Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe trogan ,help please


  • Please log in to reply
13 replies to this topic

#1 moeve

moeve

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 10:12 AM

have tried getting rid of it myself,but it keeps coming back.have run Malwarebytes and it can't get rid of it.thank you for any help you can give me.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:51 PM

Posted 19 July 2012 - 01:24 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 01:58 PM

here is the tdsskiller log
13:54:25.0853 2300 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:54:26.0321 2300 ============================================================
13:54:26.0321 2300 Current date / time: 2012/07/19 13:54:26.0321
13:54:26.0321 2300 SystemInfo:
13:54:26.0321 2300
13:54:26.0321 2300 OS Version: 6.1.7600 ServicePack: 0.0
13:54:26.0321 2300 Product type: Workstation
13:54:26.0321 2300 ComputerName: MOLLY-VAIO
13:54:26.0321 2300 UserName: Molly
13:54:26.0321 2300 Windows directory: C:\Windows
13:54:26.0321 2300 System windows directory: C:\Windows
13:54:26.0321 2300 Running under WOW64
13:54:26.0321 2300 Processor architecture: Intel x64
13:54:26.0321 2300 Number of processors: 2
13:54:26.0321 2300 Page size: 0x1000
13:54:26.0321 2300 Boot type: Normal boot
13:54:26.0321 2300 ============================================================
13:54:27.0444 2300 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:54:27.0444 2300 ============================================================
13:54:27.0444 2300 \Device\Harddisk0\DR0:
13:54:27.0444 2300 MBR partitions:
13:54:27.0444 2300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x132C800, BlocksNum 0x32000
13:54:27.0444 2300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x135E800, BlocksNum 0x240CFAB0
13:54:27.0444 2300 ============================================================
13:54:27.0475 2300 C: <-> \Device\Harddisk0\DR0\Partition1
13:54:27.0475 2300 ============================================================
13:54:27.0475 2300 Initialize success
13:54:27.0475 2300 ============================================================
13:54:53.0371 5464 ============================================================
13:54:53.0371 5464 Scan started
13:54:53.0371 5464 Mode: Manual; TDLFS;
13:54:53.0371 5464 ============================================================
13:54:55.0118 5464 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
13:54:55.0118 5464 1394ohci - ok
13:54:55.0181 5464 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:54:55.0181 5464 ACDaemon - ok
13:54:55.0227 5464 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
13:54:55.0227 5464 ACPI - ok
13:54:55.0274 5464 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
13:54:55.0274 5464 AcpiPmi - ok
13:54:55.0321 5464 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:54:55.0337 5464 adp94xx - ok
13:54:55.0399 5464 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:54:55.0415 5464 adpahci - ok
13:54:55.0446 5464 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:54:55.0446 5464 adpu320 - ok
13:54:55.0477 5464 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:54:55.0477 5464 AeLookupSvc - ok
13:54:55.0571 5464 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
13:54:55.0586 5464 AFD - ok
13:54:55.0633 5464 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:54:55.0633 5464 agp440 - ok
13:54:55.0664 5464 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:54:55.0664 5464 ALG - ok
13:54:55.0711 5464 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:54:55.0711 5464 aliide - ok
13:54:55.0773 5464 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\Windows\system32\atiesrxx.exe
13:54:55.0773 5464 AMD External Events Utility - ok
13:54:55.0805 5464 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:54:55.0805 5464 amdide - ok
13:54:55.0820 5464 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:54:55.0820 5464 AmdK8 - ok
13:54:56.0319 5464 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\Windows\system32\DRIVERS\atipmdag.sys
13:54:56.0491 5464 amdkmdag - ok
13:54:56.0631 5464 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\Windows\system32\DRIVERS\atikmpag.sys
13:54:56.0631 5464 amdkmdap - ok
13:54:56.0663 5464 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:54:56.0678 5464 AmdPPM - ok
13:54:56.0694 5464 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\drivers\amdsata.sys
13:54:56.0694 5464 amdsata - ok
13:54:56.0756 5464 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:54:56.0756 5464 amdsbs - ok
13:54:56.0787 5464 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\drivers\amdxata.sys
13:54:56.0787 5464 amdxata - ok
13:54:56.0834 5464 ApfiltrService (c68a7c2d498034cf3eb3bf331fdb0553) C:\Windows\system32\drivers\Apfiltr.sys
13:54:56.0850 5464 ApfiltrService - ok
13:54:56.0897 5464 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:54:56.0897 5464 AppID - ok
13:54:56.0928 5464 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:54:56.0928 5464 AppIDSvc - ok
13:54:56.0943 5464 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
13:54:56.0943 5464 Appinfo - ok
13:54:57.0037 5464 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:54:57.0053 5464 Apple Mobile Device - ok
13:54:57.0084 5464 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:54:57.0084 5464 arc - ok
13:54:57.0115 5464 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:54:57.0115 5464 arcsas - ok
13:54:57.0162 5464 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
13:54:57.0162 5464 aswFsBlk - ok
13:54:57.0193 5464 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
13:54:57.0209 5464 aswMonFlt - ok
13:54:57.0209 5464 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
13:54:57.0209 5464 aswRdr - ok
13:54:57.0271 5464 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
13:54:57.0287 5464 aswSnx - ok
13:54:57.0333 5464 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
13:54:57.0333 5464 aswSP - ok
13:54:57.0365 5464 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
13:54:57.0365 5464 aswTdi - ok
13:54:57.0396 5464 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:54:57.0396 5464 AsyncMac - ok
13:54:57.0427 5464 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:54:57.0427 5464 atapi - ok
13:54:57.0536 5464 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
13:54:57.0567 5464 athr - ok
13:54:57.0692 5464 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
13:54:57.0708 5464 AtiPcie - ok
13:54:57.0786 5464 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:54:57.0801 5464 AudioEndpointBuilder - ok
13:54:57.0817 5464 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
13:54:57.0833 5464 AudioSrv - ok
13:54:57.0911 5464 avast! Antivirus (c76769f246250edad34a5581419e9d60) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
13:54:57.0911 5464 avast! Antivirus - ok
13:54:57.0957 5464 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
13:54:57.0957 5464 AxInstSV - ok
13:54:58.0067 5464 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:54:58.0082 5464 b06bdrv - ok
13:54:58.0129 5464 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:54:58.0145 5464 b57nd60a - ok
13:54:58.0176 5464 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:54:58.0176 5464 BDESVC - ok
13:54:58.0223 5464 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:54:58.0223 5464 Beep - ok
13:54:58.0301 5464 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
13:54:58.0316 5464 BFE - ok
13:54:58.0379 5464 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
13:54:58.0394 5464 BITS - ok
13:54:58.0441 5464 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:54:58.0441 5464 blbdrive - ok
13:54:58.0535 5464 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:54:58.0535 5464 Bonjour Service - ok
13:54:58.0566 5464 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:54:58.0581 5464 bowser - ok
13:54:58.0597 5464 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:54:58.0597 5464 BrFiltLo - ok
13:54:58.0613 5464 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:54:58.0613 5464 BrFiltUp - ok
13:54:58.0659 5464 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
13:54:58.0659 5464 Browser - ok
13:54:58.0722 5464 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:54:58.0737 5464 Brserid - ok
13:54:58.0769 5464 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:54:58.0769 5464 BrSerWdm - ok
13:54:58.0800 5464 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:54:58.0800 5464 BrUsbMdm - ok
13:54:58.0815 5464 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:54:58.0815 5464 BrUsbSer - ok
13:54:58.0878 5464 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:54:58.0878 5464 BthEnum - ok
13:54:58.0909 5464 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:54:58.0909 5464 BTHMODEM - ok
13:54:58.0925 5464 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:54:58.0925 5464 BthPan - ok
13:54:58.0987 5464 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
13:54:59.0003 5464 BTHPORT - ok
13:54:59.0065 5464 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:54:59.0065 5464 bthserv - ok
13:54:59.0127 5464 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
13:54:59.0127 5464 BTHUSB - ok
13:54:59.0190 5464 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
13:54:59.0190 5464 btwavdt - ok
13:54:59.0315 5464 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:54:59.0330 5464 btwdins - ok
13:54:59.0361 5464 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
13:54:59.0361 5464 btwrchid - ok
13:54:59.0393 5464 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:54:59.0393 5464 cdfs - ok
13:54:59.0439 5464 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:54:59.0439 5464 cdrom - ok
13:54:59.0486 5464 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:54:59.0486 5464 CertPropSvc - ok
13:54:59.0517 5464 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:54:59.0533 5464 circlass - ok
13:54:59.0595 5464 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:54:59.0611 5464 CLFS - ok
13:54:59.0689 5464 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:54:59.0689 5464 clr_optimization_v2.0.50727_32 - ok
13:54:59.0751 5464 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:54:59.0751 5464 clr_optimization_v2.0.50727_64 - ok
13:54:59.0783 5464 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:54:59.0783 5464 CmBatt - ok
13:54:59.0814 5464 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:54:59.0814 5464 cmdide - ok
13:54:59.0876 5464 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
13:54:59.0892 5464 CNG - ok
13:54:59.0939 5464 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:54:59.0939 5464 Compbatt - ok
13:55:00.0001 5464 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
13:55:00.0017 5464 CompositeBus - ok
13:55:00.0063 5464 COMSysApp - ok
13:55:00.0204 5464 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:55:00.0204 5464 crcdisk - ok
13:55:00.0266 5464 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
13:55:00.0266 5464 CryptSvc - ok
13:55:00.0344 5464 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:55:00.0360 5464 DcomLaunch - ok
13:55:00.0407 5464 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:55:00.0422 5464 defragsvc - ok
13:55:00.0469 5464 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:55:00.0469 5464 DfsC - ok
13:55:00.0516 5464 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
13:55:00.0516 5464 Dhcp - ok
13:55:00.0547 5464 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:55:00.0547 5464 discache - ok
13:55:00.0594 5464 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:55:00.0594 5464 Disk - ok
13:55:00.0641 5464 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
13:55:00.0656 5464 Dnscache - ok
13:55:00.0687 5464 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
13:55:00.0703 5464 dot3svc - ok
13:55:00.0719 5464 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
13:55:00.0719 5464 DPS - ok
13:55:00.0765 5464 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:55:00.0765 5464 drmkaud - ok
13:55:00.0843 5464 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:55:00.0859 5464 DXGKrnl - ok
13:55:00.0921 5464 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:55:00.0921 5464 EapHost - ok
13:55:01.0218 5464 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:55:01.0265 5464 ebdrv - ok
13:55:01.0389 5464 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
13:55:01.0389 5464 EFS - ok
13:55:01.0483 5464 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
13:55:01.0499 5464 ehRecvr - ok
13:55:01.0530 5464 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:55:01.0530 5464 ehSched - ok
13:55:01.0608 5464 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:55:01.0608 5464 elxstor - ok
13:55:01.0623 5464 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:55:01.0623 5464 ErrDev - ok
13:55:01.0701 5464 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:55:01.0717 5464 EventSystem - ok
13:55:01.0733 5464 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:55:01.0748 5464 exfat - ok
13:55:01.0764 5464 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:55:01.0779 5464 fastfat - ok
13:55:01.0826 5464 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
13:55:01.0842 5464 Fax - ok
13:55:01.0873 5464 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:55:01.0873 5464 fdc - ok
13:55:01.0889 5464 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:55:01.0889 5464 fdPHost - ok
13:55:01.0904 5464 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:55:01.0904 5464 FDResPub - ok
13:55:01.0920 5464 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:55:01.0920 5464 FileInfo - ok
13:55:01.0935 5464 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:55:01.0935 5464 Filetrace - ok
13:55:01.0951 5464 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:55:01.0951 5464 flpydisk - ok
13:55:01.0998 5464 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:55:01.0998 5464 FltMgr - ok
13:55:02.0107 5464 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
13:55:02.0138 5464 FontCache - ok
13:55:02.0216 5464 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:55:02.0216 5464 FontCache3.0.0.0 - ok
13:55:02.0263 5464 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:55:02.0263 5464 FsDepends - ok
13:55:02.0310 5464 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
13:55:02.0310 5464 Fs_Rec - ok
13:55:02.0372 5464 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
13:55:02.0388 5464 fvevol - ok
13:55:02.0403 5464 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:55:02.0419 5464 gagp30kx - ok
13:55:02.0450 5464 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:55:02.0466 5464 GEARAspiWDM - ok
13:55:02.0528 5464 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
13:55:02.0544 5464 gpsvc - ok
13:55:02.0637 5464 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:55:02.0653 5464 gupdate - ok
13:55:02.0684 5464 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:55:02.0684 5464 gupdatem - ok
13:55:02.0715 5464 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:55:02.0715 5464 gusvc - ok
13:55:02.0747 5464 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:55:02.0762 5464 hcw85cir - ok
13:55:02.0793 5464 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:55:02.0793 5464 HdAudAddService - ok
13:55:02.0825 5464 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
13:55:02.0825 5464 HDAudBus - ok
13:55:02.0856 5464 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:55:02.0856 5464 HidBatt - ok
13:55:02.0871 5464 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:55:02.0871 5464 HidBth - ok
13:55:02.0887 5464 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:55:02.0903 5464 HidIr - ok
13:55:02.0934 5464 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:55:02.0934 5464 hidserv - ok
13:55:02.0965 5464 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:55:02.0981 5464 HidUsb - ok
13:55:02.0996 5464 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
13:55:03.0012 5464 hkmsvc - ok
13:55:03.0027 5464 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
13:55:03.0043 5464 HomeGroupListener - ok
13:55:03.0074 5464 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
13:55:03.0074 5464 HomeGroupProvider - ok
13:55:03.0121 5464 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
13:55:03.0121 5464 HpSAMD - ok
13:55:03.0215 5464 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:55:03.0230 5464 HTTP - ok
13:55:03.0246 5464 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:55:03.0246 5464 hwpolicy - ok
13:55:03.0277 5464 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:55:03.0277 5464 i8042prt - ok
13:55:03.0324 5464 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
13:55:03.0355 5464 iaStorV - ok
13:55:03.0480 5464 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:55:03.0511 5464 idsvc - ok
13:55:03.0558 5464 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:55:03.0558 5464 iirsp - ok
13:55:03.0620 5464 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
13:55:03.0636 5464 IKEEXT - ok
13:55:03.0854 5464 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys
13:55:03.0885 5464 IntcAzAudAddService - ok
13:55:04.0010 5464 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:55:04.0026 5464 intelide - ok
13:55:04.0057 5464 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:55:04.0057 5464 intelppm - ok
13:55:04.0104 5464 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:55:04.0104 5464 IPBusEnum - ok
13:55:04.0166 5464 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:55:04.0166 5464 IpFilterDriver - ok
13:55:04.0213 5464 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
13:55:04.0229 5464 iphlpsvc - ok
13:55:04.0244 5464 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
13:55:04.0244 5464 IPMIDRV - ok
13:55:04.0260 5464 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:55:04.0260 5464 IPNAT - ok
13:55:04.0385 5464 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
13:55:04.0400 5464 iPod Service - ok
13:55:04.0431 5464 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:55:04.0431 5464 IRENUM - ok
13:55:04.0463 5464 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:55:04.0463 5464 isapnp - ok
13:55:04.0509 5464 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
13:55:04.0509 5464 iScsiPrt - ok
13:55:04.0587 5464 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
13:55:04.0587 5464 IviRegMgr - ok
13:55:04.0619 5464 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:55:04.0619 5464 kbdclass - ok
13:55:04.0665 5464 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
13:55:04.0665 5464 kbdhid - ok
13:55:04.0697 5464 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:55:04.0697 5464 KeyIso - ok
13:55:04.0759 5464 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
13:55:04.0759 5464 KSecDD - ok
13:55:04.0790 5464 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
13:55:04.0790 5464 KSecPkg - ok
13:55:04.0821 5464 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:55:04.0821 5464 ksthunk - ok
13:55:04.0868 5464 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:55:04.0884 5464 KtmRm - ok
13:55:04.0946 5464 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
13:55:04.0962 5464 LanmanServer - ok
13:55:04.0993 5464 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
13:55:05.0009 5464 LanmanWorkstation - ok
13:55:05.0040 5464 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:55:05.0040 5464 lltdio - ok
13:55:05.0071 5464 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:55:05.0087 5464 lltdsvc - ok
13:55:05.0102 5464 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:55:05.0118 5464 lmhosts - ok
13:55:05.0165 5464 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:55:05.0165 5464 LSI_FC - ok
13:55:05.0196 5464 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:55:05.0196 5464 LSI_SAS - ok
13:55:05.0227 5464 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:55:05.0227 5464 LSI_SAS2 - ok
13:55:05.0243 5464 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:55:05.0258 5464 LSI_SCSI - ok
13:55:05.0289 5464 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:55:05.0289 5464 luafv - ok
13:55:05.0336 5464 massfilter_hs - ok
13:55:05.0383 5464 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
13:55:05.0399 5464 Mcx2Svc - ok
13:55:05.0414 5464 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:55:05.0414 5464 megasas - ok
13:55:05.0461 5464 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:55:05.0477 5464 MegaSR - ok
13:55:05.0508 5464 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:55:05.0523 5464 MMCSS - ok
13:55:05.0555 5464 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:55:05.0555 5464 Modem - ok
13:55:05.0570 5464 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:55:05.0570 5464 monitor - ok
13:55:05.0601 5464 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:55:05.0617 5464 mouclass - ok
13:55:05.0633 5464 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:55:05.0633 5464 mouhid - ok
13:55:05.0648 5464 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:55:05.0648 5464 mountmgr - ok
13:55:05.0742 5464 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:55:05.0757 5464 MozillaMaintenance - ok
13:55:05.0789 5464 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
13:55:05.0789 5464 mpio - ok
13:55:05.0820 5464 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:55:05.0820 5464 mpsdrv - ok
13:55:05.0913 5464 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
13:55:05.0945 5464 MpsSvc - ok
13:55:05.0960 5464 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:55:05.0960 5464 MRxDAV - ok
13:55:06.0023 5464 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:55:06.0023 5464 mrxsmb - ok
13:55:06.0069 5464 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:55:06.0085 5464 mrxsmb10 - ok
13:55:06.0116 5464 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:55:06.0116 5464 mrxsmb20 - ok
13:55:06.0147 5464 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
13:55:06.0147 5464 msahci - ok
13:55:06.0210 5464 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
13:55:06.0210 5464 msdsm - ok
13:55:06.0257 5464 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:55:06.0257 5464 MSDTC - ok
13:55:06.0288 5464 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:55:06.0288 5464 Msfs - ok
13:55:06.0303 5464 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:55:06.0303 5464 mshidkmdf - ok
13:55:06.0319 5464 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:55:06.0319 5464 msisadrv - ok
13:55:06.0366 5464 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:55:06.0366 5464 MSiSCSI - ok
13:55:06.0366 5464 msiserver - ok
13:55:06.0397 5464 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:55:06.0397 5464 MSKSSRV - ok
13:55:06.0413 5464 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:55:06.0413 5464 MSPCLOCK - ok
13:55:06.0428 5464 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:55:06.0428 5464 MSPQM - ok
13:55:06.0459 5464 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:55:06.0475 5464 MsRPC - ok
13:55:06.0491 5464 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:55:06.0506 5464 mssmbios - ok
13:55:06.0584 5464 MSSQL$DDNI - ok
13:55:06.0662 5464 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:55:06.0662 5464 MSSQLServerADHelper100 - ok
13:55:06.0709 5464 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:55:06.0709 5464 MSTEE - ok
13:55:06.0725 5464 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:55:06.0725 5464 MTConfig - ok
13:55:06.0756 5464 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:55:06.0756 5464 Mup - ok
13:55:06.0818 5464 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
13:55:06.0834 5464 napagent - ok
13:55:06.0896 5464 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:55:06.0896 5464 NativeWifiP - ok
13:55:06.0990 5464 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:55:07.0005 5464 NDIS - ok
13:55:07.0037 5464 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:55:07.0037 5464 NdisCap - ok
13:55:07.0052 5464 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:55:07.0068 5464 NdisTapi - ok
13:55:07.0083 5464 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:55:07.0083 5464 Ndisuio - ok
13:55:07.0099 5464 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:55:07.0115 5464 NdisWan - ok
13:55:07.0130 5464 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:55:07.0130 5464 NDProxy - ok
13:55:07.0161 5464 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:55:07.0161 5464 NetBIOS - ok
13:55:07.0208 5464 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:55:07.0208 5464 NetBT - ok
13:55:07.0255 5464 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:55:07.0255 5464 Netlogon - ok
13:55:07.0333 5464 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:55:07.0349 5464 Netman - ok
13:55:07.0380 5464 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:55:07.0395 5464 netprofm - ok
13:55:07.0473 5464 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:55:07.0489 5464 NetTcpPortSharing - ok
13:55:07.0520 5464 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:55:07.0520 5464 nfrd960 - ok
13:55:07.0583 5464 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
13:55:07.0598 5464 NlaSvc - ok
13:55:07.0598 5464 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:55:07.0614 5464 Npfs - ok
13:55:07.0629 5464 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:55:07.0629 5464 nsi - ok
13:55:07.0645 5464 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:55:07.0661 5464 nsiproxy - ok
13:55:07.0754 5464 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
13:55:07.0785 5464 Ntfs - ok
13:55:07.0895 5464 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:55:07.0895 5464 Null - ok
13:55:07.0941 5464 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
13:55:07.0957 5464 nvraid - ok
13:55:07.0988 5464 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
13:55:07.0988 5464 nvstor - ok
13:55:08.0035 5464 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:55:08.0035 5464 nv_agp - ok
13:55:08.0129 5464 Oasis2Service (567e84848445135c0f4b8de2d121edb8) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
13:55:08.0129 5464 Oasis2Service - ok
13:55:08.0160 5464 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:55:08.0160 5464 ohci1394 - ok
13:55:08.0222 5464 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:55:08.0238 5464 p2pimsvc - ok
13:55:08.0285 5464 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:55:08.0300 5464 p2psvc - ok
13:55:08.0331 5464 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:55:08.0331 5464 Parport - ok
13:55:08.0378 5464 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
13:55:08.0378 5464 partmgr - ok
13:55:08.0425 5464 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:55:08.0441 5464 PcaSvc - ok
13:55:08.0456 5464 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
13:55:08.0456 5464 pci - ok
13:55:08.0472 5464 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:55:08.0472 5464 pciide - ok
13:55:08.0503 5464 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:55:08.0503 5464 pcmcia - ok
13:55:08.0534 5464 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:55:08.0534 5464 pcw - ok
13:55:08.0581 5464 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:55:08.0597 5464 PEAUTH - ok
13:55:08.0675 5464 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:55:08.0675 5464 PerfHost - ok
13:55:08.0784 5464 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
13:55:08.0815 5464 pla - ok
13:55:08.0877 5464 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
13:55:08.0893 5464 PlugPlay - ok
13:55:09.0018 5464 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:55:09.0033 5464 PMBDeviceInfoProvider - ok
13:55:09.0065 5464 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:55:09.0065 5464 PNRPAutoReg - ok
13:55:09.0096 5464 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:55:09.0096 5464 PNRPsvc - ok
13:55:09.0158 5464 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
13:55:09.0158 5464 PolicyAgent - ok
13:55:09.0205 5464 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:55:09.0205 5464 Power - ok
13:55:09.0283 5464 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:55:09.0299 5464 PptpMiniport - ok
13:55:09.0314 5464 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:55:09.0330 5464 Processor - ok
13:55:09.0377 5464 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
13:55:09.0377 5464 ProfSvc - ok
13:55:09.0423 5464 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:55:09.0423 5464 ProtectedStorage - ok
13:55:09.0470 5464 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:55:09.0470 5464 Psched - ok
13:55:09.0517 5464 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:55:09.0533 5464 PSI_SVC_2 - ok
13:55:09.0564 5464 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
13:55:09.0564 5464 PxHlpa64 - ok
13:55:09.0673 5464 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:55:09.0704 5464 ql2300 - ok
13:55:09.0829 5464 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:55:09.0829 5464 ql40xx - ok
13:55:09.0876 5464 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:55:09.0876 5464 QWAVE - ok
13:55:09.0891 5464 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:55:09.0891 5464 QWAVEdrv - ok
13:55:09.0923 5464 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:55:09.0923 5464 RasAcd - ok
13:55:09.0954 5464 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:55:09.0954 5464 RasAgileVpn - ok
13:55:09.0985 5464 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:55:09.0985 5464 RasAuto - ok
13:55:10.0001 5464 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:55:10.0001 5464 Rasl2tp - ok
13:55:10.0047 5464 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
13:55:10.0047 5464 RasMan - ok
13:55:10.0063 5464 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:55:10.0079 5464 RasPppoe - ok
13:55:10.0110 5464 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:55:10.0110 5464 RasSstp - ok
13:55:10.0157 5464 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:55:10.0172 5464 rdbss - ok
13:55:10.0203 5464 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:55:10.0203 5464 rdpbus - ok
13:55:10.0235 5464 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:55:10.0235 5464 RDPCDD - ok
13:55:10.0250 5464 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:55:10.0250 5464 RDPENCDD - ok
13:55:10.0266 5464 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:55:10.0281 5464 RDPREFMP - ok
13:55:10.0328 5464 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
13:55:10.0344 5464 RDPWD - ok
13:55:10.0406 5464 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:55:10.0406 5464 rdyboost - ok
13:55:10.0437 5464 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
13:55:10.0437 5464 regi - ok
13:55:10.0469 5464 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:55:10.0484 5464 RemoteAccess - ok
13:55:10.0515 5464 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:55:10.0531 5464 RemoteRegistry - ok
13:55:10.0578 5464 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:55:10.0578 5464 RFCOMM - ok
13:55:10.0625 5464 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:55:10.0625 5464 RpcEptMapper - ok
13:55:10.0671 5464 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:55:10.0671 5464 RpcLocator - ok
13:55:10.0749 5464 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
13:55:10.0765 5464 RpcSs - ok
13:55:10.0812 5464 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:55:10.0812 5464 rspndr - ok
13:55:10.0890 5464 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys
13:55:10.0890 5464 RSUSBSTOR - ok
13:55:10.0937 5464 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
13:55:10.0952 5464 RTHDMIAzAudService - ok
13:55:11.0015 5464 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:55:11.0015 5464 RTL8167 - ok
13:55:11.0124 5464 SampleCollector (5ae755a8b7673b8536f88245247c5308) C:\Program Files\Sony\VAIO Care\collsvc.exe
13:55:11.0124 5464 SampleCollector - ok
13:55:11.0171 5464 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:55:11.0171 5464 SamSs - ok
13:55:11.0202 5464 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
13:55:11.0202 5464 sbp2port - ok
13:55:11.0249 5464 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:55:11.0264 5464 SCardSvr - ok
13:55:11.0280 5464 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:55:11.0280 5464 scfilter - ok
13:55:11.0405 5464 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
13:55:11.0420 5464 Schedule - ok
13:55:11.0451 5464 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
13:55:11.0451 5464 SCPolicySvc - ok
13:55:11.0498 5464 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
13:55:11.0514 5464 SDRSVC - ok
13:55:11.0561 5464 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:55:11.0561 5464 secdrv - ok
13:55:11.0592 5464 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
13:55:11.0592 5464 seclogon - ok
13:55:11.0607 5464 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:55:11.0607 5464 SENS - ok
13:55:11.0639 5464 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:55:11.0639 5464 SensrSvc - ok
13:55:11.0717 5464 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:55:11.0717 5464 Serenum - ok
13:55:11.0748 5464 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:55:11.0763 5464 Serial - ok
13:55:11.0795 5464 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:55:11.0795 5464 sermouse - ok
13:55:11.0841 5464 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
13:55:11.0857 5464 SessionEnv - ok
13:55:11.0888 5464 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
13:55:11.0904 5464 SFEP - ok
13:55:11.0935 5464 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:55:11.0935 5464 sffdisk - ok
13:55:11.0951 5464 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:55:11.0951 5464 sffp_mmc - ok
13:55:11.0966 5464 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
13:55:11.0966 5464 sffp_sd - ok
13:55:11.0982 5464 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:55:11.0982 5464 sfloppy - ok
13:55:12.0044 5464 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:55:12.0060 5464 SharedAccess - ok
13:55:12.0091 5464 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
13:55:12.0107 5464 ShellHWDetection - ok
13:55:12.0138 5464 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:55:12.0138 5464 SiSRaid2 - ok
13:55:12.0169 5464 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:55:12.0169 5464 SiSRaid4 - ok
13:55:12.0200 5464 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:55:12.0200 5464 Smb - ok
13:55:12.0263 5464 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:55:12.0263 5464 SNMPTRAP - ok
13:55:12.0356 5464 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:55:12.0372 5464 SOHCImp - ok
13:55:12.0419 5464 SOHDms (c1cd71c672ea281a424fbcf24ac99553) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
13:55:12.0434 5464 SOHDms - ok
13:55:12.0450 5464 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:55:12.0450 5464 SOHDs - ok
13:55:12.0559 5464 SpfService (e2e40c0d24456b6eb440be01af829829) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
13:55:12.0559 5464 SpfService - ok
13:55:12.0590 5464 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:55:12.0590 5464 spldr - ok
13:55:12.0653 5464 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
13:55:12.0668 5464 Spooler - ok
13:55:12.0887 5464 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
13:55:12.0965 5464 sppsvc - ok
13:55:13.0074 5464 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:55:13.0074 5464 sppuinotify - ok
13:55:13.0199 5464 SQLAgent$DDNI (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE
13:55:13.0214 5464 SQLAgent$DDNI - ok
13:55:13.0277 5464 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:55:13.0277 5464 SQLBrowser - ok
13:55:13.0339 5464 SQLWriter (6d65985945b03ca59b67d0b73702fc7b) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:55:13.0355 5464 SQLWriter - ok
13:55:13.0417 5464 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:55:13.0433 5464 srv - ok
13:55:13.0479 5464 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:55:13.0479 5464 srv2 - ok
13:55:13.0495 5464 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:55:13.0511 5464 srvnet - ok
13:55:13.0557 5464 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:55:13.0557 5464 SSDPSRV - ok
13:55:13.0589 5464 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:55:13.0589 5464 SstpSvc - ok
13:55:13.0620 5464 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:55:13.0620 5464 stexstor - ok
13:55:13.0667 5464 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
13:55:13.0682 5464 stisvc - ok
13:55:13.0698 5464 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:55:13.0713 5464 swenum - ok
13:55:13.0760 5464 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:55:13.0760 5464 swprv - ok
13:55:13.0901 5464 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
13:55:13.0932 5464 SysMain - ok
13:55:14.0041 5464 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
13:55:14.0057 5464 TabletInputService - ok
13:55:14.0088 5464 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
13:55:14.0103 5464 TapiSrv - ok
13:55:14.0135 5464 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:55:14.0135 5464 TBS - ok
13:55:14.0259 5464 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
13:55:14.0291 5464 Tcpip - ok
13:55:14.0571 5464 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
13:55:14.0587 5464 TCPIP6 - ok
13:55:14.0712 5464 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:55:14.0727 5464 tcpipreg - ok
13:55:14.0743 5464 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:55:14.0743 5464 TDPIPE - ok
13:55:14.0759 5464 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
13:55:14.0774 5464 TDTCP - ok
13:55:14.0790 5464 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:55:14.0790 5464 tdx - ok
13:55:14.0837 5464 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
13:55:14.0837 5464 TermDD - ok
13:55:14.0899 5464 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
13:55:14.0915 5464 TermService - ok
13:55:14.0930 5464 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:55:14.0930 5464 Themes - ok
13:55:14.0961 5464 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:55:14.0961 5464 THREADORDER - ok
13:55:15.0008 5464 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:55:15.0008 5464 TrkWks - ok
13:55:15.0055 5464 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
13:55:15.0071 5464 TrustedInstaller - ok
13:55:15.0102 5464 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:55:15.0102 5464 tssecsrv - ok
13:55:15.0133 5464 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:55:15.0133 5464 tunnel - ok
13:55:15.0164 5464 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:55:15.0164 5464 uagp35 - ok
13:55:15.0195 5464 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
13:55:15.0195 5464 udfs - ok
13:55:15.0227 5464 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:55:15.0227 5464 UI0Detect - ok
13:55:15.0258 5464 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:55:15.0273 5464 uliagpkx - ok
13:55:15.0320 5464 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:55:15.0320 5464 umbus - ok
13:55:15.0351 5464 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:55:15.0367 5464 UmPass - ok
13:55:15.0429 5464 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:55:15.0445 5464 upnphost - ok
13:55:15.0507 5464 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:55:15.0507 5464 USBAAPL64 - ok
13:55:15.0554 5464 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
13:55:15.0554 5464 usbccgp - ok
13:55:15.0570 5464 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:55:15.0585 5464 usbcir - ok
13:55:15.0601 5464 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
13:55:15.0601 5464 usbehci - ok
13:55:15.0648 5464 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
13:55:15.0648 5464 usbfilter - ok
13:55:15.0695 5464 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
13:55:15.0695 5464 usbhub - ok
13:55:15.0726 5464 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
13:55:15.0726 5464 usbohci - ok
13:55:15.0757 5464 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:55:15.0757 5464 usbprint - ok
13:55:15.0804 5464 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:55:15.0804 5464 USBSTOR - ok
13:55:15.0819 5464 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
13:55:15.0819 5464 usbuhci - ok
13:55:15.0866 5464 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
13:55:15.0866 5464 usbvideo - ok
13:55:15.0897 5464 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:55:15.0897 5464 UxSms - ok
13:55:16.0007 5464 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
13:55:16.0007 5464 VAIO Entertainment TV Device Arbitration Service - ok
13:55:16.0069 5464 VAIO Event Service (cb5b94ee1775fa4cd6b133f1745003c6) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
13:55:16.0069 5464 VAIO Event Service - ok
13:55:16.0225 5464 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:55:16.0225 5464 VAIO Power Management - ok
13:55:16.0272 5464 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
13:55:16.0287 5464 VaultSvc - ok
13:55:16.0381 5464 VCFw (917fb366b6cf2834cdbf9256d18a8ff0) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:55:16.0397 5464 VCFw - ok
13:55:16.0537 5464 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
13:55:16.0553 5464 VcmIAlzMgr - ok
13:55:16.0599 5464 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
13:55:16.0599 5464 VcmINSMgr - ok
13:55:16.0693 5464 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
13:55:16.0693 5464 VcmXmlIfHelper - ok
13:55:16.0802 5464 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:55:16.0802 5464 vdrvroot - ok
13:55:16.0865 5464 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
13:55:16.0880 5464 vds - ok
13:55:16.0911 5464 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:55:16.0911 5464 vga - ok
13:55:16.0943 5464 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:55:16.0943 5464 VgaSave - ok
13:55:16.0989 5464 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
13:55:16.0989 5464 vhdmp - ok
13:55:17.0021 5464 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:55:17.0021 5464 viaide - ok
13:55:17.0036 5464 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
13:55:17.0052 5464 volmgr - ok
13:55:17.0067 5464 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:55:17.0083 5464 volmgrx - ok
13:55:17.0114 5464 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
13:55:17.0114 5464 volsnap - ok
13:55:17.0145 5464 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:55:17.0145 5464 vsmraid - ok
13:55:17.0255 5464 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
13:55:17.0286 5464 VSS - ok
13:55:17.0457 5464 VUAgent (8ab3da5ea4f94ee38680b3aced11d57d) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
13:55:17.0489 5464 VUAgent - ok
13:55:17.0598 5464 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:55:17.0598 5464 vwifibus - ok
13:55:17.0613 5464 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:55:17.0629 5464 vwififlt - ok
13:55:17.0660 5464 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:55:17.0676 5464 W32Time - ok
13:55:17.0723 5464 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:55:17.0723 5464 WacomPen - ok
13:55:17.0754 5464 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:55:17.0769 5464 WANARP - ok
13:55:17.0769 5464 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:55:17.0769 5464 Wanarpv6 - ok
13:55:17.0910 5464 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:55:17.0925 5464 WatAdminSvc - ok
13:55:18.0050 5464 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
13:55:18.0081 5464 wbengine - ok
13:55:18.0206 5464 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:55:18.0222 5464 WbioSrvc - ok
13:55:18.0269 5464 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
13:55:18.0284 5464 wcncsvc - ok
13:55:18.0315 5464 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:55:18.0315 5464 WcsPlugInService - ok
13:55:18.0347 5464 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:55:18.0347 5464 Wd - ok
13:55:18.0409 5464 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:55:18.0409 5464 Wdf01000 - ok
13:55:18.0440 5464 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:55:18.0456 5464 WdiServiceHost - ok
13:55:18.0456 5464 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:55:18.0456 5464 WdiSystemHost - ok
13:55:18.0503 5464 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
13:55:18.0503 5464 WebClient - ok
13:55:18.0534 5464 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:55:18.0534 5464 Wecsvc - ok
13:55:18.0549 5464 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:55:18.0565 5464 wercplsupport - ok
13:55:18.0596 5464 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:55:18.0596 5464 WerSvc - ok
13:55:18.0659 5464 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:55:18.0659 5464 WfpLwf - ok
13:55:18.0690 5464 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:55:18.0690 5464 WIMMount - ok
13:55:18.0721 5464 WinDefend - ok
13:55:18.0737 5464 WinHttpAutoProxySvc - ok
13:55:18.0815 5464 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:55:18.0815 5464 Winmgmt - ok
13:55:18.0955 5464 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
13:55:18.0986 5464 WinRM - ok
13:55:19.0158 5464 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:55:19.0189 5464 Wlansvc - ok
13:55:19.0236 5464 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:55:19.0236 5464 WmiAcpi - ok
13:55:19.0314 5464 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:55:19.0314 5464 wmiApSrv - ok
13:55:19.0345 5464 WMPNetworkSvc - ok
13:55:19.0392 5464 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:55:19.0392 5464 WPCSvc - ok
13:55:19.0423 5464 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
13:55:19.0423 5464 WPDBusEnum - ok
13:55:19.0454 5464 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:55:19.0454 5464 ws2ifsl - ok
13:55:19.0485 5464 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:55:19.0485 5464 wscsvc - ok
13:55:19.0485 5464 WSearch - ok
13:55:19.0688 5464 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:55:19.0719 5464 wuauserv - ok
13:55:19.0844 5464 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:55:19.0844 5464 WudfPf - ok
13:55:19.0875 5464 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:55:19.0891 5464 WUDFRd - ok
13:55:19.0922 5464 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
13:55:19.0922 5464 wudfsvc - ok
13:55:19.0953 5464 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:55:19.0953 5464 WwanSvc - ok
13:55:19.0969 5464 zgwhsdiag - ok
13:55:20.0000 5464 zgwhsmdm - ok
13:55:20.0000 5464 zgwhsnmea - ok
13:55:20.0031 5464 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:55:20.0063 5464 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
13:55:20.0063 5464 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
13:55:20.0094 5464 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:55:20.0094 5464 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:55:20.0141 5464 Boot (0x1200) (fa88555fd3caa98a022e19d9911916bb) \Device\Harddisk0\DR0\Partition0
13:55:20.0141 5464 \Device\Harddisk0\DR0\Partition0 - ok
13:55:20.0156 5464 Boot (0x1200) (affb0ba2c8c00173c700b923ef883273) \Device\Harddisk0\DR0\Partition1
13:55:20.0172 5464 \Device\Harddisk0\DR0\Partition1 - ok
13:55:20.0172 5464 ============================================================
13:55:20.0172 5464 Scan finished
13:55:20.0172 5464 ============================================================
13:55:20.0203 3300 Detected object count: 2
13:55:20.0203 3300 Actual detected object count: 2

#4 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 03:15 PM

Here is the aswMBR log


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-19 15:17:14
-----------------------------
15:17:14.992 OS Version: Windows x64 6.1.7600
15:17:14.992 Number of processors: 2 586 0x603
15:17:14.992 ComputerName: MOLLY-VAIO UserName: Molly
15:17:18.159 Initialize success
15:17:18.611 AVAST engine defs: 12071901
15:18:24.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000054
15:18:24.906 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 11
15:18:24.906 Device \Driver\amdsata -> MajorFunction fffffa800473a5e8
15:18:24.922 Disk 0 MBR read successfully
15:18:24.922 Disk 0 MBR scan
15:18:24.938 Disk 0 Windows 7 default MBR code
15:18:24.953 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9815 MB offset 2048
15:18:24.969 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 20105216
15:18:24.984 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 295327 MB offset 20310016
15:18:25.000 Disk 0 scanning C:\Windows\system32\drivers
15:18:33.876 Service scanning
15:19:02.269 Modules scanning
15:19:02.285 Disk 0 trace - called modules:
15:19:02.800 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys ACPI.sys >>UNKNOWN [0xfffffa800473a5e8]<<
15:19:02.800 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800426d790]
15:19:02.815 3 CLASSPNP.SYS[fffff880019ca43f] -> nt!IofCallDriver -> [0xfffffa8004240640]
15:19:02.815 5 amdxata.sys[fffff880010c07a8] -> nt!IofCallDriver -> [0xfffffa8004240040]
15:19:02.831 7 ACPI.sys[fffff88000f78781] -> nt!IofCallDriver -> \Device\00000054[0xfffffa800412b260]
15:19:02.831 \Driver\amdsata[0xfffffa80046857c0] -> IRP_MJ_CREATE -> 0xfffffa800473a5e8
15:19:03.861 AVAST engine scan C:\Windows
15:19:06.185 AVAST engine scan C:\Windows\system32
15:21:36.333 AVAST engine scan C:\Windows\system32\drivers
15:21:46.847 AVAST engine scan C:\Users\Molly
15:22:23.274 Disk 0 MBR has been saved successfully to "C:\Users\Molly\Desktop\MBR.dat"
15:22:23.290 The log file has been saved successfully to "C:\Users\Molly\Desktop\aswMBR.txt"

Edited by moeve, 19 July 2012 - 03:24 PM.


#5 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 04:42 PM

On the Eset Online scanner it said no threats found?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:51 PM

Posted 19 July 2012 - 07:15 PM

Please post the MBAM log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#7 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 08:00 PM

Um what is MBam Log ?sorry not very computer savvy.
Here is the Mini Tool Box Log


MiniToolBox by Farbar Version: 15-07-2012
Ran by Molly (administrator) on 19-07-2012 at 19:55:51
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Molly-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 54-42-49-29-F8-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 78-DD-08-DF-3F-1B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e0e3:521a:dbea:5ef6%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 19, 2012 9:45:12 AM
Lease Expires . . . . . . . . . . : Friday, July 20, 2012 7:52:41 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 192470280
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-A0-83-9A-54-42-49-29-F8-47
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{30625CBE-05E0-49E4-8016-F1FA70204A25}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1ce2:1eb1:9cbc:4d23(Preferred)
Link-local IPv6 Address . . . . . : fe80::1ce2:1eb1:9cbc:4d23%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{C95AAEC7-CC43-41C3-BA80-5AA2B163F007}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2001:4860:4002:802::1008
74.125.227.73
74.125.227.78
74.125.227.64
74.125.227.65
74.125.227.66
74.125.227.67
74.125.227.68
74.125.227.69
74.125.227.70
74.125.227.71
74.125.227.72


Pinging google.com [74.125.227.130] with 32 bytes of data:
Reply from 74.125.227.130: bytes=32 time=58ms TTL=51
Reply from 74.125.227.130: bytes=32 time=55ms TTL=51

Ping statistics for 74.125.227.130:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 55ms, Maximum = 58ms, Average = 56ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=58ms TTL=48
Reply from 209.191.122.70: bytes=32 time=56ms TTL=48

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 58ms, Average = 57ms
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...54 42 49 29 f8 47 ......Realtek PCIe GBE Family Controller
11...78 dd 08 df 3f 1b ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.2 25
10.0.0.0 255.255.255.0 On-link 10.0.0.2 281
10.0.0.2 255.255.255.255 On-link 10.0.0.2 281
10.0.0.255 255.255.255.255 On-link 10.0.0.2 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:1ce2:1eb1:9cbc:4d23/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::1ce2:1eb1:9cbc:4d23/128
On-link
11 281 fe80::e0e3:521a:dbea:5ef6/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 688884

Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 688884

Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2012 01:24:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/19/2012 01:24:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (07/19/2012 01:04:11 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/19/2012 01:04:12 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/19/2012 01:04:12 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (07/18/2012 07:26:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (07/18/2012 07:26:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/29/2012 05:53:06 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/29/2012 05:53:06 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/26/2012 07:00:11 AM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service failed to start due to the following error:
%%1053

Error: (06/26/2012 07:00:11 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (06/24/2012 07:23:48 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error:
%%1053

Error: (06/24/2012 07:23:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinHttpAutoProxySvc service.


Microsoft Office Sessions:
=========================
Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 688884

Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 688884

Error: (07/19/2012 05:30:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/19/2012 01:24:49 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (07/19/2012 01:24:39 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/19/2012 01:04:12 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (07/19/2012 01:04:11 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


=========================== Installed Programs ============================

AccuWeather.com Cirrus (Version: 0.1.6)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Reader 9.5.1 (Version: 9.5.1)
Alps Pointing-device for VAIO
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft WebCam Companion 3 (Version: 3.0.21.278)
ATI Catalyst Install Manager (Version: 3.0.765.0)
avast! Free Antivirus (Version: 6.0.1289.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full Existing (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full New (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Light (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Common (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0302.2233.40412)
Catalyst Control Center InstallProxy (Version: 2010.0302.2233.40412)
Catalyst Control Center Localization All (Version: 2010.0302.2233.40412)
ccc-core-static (Version: 2010.0302.2233.40412)
ccc-utility64 (Version: 2010.0302.2233.40412)
CCC Help Chinese Standard (Version: 2010.0302.2232.40412)
CCC Help Chinese Traditional (Version: 2010.0302.2232.40412)
CCC Help Czech (Version: 2010.0302.2232.40412)
CCC Help Danish (Version: 2010.0302.2232.40412)
CCC Help Dutch (Version: 2010.0302.2232.40412)
CCC Help English (Version: 2010.0302.2232.40412)
CCC Help Finnish (Version: 2010.0302.2232.40412)
CCC Help French (Version: 2010.0302.2232.40412)
CCC Help German (Version: 2010.0302.2232.40412)
CCC Help Greek (Version: 2010.0302.2232.40412)
CCC Help Hungarian (Version: 2010.0302.2232.40412)
CCC Help Italian (Version: 2010.0302.2232.40412)
CCC Help Japanese (Version: 2010.0302.2232.40412)
CCC Help Korean (Version: 2010.0302.2232.40412)
CCC Help Norwegian (Version: 2010.0302.2232.40412)
CCC Help Polish (Version: 2010.0302.2232.40412)
CCC Help Portuguese (Version: 2010.0302.2232.40412)
CCC Help Russian (Version: 2010.0302.2232.40412)
CCC Help Spanish (Version: 2010.0302.2232.40412)
CCC Help Swedish (Version: 2010.0302.2232.40412)
CCC Help Thai (Version: 2010.0302.2232.40412)
CCC Help Turkish (Version: 2010.0302.2232.40412)
CCleaner (Version: 3.19)
Click to Disc MergeModules x64 (Version: 1.0.14230)
Corel WinDVD (Version: 10.0.5.296)
ESET Online Scanner v3
Evernote (Version: 3.5.2.1525)
Google Chrome (Version: 20.0.1132.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
HijackThis 2.0.2 (Version: 2.0.2)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 18 (64-bit) (Version: 6.0.180)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Gallery (Version: 1.2.0.15040)
Media Gallery MergeModules x64 (Version: 1.0.14250)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSI_SPF_x64 (Version: 1.0.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Oasis2Service (Version: 1.0.1)
OOBE (Version: 3.00.0215)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.1.02.03310)
PMB VAIO Edition Guide (Version: 1.1.00.14080)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.1.00.15080)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (Version: 1.1.00.15040)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.1.00.15080)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30116)
Service Pack 1 for SQL Server 2008 (KB968369) (Version: 10.1.2531.0)
Setting Utility Series (Version: 5.2.0.15250)
SmartWi Connection Utility (Version: 4.10.4.20100121.2442)
Sony Home Network Library (Version: 2.1.0.14240)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
VAIO Care (Version: 6.0.0.15080)
VAIO Content Monitoring Settings (Version: 2.5.0.13220)
VAIO Control Center (Version: 4.2.0.15020)
VAIO Data Restore Tool (Version: 1.3.0.13150)
VAIO DVD Menu Data (Version: 2.1.00.13210)
VAIO Entertainment Platform (Version: 3.7.0.16080)
VAIO Event Service (Version: 5.2.0.15020)
VAIO Gate (Version: 2.0.0.14050)
VAIO Gate Default (Version: 2.0.0.04160)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Help and Support (Version: 11.00.0225)
VAIO Help and Support Update (Version: 1.00.0309)
VAIO Manual (Version: 1.0.0.03290)
VAIO Media plus (Version: 2.1.0.15040)
VAIO Media plus Opening Movie (Version: 2.1.0.14080)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240)
VAIO Movie Story Template Data (Version: 2.1.00.14040)
VAIO Original Function Settings (Version: 2.1.0.13120)
VAIO Power Management (Version: 5.1.0.15250)
VAIO Sample Contents (Version: 1.2.0.16080)
VAIO Survey (Version: 6.00.1028)
VAIO Transfer Support (Version: 1.1.1.13070)
VAIO Update 5 (Version: 5.1.0.13220)
VAIO Wallpaper Contents (Version: 2.1.0.14090)
VMp MergeModule x64 (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.1.500)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3834.9 MB
Available physical RAM: 2142.2 MB
Total Pagefile: 7667.94 MB
Available Pagefile: 5357.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.41 GB) (Free:245.9 GB) NTFS

========================= Users: ========================================

User accounts for \\MOLLY-VAIO

Administrator Guest Molly


**** End of log ****

#8 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 08:02 PM

Here is the FSS Log

Farbar Service Scanner Version: 19-07-2012
Ran by Molly (administrator) on 19-07-2012 at 20:01:32
Running from "C:\Users\Molly\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 07:46] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 12:06] - [2012-03-30 06:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-07-11 12:58] - [2012-04-24 00:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 08:09 PM

Here is the adware cleaner log


# AdwCleaner v1.703 - Logfile created 07/19/2012 at 20:03:30
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Molly - MOLLY-VAIO
# Running from : C:\Users\Molly\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Molly\AppData\LocalLow\AskToolbar
File Deleted : C:\Users\Molly\AppData\Roaming\Mozilla\Firefox\Profiles\gs1cltk4.default\searchplugins\Askcom.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x64] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Molly\AppData\Roaming\Mozilla\Firefox\Profiles\gs1cltk4.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Molly\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [2225 octets] - [19/07/2012 20:03:30]

########## EOF - C:\AdwCleaner[S1].txt - [2353 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:51 PM

Posted 19 July 2012 - 08:56 PM

Malwarebytes log :thumbup2:

#11 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 09:23 PM

Here is the quick scan log for malware bytes, do i need to do a full scan? it still showing the trogan


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.19.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Molly :: MOLLY-VAIO [administrator]

7/19/2012 9:16:03 PM
mbam-log-2012-07-19 (21-16-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191264
Time elapsed: 3 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:51 PM

Posted 19 July 2012 - 09:27 PM

Run malwarebytes scan again and post the log

ANy current issues?

#13 moeve

moeve
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 19 July 2012 - 09:36 PM

Here is the new log after i restarted my computer; no for the first time in 2 days my Avast is quite,no more having to put it on gamers mode.I want to thank you for helping me,I am very careful about what websites I go on,so I don't know where this came from..

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.19.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Molly :: MOLLY-VAIO [administrator]

7/19/2012 9:27:14 PM
mbam-log-2012-07-19 (21-27-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191253
Time elapsed: 4 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:51 PM

Posted 19 July 2012 - 09:39 PM

You have older versions of java and flash player which can be exploited to infect your Pc.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users