994 5488 srvnet - ok
19:13:49.0042 5488 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:13:49.0046 5488 SSDPSRV - ok
19:13:49.0106 5488 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:13:49.0109 5488 SstpSvc - ok
19:13:49.0159 5488 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:13:49.0162 5488 ssudmdm - ok
19:13:49.0192 5488 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\stacsv.exe
19:13:49.0196 5488 STacSV - ok
19:13:49.0216 5488 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
19:13:49.0223 5488 STHDA - ok
19:13:49.0271 5488 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:13:49.0280 5488 stisvc - ok
19:13:49.0329 5488 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:13:49.0330 5488 swenum - ok
19:13:49.0387 5488 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:13:49.0394 5488 swprv - ok
19:13:49.0454 5488 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:13:49.0455 5488 Symc8xx - ok
19:13:49.0503 5488 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\N360\0604000.009\SYMDS.SYS
19:13:49.0509 5488 SymDS - ok
19:13:49.0576 5488 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\N360\0604000.009\SYMEFA.SYS
19:13:49.0609 5488 SymEFA - ok
19:13:49.0646 5488 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
19:13:49.0649 5488 SymEvent - ok
19:13:49.0666 5488 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\N360\0604000.009\Ironx86.SYS
19:13:49.0669 5488 SymIRON - ok
19:13:49.0693 5488 [ 40C6E6417C8B7D7FCF82CFBE71525795 ] SYMTDIv C:\Windows\System32\Drivers\N360\0604000.009\SYMTDIV.SYS
19:13:49.0699 5488 SYMTDIv - ok
19:13:49.0755 5488 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:13:49.0756 5488 Sym_hi - ok
19:13:49.0776 5488 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:13:49.0778 5488 Sym_u3 - ok
19:13:49.0847 5488 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:13:49.0870 5488 SysMain - ok
19:13:49.0899 5488 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:13:49.0902 5488 TabletInputService - ok
19:13:49.0949 5488 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:13:49.0955 5488 TapiSrv - ok
19:13:50.0009 5488 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:13:50.0012 5488 TBS - ok
19:13:50.0083 5488 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:13:50.0116 5488 Tcpip - ok
19:13:50.0161 5488 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:13:50.0166 5488 Tcpip6 - ok
19:13:50.0206 5488 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:13:50.0207 5488 tcpipreg - ok
19:13:50.0251 5488 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:13:50.0253 5488 TDPIPE - ok
19:13:50.0290 5488 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:13:50.0292 5488 TDTCP - ok
19:13:50.0335 5488 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:13:50.0337 5488 tdx - ok
19:13:50.0379 5488 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:13:50.0381 5488 TermDD - ok
19:13:50.0434 5488 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:13:50.0458 5488 TermService - ok
19:13:50.0491 5488 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:13:50.0494 5488 Themes - ok
19:13:50.0510 5488 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:13:50.0512 5488 THREADORDER - ok
19:13:50.0571 5488 [ 909CD987B54A8179C9AEE874D754721A ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
19:13:50.0594 5488 ti21sony - ok
19:13:50.0640 5488 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:13:50.0643 5488 TrkWks - ok
19:13:50.0699 5488 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:13:50.0701 5488 TrustedInstaller - ok
19:13:50.0744 5488 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:13:50.0746 5488 tssecsrv - ok
19:13:50.0794 5488 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:13:50.0796 5488 tunmp - ok
19:13:50.0835 5488 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:13:50.0836 5488 tunnel - ok
19:13:50.0870 5488 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:13:50.0871 5488 uagp35 - ok
19:13:50.0923 5488 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:13:50.0928 5488 udfs - ok
19:13:50.0980 5488 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:13:50.0984 5488 UI0Detect - ok
19:13:51.0005 5488 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:13:51.0007 5488 uliagpkx - ok
19:13:51.0033 5488 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:13:51.0038 5488 uliahci - ok
19:13:51.0054 5488 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:13:51.0057 5488 UlSata - ok
19:13:51.0089 5488 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:13:51.0093 5488 ulsata2 - ok
19:13:51.0137 5488 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:13:51.0139 5488 umbus - ok
19:13:51.0198 5488 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:13:51.0204 5488 upnphost - ok
19:13:51.0243 5488 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:13:51.0245 5488 USBAAPL - ok
19:13:51.0286 5488 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:13:51.0289 5488 usbaudio - ok
19:13:51.0332 5488 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:13:51.0335 5488 usbccgp - ok
19:13:51.0354 5488 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:13:51.0357 5488 usbcir - ok
19:13:51.0403 5488 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:13:51.0410 5488 usbehci - ok
19:13:51.0486 5488 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:13:51.0491 5488 usbhub - ok
19:13:51.0511 5488 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:13:51.0512 5488 usbohci - ok
19:13:51.0558 5488 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:13:51.0559 5488 usbprint - ok
19:13:51.0575 5488 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:13:51.0576 5488 usbscan - ok
19:13:51.0609 5488 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:13:51.0611 5488 USBSTOR - ok
19:13:51.0650 5488 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:13:51.0652 5488 usbuhci - ok
19:13:51.0704 5488 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:13:51.0707 5488 usbvideo - ok
19:13:51.0751 5488 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:13:51.0754 5488 UxSms - ok
19:13:51.0803 5488 [ AFBCD738DF9DE3B6D71AFC704E7F27FB ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
19:13:51.0806 5488 VAIO Entertainment TV Device Arbitration Service - ok
19:13:51.0879 5488 [ 8A9F18ADAD471402236CA931553BF79B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
19:13:51.0883 5488 VAIO Event Service - ok
19:13:52.0009 5488 [ 4B8F85BFC82B849D52FD4F3F32259DBC ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
19:13:52.0122 5488 VAIOMediaPlatform-IntegratedServer-AppServer - ok
19:13:52.0187 5488 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
19:13:52.0196 5488 VAIOMediaPlatform-IntegratedServer-HTTP - ok
19:13:52.0251 5488 [ 58558F3DC2FEF127B697D1138A8D7AFB ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
19:13:52.0285 5488 VAIOMediaPlatform-IntegratedServer-UPnP - ok
19:13:52.0326 5488 [ 52D4F568FE7D05AE5026B8717EEB59EB ] VAIOMediaPlatform-UCLS-AppServer C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
19:13:52.0349 5488 VAIOMediaPlatform-UCLS-AppServer - ok
19:13:52.0359 5488 [ 56E33AAA46CBA8431E72486196AFB3A1 ] VAIOMediaPlatform-UCLS-HTTP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
19:13:52.0362 5488 VAIOMediaPlatform-UCLS-HTTP - ok
19:13:52.0415 5488 [ 58558F3DC2FEF127B697D1138A8D7AFB ] VAIOMediaPlatform-UCLS-UPnP C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
19:13:52.0421 5488 VAIOMediaPlatform-UCLS-UPnP - ok
19:13:52.0471 5488 [ 6EF45DF2FCC4AE35C715A6C9B5C68B17 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:13:52.0477 5488 VcmIAlzMgr - ok
19:13:52.0569 5488 [ C4DE5BA157FD83BBDAEB70EE27417E0E ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
19:13:52.0572 5488 VcmXmlIfHelper - ok
19:13:52.0575 5488 Vcsw - ok
19:13:52.0626 5488 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:13:52.0634 5488 vds - ok
19:13:52.0692 5488 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:13:52.0693 5488 vga - ok
19:13:52.0731 5488 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:13:52.0732 5488 VgaSave - ok
19:13:52.0746 5488 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:13:52.0747 5488 viaagp - ok
19:13:52.0758 5488 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:13:52.0759 5488 ViaC7 - ok
19:13:52.0774 5488 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
19:13:52.0775 5488 viaide - ok
19:13:52.0793 5488 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:13:52.0795 5488 volmgr - ok
19:13:52.0839 5488 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:13:52.0845 5488 volmgrx - ok
19:13:52.0929 5488 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:13:52.0934 5488 volsnap - ok
19:13:52.0958 5488 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:13:52.0961 5488 vsmraid - ok
19:13:53.0040 5488 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:13:53.0074 5488 VSS - ok
19:13:53.0126 5488 [ 2E785F4F92C4C67CEBB61DD55ED1F6A1 ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
19:13:53.0133 5488 VzCdbSvc - ok
19:13:53.0153 5488 [ 2D876CAD8C7FFB08179DFF361FF851E6 ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
19:13:53.0157 5488 VzFw - ok
19:13:53.0217 5488 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:13:53.0224 5488 W32Time - ok
19:13:53.0251 5488 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:13:53.0253 5488 WacomPen - ok
19:13:53.0300 5488 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:13:53.0302 5488 Wanarp - ok
19:13:53.0306 5488 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:13:53.0307 5488 Wanarpv6 - ok
19:13:53.0337 5488 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:13:53.0359 5488 wcncsvc - ok
19:13:53.0387 5488 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:13:53.0389 5488 WcsPlugInService - ok
19:13:53.0400 5488 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
19:13:53.0411 5488 Wd - ok
19:13:53.0472 5488 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
19:13:53.0473 5488 WDC_SAM - ok
19:13:53.0540 5488 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:13:53.0562 5488 Wdf01000 - ok
19:13:53.0609 5488 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:13:53.0613 5488 WdiServiceHost - ok
19:13:53.0617 5488 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:13:53.0619 5488 WdiSystemHost - ok
19:13:53.0726 5488 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:13:53.0732 5488 WebClient - ok
19:13:53.0779 5488 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:13:53.0784 5488 Wecsvc - ok
19:13:53.0827 5488 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:13:53.0830 5488 wercplsupport - ok
19:13:53.0884 5488 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:13:53.0888 5488 WerSvc - ok
19:13:53.0922 5488 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:13:53.0924 5488 WimFltr - ok
19:13:53.0971 5488 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:13:53.0994 5488 winachsf - ok
19:13:54.0066 5488 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:13:54.0071 5488 WinDefend - ok
19:13:54.0077 5488 WinHttpAutoProxySvc - ok
19:13:54.0122 5488 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:13:54.0125 5488 Winmgmt - ok
19:13:54.0199 5488 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:13:54.0244 5488 WinRM - ok
19:13:54.0303 5488 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:13:54.0326 5488 Wlansvc - ok
19:13:54.0355 5488 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:13:54.0357 5488 WmiAcpi - ok
19:13:54.0408 5488 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:13:54.0410 5488 wmiApSrv - ok
19:13:54.0498 5488 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:13:54.0531 5488 WMPNetworkSvc - ok
19:13:54.0554 5488 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:13:54.0559 5488 WPCSvc - ok
19:13:54.0608 5488 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:13:54.0611 5488 WPDBusEnum - ok
19:13:54.0664 5488 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:13:54.0665 5488 WpdUsb - ok
19:13:54.0808 5488 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:13:54.0909 5488 WPFFontCache_v0400 - ok
19:13:54.0962 5488 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:13:54.0963 5488 ws2ifsl - ok
19:13:55.0011 5488 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
19:13:55.0014 5488 wscsvc - ok
19:13:55.0020 5488 WSearch - ok
19:13:55.0121 5488 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:13:55.0188 5488 wuauserv - ok
19:13:55.0241 5488 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:13:55.0262 5488 WudfPf - ok
19:13:55.0296 5488 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:13:55.0299 5488 WUDFRd - ok
19:13:55.0411 5488 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:13:55.0413 5488 wudfsvc - ok
19:13:55.0495 5488 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:13:55.0497 5488 XAudio - ok
19:13:55.0520 5488 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:13:55.0528 5488 XAudioService - ok
19:13:55.0641 5488 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:13:55.0675 5488 YahooAUService - ok
19:13:55.0708 5488 [ 2D07E65ED0023BB10B13A912B27DFB1A ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:13:55.0713 5488 yukonwlh - ok
19:13:55.0718 5488 ZTEusbmdm6k - ok
19:13:55.0725 5488 ZTEusbnmea - ok
19:13:55.0731 5488 ZTEusbser6k - ok
19:13:55.0742 5488 ================ Scan global ===============================
19:13:55.0871 5488 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:13:55.0924 5488 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:13:55.0946 5488 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:13:56.0005 5488 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:13:56.0012 5488 [Global] - ok
19:13:56.0012 5488 ================ Scan MBR ==================================
19:13:56.0033 5488 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:13:57.0103 5488 \Device\Harddisk0\DR0 - ok
19:13:57.0104 5488 ================ Scan VBR ==================================
19:13:57.0107 5488 [ 0B90448C8C33C03E24DCC0B87CF89F99 ] \Device\Harddisk0\DR0\Partition1
19:13:57.0108 5488 \Device\Harddisk0\DR0\Partition1 - ok
19:13:57.0109 5488 ============================================================
19:13:57.0109 5488 Scan finished
19:13:57.0109 5488 ============================================================
19:13:57.0162 5384 Detected object count: 0
19:13:57.0162 5384 Actual detected object count: 0
19:14:59.0294 5860 Deinitialize success
  • 0

#10
M624
Posted 31 December 2012 - 07:25 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Malwarebytes Log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2012.12.31.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Cherie :: CHERIE [administrator]

12/31/2012 7:18:44 PM
mbam-log-2012-12-31 (19-18-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221315
Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

Advertisements

#11
M624
Posted 31 December 2012 - 07:42 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
VEW System log

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 31/12/2012 7:41:36 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/01/2013 1:37:59 AM
Type: Error Category: 0
Event: 1002 Source: Microsoft-Windows-Dhcp-Client
The IP address lease 192.168.1.11 for the Network Card with network address 001DE099BE4D has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Log: 'System' Date/Time: 01/01/2013 1:31:15 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: ccSet_NAT

Log: 'System' Date/Time: 01/01/2013 1:31:15 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Norton Anti-Theft service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 01/01/2013 1:31:15 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Log: 'System' Date/Time: 01/01/2013 1:31:07 AM
Type: Error Category: 403
Event: 412 Source: Microsoft-Windows-TaskScheduler
Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147549183. User Action: restart task scheduler service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 01/01/2013 1:37:59 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
The event description cannot be found.

Log: 'System' Date/Time: 01/01/2013 1:37:49 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001DE099BE4D. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/01/2013 1:37:39 AM
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001DE099BE4D. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Log: 'System' Date/Time: 01/01/2013 1:28:26 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0

#12
M624
Posted 31 December 2012 - 07:43 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
VEW Application

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 31/12/2012 7:42:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#13
M624
Posted 31 December 2012 - 07:47 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
OTL still freezes up at "Scanning FireFox Settings..."
  • 0

#14
M624
Posted 31 December 2012 - 07:58 PM

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Uninstalled FireFox and OTL still freezes.

Here is the last scan and log.

Farbar Service Scanner Version: 23-12-2012
Ran by Cherie (administrator) on 31-12-2012 at 19:56:40
Running from "C:\Users\Cherie\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-12-31 05:51] - [2012-06-01 18:02] - 0133120 ____A (Microsoft Corporation) F1E8C34892336D33EDDCDFE44E474F64

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#15
RKinner
Posted 31 December 2012 - 10:33 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I think I can see why it is slow to start. There is a service which doesn't run plus the Task Scheduler service is having problems.

Log: 'System' Date/Time: 01/01/2013 1:31:15 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: ccSet_NAT

Log: 'System' Date/Time: 01/01/2013 1:31:15 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Norton Anti-Theft service failed to start due to the following error: The system cannot find the path specified.



Right click on (My) Computer and select Manage then Services and Applications then Services. Find the Norton Anti-Theft service. Right click on it and select Properties. Change the Startup Type: to Disabled. Apply. OK.

Now look for the Task Scheduler service. Does it say it has started?

Right click on (My) Computer and select Manage then Task Scheduler. Then click on the arrow to the left of it so you can see and click on Task Scheduler Library. Look in the right pane. Look in the Triggers column for tasks that start at System Startup. Right click on the name of the task and Disable.

Clear the errors as before:


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please Copy and Paste it.

I have seen a lot of complaints of slow booting by people with Norton/Symantec anti-virus. If the above has not helped then I would try replacing Norton with the free Avast.


Download and Save the free Avast installer.
http://www.avast.com...ivirus-download
Download and save the norton removal tool
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Uninstall Symantec (save the product license key in case you decide to reinstall it: http://us.norton.com...3834EN&ln=en_US)

Run the Norton Removal tool.

Reboot

Install Avast by right clicking and Run As Admin. (Register when it asks you - they will try to talk you into buying the full product but the free version is what we want.)

Once it updates.

Reboot and see if things boot quicker.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP