Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan ransome malwayrebytes cant remove


  • Please log in to reply
7 replies to this topic

#1 misssk

misssk

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 26 July 2012 - 10:20 AM

I ran malwayrebytes on my windows 7 laptop and it finds a trojan ramsonme despite it saying it will remove selected on reboot it doesn't disappear!

please help i dont know much about computers can only do basics.

this is the log from malwayrebytes
Internet Explorer 8.0.7601.17514
Huzaifah :: HUZAIFAH-VAIO [administrator]

26/07/2012 15:51:06
mbam-log-2012-07-26 (15-51-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 190416
Time elapsed: 4 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Huzaifah\LOCALS~1\Temp\mszyafo.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 26 July 2012 - 10:50 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 misssk

misssk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 26 July 2012 - 12:06 PM

16:56:05.0585 5788 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:56:05.0702 5788 ============================================================
16:56:05.0702 5788 Current date / time: 2012/07/26 16:56:05.0702
16:56:05.0702 5788 SystemInfo:
16:56:05.0702 5788
16:56:05.0703 5788 OS Version: 6.1.7601 ServicePack: 1.0
16:56:05.0703 5788 Product type: Workstation
16:56:05.0703 5788 ComputerName: HUZAIFAH-VAIO
16:56:05.0703 5788 UserName: Huzaifah
16:56:05.0703 5788 Windows directory: C:\Windows
16:56:05.0703 5788 System windows directory: C:\Windows
16:56:05.0703 5788 Running under WOW64
16:56:05.0703 5788 Processor architecture: Intel x64
16:56:05.0703 5788 Number of processors: 4
16:56:05.0703 5788 Page size: 0x1000
16:56:05.0703 5788 Boot type: Normal boot
16:56:05.0703 5788 ============================================================
16:56:08.0712 5788 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:08.0717 5788 ============================================================
16:56:08.0717 5788 \Device\Harddisk0\DR0:
16:56:08.0717 5788 MBR partitions:
16:56:08.0717 5788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x19F3800, BlocksNum 0x32000
16:56:08.0717 5788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A25800, BlocksNum 0x38960830
16:56:08.0717 5788 ============================================================
16:56:08.0748 5788 C: <-> \Device\Harddisk0\DR0\Partition1
16:56:08.0748 5788 ============================================================
16:56:08.0748 5788 Initialize success
16:56:08.0748 5788 ============================================================
16:56:34.0484 6260 ============================================================
16:56:34.0484 6260 Scan started
16:56:34.0484 6260 Mode: Manual; TDLFS;
16:56:34.0484 6260 ============================================================
16:56:35.0556 6260 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:35.0578 6260 1394ohci - ok
16:56:35.0699 6260 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:56:35.0717 6260 ACDaemon - ok
16:56:35.0761 6260 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:35.0780 6260 ACPI - ok
16:56:35.0795 6260 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:35.0798 6260 AcpiPmi - ok
16:56:35.0840 6260 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:35.0857 6260 adp94xx - ok
16:56:35.0914 6260 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:35.0934 6260 adpahci - ok
16:56:35.0958 6260 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:35.0971 6260 adpu320 - ok
16:56:35.0999 6260 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:36.0002 6260 AeLookupSvc - ok
16:56:36.0121 6260 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:36.0149 6260 AFD - ok
16:56:36.0186 6260 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:36.0191 6260 agp440 - ok
16:56:36.0210 6260 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:36.0215 6260 ALG - ok
16:56:36.0242 6260 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:36.0246 6260 aliide - ok
16:56:36.0272 6260 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:36.0274 6260 amdide - ok
16:56:36.0307 6260 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:36.0311 6260 AmdK8 - ok
16:56:36.0335 6260 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:36.0339 6260 AmdPPM - ok
16:56:36.0380 6260 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:36.0384 6260 amdsata - ok
16:56:36.0422 6260 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:36.0437 6260 amdsbs - ok
16:56:36.0471 6260 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:36.0472 6260 amdxata - ok
16:56:36.0515 6260 ApfiltrService (12bfa9ec4b03cc16bb7d19baa308aef2) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:56:36.0518 6260 ApfiltrService - ok
16:56:36.0555 6260 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:36.0559 6260 AppID - ok
16:56:36.0575 6260 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:36.0577 6260 AppIDSvc - ok
16:56:36.0597 6260 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:36.0600 6260 Appinfo - ok
16:56:36.0624 6260 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:36.0627 6260 arc - ok
16:56:36.0646 6260 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:36.0650 6260 arcsas - ok
16:56:36.0681 6260 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:56:36.0681 6260 ArcSoftKsUFilter - ok
16:56:36.0764 6260 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:36.0803 6260 aspnet_state - ok
16:56:36.0823 6260 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:36.0826 6260 AsyncMac - ok
16:56:36.0842 6260 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:36.0845 6260 atapi - ok
16:56:36.0879 6260 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
16:56:36.0880 6260 AthBTPort - ok
16:56:36.0900 6260 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
16:56:36.0904 6260 ATHDFU - ok
16:56:36.0971 6260 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:56:36.0976 6260 Atheros Bt&Wlan Coex Agent - ok
16:56:36.0990 6260 AtherosSvc (4d643cd9e892e559355b7a77d532bd38) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:56:36.0993 6260 AtherosSvc - ok
16:56:37.0154 6260 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
16:56:37.0241 6260 athr - ok
16:56:37.0387 6260 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:37.0430 6260 AudioEndpointBuilder - ok
16:56:37.0447 6260 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:37.0456 6260 AudioSrv - ok
16:56:37.0491 6260 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:37.0495 6260 AxInstSV - ok
16:56:37.0560 6260 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:37.0582 6260 b06bdrv - ok
16:56:37.0615 6260 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:37.0628 6260 b57nd60a - ok
16:56:37.0696 6260 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:37.0711 6260 BBSvc - ok
16:56:37.0746 6260 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:37.0751 6260 BDESVC - ok
16:56:37.0770 6260 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:37.0772 6260 Beep - ok
16:56:37.0822 6260 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:37.0855 6260 BFE - ok
16:56:37.0989 6260 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:38.0032 6260 BITS - ok
16:56:38.0095 6260 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:38.0098 6260 blbdrive - ok
16:56:38.0125 6260 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:38.0128 6260 bowser - ok
16:56:38.0147 6260 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:38.0150 6260 BrFiltLo - ok
16:56:38.0168 6260 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:38.0172 6260 BrFiltUp - ok
16:56:38.0234 6260 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:38.0239 6260 Browser - ok
16:56:38.0275 6260 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:38.0290 6260 Brserid - ok
16:56:38.0308 6260 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:38.0311 6260 BrSerWdm - ok
16:56:38.0325 6260 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:38.0328 6260 BrUsbMdm - ok
16:56:38.0344 6260 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:38.0346 6260 BrUsbSer - ok
16:56:38.0386 6260 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
16:56:38.0389 6260 BTATH_A2DP - ok
16:56:38.0401 6260 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
16:56:38.0402 6260 btath_avdt - ok
16:56:38.0423 6260 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
16:56:38.0423 6260 BTATH_BUS - ok
16:56:38.0463 6260 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\DRIVERS\btath_hcrp.sys
16:56:38.0465 6260 BTATH_HCRP - ok
16:56:38.0488 6260 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:56:38.0489 6260 BTATH_LWFLT - ok
16:56:38.0532 6260 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\DRIVERS\btath_rcp.sys
16:56:38.0534 6260 BTATH_RCP - ok
16:56:38.0563 6260 BtFilter (6c4911b6fb92984fbef775674795cfa2) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:38.0566 6260 BtFilter - ok
16:56:38.0597 6260 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:56:38.0599 6260 BthEnum - ok
16:56:38.0617 6260 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:56:38.0620 6260 BTHMODEM - ok
16:56:38.0677 6260 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:38.0680 6260 BthPan - ok
16:56:38.0756 6260 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:56:38.0777 6260 BTHPORT - ok
16:56:38.0823 6260 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:38.0826 6260 bthserv - ok
16:56:38.0837 6260 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:56:38.0840 6260 BTHUSB - ok
16:56:38.0859 6260 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:38.0862 6260 cdfs - ok
16:56:38.0886 6260 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:56:38.0891 6260 cdrom - ok
16:56:38.0908 6260 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:38.0910 6260 CertPropSvc - ok
16:56:38.0932 6260 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:38.0935 6260 circlass - ok
16:56:38.0969 6260 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:38.0981 6260 CLFS - ok
16:56:39.0069 6260 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:39.0074 6260 clr_optimization_v2.0.50727_32 - ok
16:56:39.0120 6260 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:39.0129 6260 clr_optimization_v2.0.50727_64 - ok
16:56:39.0190 6260 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:39.0295 6260 clr_optimization_v4.0.30319_32 - ok
16:56:39.0363 6260 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:39.0424 6260 clr_optimization_v4.0.30319_64 - ok
16:56:39.0444 6260 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:39.0446 6260 CmBatt - ok
16:56:39.0462 6260 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:39.0465 6260 cmdide - ok
16:56:39.0517 6260 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:56:39.0557 6260 CNG - ok
16:56:39.0710 6260 CnxtHdAudService (61f989b3e4c097de52330ba00fcbcb67) C:\Windows\system32\drivers\CHDRT64.sys
16:56:39.0734 6260 CnxtHdAudService - ok
16:56:39.0832 6260 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:39.0833 6260 Compbatt - ok
16:56:39.0864 6260 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:39.0867 6260 CompositeBus - ok
16:56:39.0871 6260 COMSysApp - ok
16:56:39.0893 6260 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:39.0895 6260 crcdisk - ok
16:56:39.0932 6260 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:56:39.0938 6260 CryptSvc - ok
16:56:40.0086 6260 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:40.0121 6260 cvhsvc - ok
16:56:40.0245 6260 DCDhcpService (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
16:56:40.0252 6260 DCDhcpService - ok
16:56:40.0308 6260 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:40.0334 6260 DcomLaunch - ok
16:56:40.0385 6260 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:40.0407 6260 defragsvc - ok
16:56:40.0475 6260 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:40.0481 6260 DfsC - ok
16:56:40.0521 6260 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:40.0541 6260 Dhcp - ok
16:56:40.0557 6260 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:40.0560 6260 discache - ok
16:56:40.0579 6260 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:40.0581 6260 Disk - ok
16:56:40.0614 6260 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:40.0620 6260 Dnscache - ok
16:56:40.0695 6260 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:40.0709 6260 dot3svc - ok
16:56:40.0733 6260 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:40.0738 6260 DPS - ok
16:56:40.0767 6260 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:40.0769 6260 drmkaud - ok
16:56:40.0773 6260 dtlaunto - ok
16:56:40.0836 6260 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:40.0846 6260 DXGKrnl - ok
16:56:40.0905 6260 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
16:56:40.0918 6260 e1yexpress - ok
16:56:40.0956 6260 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:40.0961 6260 EapHost - ok
16:56:41.0149 6260 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:41.0247 6260 ebdrv - ok
16:56:41.0363 6260 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:41.0368 6260 EFS - ok
16:56:41.0443 6260 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:41.0492 6260 ehRecvr - ok
16:56:41.0519 6260 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:41.0524 6260 ehSched - ok
16:56:41.0611 6260 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:41.0636 6260 elxstor - ok
16:56:41.0656 6260 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:41.0659 6260 ErrDev - ok
16:56:41.0758 6260 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:41.0774 6260 EventSystem - ok
16:56:41.0807 6260 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:41.0822 6260 exfat - ok
16:56:41.0841 6260 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:41.0850 6260 fastfat - ok
16:56:41.0937 6260 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:41.0981 6260 Fax - ok
16:56:42.0007 6260 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:42.0010 6260 fdc - ok
16:56:42.0033 6260 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:42.0037 6260 fdPHost - ok
16:56:42.0061 6260 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:42.0064 6260 FDResPub - ok
16:56:42.0087 6260 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:42.0090 6260 FileInfo - ok
16:56:42.0115 6260 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:42.0118 6260 Filetrace - ok
16:56:42.0151 6260 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:42.0154 6260 flpydisk - ok
16:56:42.0189 6260 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:42.0202 6260 FltMgr - ok
16:56:42.0284 6260 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:42.0327 6260 FontCache - ok
16:56:42.0433 6260 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:42.0437 6260 FontCache3.0.0.0 - ok
16:56:42.0480 6260 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:42.0484 6260 FsDepends - ok
16:56:42.0524 6260 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:42.0525 6260 Fs_Rec - ok
16:56:42.0553 6260 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:42.0558 6260 fvevol - ok
16:56:42.0668 6260 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:42.0729 6260 gagp30kx - ok
16:56:42.0888 6260 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:42.0920 6260 gpsvc - ok
16:56:42.0985 6260 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:42.0989 6260 gupdate - ok
16:56:42.0994 6260 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:56:42.0997 6260 gupdatem - ok
16:56:43.0034 6260 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:43.0037 6260 hcw85cir - ok
16:56:43.0065 6260 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:43.0085 6260 HdAudAddService - ok
16:56:43.0144 6260 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:56:43.0147 6260 HDAudBus - ok
16:56:43.0161 6260 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:43.0164 6260 HidBatt - ok
16:56:43.0189 6260 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:43.0193 6260 HidBth - ok
16:56:43.0205 6260 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:43.0209 6260 HidIr - ok
16:56:43.0233 6260 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:43.0236 6260 hidserv - ok
16:56:43.0250 6260 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:56:43.0252 6260 HidUsb - ok
16:56:43.0281 6260 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:43.0285 6260 hkmsvc - ok
16:56:43.0318 6260 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:43.0331 6260 HomeGroupListener - ok
16:56:43.0374 6260 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:43.0389 6260 HomeGroupProvider - ok
16:56:43.0423 6260 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:43.0427 6260 HpSAMD - ok
16:56:43.0480 6260 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:43.0541 6260 HTTP - ok
16:56:43.0560 6260 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:43.0561 6260 hwpolicy - ok
16:56:43.0581 6260 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:43.0585 6260 i8042prt - ok
16:56:43.0625 6260 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
16:56:43.0628 6260 iaStor - ok
16:56:43.0698 6260 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:43.0699 6260 IAStorDataMgrSvc - ok
16:56:43.0750 6260 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:43.0770 6260 iaStorV - ok
16:56:43.0914 6260 IconMan_R (6f3909a3d40cc9f4b28e03b027f918d8) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:56:44.0011 6260 IconMan_R - ok
16:56:44.0148 6260 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:44.0221 6260 idsvc - ok
16:56:45.0733 6260 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:56:45.0981 6260 igfx - ok
16:56:46.0111 6260 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:56:46.0114 6260 iirsp - ok
16:56:46.0193 6260 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:56:46.0255 6260 IKEEXT - ok
16:56:46.0303 6260 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:56:46.0323 6260 IntcDAud - ok
16:56:46.0343 6260 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:56:46.0346 6260 intelide - ok
16:56:46.0373 6260 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:56:46.0374 6260 intelppm - ok
16:56:46.0404 6260 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:56:46.0409 6260 IPBusEnum - ok
16:56:46.0426 6260 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:46.0430 6260 IpFilterDriver - ok
16:56:46.0474 6260 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:56:46.0490 6260 iphlpsvc - ok
16:56:46.0524 6260 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:56:46.0528 6260 IPMIDRV - ok
16:56:46.0543 6260 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:56:46.0546 6260 IPNAT - ok
16:56:46.0572 6260 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:56:46.0575 6260 IRENUM - ok
16:56:46.0604 6260 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:56:46.0607 6260 isapnp - ok
16:56:46.0633 6260 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:56:46.0646 6260 iScsiPrt - ok
16:56:46.0668 6260 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:56:46.0669 6260 kbdclass - ok
16:56:46.0683 6260 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:56:46.0686 6260 kbdhid - ok
16:56:46.0712 6260 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:46.0714 6260 KeyIso - ok
16:56:46.0747 6260 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:56:46.0750 6260 KSecDD - ok
16:56:46.0767 6260 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:56:46.0771 6260 KSecPkg - ok
16:56:46.0793 6260 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:56:46.0795 6260 ksthunk - ok
16:56:46.0841 6260 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:56:46.0861 6260 KtmRm - ok
16:56:46.0897 6260 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:56:46.0910 6260 LanmanServer - ok
16:56:46.0948 6260 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:56:46.0954 6260 LanmanWorkstation - ok
16:56:46.0977 6260 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:56:46.0980 6260 lltdio - ok
16:56:47.0025 6260 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:56:47.0046 6260 lltdsvc - ok
16:56:47.0059 6260 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:56:47.0062 6260 lmhosts - ok
16:56:47.0196 6260 LMS (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:56:47.0209 6260 LMS - ok
16:56:47.0238 6260 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:56:47.0242 6260 LSI_FC - ok
16:56:47.0264 6260 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:56:47.0268 6260 LSI_SAS - ok
16:56:47.0297 6260 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:56:47.0300 6260 LSI_SAS2 - ok
16:56:47.0315 6260 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:56:47.0319 6260 LSI_SCSI - ok
16:56:47.0337 6260 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:56:47.0341 6260 luafv - ok
16:56:47.0346 6260 lxda_device - ok
16:56:47.0371 6260 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:56:47.0375 6260 Mcx2Svc - ok
16:56:47.0396 6260 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:56:47.0399 6260 megasas - ok
16:56:47.0427 6260 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:56:47.0446 6260 MegaSR - ok
16:56:47.0469 6260 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
16:56:47.0471 6260 MEIx64 - ok
16:56:47.0489 6260 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:47.0493 6260 MMCSS - ok
16:56:47.0503 6260 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:56:47.0505 6260 Modem - ok
16:56:47.0516 6260 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:56:47.0517 6260 monitor - ok
16:56:47.0534 6260 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:56:47.0535 6260 mouclass - ok
16:56:47.0552 6260 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:56:47.0554 6260 mouhid - ok
16:56:47.0570 6260 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:56:47.0572 6260 mountmgr - ok
16:56:47.0636 6260 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:56:47.0641 6260 MozillaMaintenance - ok
16:56:47.0679 6260 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:47.0692 6260 MpFilter - ok
16:56:47.0719 6260 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:56:47.0724 6260 mpio - ok
16:56:47.0787 6260 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:56:47.0790 6260 mpsdrv - ok
16:56:47.0857 6260 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:56:47.0904 6260 MpsSvc - ok
16:56:47.0935 6260 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:56:47.0939 6260 MRxDAV - ok
16:56:47.0976 6260 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:47.0981 6260 mrxsmb - ok
16:56:48.0013 6260 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:48.0033 6260 mrxsmb10 - ok
16:56:48.0050 6260 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:48.0054 6260 mrxsmb20 - ok
16:56:48.0074 6260 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:56:48.0077 6260 msahci - ok
16:56:48.0118 6260 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:56:48.0123 6260 msdsm - ok
16:56:48.0145 6260 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:56:48.0152 6260 MSDTC - ok
16:56:48.0210 6260 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:56:48.0213 6260 Msfs - ok
16:56:48.0233 6260 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:56:48.0236 6260 mshidkmdf - ok
16:56:48.0251 6260 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:56:48.0252 6260 msisadrv - ok
16:56:48.0286 6260 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:56:48.0292 6260 MSiSCSI - ok
16:56:48.0321 6260 msiserver - ok
16:56:48.0347 6260 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:56:48.0349 6260 MSKSSRV - ok
16:56:48.0428 6260 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:48.0429 6260 MsMpSvc - ok
16:56:48.0461 6260 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:48.0464 6260 MSPCLOCK - ok
16:56:48.0473 6260 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:56:48.0475 6260 MSPQM - ok
16:56:48.0507 6260 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:56:48.0529 6260 MsRPC - ok
16:56:48.0552 6260 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:56:48.0552 6260 mssmbios - ok
16:56:48.0569 6260 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:56:48.0575 6260 MSTEE - ok
16:56:48.0584 6260 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:56:48.0588 6260 MTConfig - ok
16:56:48.0598 6260 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:56:48.0599 6260 Mup - ok
16:56:48.0641 6260 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:56:48.0661 6260 napagent - ok
16:56:48.0694 6260 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:56:48.0713 6260 NativeWifiP - ok
16:56:48.0773 6260 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:56:48.0810 6260 NDIS - ok
16:56:48.0834 6260 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:48.0837 6260 NdisCap - ok
16:56:48.0852 6260 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:48.0854 6260 NdisTapi - ok
16:56:48.0875 6260 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:48.0878 6260 Ndisuio - ok
16:56:48.0902 6260 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:48.0906 6260 NdisWan - ok
16:56:48.0917 6260 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:56:48.0919 6260 NDProxy - ok
16:56:48.0936 6260 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:56:48.0939 6260 NetBIOS - ok
16:56:48.0967 6260 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:56:48.0973 6260 NetBT - ok
16:56:49.0001 6260 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:49.0003 6260 Netlogon - ok
16:56:49.0039 6260 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:56:49.0060 6260 Netman - ok
16:56:49.0141 6260 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:49.0190 6260 NetMsmqActivator - ok
16:56:49.0198 6260 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:49.0201 6260 NetPipeActivator - ok
16:56:49.0264 6260 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:56:49.0286 6260 netprofm - ok
16:56:49.0290 6260 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:49.0291 6260 NetTcpActivator - ok
16:56:49.0296 6260 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:49.0297 6260 NetTcpPortSharing - ok
16:56:49.0363 6260 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:56:49.0368 6260 nfrd960 - ok
16:56:49.0401 6260 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:49.0406 6260 NisDrv - ok
16:56:49.0490 6260 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:49.0511 6260 NisSrv - ok
16:56:49.0559 6260 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:56:49.0578 6260 NlaSvc - ok
16:56:49.0605 6260 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:56:49.0607 6260 Npfs - ok
16:56:49.0626 6260 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:56:49.0630 6260 nsi - ok
16:56:49.0646 6260 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:56:49.0648 6260 nsiproxy - ok
16:56:49.0757 6260 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:56:49.0819 6260 Ntfs - ok
16:56:49.0939 6260 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:56:49.0941 6260 Null - ok
16:56:50.0535 6260 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:50.0795 6260 nvlddmkm - ok
16:56:50.0926 6260 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:56:50.0933 6260 nvraid - ok
16:56:50.0980 6260 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:56:50.0995 6260 nvstor - ok
16:56:51.0037 6260 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:56:51.0042 6260 nv_agp - ok
16:56:51.0068 6260 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:56:51.0071 6260 ohci1394 - ok
16:56:51.0159 6260 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:51.0177 6260 ose - ok
16:56:51.0570 6260 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:51.0713 6260 osppsvc - ok
16:56:51.0842 6260 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:51.0862 6260 p2pimsvc - ok
16:56:51.0908 6260 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:56:51.0928 6260 p2psvc - ok
16:56:51.0990 6260 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:56:51.0996 6260 Parport - ok
16:56:52.0028 6260 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:56:52.0031 6260 partmgr - ok
16:56:52.0067 6260 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:56:52.0081 6260 PcaSvc - ok
16:56:52.0109 6260 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:56:52.0113 6260 pci - ok
16:56:52.0140 6260 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:56:52.0142 6260 pciide - ok
16:56:52.0171 6260 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:56:52.0185 6260 pcmcia - ok
16:56:52.0218 6260 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:56:52.0219 6260 pcw - ok
16:56:52.0273 6260 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:56:52.0308 6260 PEAUTH - ok
16:56:52.0372 6260 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:56:52.0376 6260 PerfHost - ok
16:56:52.0481 6260 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:56:52.0534 6260 pla - ok
16:56:52.0592 6260 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:56:52.0610 6260 PlugPlay - ok
16:56:52.0731 6260 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:56:52.0773 6260 PMBDeviceInfoProvider - ok
16:56:52.0799 6260 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:56:52.0803 6260 PNRPAutoReg - ok
16:56:52.0834 6260 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:52.0839 6260 PNRPsvc - ok
16:56:52.0894 6260 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:56:52.0911 6260 PolicyAgent - ok
16:56:52.0956 6260 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:56:52.0971 6260 Power - ok
16:56:53.0022 6260 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:56:53.0026 6260 PptpMiniport - ok
16:56:53.0057 6260 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:56:53.0062 6260 Processor - ok
16:56:53.0098 6260 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:56:53.0113 6260 ProfSvc - ok
16:56:53.0138 6260 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:53.0140 6260 ProtectedStorage - ok
16:56:53.0167 6260 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:56:53.0171 6260 Psched - ok
16:56:53.0260 6260 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:56:53.0317 6260 ql2300 - ok
16:56:53.0493 6260 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:56:53.0498 6260 ql40xx - ok
16:56:53.0547 6260 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:56:53.0569 6260 QWAVE - ok
16:56:53.0592 6260 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:56:53.0596 6260 QWAVEdrv - ok
16:56:53.0605 6260 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:56:53.0608 6260 RasAcd - ok
16:56:53.0640 6260 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:56:53.0642 6260 RasAgileVpn - ok
16:56:53.0662 6260 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:56:53.0667 6260 RasAuto - ok
16:56:53.0690 6260 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:56:53.0694 6260 Rasl2tp - ok
16:56:53.0749 6260 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:56:53.0769 6260 RasMan - ok
16:56:53.0782 6260 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:56:53.0785 6260 RasPppoe - ok
16:56:53.0803 6260 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:56:53.0807 6260 RasSstp - ok
16:56:53.0845 6260 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:56:53.0852 6260 rdbss - ok
16:56:53.0877 6260 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:56:53.0879 6260 rdpbus - ok
16:56:53.0904 6260 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:56:53.0906 6260 RDPCDD - ok
16:56:53.0925 6260 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:56:53.0927 6260 RDPENCDD - ok
16:56:53.0938 6260 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:56:53.0940 6260 RDPREFMP - ok
16:56:53.0981 6260 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:56:53.0997 6260 RDPWD - ok
16:56:54.0027 6260 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:56:54.0032 6260 rdyboost - ok
16:56:54.0061 6260 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:56:54.0067 6260 RemoteAccess - ok
16:56:54.0101 6260 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:56:54.0107 6260 RemoteRegistry - ok
16:56:54.0138 6260 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:56:54.0142 6260 RFCOMM - ok
16:56:54.0159 6260 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:56:54.0164 6260 RpcEptMapper - ok
16:56:54.0189 6260 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:56:54.0192 6260 RpcLocator - ok
16:56:54.0238 6260 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:54.0245 6260 RpcSs - ok
16:56:54.0286 6260 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:56:54.0289 6260 RSPCIESTOR - ok
16:56:54.0314 6260 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:56:54.0317 6260 rspndr - ok
16:56:54.0364 6260 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:56:54.0368 6260 RTL8167 - ok
16:56:54.0393 6260 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:54.0394 6260 SamSs - ok
16:56:54.0427 6260 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:56:54.0430 6260 sbp2port - ok
16:56:54.0467 6260 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:56:54.0482 6260 SCardSvr - ok
16:56:54.0495 6260 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:56:54.0498 6260 scfilter - ok
16:56:54.0572 6260 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:56:54.0609 6260 Schedule - ok
16:56:54.0645 6260 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:54.0646 6260 SCPolicySvc - ok
16:56:54.0671 6260 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:56:54.0674 6260 sdbus - ok
16:56:54.0702 6260 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:56:54.0709 6260 SDRSVC - ok
16:56:54.0780 6260 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:54.0793 6260 SeaPort - ok
16:56:54.0807 6260 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:56:54.0809 6260 secdrv - ok
16:56:54.0836 6260 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:56:54.0841 6260 seclogon - ok
16:56:54.0862 6260 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:56:54.0867 6260 SENS - ok
16:56:54.0887 6260 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:56:54.0892 6260 SensrSvc - ok
16:56:54.0919 6260 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:56:54.0922 6260 Serenum - ok
16:56:54.0942 6260 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:56:54.0946 6260 Serial - ok
16:56:54.0959 6260 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:56:54.0962 6260 sermouse - ok
16:56:54.0988 6260 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:56:54.0992 6260 SessionEnv - ok
16:56:55.0013 6260 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:56:55.0015 6260 SFEP - ok
16:56:55.0044 6260 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:56:55.0046 6260 sffdisk - ok
16:56:55.0060 6260 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:56:55.0062 6260 sffp_mmc - ok
16:56:55.0080 6260 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:56:55.0082 6260 sffp_sd - ok
16:56:55.0098 6260 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:56:55.0100 6260 sfloppy - ok
16:56:55.0173 6260 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:56:55.0181 6260 Sftfs - ok
16:56:55.0308 6260 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:56:55.0334 6260 sftlist - ok
16:56:55.0381 6260 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:56:55.0385 6260 Sftplay - ok
16:56:55.0404 6260 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:56:55.0405 6260 Sftredir - ok
16:56:55.0422 6260 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:56:55.0423 6260 Sftvol - ok
16:56:55.0445 6260 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:56:55.0458 6260 sftvsa - ok
16:56:55.0654 6260 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:56:55.0675 6260 SharedAccess - ok
16:56:55.0764 6260 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:56:55.0784 6260 ShellHWDetection - ok
16:56:55.0813 6260 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:56:55.0817 6260 SiSRaid2 - ok
16:56:55.0842 6260 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:56:55.0846 6260 SiSRaid4 - ok
16:56:55.0868 6260 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:56:55.0871 6260 Smb - ok
16:56:55.0881 6260 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:56:55.0884 6260 SNMPTRAP - ok
16:56:55.0961 6260 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:56:55.0962 6260 SOHCImp - ok
16:56:55.0981 6260 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:56:55.0982 6260 SOHDs - ok
16:56:56.0064 6260 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
16:56:56.0074 6260 SpfService - ok
16:56:56.0141 6260 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:56:56.0142 6260 spldr - ok
16:56:56.0197 6260 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:56:56.0224 6260 Spooler - ok
16:56:56.0413 6260 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:56:56.0529 6260 sppsvc - ok
16:56:56.0688 6260 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:56:56.0696 6260 sppuinotify - ok
16:56:56.0758 6260 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:56:56.0777 6260 srv - ok
16:56:56.0819 6260 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:56:56.0839 6260 srv2 - ok
16:56:56.0879 6260 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:56:56.0884 6260 srvnet - ok
16:56:56.0956 6260 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:56:56.0971 6260 SSDPSRV - ok
16:56:56.0983 6260 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:56:56.0993 6260 SstpSvc - ok
16:56:57.0020 6260 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:56:57.0023 6260 stexstor - ok
16:56:57.0070 6260 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:56:57.0096 6260 stisvc - ok
16:56:57.0124 6260 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:56:57.0125 6260 swenum - ok
16:56:57.0170 6260 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:56:57.0196 6260 swprv - ok
16:56:57.0345 6260 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:56:57.0410 6260 SysMain - ok
16:56:57.0519 6260 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:56:57.0527 6260 TabletInputService - ok
16:56:57.0570 6260 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:56:57.0592 6260 TapiSrv - ok
16:56:57.0611 6260 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:56:57.0617 6260 TBS - ok
16:56:57.0839 6260 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:56:57.0896 6260 Tcpip - ok
16:56:58.0113 6260 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:56:58.0132 6260 TCPIP6 - ok
16:56:58.0233 6260 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:56:58.0236 6260 tcpipreg - ok
16:56:58.0259 6260 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:56:58.0262 6260 TDPIPE - ok
16:56:58.0292 6260 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:56:58.0296 6260 TDTCP - ok
16:56:58.0318 6260 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:56:58.0322 6260 tdx - ok
16:56:58.0354 6260 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:56:58.0356 6260 TermDD - ok
16:56:58.0415 6260 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:56:58.0466 6260 TermService - ok
16:56:58.0478 6260 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:56:58.0484 6260 Themes - ok
16:56:58.0515 6260 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:58.0517 6260 THREADORDER - ok
16:56:58.0542 6260 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:56:58.0547 6260 TrkWks - ok
16:56:58.0605 6260 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:56:58.0620 6260 TrustedInstaller - ok
16:56:58.0650 6260 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:56:58.0653 6260 tssecsrv - ok
16:56:58.0674 6260 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:56:58.0678 6260 TsUsbFlt - ok
16:56:58.0700 6260 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:56:58.0702 6260 TsUsbGD - ok
16:56:58.0731 6260 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:56:58.0734 6260 tunnel - ok
16:56:58.0751 6260 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:56:58.0755 6260 uagp35 - ok
16:56:58.0833 6260 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:56:58.0837 6260 uCamMonitor - ok
16:56:58.0872 6260 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:56:58.0893 6260 udfs - ok
16:56:58.0925 6260 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:56:58.0930 6260 UI0Detect - ok
16:56:58.0961 6260 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:56:58.0965 6260 uliagpkx - ok
16:56:58.0979 6260 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:56:58.0981 6260 umbus - ok
16:56:59.0001 6260 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:56:59.0004 6260 UmPass - ok
16:56:59.0194 6260 UNS (7a78ed1088890114dfde2c4ab038d6b6) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:56:59.0294 6260 UNS - ok
16:56:59.0417 6260 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:56:59.0437 6260 upnphost - ok
16:56:59.0488 6260 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:56:59.0493 6260 usbccgp - ok
16:56:59.0520 6260 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:56:59.0524 6260 usbcir - ok
16:56:59.0543 6260 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:56:59.0545 6260 usbehci - ok
16:56:59.0575 6260 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:56:59.0588 6260 usbhub - ok
16:56:59.0626 6260 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:56:59.0629 6260 usbohci - ok
16:56:59.0661 6260 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:56:59.0666 6260 usbprint - ok
16:56:59.0696 6260 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:56:59.0714 6260 USBSTOR - ok
16:56:59.0720 6260 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:56:59.0722 6260 usbuhci - ok
16:56:59.0781 6260 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:56:59.0786 6260 usbvideo - ok
16:56:59.0816 6260 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:56:59.0820 6260 UxSms - ok
16:56:59.0903 6260 VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:56:59.0905 6260 VAIO Event Service - ok
16:56:59.0939 6260 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:59.0942 6260 VaultSvc - ok
16:57:00.0061 6260 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:57:00.0108 6260 VCFw - ok
16:57:00.0226 6260 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:57:00.0263 6260 VcmIAlzMgr - ok
16:57:00.0307 6260 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:57:00.0324 6260 VcmINSMgr - ok
16:57:00.0409 6260 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:57:00.0453 6260 VcmXmlIfHelper - ok
16:57:00.0506 6260 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
16:57:00.0546 6260 VCService - ok
16:57:00.0693 6260 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:57:00.0694 6260 vdrvroot - ok
16:57:00.0750 6260 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:57:00.0787 6260 vds - ok
16:57:00.0828 6260 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:00.0833 6260 vga - ok
16:57:00.0851 6260 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:57:00.0854 6260 VgaSave - ok
16:57:00.0878 6260 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:57:00.0892 6260 vhdmp - ok
16:57:00.0930 6260 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:57:00.0932 6260 viaide - ok
16:57:00.0956 6260 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:57:00.0958 6260 volmgr - ok
16:57:00.0994 6260 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:57:01.0013 6260 volmgrx - ok
16:57:01.0041 6260 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:57:01.0054 6260 volsnap - ok
16:57:01.0076 6260 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:57:01.0080 6260 vsmraid - ok
16:57:01.0226 6260 VSNService (03f6f618367cb16a2176b8db4215d1f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:57:01.0294 6260 VSNService - ok
16:57:01.0400 6260 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:57:01.0491 6260 VSS - ok
16:57:01.0659 6260 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
16:57:01.0731 6260 VUAgent - ok
16:57:01.0863 6260 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:01.0866 6260 vwifibus - ok
16:57:01.0887 6260 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:01.0890 6260 vwififlt - ok
16:57:01.0906 6260 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:57:01.0907 6260 vwifimp - ok
16:57:01.0955 6260 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:57:01.0976 6260 W32Time - ok
16:57:02.0002 6260 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:57:02.0005 6260 WacomPen - ok
16:57:02.0022 6260 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:02.0025 6260 WANARP - ok
16:57:02.0028 6260 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:02.0029 6260 Wanarpv6 - ok
16:57:02.0125 6260 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:02.0190 6260 WatAdminSvc - ok
16:57:02.0299 6260 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:57:02.0384 6260 wbengine - ok
16:57:02.0486 6260 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:57:02.0502 6260 WbioSrvc - ok
16:57:02.0537 6260 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:57:02.0557 6260 wcncsvc - ok
16:57:02.0575 6260 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:57:02.0580 6260 WcsPlugInService - ok
16:57:02.0628 6260 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:57:02.0629 6260 Wd - ok
16:57:02.0695 6260 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:57:02.0729 6260 Wdf01000 - ok
16:57:02.0750 6260 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:02.0756 6260 WdiServiceHost - ok
16:57:02.0761 6260 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:02.0764 6260 WdiSystemHost - ok
16:57:02.0802 6260 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:57:02.0816 6260 WebClient - ok
16:57:02.0840 6260 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:57:02.0853 6260 Wecsvc - ok
16:57:02.0873 6260 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:57:02.0878 6260 wercplsupport - ok
16:57:02.0888 6260 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:57:02.0892 6260 WerSvc - ok
16:57:02.0940 6260 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:02.0942 6260 WfpLwf - ok
16:57:02.0961 6260 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:57:02.0963 6260 WIMMount - ok
16:57:02.0987 6260 WinDefend - ok
16:57:02.0995 6260 WinHttpAutoProxySvc - ok
16:57:03.0050 6260 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:57:03.0065 6260 Winmgmt - ok
16:57:03.0202 6260 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:57:03.0274 6260 WinRM - ok
16:57:03.0440 6260 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:57:03.0509 6260 Wlansvc - ok
16:57:03.0613 6260 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:03.0617 6260 wlcrasvc - ok
16:57:03.0774 6260 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:03.0835 6260 wlidsvc - ok
16:57:03.0962 6260 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:57:03.0964 6260 WmiAcpi - ok
16:57:04.0030 6260 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:04.0045 6260 wmiApSrv - ok
16:57:04.0119 6260 WMPNetworkSvc - ok
16:57:04.0149 6260 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:57:04.0155 6260 WPCSvc - ok
16:57:04.0176 6260 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:57:04.0182 6260 WPDBusEnum - ok
16:57:04.0206 6260 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:04.0208 6260 ws2ifsl - ok
16:57:04.0222 6260 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:57:04.0226 6260 wscsvc - ok
16:57:04.0229 6260 WSearch - ok
16:57:04.0398 6260 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:57:04.0455 6260 wuauserv - ok
16:57:04.0592 6260 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:57:04.0618 6260 WudfPf - ok
16:57:04.0643 6260 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:04.0647 6260 WUDFRd - ok
16:57:04.0677 6260 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:57:04.0681 6260 wudfsvc - ok
16:57:04.0710 6260 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:57:04.0725 6260 WwanSvc - ok
16:57:04.0760 6260 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:05.0352 6260 \Device\Harddisk0\DR0 - ok
16:57:05.0393 6260 Boot (0x1200) (39a726c285e2ed84c9cbd5d08518267b) \Device\Harddisk0\DR0\Partition0
16:57:05.0397 6260 \Device\Harddisk0\DR0\Partition0 - ok
16:57:05.0412 6260 Boot (0x1200) (79591c53e306f5e2b95821868c35888a) \Device\Harddisk0\DR0\Partition1
16:57:05.0417 6260 \Device\Harddisk0\DR0\Partition1 - ok
16:57:05.0418 6260 ============================================================
16:57:05.0418 6260 Scan finished
16:57:05.0418 6260 ============================================================
16:57:05.0447 6252 Detected object count: 0
16:57:05.0447 6252 Actual detected object count: 0
16:58:28.0126 5784 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-26 16:59:40
-----------------------------
16:59:40.544 OS Version: Windows x64 6.1.7601 Service Pack 1
16:59:40.544 Number of processors: 4 586 0x2A07
16:59:40.545 ComputerName: HUZAIFAH-VAIO UserName: Huzaifah
16:59:42.837 Initialize success
17:00:40.829 AVAST engine defs: 12072601
17:00:59.378 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:00:59.384 Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
17:00:59.405 Disk 0 MBR read successfully
17:00:59.411 Disk 0 MBR scan
17:00:59.499 Disk 0 Windows 7 default MBR code
17:00:59.504 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13285 MB offset 2048
17:00:59.541 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27211776
17:00:59.571 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463553 MB offset 27416576
17:00:59.638 Disk 0 scanning C:\Windows\system32\drivers
17:01:17.329 Service scanning
17:01:54.836 Modules scanning
17:01:54.855 Disk 0 trace - called modules:
17:01:54.878 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:01:54.888 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006607060]
17:01:54.894 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046fa050]
17:01:57.191 AVAST engine scan C:\Windows
17:02:00.580 AVAST engine scan C:\Windows\system32
17:06:30.471 AVAST engine scan C:\Windows\system32\drivers
17:06:50.944 AVAST engine scan C:\Users\Huzaifah
17:10:06.693 AVAST engine scan C:\ProgramData
17:14:41.053 Scan finished successfully
17:16:11.014 Disk 0 MBR has been saved successfully to "C:\Users\Huzaifah\Documents\MBR.dat"
17:16:11.018 The log file has been saved successfully to "C:\Users\Huzaifah\Documents\aswMBR.txt"


esset scanner found no threats.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 26 July 2012 - 01:40 PM

Press Windows+R key and type

regedit and click ok

Browse to

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

On right side you should find LOAD key with this value C:\Users\Huzaifah\LOCALS~1\Temp\mszyafo.com ,delete it.

If you receive access denied error then

go to HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

right click on Windows key

Click on permissions

CLick on Everyone

Under permissions ,select FULL CONTROL and click ok,now you should be able to delete the LOAD key

Run Malwarebytes again and post the log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 misssk

misssk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 26 July 2012 - 05:00 PM

malwayrebytes log

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.26.15

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Huzaifah :: HUZAIFAH-VAIO [administrator]

26/07/2012 22:37:56
mbam-log-2012-07-26 (22-37-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191507
Time elapsed: 3 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



mini toolbox log
MiniToolBox by Farbar Version: 23-07-2012
Ran by Huzaifah (administrator) on 26-07-2012 at 22:45:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "localhost,127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Huzaifah-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : EE-AF-78-B5-A6-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : CC-AF-78-B5-A6-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : CC-AF-78-B5-A6-7F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::102a:f41:21ad:fb7e%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 26 July 2012 22:30:32
Lease Expires . . . . . . . . . . : 27 July 2012 22:30:31
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 311427150
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-27-A4-42-78-84-3C-E8-0E-DA
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 78-84-3C-E8-0E-DA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3ccd:3919:3f57:fefd(Preferred)
Link-local IPv6 Address . . . . . : fe80::3ccd:3919:3f57:fefd%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:803::1007
173.194.34.99
173.194.34.110
173.194.34.104
173.194.34.100
173.194.34.101
173.194.34.96
173.194.34.105
173.194.34.102
173.194.34.103
173.194.34.98
173.194.34.97


Pinging google.com [173.194.34.110] with 32 bytes of data:
Reply from 173.194.34.110: bytes=32 time=17ms TTL=55
Reply from 173.194.34.110: bytes=32 time=19ms TTL=55

Ping statistics for 173.194.34.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 19ms, Average = 18ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=169ms TTL=49
Reply from 72.30.38.140: bytes=32 time=168ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 168ms, Maximum = 169ms, Average = 168ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...ee af 78 b5 a6 7f ......Microsoft Virtual WiFi Miniport Adapter #2
13...cc af 78 b5 a6 80 ......Bluetooth Device (Personal Area Network)
12...cc af 78 b5 a6 7f ......Atheros AR9285 Wireless Network Adapter
11...78 84 3c e8 0e da ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:5ef5:79fb:3ccd:3919:3f57:fefd/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
12 281 fe80::102a:f41:21ad:fb7e/128
On-link
15 306 fe80::3ccd:3919:3f57:fefd/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/26/2012 10:32:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 06:22:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 05:17:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/26/2012 05:16:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/26/2012 05:16:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/26/2012 04:55:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 04:45:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (07/26/2012 04:25:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7601.17514, time stamp: 0x4ce7b4e7
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0x40000015
Fault offset: 0x000000000002a84e
Faulting process id: 0x59c
Faulting application start time: 0xspoolsv.exe0
Faulting application path: spoolsv.exe1
Faulting module path: spoolsv.exe2
Report Id: spoolsv.exe3

Error: (07/26/2012 03:46:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 11:46:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/26/2012 04:26:01 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/24/2012 02:18:55 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/24/2012 02:18:54 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (07/24/2012 02:10:58 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.413.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/24/2012 01:07:30 PM) (Source: ACPI) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (07/12/2012 07:28:58 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2012 07:28:49 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (07/12/2012 07:28:25 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2012 07:28:22 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/12/2012 07:28:07 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/26/2012 10:32:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 06:22:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 05:17:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Huzaifah\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/26/2012 05:16:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Huzaifah\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/26/2012 05:16:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Huzaifah\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/26/2012 04:55:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 04:45:07 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (07/26/2012 04:25:57 PM) (Source: Application Error)(User: )
Description: spoolsv.exe6.1.7601.175144ce7b4e7msvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e59c01cd6b3d4492da47C:\Windows\System32\spoolsv.exeC:\Windows\system32\msvcrt.dll322fe442-d736-11e1-ad44-ccaf78b5a680

Error: (07/26/2012 03:46:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2012 11:46:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

?????? Windows Live (Version: 15.4.3502.0922)
??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ?????????? (Version: 15.4.5722.2)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (Version: 15.4.5722.2)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
???????????? Windows Live (Version: 15.4.3502.0922)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (Version: 15.4.5722.2)
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? (Version: 15.4.5722.2)
Adobe AIR (Version: 3.0.0.4080)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.26)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Reader X MUI (Version: 10.0.0)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (Version: 4.0.21.484)
Atheros WiFi Driver Installation (Version: 3.0)
BBC iPlayer Desktop (Version: 3.2.13)
Bing Bar (Version: 7.0.610.0)
Bluetooth Win7 Suite (64) (Version: 7.3.0.95)
Conexant HD Audio (Version: 8.54.18.51)
Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligaçőes Remotas (Version: 15.4.5722.2)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
ExpressFiles (Version: 1.2.0)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (Version: 15.4.5722.2)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
Lexmark 640 Series
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Gallery (Version: 1.5.0.16020)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení (Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (Version: 15.4.5722.2)
PMB (Version: 5.5.02.12220)
PMB VAIO Edition Plug-in (Version: 1.5.00.02250)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Qualcomm Atheros Direct Connect (Version: 3.0)
Quick Web Access (Version: 1.4.6.9)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Remote Keyboard (Version: 1.1.1.07060)
Remote Play with PlayStation 3 (Version: 1.1.0.15070)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Scratch (Version: 1.4.0.0)
Skype™ 5.1 (Version: 5.1.104)
Sony Corporation (Version: 1.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (Version: 1.0.0)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (Version: 15.4.5722.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (Version: 15.4.5722.2)
VAIO - Media Gallery (Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.02250)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.10.06150)
VAIO - Remote Keyboard (Version: 1.1.0.07060)
VAIO - Remote Play with PlayStation®3 (Version: 1.1.0.15070)
VAIO Care (Version: 6.4.2.11150)
VAIO Control Center (Version: 4.5.0.03040)
VAIO Data Restore Tool (Version: 1.6.0.13140)
VAIO Easy Connect (Version: 1.1.2.01120)
VAIO Event Service (Version: 5.5.0.03040)
VAIO Gate (Version: 2.4.0.06210)
VAIO Gate Default (Version: 2.4.0.03240)
VAIO Hardware Diagnostics (Version: 4.2.0.14280)
VAIO Hero Screensaver - Summer 2011 Screensaver
VAIO Improvement (Version: 1.0.0.14150)
VAIO Improvement Validation (Version: 1.0.4.01190)
VAIO Manual (Version: 2.0.0.02250)
VAIO Sample Contents (Version: 1.4.2.09010)
VAIO Smart Network (Version: 3.8.0.08120)
VAIO Transfer Support (Version: 1.4.0.14230)
VAIO Update (Version: 5.6.1.02150)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VAIO Update Merge Module x64 (Version: 5.6.10270)
VAIO Update Merge Module x64 (Version: 5.7.13130)
VCCx86 (Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (Version: 1.0.0)
VIx64 (Version: 1.0.0)
VIx86 (Version: 1.0.0)
VSNx64 (Version: 1.0.0)
VSNx86 (Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (Version: 1.0.0)
VWSTx86 (Version: 1.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2227.37 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 6050.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.13 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.69 GB) (Free:397.65 GB) NTFS

========================= Users: ========================================

User accounts for \\HUZAIFAH-VAIO

Administrator Guest Huzaifah


**** End of log ****


FSS log

Farbar Service Scanner Version: 26-07-2012
Ran by Huzaifah (administrator) on 26-07-2012 at 22:48:43
Running from "C:\Users\Huzaifah\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner log

# AdwCleaner v1.703 - Logfile created 07/26/2012 at 22:51:58
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Huzaifah - HUZAIFAH-VAIO
# Running from : C:\Users\Huzaifah\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Huzaifah\AppData\Roaming\Mozilla\Firefox\Profiles\w7oxw96d.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [281 octets] - [26/07/2012 22:50:05]
AdwCleaner[S2].txt - [906 octets] - [26/07/2012 22:51:58]

########## EOF - C:\AdwCleaner[S2].txt - [1033 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 26 July 2012 - 05:02 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 misssk

misssk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 26 July 2012 - 05:31 PM

Many thanks for all your help - appreciated.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:16 PM

Posted 26 July 2012 - 06:20 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users