Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infomash got me.


  • Please log in to reply
22 replies to this topic

#1 cannesdo

cannesdo

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 06:54 PM

I've been working on this for 10 hrs. I've uninstalled everything since July 29 when I think I was hit, including Norton which has been infiltrated and has been sending me panicky messages for days now. I'm "running as administrator to keep it at bay and "rkill" has been stopping it in it's tracks after restart. Every time I run rkill it says everything is fine with the exception of:


Checking for processes to terminate.

* C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (PID: 1748) [AU-HEUR]

1 proccess terminated!

I tried to uninstall freemake and nothing happens.

I use my computer for work and really can't afford a repair person right now but will definitely donate what I can if someone can help me root this thing out.

I'm running Windows 7. Getting browser hijacked on IE and Firefox, the only two browsers I use.

Thanks so much!

Jen

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 06:58 PM

Hello Jen and welcome!
I moved this to the Am I Infected forum.

Please rerun RKIll and imeediately..
Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


EDIT..
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by boopme, 20 August 2012 - 07:01 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 07:32 PM

Thank so much! Ok, here's the log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.21.01

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Jen :: JEN-VAIO [administrator]

Protection: Enabled

8/20/2012 6:23:34 PM
mbam-log-2012-08-20 (18-23-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218211
Time elapsed: 3 minute(s), 17 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 4208 -> Delete on reboot.

Memory Modules Detected: 1
C:\Users\Jen\AppData\Local\IAC\Google\mwhrw.dll (Trojan.Agent.FakeSEC) -> Delete on reboot.

Registry Keys Detected: 21
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr (PUP.FunMoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google (Trojan.Agent.FakeSEC) -> Data: rundll32.exe "C:\Users\Jen\AppData\Local\IAC\Google\mwhrw.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
C:\Users\Jen\AppData\Local\IAC\Google\mwhrw.dll (Trojan.Agent.FakeSEC) -> Delete on reboot.
C:\Windows\Installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\n (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\Jen\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Jen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Jen\AppData\Local\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Users\Jen\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

I'm going to restart now and come back and look at the rest of the instructions.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 07:42 PM

Good Rkill only stops certain malwares so that a tool like MBAM can remove them.


After seeing something in that log..I want add this.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 07:49 PM

When restarting it caught 3 things (I think) trying to launch and I quarantined them. Didn't realize there were three different ones at first, only wrote down one: svchost.exe. The hijacking wasn't happening after that but evidently something still lurking. I'll do what you recommend above now...

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 07:53 PM

Ok, good work after the Mini and TDSS
Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select FULL scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 07:55 PM

3 things found, 2 cured, requesting reboot. Doing that now:


18:52:46.0056 0956 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
18:52:48.0068 0956 ============================================================
18:52:48.0068 0956 Current date / time: 2012/08/20 18:52:48.0068
18:52:48.0068 0956 SystemInfo:
18:52:48.0068 0956
18:52:48.0068 0956 OS Version: 6.1.7600 ServicePack: 0.0
18:52:48.0068 0956 Product type: Workstation
18:52:48.0068 0956 ComputerName: JEN-VAIO
18:52:48.0068 0956 UserName: Jen
18:52:48.0068 0956 Windows directory: C:\Windows
18:52:48.0068 0956 System windows directory: C:\Windows
18:52:48.0068 0956 Running under WOW64
18:52:48.0068 0956 Processor architecture: Intel x64
18:52:48.0068 0956 Number of processors: 4
18:52:48.0068 0956 Page size: 0x1000
18:52:48.0068 0956 Boot type: Normal boot
18:52:48.0068 0956 ============================================================
18:52:48.0614 0956 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:52:48.0630 0956 ============================================================
18:52:48.0630 0956 \Device\Harddisk0\DR0:
18:52:48.0630 0956 MBR partitions:
18:52:48.0630 0956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x151F800, BlocksNum 0x32000
18:52:48.0630 0956 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1551800, BlocksNum 0x38E34000
18:52:48.0630 0956 ============================================================
18:52:48.0646 0956 C: <-> \Device\Harddisk0\DR0\Partition2
18:52:48.0646 0956 ============================================================
18:52:48.0646 0956 Initialize success
18:52:48.0646 0956 ============================================================
18:53:17.0849 1728 ============================================================
18:53:17.0849 1728 Scan started
18:53:17.0849 1728 Mode: Manual; TDLFS;
18:53:17.0849 1728 ============================================================
18:53:19.0034 1728 ================ Scan system memory ========================
18:53:19.0034 1728 System memory - ok
18:53:19.0034 1728 ================ Scan services =============================
18:53:19.0222 1728 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:53:19.0237 1728 1394ohci - ok
18:53:19.0315 1728 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:53:19.0315 1728 ACDaemon - ok
18:53:19.0362 1728 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:53:19.0362 1728 ACPI - ok
18:53:19.0393 1728 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:53:19.0393 1728 AcpiPmi - ok
18:53:19.0502 1728 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
18:53:19.0502 1728 AdobeActiveFileMonitor10.0 - ok
18:53:19.0549 1728 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:53:19.0565 1728 adp94xx - ok
18:53:19.0612 1728 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:53:19.0627 1728 adpahci - ok
18:53:19.0643 1728 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:53:19.0643 1728 adpu320 - ok
18:53:19.0674 1728 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:53:19.0674 1728 AeLookupSvc - ok
18:53:19.0721 1728 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
18:53:19.0736 1728 AFD - ok
18:53:19.0783 1728 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:53:19.0783 1728 agp440 - ok
18:53:19.0799 1728 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:53:19.0799 1728 ALG - ok
18:53:19.0830 1728 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:53:19.0830 1728 aliide - ok
18:53:19.0846 1728 [ 27429A457FCA8F50923863A965FE0C6C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:53:19.0861 1728 AMD External Events Utility - ok
18:53:19.0877 1728 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:53:19.0877 1728 amdide - ok
18:53:19.0892 1728 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:53:19.0892 1728 AmdK8 - ok
18:53:19.0908 1728 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:53:19.0908 1728 AmdPPM - ok
18:53:19.0939 1728 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:53:19.0955 1728 amdsata - ok
18:53:19.0955 1728 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:53:19.0970 1728 amdsbs - ok
18:53:19.0986 1728 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:53:19.0986 1728 amdxata - ok
18:53:20.0017 1728 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:53:20.0017 1728 ApfiltrService - ok
18:53:20.0048 1728 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
18:53:20.0048 1728 AppID - ok
18:53:20.0080 1728 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:53:20.0080 1728 AppIDSvc - ok
18:53:20.0095 1728 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
18:53:20.0095 1728 Appinfo - ok
18:53:20.0189 1728 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:53:20.0204 1728 Apple Mobile Device - ok
18:53:20.0220 1728 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:53:20.0220 1728 arc - ok
18:53:20.0251 1728 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:53:20.0251 1728 arcsas - ok
18:53:20.0282 1728 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:53:20.0282 1728 ArcSoftKsUFilter - ok
18:53:20.0298 1728 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:53:20.0298 1728 AsyncMac - ok
18:53:20.0314 1728 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:53:20.0314 1728 atapi - ok
18:53:20.0407 1728 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:53:20.0485 1728 athr - ok
18:53:20.0688 1728 [ EAEA2CE49DE0CCA80BEB9134107E5DD7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:20.0828 1728 atikmdag - ok
18:53:20.0875 1728 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:53:20.0891 1728 AudioEndpointBuilder - ok
18:53:20.0922 1728 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:53:20.0922 1728 AudioSrv - ok
18:53:20.0953 1728 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:53:20.0953 1728 AxInstSV - ok
18:53:21.0000 1728 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:53:21.0016 1728 b06bdrv - ok
18:53:21.0062 1728 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:53:21.0062 1728 b57nd60a - ok
18:53:21.0109 1728 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:53:21.0125 1728 BDESVC - ok
18:53:21.0140 1728 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:53:21.0140 1728 Beep - ok
18:53:21.0234 1728 BHDrvx64 - ok
18:53:21.0281 1728 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:53:21.0281 1728 blbdrive - ok
18:53:21.0406 1728 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:53:21.0406 1728 Bonjour Service - ok
18:53:21.0452 1728 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:53:21.0452 1728 bowser - ok
18:53:21.0484 1728 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:53:21.0484 1728 BrFiltLo - ok
18:53:21.0499 1728 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:53:21.0499 1728 BrFiltUp - ok
18:53:21.0546 1728 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
18:53:21.0546 1728 Browser - ok
18:53:21.0562 1728 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:53:21.0577 1728 Brserid - ok
18:53:21.0593 1728 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:53:21.0593 1728 BrSerWdm - ok
18:53:21.0608 1728 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:53:21.0608 1728 BrUsbMdm - ok
18:53:21.0624 1728 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:53:21.0624 1728 BrUsbSer - ok
18:53:21.0671 1728 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:53:21.0671 1728 BthEnum - ok
18:53:21.0686 1728 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:53:21.0686 1728 BTHMODEM - ok
18:53:21.0702 1728 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:53:21.0718 1728 BthPan - ok
18:53:21.0764 1728 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:53:21.0780 1728 BTHPORT - ok
18:53:21.0827 1728 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:53:21.0827 1728 bthserv - ok
18:53:21.0858 1728 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:53:21.0874 1728 BTHUSB - ok
18:53:21.0920 1728 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
18:53:21.0920 1728 btwampfl - ok
18:53:21.0967 1728 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:53:21.0967 1728 btwaudio - ok
18:53:21.0967 1728 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:53:21.0983 1728 btwavdt - ok
18:53:22.0061 1728 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:53:22.0061 1728 btwdins - ok
18:53:22.0092 1728 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:53:22.0092 1728 btwl2cap - ok
18:53:22.0108 1728 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:53:22.0108 1728 btwrchid - ok
18:53:22.0154 1728 ccSet_NAV - ok
18:53:22.0170 1728 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:53:22.0170 1728 cdfs - ok
18:53:22.0217 1728 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:53:22.0217 1728 cdrom - ok
18:53:22.0264 1728 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
18:53:22.0279 1728 CertPropSvc - ok
18:53:22.0295 1728 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:53:22.0310 1728 circlass - ok
18:53:22.0326 1728 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:53:22.0342 1728 CLFS - ok
18:53:22.0404 1728 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:22.0404 1728 clr_optimization_v2.0.50727_32 - ok
18:53:22.0451 1728 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:53:22.0451 1728 clr_optimization_v2.0.50727_64 - ok
18:53:22.0576 1728 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:53:22.0576 1728 clr_optimization_v4.0.30319_32 - ok
18:53:22.0638 1728 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:53:22.0638 1728 clr_optimization_v4.0.30319_64 - ok
18:53:22.0669 1728 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:53:22.0669 1728 CmBatt - ok
18:53:22.0685 1728 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:53:22.0685 1728 cmdide - ok
18:53:22.0747 1728 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
18:53:22.0763 1728 CNG - ok
18:53:22.0778 1728 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:53:22.0778 1728 Compbatt - ok
18:53:22.0810 1728 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:53:22.0810 1728 CompositeBus - ok
18:53:22.0888 1728 COMSysApp - ok
18:53:22.0919 1728 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:53:22.0919 1728 crcdisk - ok
18:53:22.0966 1728 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:53:22.0981 1728 CryptSvc - ok
18:53:23.0090 1728 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:53:23.0106 1728 cvhsvc - ok
18:53:23.0137 1728 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:53:23.0153 1728 DcomLaunch - ok
18:53:23.0184 1728 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:53:23.0184 1728 defragsvc - ok
18:53:23.0231 1728 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:53:23.0231 1728 DfsC - ok
18:53:23.0278 1728 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
18:53:23.0278 1728 Dhcp - ok
18:53:23.0324 1728 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:53:23.0324 1728 discache - ok
18:53:23.0356 1728 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:53:23.0371 1728 Disk - ok
18:53:23.0418 1728 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:53:23.0418 1728 Dnscache - ok
18:53:23.0449 1728 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
18:53:23.0465 1728 dot3svc - ok
18:53:23.0480 1728 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
18:53:23.0496 1728 DPS - ok
18:53:23.0527 1728 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:53:23.0527 1728 drmkaud - ok
18:53:23.0574 1728 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:53:23.0590 1728 DXGKrnl - ok
18:53:23.0621 1728 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:53:23.0621 1728 EapHost - ok
18:53:23.0699 1728 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:53:23.0792 1728 ebdrv - ok
18:53:23.0839 1728 eeCtrl - ok
18:53:23.0902 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
18:53:23.0902 1728 EFS - ok
18:53:23.0964 1728 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:53:23.0980 1728 ehRecvr - ok
18:53:23.0995 1728 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:53:24.0011 1728 ehSched - ok
18:53:24.0042 1728 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:53:24.0058 1728 elxstor - ok
18:53:24.0089 1728 EraserUtilRebootDrv - ok
18:53:24.0104 1728 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:53:24.0104 1728 ErrDev - ok
18:53:24.0136 1728 esgiguard - ok
18:53:24.0167 1728 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:53:24.0167 1728 EventSystem - ok
18:53:24.0198 1728 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:53:24.0198 1728 exfat - ok
18:53:24.0245 1728 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:53:24.0245 1728 fastfat - ok
18:53:24.0292 1728 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
18:53:24.0307 1728 Fax - ok
18:53:24.0338 1728 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:53:24.0338 1728 fdc - ok
18:53:24.0370 1728 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:53:24.0370 1728 fdPHost - ok
18:53:24.0385 1728 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:53:24.0385 1728 FDResPub - ok
18:53:24.0432 1728 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:53:24.0432 1728 FileInfo - ok
18:53:24.0432 1728 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:53:24.0448 1728 Filetrace - ok
18:53:24.0463 1728 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:53:24.0463 1728 flpydisk - ok
18:53:24.0588 1728 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:53:24.0604 1728 FltMgr - ok
18:53:24.0666 1728 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
18:53:24.0697 1728 FontCache - ok
18:53:24.0744 1728 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:24.0744 1728 FontCache3.0.0.0 - ok
18:53:24.0775 1728 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:53:24.0775 1728 FsDepends - ok
18:53:24.0806 1728 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:53:24.0806 1728 fssfltr - ok
18:53:24.0884 1728 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:53:24.0931 1728 fsssvc - ok
18:53:24.0962 1728 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:53:24.0962 1728 Fs_Rec - ok
18:53:25.0025 1728 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:53:25.0025 1728 fvevol - ok
18:53:25.0056 1728 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:53:25.0056 1728 gagp30kx - ok
18:53:25.0118 1728 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:53:25.0118 1728 GEARAspiWDM - ok
18:53:25.0165 1728 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
18:53:25.0196 1728 gpsvc - ok
18:53:25.0259 1728 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:53:25.0259 1728 gusvc - ok
18:53:25.0290 1728 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:53:25.0290 1728 hcw85cir - ok
18:53:25.0321 1728 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:53:25.0321 1728 HdAudAddService - ok
18:53:25.0368 1728 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:53:25.0368 1728 HDAudBus - ok
18:53:25.0399 1728 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:53:25.0399 1728 HECIx64 - ok
18:53:25.0430 1728 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:53:25.0430 1728 HidBatt - ok
18:53:25.0462 1728 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:53:25.0462 1728 HidBth - ok
18:53:25.0493 1728 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:53:25.0493 1728 HidIr - ok
18:53:25.0508 1728 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:53:25.0524 1728 hidserv - ok
18:53:25.0555 1728 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:53:25.0555 1728 HidUsb - ok
18:53:25.0571 1728 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:53:25.0571 1728 hkmsvc - ok
18:53:25.0602 1728 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:53:25.0602 1728 HomeGroupListener - ok
18:53:25.0649 1728 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:53:25.0649 1728 HomeGroupProvider - ok
18:53:25.0680 1728 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:53:25.0680 1728 HpSAMD - ok
18:53:25.0727 1728 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:53:25.0742 1728 HTTP - ok
18:53:25.0758 1728 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:53:25.0758 1728 hwpolicy - ok
18:53:25.0774 1728 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:53:25.0774 1728 i8042prt - ok
18:53:25.0820 1728 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:53:25.0820 1728 iaStor - ok
18:53:25.0898 1728 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:53:25.0898 1728 IAStorDataMgrSvc - ok
18:53:25.0930 1728 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:53:25.0930 1728 iaStorV - ok
18:53:25.0992 1728 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:26.0023 1728 idsvc - ok
18:53:26.0023 1728 IDSVia64 - ok
18:53:26.0288 1728 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:53:26.0507 1728 igfx - ok
18:53:26.0554 1728 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:53:26.0554 1728 iirsp - ok
18:53:26.0600 1728 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
18:53:26.0632 1728 IKEEXT - ok
18:53:26.0663 1728 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
18:53:26.0678 1728 Impcd - ok
18:53:26.0772 1728 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:53:26.0788 1728 IntcAzAudAddService - ok
18:53:26.0819 1728 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:53:26.0819 1728 IntcDAud - ok
18:53:26.0850 1728 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:53:26.0850 1728 intelide - ok
18:53:26.0881 1728 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:53:26.0881 1728 intelppm - ok
18:53:26.0912 1728 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:53:26.0912 1728 IPBusEnum - ok
18:53:26.0928 1728 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:26.0928 1728 IpFilterDriver - ok
18:53:26.0959 1728 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:53:26.0959 1728 IPMIDRV - ok
18:53:26.0990 1728 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:53:26.0990 1728 IPNAT - ok
18:53:27.0068 1728 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:53:27.0068 1728 iPod Service - ok
18:53:27.0115 1728 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:53:27.0115 1728 IRENUM - ok
18:53:27.0131 1728 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:53:27.0131 1728 isapnp - ok
18:53:27.0146 1728 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:53:27.0146 1728 iScsiPrt - ok
18:53:27.0162 1728 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:53:27.0162 1728 kbdclass - ok
18:53:27.0193 1728 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:53:27.0193 1728 kbdhid - ok
18:53:27.0209 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
18:53:27.0209 1728 KeyIso - ok
18:53:27.0240 1728 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:53:27.0240 1728 KSecDD - ok
18:53:27.0271 1728 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:53:27.0271 1728 KSecPkg - ok
18:53:27.0287 1728 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:53:27.0287 1728 ksthunk - ok
18:53:27.0318 1728 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:53:27.0334 1728 KtmRm - ok
18:53:27.0365 1728 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:53:27.0380 1728 LanmanServer - ok
18:53:27.0412 1728 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:27.0412 1728 LanmanWorkstation - ok
18:53:27.0443 1728 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:53:27.0443 1728 lltdio - ok
18:53:27.0490 1728 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:53:27.0505 1728 lltdsvc - ok
18:53:27.0521 1728 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:53:27.0521 1728 lmhosts - ok
18:53:27.0614 1728 [ 3D23191672D83E90D1CF63927EE98136 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:53:27.0614 1728 LMS - ok
18:53:27.0646 1728 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:53:27.0646 1728 LSI_FC - ok
18:53:27.0661 1728 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:53:27.0661 1728 LSI_SAS - ok
18:53:27.0677 1728 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:53:27.0677 1728 LSI_SAS2 - ok
18:53:27.0692 1728 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:53:27.0692 1728 LSI_SCSI - ok
18:53:27.0724 1728 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:53:27.0724 1728 luafv - ok
18:53:27.0770 1728 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:53:27.0770 1728 MBAMProtector - ok
18:53:27.0833 1728 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:27.0848 1728 MBAMService - ok
18:53:27.0895 1728 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:53:27.0895 1728 Mcx2Svc - ok
18:53:27.0926 1728 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:53:27.0926 1728 megasas - ok
18:53:27.0958 1728 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:53:27.0958 1728 MegaSR - ok
18:53:27.0973 1728 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:53:27.0989 1728 MMCSS - ok
18:53:27.0989 1728 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:53:28.0004 1728 Modem - ok
18:53:28.0020 1728 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:53:28.0020 1728 monitor - ok
18:53:28.0051 1728 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:53:28.0051 1728 mouclass - ok
18:53:28.0082 1728 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:53:28.0082 1728 mouhid - ok
18:53:28.0114 1728 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:53:28.0114 1728 mountmgr - ok
18:53:28.0176 1728 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:53:28.0176 1728 MozillaMaintenance - ok
18:53:28.0207 1728 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\drivers\mpio.sys
18:53:28.0207 1728 mpio - ok
18:53:28.0238 1728 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:53:28.0238 1728 mpsdrv - ok
18:53:28.0254 1728 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:53:28.0270 1728 MRxDAV - ok
18:53:28.0301 1728 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:28.0316 1728 mrxsmb - ok
18:53:28.0348 1728 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:28.0363 1728 mrxsmb10 - ok
18:53:28.0379 1728 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:28.0394 1728 mrxsmb20 - ok
18:53:28.0426 1728 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\drivers\msahci.sys
18:53:28.0426 1728 msahci - ok
18:53:28.0441 1728 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:53:28.0441 1728 msdsm - ok
18:53:28.0519 1728 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:53:28.0519 1728 MSDTC - ok
18:53:28.0550 1728 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:53:28.0550 1728 Msfs - ok
18:53:28.0582 1728 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:53:28.0582 1728 mshidkmdf - ok
18:53:28.0597 1728 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:53:28.0597 1728 msisadrv - ok
18:53:28.0613 1728 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:53:28.0628 1728 MSiSCSI - ok
18:53:28.0628 1728 msiserver - ok
18:53:28.0660 1728 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:53:28.0660 1728 MSKSSRV - ok
18:53:28.0691 1728 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:53:28.0691 1728 MSPCLOCK - ok
18:53:28.0691 1728 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:53:28.0691 1728 MSPQM - ok
18:53:28.0722 1728 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:53:28.0722 1728 MsRPC - ok
18:53:28.0738 1728 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:53:28.0738 1728 mssmbios - ok
18:53:28.0769 1728 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:53:28.0784 1728 MSTEE - ok
18:53:28.0800 1728 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:53:28.0800 1728 MTConfig - ok
18:53:28.0816 1728 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:53:28.0816 1728 Mup - ok
18:53:28.0847 1728 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
18:53:28.0862 1728 napagent - ok
18:53:28.0909 1728 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:53:28.0909 1728 NativeWifiP - ok
18:53:29.0003 1728 NAV - ok
18:53:29.0003 1728 NAVENG - ok
18:53:29.0003 1728 NAVEX15 - ok
18:53:29.0065 1728 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:53:29.0096 1728 NDIS - ok
18:53:29.0128 1728 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:53:29.0128 1728 NdisCap - ok
18:53:29.0143 1728 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:53:29.0143 1728 NdisTapi - ok
18:53:29.0159 1728 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:53:29.0174 1728 Ndisuio - ok
18:53:29.0190 1728 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:53:29.0190 1728 NdisWan - ok
18:53:29.0206 1728 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:53:29.0206 1728 NDProxy - ok
18:53:29.0221 1728 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:53:29.0221 1728 NetBIOS - ok
18:53:29.0237 1728 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:53:29.0237 1728 NetBT - ok
18:53:29.0268 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
18:53:29.0268 1728 Netlogon - ok
18:53:29.0299 1728 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:53:29.0299 1728 Netman - ok
18:53:29.0315 1728 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:53:29.0330 1728 netprofm - ok
18:53:29.0346 1728 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:53:29.0346 1728 NetTcpPortSharing - ok
18:53:29.0377 1728 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:53:29.0377 1728 nfrd960 - ok
18:53:29.0408 1728 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:53:29.0408 1728 NlaSvc - ok
18:53:29.0424 1728 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:53:29.0424 1728 Npfs - ok
18:53:29.0424 1728 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:53:29.0440 1728 nsi - ok
18:53:29.0455 1728 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:53:29.0455 1728 nsiproxy - ok
18:53:29.0518 1728 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:53:29.0564 1728 Ntfs - ok
18:53:29.0580 1728 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:53:29.0580 1728 Null - ok
18:53:29.0611 1728 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:53:29.0611 1728 nvraid - ok
18:53:29.0627 1728 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:53:29.0627 1728 nvstor - ok
18:53:29.0642 1728 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:53:29.0658 1728 nv_agp - ok
18:53:29.0689 1728 [ 17BCF5DF3C54DCF2AF2E164EB84A0169 ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
18:53:29.0705 1728 NWADI - ok
18:53:29.0752 1728 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBModem C:\Windows\system32\DRIVERS\nwusbmdm.sys
18:53:29.0752 1728 NWUSBModem - ok
18:53:29.0783 1728 [ A3FADCF96ABF4803E7A946CD48641AC3 ] NWUSBPort C:\Windows\system32\DRIVERS\nwusbser.sys
18:53:29.0783 1728 NWUSBPort - ok
18:53:29.0861 1728 [ 07571684567859DA796A566CC78FFA74 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
18:53:29.0861 1728 Oasis2Service - ok
18:53:29.0892 1728 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:53:29.0892 1728 ohci1394 - ok
18:53:29.0954 1728 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:29.0954 1728 ose - ok
18:53:30.0110 1728 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:53:30.0235 1728 osppsvc - ok
18:53:30.0329 1728 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:53:30.0344 1728 p2pimsvc - ok
18:53:30.0422 1728 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:53:30.0438 1728 p2psvc - ok
18:53:30.0469 1728 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:53:30.0485 1728 Parport - ok
18:53:30.0547 1728 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:53:30.0547 1728 partmgr - ok
18:53:30.0578 1728 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:53:30.0578 1728 PcaSvc - ok
18:53:30.0703 1728 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\drivers\pci.sys
18:53:30.0719 1728 pci - ok
18:53:30.0719 1728 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:53:30.0719 1728 pciide - ok
18:53:30.0750 1728 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:53:30.0766 1728 pcmcia - ok
18:53:30.0766 1728 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:53:30.0781 1728 pcw - ok
18:53:30.0797 1728 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:53:30.0812 1728 PEAUTH - ok
18:53:30.0922 1728 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:53:30.0922 1728 PerfHost - ok
18:53:31.0000 1728 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
18:53:31.0046 1728 pla - ok
18:53:31.0093 1728 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:53:31.0109 1728 PlugPlay - ok
18:53:31.0171 1728 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:53:31.0187 1728 PMBDeviceInfoProvider - ok
18:53:31.0218 1728 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:53:31.0218 1728 PNRPAutoReg - ok
18:53:31.0249 1728 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:53:31.0249 1728 PNRPsvc - ok
18:53:31.0296 1728 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:53:31.0312 1728 PolicyAgent - ok
18:53:31.0358 1728 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:53:31.0358 1728 Power - ok
18:53:31.0405 1728 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:53:31.0405 1728 PptpMiniport - ok
18:53:31.0421 1728 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:53:31.0421 1728 Processor - ok
18:53:31.0468 1728 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
18:53:31.0468 1728 ProfSvc - ok
18:53:31.0483 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:53:31.0483 1728 ProtectedStorage - ok
18:53:31.0530 1728 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:53:31.0530 1728 Psched - ok
18:53:31.0561 1728 [ BCCEA08C45BEA866FFD2AF32D23611B5 ] PTDUBus C:\Windows\system32\DRIVERS\PTDUBus.sys
18:53:31.0561 1728 PTDUBus - ok
18:53:31.0608 1728 [ F94A0753921E97CEBB9002682097149A ] PTDUMdm C:\Windows\system32\DRIVERS\PTDUMdm.sys
18:53:31.0608 1728 PTDUMdm - ok
18:53:31.0670 1728 [ AC70CDAE9E26D26EF6F41C3C23087AAE ] PTDUVsp C:\Windows\system32\DRIVERS\PTDUVsp.sys
18:53:31.0670 1728 PTDUVsp - ok
18:53:31.0702 1728 [ 1D2BD34A8E5C9EFD75085AF598A7D9B4 ] PTDUWFLT C:\Windows\system32\DRIVERS\PTDUWFLT.sys
18:53:31.0702 1728 PTDUWFLT - ok
18:53:31.0733 1728 [ 3D47D2AE93FDF671C3C997B2FAC4E13F ] PTDUWWAN C:\Windows\system32\DRIVERS\PTDUWWAN.sys
18:53:31.0748 1728 PTDUWWAN - ok
18:53:31.0796 1728 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:53:31.0796 1728 PxHlpa64 - ok
18:53:31.0843 1728 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:53:31.0874 1728 ql2300 - ok
18:53:31.0905 1728 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:53:31.0905 1728 ql40xx - ok
18:53:31.0952 1728 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:53:31.0952 1728 QWAVE - ok
18:53:31.0968 1728 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:53:31.0983 1728 QWAVEdrv - ok
18:53:31.0983 1728 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:53:31.0983 1728 RasAcd - ok
18:53:32.0015 1728 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:53:32.0030 1728 RasAgileVpn - ok
18:53:32.0061 1728 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:53:32.0061 1728 RasAuto - ok
18:53:32.0077 1728 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:32.0077 1728 Rasl2tp - ok
18:53:32.0093 1728 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
18:53:32.0108 1728 RasMan - ok
18:53:32.0124 1728 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:32.0139 1728 RasPppoe - ok
18:53:32.0139 1728 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:53:32.0139 1728 RasSstp - ok
18:53:32.0186 1728 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:53:32.0186 1728 rdbss - ok
18:53:32.0202 1728 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:53:32.0217 1728 rdpbus - ok
18:53:32.0233 1728 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:32.0233 1728 RDPCDD - ok
18:53:32.0249 1728 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:53:32.0264 1728 RDPENCDD - ok
18:53:32.0280 1728 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:53:32.0280 1728 RDPREFMP - ok
18:53:32.0311 1728 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:53:32.0327 1728 RDPWD - ok
18:53:32.0358 1728 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:53:32.0373 1728 rdyboost - ok
18:53:32.0405 1728 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:53:32.0420 1728 RemoteAccess - ok
18:53:32.0451 1728 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:53:32.0467 1728 RemoteRegistry - ok
18:53:32.0561 1728 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:53:32.0561 1728 RFCOMM - ok
18:53:32.0592 1728 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
18:53:32.0607 1728 rimspci - ok
18:53:32.0639 1728 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
18:53:32.0639 1728 risdsnpe - ok
18:53:32.0670 1728 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:53:32.0670 1728 RpcEptMapper - ok
18:53:32.0701 1728 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:53:32.0701 1728 RpcLocator - ok
18:53:32.0732 1728 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
18:53:32.0732 1728 RpcSs - ok
18:53:32.0748 1728 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:53:32.0779 1728 rspndr - ok
18:53:32.0810 1728 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
18:53:32.0810 1728 RTHDMIAzAudService - ok
18:53:32.0841 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
18:53:32.0841 1728 SamSs - ok
18:53:32.0857 1728 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:53:32.0873 1728 sbp2port - ok
18:53:32.0888 1728 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:53:32.0904 1728 SCardSvr - ok
18:53:32.0919 1728 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:53:32.0935 1728 scfilter - ok
18:53:33.0029 1728 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
18:53:33.0060 1728 Schedule - ok
18:53:33.0075 1728 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:53:33.0075 1728 SCPolicySvc - ok
18:53:33.0122 1728 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:53:33.0122 1728 sdbus - ok
18:53:33.0153 1728 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:53:33.0153 1728 SDRSVC - ok
18:53:33.0185 1728 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:53:33.0185 1728 secdrv - ok
18:53:33.0200 1728 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
18:53:33.0200 1728 seclogon - ok
18:53:33.0216 1728 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:53:33.0216 1728 SENS - ok
18:53:33.0231 1728 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:53:33.0231 1728 SensrSvc - ok
18:53:33.0247 1728 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:53:33.0247 1728 Serenum - ok
18:53:33.0263 1728 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:53:33.0263 1728 Serial - ok
18:53:33.0278 1728 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:53:33.0278 1728 sermouse - ok
18:53:33.0294 1728 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
18:53:33.0294 1728 SessionEnv - ok
18:53:33.0325 1728 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
18:53:33.0341 1728 SFEP - ok
18:53:33.0356 1728 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:53:33.0356 1728 sffdisk - ok
18:53:33.0356 1728 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:53:33.0372 1728 sffp_mmc - ok
18:53:33.0372 1728 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:53:33.0372 1728 sffp_sd - ok
18:53:33.0387 1728 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:53:33.0387 1728 sfloppy - ok
18:53:33.0434 1728 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:53:33.0434 1728 Sftfs - ok
18:53:33.0512 1728 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:53:33.0528 1728 sftlist - ok
18:53:33.0543 1728 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:53:33.0559 1728 Sftplay - ok
18:53:33.0559 1728 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:53:33.0559 1728 Sftredir - ok
18:53:33.0590 1728 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:53:33.0590 1728 Sftvol - ok
18:53:33.0606 1728 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:53:33.0606 1728 sftvsa - ok
18:53:33.0653 1728 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:53:33.0653 1728 ShellHWDetection - ok
18:53:33.0684 1728 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:53:33.0684 1728 SiSRaid2 - ok
18:53:33.0715 1728 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:53:33.0715 1728 SiSRaid4 - ok
18:53:33.0746 1728 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:53:33.0762 1728 Smb - ok
18:53:33.0840 1728 [ B5D3C24E4EA8E6D4850E83DAD8C510D4 ] SMSIVZAM5X64 C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS
18:53:33.0840 1728 SMSIVZAM5X64 - ok
18:53:33.0887 1728 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:53:33.0887 1728 SNMPTRAP - ok
18:53:33.0949 1728 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:53:33.0965 1728 SOHCImp - ok
18:53:33.0996 1728 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
18:53:33.0996 1728 SOHDms - ok
18:53:34.0011 1728 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:53:34.0011 1728 SOHDs - ok
18:53:34.0074 1728 [ 5449FC97476F52E027409E703791E6A9 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
18:53:34.0074 1728 SpfService - ok
18:53:34.0089 1728 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:53:34.0089 1728 spldr - ok
18:53:34.0136 1728 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
18:53:34.0152 1728 Spooler - ok
18:53:34.0245 1728 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
18:53:34.0355 1728 sppsvc - ok
18:53:34.0386 1728 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:53:34.0386 1728 sppuinotify - ok
18:53:34.0401 1728 SRTSP - ok
18:53:34.0401 1728 SRTSPX - ok
18:53:34.0448 1728 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:53:34.0464 1728 srv - ok
18:53:34.0511 1728 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:53:34.0511 1728 srv2 - ok
18:53:34.0542 1728 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:53:34.0557 1728 srvnet - ok
18:53:34.0620 1728 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:53:34.0620 1728 SSDPSRV - ok
18:53:34.0635 1728 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:53:34.0651 1728 SstpSvc - ok
18:53:34.0667 1728 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:53:34.0667 1728 stexstor - ok
18:53:34.0698 1728 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
18:53:34.0713 1728 stisvc - ok
18:53:34.0745 1728 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:53:34.0745 1728 swenum - ok
18:53:34.0760 1728 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:53:34.0776 1728 swprv - ok
18:53:34.0791 1728 SymDS - ok
18:53:34.0791 1728 SymEFA - ok
18:53:34.0807 1728 SymIRON - ok
18:53:34.0807 1728 SymNetS - ok
18:53:34.0869 1728 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
18:53:34.0916 1728 SysMain - ok
18:53:34.0979 1728 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:53:34.0979 1728 TabletInputService - ok
18:53:35.0025 1728 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
18:53:35.0025 1728 TapiSrv - ok
18:53:35.0057 1728 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:53:35.0057 1728 TBS - ok
18:53:35.0135 1728 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:53:35.0213 1728 Tcpip - ok
18:53:35.0275 1728 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:53:35.0291 1728 TCPIP6 - ok
18:53:35.0306 1728 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:53:35.0306 1728 tcpipreg - ok
18:53:35.0337 1728 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:53:35.0337 1728 TDPIPE - ok
18:53:35.0369 1728 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:53:35.0369 1728 TDTCP - ok
18:53:35.0384 1728 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:53:35.0384 1728 tdx - ok
18:53:35.0415 1728 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:53:35.0415 1728 TermDD - ok
18:53:35.0447 1728 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
18:53:35.0462 1728 TermService - ok
18:53:35.0478 1728 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:53:35.0493 1728 Themes - ok
18:53:35.0509 1728 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:53:35.0525 1728 THREADORDER - ok
18:53:35.0525 1728 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:53:35.0540 1728 TrkWks - ok
18:53:35.0587 1728 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:53:35.0587 1728 TrustedInstaller - ok
18:53:35.0603 1728 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:53:35.0603 1728 tssecsrv - ok
18:53:35.0650 1728 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:53:35.0650 1728 tunnel - ok
18:53:35.0681 1728 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:53:35.0681 1728 uagp35 - ok
18:53:35.0728 1728 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:53:35.0728 1728 uCamMonitor - ok
18:53:35.0759 1728 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:53:35.0759 1728 udfs - ok
18:53:35.0790 1728 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:53:35.0790 1728 UI0Detect - ok
18:53:35.0806 1728 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:53:35.0821 1728 uliagpkx - ok
18:53:35.0837 1728 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:53:35.0837 1728 umbus - ok
18:53:35.0868 1728 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:53:35.0868 1728 UmPass - ok
18:53:36.0086 1728 [ 11A559E0F10CC5E788984023DF400A6F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:53:36.0118 1728 UNS - ok
18:53:36.0149 1728 Updater Service for StartNow Toolbar - ok
18:53:36.0164 1728 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:53:36.0180 1728 upnphost - ok
18:53:36.0196 1728 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:53:36.0196 1728 usbccgp - ok
18:53:36.0242 1728 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:53:36.0242 1728 usbcir - ok
18:53:36.0258 1728 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:53:36.0258 1728 usbehci - ok
18:53:36.0305 1728 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:53:36.0305 1728 usbhub - ok
18:53:36.0320 1728 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:53:36.0320 1728 usbohci - ok
18:53:36.0320 1728 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:53:36.0336 1728 usbprint - ok
18:53:36.0352 1728 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:53:36.0352 1728 USBSTOR - ok
18:53:36.0367 1728 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:53:36.0367 1728 usbuhci - ok
18:53:36.0398 1728 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:53:36.0398 1728 usbvideo - ok
18:53:36.0430 1728 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:53:36.0445 1728 UxSms - ok
18:53:36.0539 1728 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:53:36.0539 1728 VAIO Event Service - ok
18:53:36.0617 1728 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:53:36.0632 1728 VAIO Power Management - ok
18:53:36.0632 1728 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
18:53:36.0648 1728 VaultSvc - ok
18:53:36.0710 1728 [ 6888526AEB8DDABDE6F778FD40FC0693 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:53:36.0726 1728 VCFw - ok
18:53:36.0773 1728 [ F0672B2368E859284A4C44AE2CCA4C72 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:53:36.0788 1728 VcmIAlzMgr - ok
18:53:36.0836 1728 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
18:53:36.0852 1728 VcmINSMgr - ok
18:53:36.0883 1728 [ C8E3BA694CC5EACEC4C01660ACE40D56 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:53:36.0883 1728 VcmXmlIfHelper - ok
18:53:36.0914 1728 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:53:36.0914 1728 vdrvroot - ok
18:53:36.0961 1728 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
18:53:36.0961 1728 vds - ok
18:53:36.0992 1728 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:53:36.0992 1728 vga - ok
18:53:37.0008 1728 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:53:37.0008 1728 VgaSave - ok
18:53:37.0023 1728 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:53:37.0023 1728 vhdmp - ok
18:53:37.0055 1728 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:53:37.0055 1728 viaide - ok
18:53:37.0070 1728 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:53:37.0070 1728 volmgr - ok
18:53:37.0086 1728 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:53:37.0101 1728 volmgrx - ok
18:53:37.0117 1728 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:53:37.0133 1728 volsnap - ok
18:53:37.0148 1728 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:53:37.0164 1728 vsmraid - ok
18:53:37.0226 1728 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
18:53:37.0273 1728 VSS - ok
18:53:37.0335 1728 [ E55A44D8F9F713D5F5D5BBAEF2BA0A34 ] VUAgent C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
18:53:37.0351 1728 VUAgent - ok
18:53:37.0367 1728 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:53:37.0367 1728 vwifibus - ok
18:53:37.0382 1728 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:53:37.0382 1728 vwififlt - ok
18:53:37.0413 1728 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:53:37.0413 1728 vwifimp - ok
18:53:37.0445 1728 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:53:37.0460 1728 W32Time - ok
18:53:37.0460 1728 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:53:37.0476 1728 WacomPen - ok
18:53:37.0507 1728 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:53:37.0507 1728 WANARP - ok
18:53:37.0507 1728 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:53:37.0507 1728 Wanarpv6 - ok
18:53:37.0585 1728 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:53:37.0632 1728 WatAdminSvc - ok
18:53:37.0694 1728 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
18:53:37.0741 1728 wbengine - ok
18:53:37.0772 1728 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:53:37.0772 1728 WbioSrvc - ok
18:53:37.0819 1728 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:53:37.0835 1728 wcncsvc - ok
18:53:37.0850 1728 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:53:37.0850 1728 WcsPlugInService - ok
18:53:37.0881 1728 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:53:37.0881 1728 Wd - ok
18:53:37.0913 1728 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:53:37.0928 1728 Wdf01000 - ok
18:53:37.0959 1728 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:53:37.0959 1728 WdiServiceHost - ok
18:53:37.0959 1728 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:53:37.0959 1728 WdiSystemHost - ok
18:53:37.0991 1728 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
18:53:38.0006 1728 WebClient - ok
18:53:38.0037 1728 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:53:38.0037 1728 Wecsvc - ok
18:53:38.0053 1728 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:53:38.0053 1728 wercplsupport - ok
18:53:38.0084 1728 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:53:38.0084 1728 WerSvc - ok
18:53:38.0115 1728 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:53:38.0115 1728 WfpLwf - ok
18:53:38.0131 1728 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:53:38.0131 1728 WIMMount - ok
18:53:38.0131 1728 WinHttpAutoProxySvc - ok
18:53:38.0193 1728 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:53:38.0193 1728 Winmgmt - ok
18:53:38.0271 1728 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
18:53:38.0334 1728 WinRM - ok
18:53:38.0396 1728 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:53:38.0427 1728 Wlansvc - ok
18:53:38.0459 1728 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:53:38.0459 1728 wlcrasvc - ok
18:53:38.0802 1728 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:53:38.0849 1728 wlidsvc - ok
18:53:38.0880 1728 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:53:38.0880 1728 WmiAcpi - ok
18:53:38.0911 1728 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:53:38.0927 1728 wmiApSrv - ok
18:53:38.0942 1728 WMPNetworkSvc - ok
18:53:38.0989 1728 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:53:38.0989 1728 WPCSvc - ok
18:53:39.0005 1728 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:53:39.0005 1728 WPDBusEnum - ok
18:53:39.0020 1728 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:53:39.0020 1728 ws2ifsl - ok
18:53:39.0020 1728 WSearch - ok
18:53:39.0051 1728 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:53:39.0051 1728 WudfPf - ok
18:53:39.0083 1728 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:53:39.0083 1728 WUDFRd - ok
18:53:39.0098 1728 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:53:39.0098 1728 wudfsvc - ok
18:53:39.0114 1728 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:53:39.0114 1728 WwanSvc - ok
18:53:39.0176 1728 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:53:39.0176 1728 yukonw7 - ok
18:53:39.0207 1728 ================ Scan global ===============================
18:53:39.0239 1728 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:53:39.0285 1728 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
18:53:39.0285 1728 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
18:53:39.0332 1728 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:53:39.0363 1728 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
18:53:39.0363 1728 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
18:53:39.0363 1728 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
18:53:39.0363 1728 ================ Scan MBR ==================================
18:53:39.0379 1728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:53:39.0379 1728 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:53:39.0441 1728 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:53:39.0441 1728 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:53:39.0597 1728 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:53:39.0597 1728 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:53:39.0597 1728 ================ Scan VBR ==================================
18:53:39.0597 1728 [ E67C00AE0847FBB8C89574940C8411CD ] \Device\Harddisk0\DR0\Partition1
18:53:39.0597 1728 \Device\Harddisk0\DR0\Partition1 - ok
18:53:39.0644 1728 [ DADC4CCA0601CB676543646BD506C448 ] \Device\Harddisk0\DR0\Partition2
18:53:39.0644 1728 \Device\Harddisk0\DR0\Partition2 - ok
18:53:39.0644 1728 ============================================================
18:53:39.0644 1728 Scan finished
18:53:39.0644 1728 ============================================================
18:53:39.0660 5540 Detected object count: 3
18:53:39.0660 5540 Actual detected object count: 3
18:54:17.0022 5540 C:\Windows\system32\services.exe - copied to quarantine
18:54:17.0349 5540 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
18:54:17.0349 5540 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
18:54:17.0365 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\@ - copied to quarantine
18:54:17.0365 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\L\00000004.@ - copied to quarantine
18:54:17.0365 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\00000004.@ - copied to quarantine
18:54:17.0381 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\00000008.@ - copied to quarantine
18:54:17.0381 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\000000cb.@ - copied to quarantine
18:54:17.0381 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000000.@ - copied to quarantine
18:54:17.0381 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000032.@ - copied to quarantine
18:54:17.0381 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000064.@ - copied to quarantine
18:54:25.0259 5540 Backup copy found, using it..
18:54:25.0368 5540 C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
18:54:25.0368 5540 C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\00000004.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\00000008.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\000000cb.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000000.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000032.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\installer\{76ce67c6-f849-1812-2ec7-4b53930f1ba4}\U\80000064.@ - will be deleted on reboot
18:54:25.0383 5540 C:\Windows\system32\services.exe - will be cured on reboot
18:54:25.0383 5540 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
18:54:26.0210 5540 \Device\Harddisk0\DR0\# - copied to quarantine
18:54:26.0226 5540 \Device\Harddisk0\DR0 - copied to quarantine
18:54:26.0319 5540 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:54:26.0319 5540 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:54:26.0335 5540 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
18:54:26.0351 5540 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
18:54:26.0382 5540 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:54:26.0397 5540 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:54:26.0397 5540 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:54:26.0397 5540 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:54:26.0397 5540 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:54:26.0397 5540 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:54:26.0413 5540 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:54:26.0413 5540 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:54:26.0413 5540 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:54:26.0413 5540 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:54:26.0444 5540 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:54:26.0444 5540 \Device\Harddisk0\DR0 - ok
18:54:26.0709 5540 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
18:54:26.0709 5540 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:54:26.0709 5540 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#8 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 08:03 PM

Upon restart nothing needing quarantined, just one message popping up that said, "Do you want to run this file?" File was by Kaspersky Lab in the Jen/AppData/Local/Temp file. Was that the scanner I just ran? Browser *not* hijacked!

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 08:08 PM

can you run it?

EDIT: still want Minitoolbox too.

Edited by boopme, 20 August 2012 - 08:09 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 09:15 PM

Sorry, had to go out for a bit. Back in an hour and i'll get the rest. When I got back there was another blocked attempt by sychost.exe which I quarantined. Should I restart and try to open the "do you want to run this file?" this time?

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 09:17 PM

Yes run that..
No problem I am a firm believer in RLCF..Real life comes first.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 09:51 PM

Just hate leaving you hanging when you've been kind enough to help me. :)

Here's the mini toolbox results:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Jen (administrator) on 20-08-2012 at 20:48:55
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
PANTECH UM175 WWAN Driver = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?& subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jen-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter Verizon Wireless - VZAccess:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Verizon Wireless - VZAccess
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 75.220.126.184(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 69.78.235.35
66.174.92.14
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PANTECH UM175 WWAN Driver
Physical Address. . . . . . . . . : 7A-80-20-00-02-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 4A-0F-6E-D5-BD-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 78-84-3C-CB-77-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-D5-BD-7C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{172F2F57-9B13-4095-8ADB-7D63B1ADE604}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{198F0C01-C53B-4763-8787-736C4B97C334}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9333E59E-9ECD-4301-A84B-E6E0ABF094E2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9D0D8ED9-7F1F-4928-9442-9E3790260EDD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F52F4261-D983-40EC-A9EB-F9C890ADCD56}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: 35.sub-69-78-235.myvzw.com
Address: 69.78.235.35

Name: google.com
Addresses: 2607:f8b0:4000:801::1005
74.125.227.102
74.125.227.97
74.125.227.98
74.125.227.105
74.125.227.110
74.125.227.99
74.125.227.96
74.125.227.103
74.125.227.100
74.125.227.104
74.125.227.101


Pinging google.com [74.125.227.35] with 32 bytes of data:
Reply from 74.125.227.35: bytes=32 time=235ms TTL=51
Reply from 74.125.227.35: bytes=32 time=132ms TTL=51

Ping statistics for 74.125.227.35:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 132ms, Maximum = 235ms, Average = 183ms
Server: 35.sub-69-78-235.myvzw.com
Address: 69.78.235.35

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=272ms TTL=45
Reply from 98.139.183.24: bytes=32 time=186ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 186ms, Maximum = 272ms, Average = 229ms
Server: 35.sub-69-78-235.myvzw.com
Address: 69.78.235.35

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
43...........................Verizon Wireless - VZAccess
18...7a 80 20 00 02 00 ......PANTECH UM175 WWAN Driver
15...4a 0f 6e d5 bd 7c ......Microsoft Virtual WiFi Miniport Adapter
12...78 84 3c cb 77 3b ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
11...4c 0f 6e d5 bd 7c ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 75.220.126.184 51
75.220.126.184 255.255.255.255 On-link 75.220.126.184 306
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 75.220.126.184 51
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 75.220.126.184 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 07:08:41 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/20/2012 06:57:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x00ffb3b0
Faulting process id: 0x1178
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:56:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x1728
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:55:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x17ec
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:54:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x1290
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:53:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x1458
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:52:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x011fb3b0
Faulting process id: 0x120c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:51:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x9ac
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:50:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x0001b3b0
Faulting process id: 0x1714
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (08/20/2012 06:49:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: 80000032.@_unloaded, version: 0.0.0.0, time stamp: 0x4fe23011
Exception code: 0xc0000005
Fault offset: 0x00beb3b0
Faulting process id: 0x5dc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (08/20/2012 06:58:41 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
ccSet_NAV
eeCtrl
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS

Error: (08/20/2012 06:58:30 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 06:58:30 PM) (Source: Service Control Manager) (User: )
Description: The Norton AntiVirus service failed to start due to the following error:
%%2

Error: (08/20/2012 06:58:30 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 06:58:23 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/20/2012 06:34:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
ccSet_NAV
eeCtrl
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS

Error: (08/20/2012 06:34:50 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 06:34:50 PM) (Source: Service Control Manager) (User: )
Description: The Norton AntiVirus service failed to start due to the following error:
%%2

Error: (08/20/2012 06:34:49 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/20/2012 06:34:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (08/20/2012 07:08:41 PM) (Source: CVHSVC)(User: )
Description: Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.

Error: (08/20/2012 06:57:07 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c000000500ffb3b0117801cd7f37e327aa42C:\Windows\SysWOW64\svchost.exe80000032.@20e27d64-eb2b-11e1-8aed-7a8020000200

Error: (08/20/2012 06:56:07 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b0172801cd7f37bf2c8729C:\Windows\SysWOW64\svchost.exe80000032.@fcf0dfcc-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:55:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b017ec01cd7f379b3148b2C:\Windows\SysWOW64\svchost.exe80000032.@d8ee7d34-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:54:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b0129001cd7f37772e172dC:\Windows\SysWOW64\svchost.exe80000032.@b4f26fd0-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:53:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b0145801cd7f375331bba7C:\Windows\SysWOW64\svchost.exe80000032.@90eef029-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:52:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c0000005011fb3b0120c01cd7f372f3204bfC:\Windows\SysWOW64\svchost.exe80000032.@6cf65d62-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:51:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b09ac01cd7f370b3f7cdbC:\Windows\SysWOW64\svchost.exe80000032.@48fa4ffd-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:50:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c00000050001b3b0171401cd7f36e73eacb6C:\Windows\SysWOW64\svchost.exe80000032.@2507c81a-eb2a-11e1-8aed-7a8020000200

Error: (08/20/2012 06:49:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc10080000032.@_unloaded0.0.0.04fe23011c000000500beb3b05dc01cd7f36c341e7b3C:\Windows\SysWOW64\svchost.exe80000032.@01017d96-eb2a-11e1-8aed-7a8020000200


=========================== Installed Programs ============================

Adobe AIR (Version: 3.0.0.4080)
Adobe Community Help (Version: 3.5.23)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.0.1.152)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.07)
Adobe Reader 9.3.2 (Version: 9.3.2)
Alps Pointing-device for VAIO
AML Free Registry Cleaner 4.23
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Audacity 1.3.14 (Unicode)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Core Implementation (Version: 2010.0209.16.306)
Catalyst Control Center Graphics Full Existing (Version: 2010.0209.16.306)
Catalyst Control Center Graphics Full New (Version: 2010.0209.16.306)
Catalyst Control Center Graphics Light (Version: 2010.0209.16.306)
Catalyst Control Center Graphics Previews Common (Version: 2010.0209.16.306)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (Version: 2010.0209.16.306)
Catalyst Control Center Localization All (Version: 2010.0209.16.306)
ccc-core-static (Version: 2010.0209.16.306)
ccc-utility64 (Version: 2010.0209.16.306)
CCC Help Chinese Standard (Version: 2010.0209.0015.306)
CCC Help Chinese Traditional (Version: 2010.0209.0015.306)
CCC Help Czech (Version: 2010.0209.0015.306)
CCC Help Danish (Version: 2010.0209.0015.306)
CCC Help Dutch (Version: 2010.0209.0015.306)
CCC Help English (Version: 2010.0209.0015.306)
CCC Help Finnish (Version: 2010.0209.0015.306)
CCC Help French (Version: 2010.0209.0015.306)
CCC Help German (Version: 2010.0209.0015.306)
CCC Help Greek (Version: 2010.0209.0015.306)
CCC Help Hungarian (Version: 2010.0209.0015.306)
CCC Help Italian (Version: 2010.0209.0015.306)
CCC Help Japanese (Version: 2010.0209.0015.306)
CCC Help Korean (Version: 2010.0209.0015.306)
CCC Help Norwegian (Version: 2010.0209.0015.306)
CCC Help Polish (Version: 2010.0209.0015.306)
CCC Help Portuguese (Version: 2010.0209.0015.306)
CCC Help Russian (Version: 2010.0209.0015.306)
CCC Help Spanish (Version: 2010.0209.0015.306)
CCC Help Swedish (Version: 2010.0209.0015.306)
CCC Help Thai (Version: 2010.0209.0015.306)
CCC Help Turkish (Version: 2010.0209.0015.306)
D3DX10 (Version: 15.4.2368.0902)
Elements 10 Organizer (Version: 10.0)
Evernote (Version: 3.5.4.2224)
Freemake Audio Converter version 1.1.0 (Version: 1.1.0)
FreeRIP v3.61 (Version: 3.61)
GIMP 2.6.11 (Version: 2.6.11)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® Turbo Boost Technology Driver (Version: 01.02.00.1002)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.98.3 for Audacity
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Gallery (Version: 1.3.0)
Media Gallery (Version: 1.3.0.11220)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mobile Broadband Generic Drivers (Version: 2.03.06.002.14)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Norton AntiVirus (Version: 19.8.0.14)
Oasis2Service (Version: 1.0.1)
OOBE (Version: 3.20.1018)
PANTECH UM175 Driver (Version: 3.3.3524.918)
Picasa 3 (Version: 3.8)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.5.00.11260)
PMB VAIO Edition Plug-in (Version: 1.4.00.09190)
PMB VAIO Edition Plug-in (Version: 1.4.01.11290)
PSE10 STI Installer (Version: 10.0)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6098)
Remote Keyboard with PlayStation 3 (Version: 1.0.2.06170)
Remote Play with PlayStation 3 (Version: 1.0.2.06210)
Remote Play with PlayStation®3 (Version: 1.0.2.06210)
Skype Toolbars (Version: 1.0.4054)
Skype™ 4.2 (Version: 4.2.146)
SmartWi Connection Utility (Version: 4.11.4.20100722.2739)
SpeedyPC Pro (Version: 3.1.4.0)
Switch Sound File Converter
TweetDeck (Version: 0.38.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VAIO - Media Gallery (Version: 1.3.0.11220)
VAIO - PMB VAIO Edition Guide (Version: 1.4.00.10090)
VAIO - PMB VAIO Edition Plug-in (Version: 1.4.01.11300)
VAIO Care (Version: 6.2.2.07150)
VAIO Control Center (Version: 4.3.0.05310)
VAIO Data Restore Tool (Version: 1.4.0.05240)
VAIO Gate (Version: 2.2.0.06080)
VAIO Gate Default (Version: 2.2.0.07020)
VAIO Hardware Diagnostics (Version: 4.0.0.06230)
VAIO Help and Support (Version: 12.00.0622)
VAIO Manual (Version: 1.1.0.05280)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (Version: 2.1.0.18210)
VAIO Media plus Opening Movie (Version: 2.1.0.14080)
VAIO Messenger (Version: 2.0.424.0)
VAIO Quick Web Access (Version: 1.3.4.7)
VAIO Sample Contents (Version: 1.2.0.16080)
VAIO Survey (Version: 6.00.1028)
VAIO Transfer Support (Version: 1.2.0.06230)
VAIO Update (Version: 5.2.0.05310)
VZAccess Manager (Version: 7.2.1.2)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3950.1 MB
Available physical RAM: 2332.33 MB
Total Pagefile: 7898.34 MB
Available Pagefile: 5597.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.22 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:455.1 GB) (Free:385.39 GB) NTFS

========================= Users: ========================================

User accounts for \\JEN-VAIO

Administrator boinc_master boinc_project
Guest Jen


**** End of log ****

#13 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 09:58 PM

Just rebooted again. The error message didn't come up this time, nothing blocked needing quarantine. Started clean. No hijack on the browswer. Yay.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,534 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:51 PM

Posted 20 August 2012 - 10:07 PM

Hi Jen,It looks a lot better. I want to do these yet and be sure it's clean.. I will look back tomorrow as the 2nd one may take 2 hours,

If you cannot do this skip it.

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 20 August 2012 - 10:08 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 cannesdo

cannesdo
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 20 August 2012 - 10:08 PM

And the "compupter" is running much faster.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users