Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

random sounds/music/commercials playing virus?


  • Please log in to reply
15 replies to this topic

#1 MistyC

MistyC

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 13 September 2012 - 05:39 AM

okay I have ran SUPERantispyware, AVG Free, Antivirus.com online, CC & Malwarebytes.. And they all either say I have nothing wrong.. or that they fixed it.. But of course, they havent. One (I believe it is SUPERantispyware) said I have to download a program from another computer, then run it on mine.. Which I did, but it didnt fix it.

SO this is on my Sony Laptop. Running Windows 7.

If I turn my sound on, there is normally some sort of noise playing... Once it was Paula Deens show lol. Sometimes I cant figure out what it is.. it will just be music of some sort or random commercials. VERY annoying. I was even logged off last night. Sitting on the log on screen, and it was still playing. I turned off the wifi & at one point it did stop it.. But then after I tried it again, it still played. So I cant pinpoint if it is a Wifi thing or virus..

I think I have that redirect virus as well.. Sometimes I will click a link, or search for something, and it takes me to some other screen. But they dont seem to have the same names so it is hard for me to pinpoint what it is..

Besides all that, my laptop still gets the BSOD randomly, but I know that isnt a virus.. But it is something that happens..

Thanks for your help!

misty

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:19 AM

Posted 13 September 2012 - 06:31 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 13 September 2012 - 09:45 AM

Thank you for taking the time to help me! Here are the requested logs:

TDS: This is the second log.. the one that they gave me after they had me restart. Not sure if you want the first one too.. Just lmk as it is saved here as well.

10:33:53.0226 4756 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:33:53.0585 4756 ============================================================
10:33:53.0585 4756 Current date / time: 2012/09/13 10:33:53.0585
10:33:53.0585 4756 SystemInfo:
10:33:53.0585 4756
10:33:53.0585 4756 OS Version: 6.1.7601 ServicePack: 1.0
10:33:53.0585 4756 Product type: Workstation
10:33:53.0585 4756 ComputerName: ST0114-VAIO
10:33:53.0585 4756 UserName: ST0114
10:33:53.0585 4756 Windows directory: C:\Windows
10:33:53.0585 4756 System windows directory: C:\Windows
10:33:53.0585 4756 Running under WOW64
10:33:53.0585 4756 Processor architecture: Intel x64
10:33:53.0585 4756 Number of processors: 4
10:33:53.0585 4756 Page size: 0x1000
10:33:53.0585 4756 Boot type: Normal boot
10:33:53.0585 4756 ============================================================
10:33:53.0834 4756 BG loaded
10:33:55.0254 4756 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:33:55.0270 4756 ============================================================
10:33:55.0270 4756 \Device\Harddisk0\DR0:
10:33:55.0270 4756 MBR partitions:
10:33:55.0270 4756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1503800, BlocksNum 0x32000
10:33:55.0270 4756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1535800, BlocksNum 0x38E50030
10:33:55.0270 4756 ============================================================
10:33:55.0379 4756 C: <-> \Device\Harddisk0\DR0\Partition2
10:33:55.0379 4756 ============================================================
10:33:55.0379 4756 Initialize success
10:33:55.0379 4756 ============================================================
10:34:06.0143 4108 ============================================================
10:34:06.0143 4108 Scan started
10:34:06.0143 4108 Mode: Manual; TDLFS;
10:34:06.0143 4108 ============================================================
10:34:14.0707 4108 ================ Scan system memory ========================
10:34:14.0707 4108 System memory - ok
10:34:14.0707 4108 ================ Scan services =============================
10:34:15.0363 4108 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:34:15.0363 4108 !SASCORE - ok
10:34:17.0125 4108 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:34:17.0125 4108 1394ohci - ok
10:34:17.0671 4108 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:34:18.0249 4108 ACDaemon - ok
10:34:18.0405 4108 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:34:18.0436 4108 ACPI - ok
10:34:18.0576 4108 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:34:18.0576 4108 AcpiPmi - ok
10:34:19.0185 4108 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:34:19.0185 4108 AdobeARMservice - ok
10:34:22.0398 4108 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:22.0917 4108 AdobeFlashPlayerUpdateSvc - ok
10:34:25.0519 4108 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:34:25.0784 4108 adp94xx - ok
10:34:25.0878 4108 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:34:25.0924 4108 adpahci - ok
10:34:25.0987 4108 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:34:26.0018 4108 adpu320 - ok
10:34:26.0034 4108 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:34:26.0034 4108 AeLookupSvc - ok
10:34:26.0626 4108 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:34:26.0642 4108 AFD - ok
10:34:26.0720 4108 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:34:26.0720 4108 agp440 - ok
10:34:26.0970 4108 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:34:26.0985 4108 ALG - ok
10:34:27.0110 4108 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:34:27.0126 4108 aliide - ok
10:34:27.0204 4108 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:34:27.0406 4108 amdide - ok
10:34:27.0453 4108 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:34:27.0453 4108 AmdK8 - ok
10:34:27.0500 4108 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:34:27.0516 4108 AmdPPM - ok
10:34:29.0154 4108 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:34:30.0012 4108 amdsata - ok
10:34:30.0495 4108 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:34:30.0495 4108 amdsbs - ok
10:34:32.0352 4108 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:34:33.0896 4108 amdxata - ok
10:34:38.0514 4108 [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
10:34:38.0529 4108 AntiSpywareService - ok
10:34:38.0982 4108 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
10:34:38.0982 4108 ApfiltrService - ok
10:34:39.0013 4108 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:34:39.0028 4108 AppID - ok
10:34:39.0278 4108 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:34:39.0278 4108 AppIDSvc - ok
10:34:39.0340 4108 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:34:39.0340 4108 Appinfo - ok
10:34:40.0417 4108 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:34:40.0417 4108 Apple Mobile Device - ok
10:34:40.0464 4108 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:34:40.0479 4108 arc - ok
10:34:40.0573 4108 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:34:40.0573 4108 arcsas - ok
10:34:40.0760 4108 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:34:40.0760 4108 ArcSoftKsUFilter - ok
10:34:41.0446 4108 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:34:41.0790 4108 aspnet_state - ok
10:34:41.0914 4108 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:34:41.0914 4108 AsyncMac - ok
10:34:42.0039 4108 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:34:42.0039 4108 atapi - ok
10:34:43.0006 4108 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:34:43.0131 4108 athr - ok
10:34:43.0318 4108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:34:43.0318 4108 AudioEndpointBuilder - ok
10:34:43.0396 4108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:34:43.0412 4108 AudioSrv - ok
10:34:46.0875 4108 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
10:34:46.0891 4108 AVGIDSAgent - ok
10:34:47.0031 4108 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:34:47.0031 4108 AVGIDSDriver - ok
10:34:47.0172 4108 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:34:47.0172 4108 AVGIDSFilter - ok
10:34:47.0234 4108 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:34:47.0250 4108 AVGIDSHA - ok
10:34:47.0827 4108 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:34:47.0827 4108 Avgldx64 - ok
10:34:48.0045 4108 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:34:48.0045 4108 Avgmfx64 - ok
10:34:48.0264 4108 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:34:48.0404 4108 Avgrkx64 - ok
10:34:48.0919 4108 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:34:48.0919 4108 Avgtdia - ok
10:34:49.0309 4108 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:34:49.0309 4108 avgwd - ok
10:34:49.0340 4108 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:34:49.0340 4108 AxInstSV - ok
10:34:49.0418 4108 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:34:49.0543 4108 b06bdrv - ok
10:34:49.0636 4108 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:34:49.0699 4108 b57nd60a - ok
10:34:49.0808 4108 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:34:49.0824 4108 BDESVC - ok
10:34:49.0839 4108 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:34:49.0839 4108 Beep - ok
10:34:49.0948 4108 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:34:49.0948 4108 blbdrive - ok
10:34:50.0463 4108 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:34:50.0463 4108 Bonjour Service - ok
10:34:50.0994 4108 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:34:50.0994 4108 bowser - ok
10:34:51.0259 4108 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:34:51.0259 4108 BrFiltLo - ok
10:34:51.0321 4108 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:34:51.0321 4108 BrFiltUp - ok
10:34:52.0054 4108 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:34:52.0054 4108 Browser - ok
10:34:52.0335 4108 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:34:52.0538 4108 Brserid - ok
10:34:52.0569 4108 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:34:52.0585 4108 BrSerWdm - ok
10:34:52.0741 4108 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:34:52.0741 4108 BrUsbMdm - ok
10:34:52.0788 4108 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:34:52.0788 4108 BrUsbSer - ok
10:34:53.0178 4108 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:34:53.0412 4108 BthEnum - ok
10:34:53.0521 4108 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:34:53.0536 4108 BTHMODEM - ok
10:34:53.0817 4108 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:34:53.0817 4108 BthPan - ok
10:34:54.0956 4108 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:34:56.0220 4108 BTHPORT - ok
10:34:56.0329 4108 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:34:56.0329 4108 bthserv - ok
10:34:56.0656 4108 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:34:56.0656 4108 BTHUSB - ok
10:34:56.0688 4108 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:34:56.0688 4108 cdfs - ok
10:34:56.0781 4108 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:34:56.0781 4108 cdrom - ok
10:34:56.0828 4108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:34:56.0828 4108 CertPropSvc - ok
10:34:56.0906 4108 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:34:56.0906 4108 circlass - ok
10:34:56.0984 4108 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:34:56.0984 4108 CLFS - ok
10:34:57.0296 4108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:57.0343 4108 clr_optimization_v2.0.50727_32 - ok
10:34:57.0967 4108 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:34:58.0076 4108 clr_optimization_v2.0.50727_64 - ok
10:34:58.0872 4108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:59.0199 4108 clr_optimization_v4.0.30319_32 - ok
10:34:59.0371 4108 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:34:59.0652 4108 clr_optimization_v4.0.30319_64 - ok
10:34:59.0839 4108 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:34:59.0839 4108 CmBatt - ok
10:34:59.0870 4108 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:34:59.0870 4108 cmdide - ok
10:35:00.0478 4108 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:35:00.0510 4108 CNG - ok
10:35:01.0368 4108 [ 61F989B3E4C097DE52330BA00FCBCB67 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
10:35:01.0383 4108 CnxtHdAudService - ok
10:35:01.0461 4108 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:35:01.0477 4108 Compbatt - ok
10:35:01.0555 4108 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:35:01.0555 4108 CompositeBus - ok
10:35:01.0570 4108 COMSysApp - ok
10:35:01.0602 4108 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:35:01.0617 4108 crcdisk - ok
10:35:02.0163 4108 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:35:02.0163 4108 CryptSvc - ok
10:35:02.0974 4108 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:35:02.0974 4108 cvhsvc - ok
10:35:03.0224 4108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:35:03.0224 4108 DcomLaunch - ok
10:35:03.0271 4108 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:35:03.0286 4108 defragsvc - ok
10:35:03.0411 4108 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:35:03.0411 4108 DfsC - ok
10:35:03.0458 4108 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:35:03.0458 4108 Dhcp - ok
10:35:03.0489 4108 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:35:03.0489 4108 discache - ok
10:35:03.0676 4108 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:35:03.0676 4108 Disk - ok
10:35:03.0864 4108 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:35:03.0864 4108 Dnscache - ok
10:35:03.0926 4108 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:35:03.0926 4108 dot3svc - ok
10:35:03.0957 4108 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:35:03.0957 4108 DPS - ok
10:35:03.0988 4108 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:35:03.0988 4108 drmkaud - ok
10:35:04.0269 4108 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:35:04.0285 4108 DXGKrnl - ok
10:35:04.0534 4108 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
10:35:04.0566 4108 e1yexpress - ok
10:35:04.0706 4108 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:35:04.0722 4108 EapHost - ok
10:35:06.0344 4108 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:35:06.0453 4108 ebdrv - ok
10:35:06.0734 4108 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:35:06.0734 4108 EFS - ok
10:35:07.0124 4108 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:35:07.0171 4108 ehRecvr - ok
10:35:07.0202 4108 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:35:07.0202 4108 ehSched - ok
10:35:07.0296 4108 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:35:07.0311 4108 elxstor - ok
10:35:07.0389 4108 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:35:07.0389 4108 ErrDev - ok
10:35:07.0935 4108 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:35:07.0935 4108 EventSystem - ok
10:35:09.0573 4108 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:35:09.0573 4108 EvtEng - ok
10:35:09.0667 4108 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:35:09.0682 4108 exfat - ok
10:35:09.0745 4108 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:35:09.0760 4108 fastfat - ok
10:35:10.0166 4108 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:35:10.0182 4108 Fax - ok
10:35:10.0182 4108 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:35:10.0197 4108 fdc - ok
10:35:10.0228 4108 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:35:10.0228 4108 fdPHost - ok
10:35:10.0260 4108 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:35:10.0260 4108 FDResPub - ok
10:35:10.0462 4108 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:35:10.0462 4108 FileInfo - ok
10:35:10.0509 4108 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:35:10.0509 4108 Filetrace - ok
10:35:10.0603 4108 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:35:10.0618 4108 flpydisk - ok
10:35:10.0696 4108 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:35:10.0696 4108 FltMgr - ok
10:35:11.0305 4108 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:35:11.0320 4108 FontCache - ok
10:35:11.0570 4108 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:35:11.0586 4108 FontCache3.0.0.0 - ok
10:35:11.0648 4108 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:35:11.0648 4108 FsDepends - ok
10:35:12.0054 4108 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
10:35:12.0054 4108 fssfltr - ok
10:35:13.0225 4108 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:35:13.0225 4108 fsssvc - ok
10:35:13.0427 4108 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:35:13.0552 4108 Fs_Rec - ok
10:35:13.0646 4108 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:35:13.0646 4108 fvevol - ok
10:35:13.0661 4108 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:35:13.0661 4108 gagp30kx - ok
10:35:14.0036 4108 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:35:14.0036 4108 GEARAspiWDM - ok
10:35:14.0223 4108 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:35:14.0223 4108 gpsvc - ok
10:35:14.0410 4108 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:35:14.0410 4108 hcw85cir - ok
10:35:14.0597 4108 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:35:15.0268 4108 HdAudAddService - ok
10:35:15.0284 4108 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:35:15.0284 4108 HDAudBus - ok
10:35:15.0331 4108 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:35:15.0331 4108 HidBatt - ok
10:35:15.0409 4108 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:35:15.0409 4108 HidBth - ok
10:35:15.0440 4108 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:35:15.0455 4108 HidIr - ok
10:35:15.0611 4108 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:35:15.0611 4108 hidserv - ok
10:35:15.0970 4108 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:35:15.0970 4108 HidUsb - ok
10:35:16.0282 4108 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:35:16.0282 4108 hkmsvc - ok
10:35:16.0345 4108 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:35:16.0345 4108 HomeGroupListener - ok
10:35:16.0532 4108 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:35:16.0547 4108 HomeGroupProvider - ok
10:35:16.0563 4108 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:35:16.0625 4108 HpSAMD - ok
10:35:16.0735 4108 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:35:16.0750 4108 HTTP - ok
10:35:16.0781 4108 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:35:16.0781 4108 hwpolicy - ok
10:35:16.0813 4108 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:35:16.0813 4108 i8042prt - ok
10:35:17.0015 4108 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:35:17.0015 4108 iaStor - ok
10:35:17.0327 4108 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:35:17.0327 4108 IAStorDataMgrSvc - ok
10:35:17.0561 4108 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:35:17.0764 4108 iaStorV - ok
10:35:18.0217 4108 [ 6F3909A3D40CC9F4B28E03B027F918D8 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:35:18.0232 4108 IconMan_R - ok
10:35:18.0451 4108 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:35:18.0560 4108 idsvc - ok
10:35:20.0510 4108 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:35:20.0557 4108 igfx - ok
10:35:20.0588 4108 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:35:20.0603 4108 iirsp - ok
10:35:20.0728 4108 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:35:20.0744 4108 IKEEXT - ok
10:35:20.0806 4108 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:35:20.0806 4108 IntcDAud - ok
10:35:20.0837 4108 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:35:20.0837 4108 intelide - ok
10:35:20.0869 4108 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:35:20.0869 4108 intelppm - ok
10:35:21.0118 4108 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:35:21.0118 4108 IPBusEnum - ok
10:35:21.0134 4108 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:35:21.0134 4108 IpFilterDriver - ok
10:35:21.0212 4108 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:35:21.0212 4108 IPMIDRV - ok
10:35:21.0259 4108 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:35:21.0259 4108 IPNAT - ok
10:35:21.0524 4108 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:35:21.0539 4108 iPod Service - ok
10:35:21.0571 4108 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:35:21.0571 4108 IRENUM - ok
10:35:21.0602 4108 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:35:21.0602 4108 isapnp - ok
10:35:21.0649 4108 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:35:21.0680 4108 iScsiPrt - ok
10:35:21.0695 4108 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:35:21.0695 4108 kbdclass - ok
10:35:21.0711 4108 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:35:21.0711 4108 kbdhid - ok
10:35:21.0727 4108 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:35:21.0727 4108 KeyIso - ok
10:35:21.0836 4108 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:35:21.0851 4108 KSecDD - ok
10:35:21.0914 4108 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:35:21.0929 4108 KSecPkg - ok
10:35:21.0976 4108 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:35:21.0976 4108 ksthunk - ok
10:35:22.0023 4108 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:35:22.0039 4108 KtmRm - ok
10:35:22.0226 4108 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:35:22.0226 4108 LanmanServer - ok
10:35:22.0288 4108 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:35:22.0288 4108 LanmanWorkstation - ok
10:35:22.0335 4108 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:35:22.0335 4108 lltdio - ok
10:35:22.0366 4108 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:35:22.0382 4108 lltdsvc - ok
10:35:22.0397 4108 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:35:22.0397 4108 lmhosts - ok
10:35:22.0959 4108 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:35:23.0302 4108 LMS - ok
10:35:23.0474 4108 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:35:23.0474 4108 LSI_FC - ok
10:35:23.0583 4108 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:35:23.0599 4108 LSI_SAS - ok
10:35:23.0661 4108 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:35:23.0661 4108 LSI_SAS2 - ok
10:35:23.0708 4108 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:35:23.0708 4108 LSI_SCSI - ok
10:35:23.0739 4108 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:35:23.0739 4108 luafv - ok
10:35:23.0817 4108 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:35:23.0817 4108 MBAMProtector - ok
10:35:24.0223 4108 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:35:24.0519 4108 MBAMService - ok
10:35:24.0550 4108 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:35:24.0566 4108 Mcx2Svc - ok
10:35:24.0613 4108 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:35:24.0613 4108 megasas - ok
10:35:24.0722 4108 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:35:24.0753 4108 MegaSR - ok
10:35:24.0831 4108 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
10:35:24.0831 4108 MEIx64 - ok
10:35:24.0940 4108 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:35:24.0940 4108 MMCSS - ok
10:35:25.0034 4108 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:35:25.0049 4108 Modem - ok
10:35:25.0081 4108 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:35:25.0081 4108 monitor - ok
10:35:25.0112 4108 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:35:25.0112 4108 mouclass - ok
10:35:25.0252 4108 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:35:25.0252 4108 mouhid - ok
10:35:25.0283 4108 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:35:25.0283 4108 mountmgr - ok
10:35:25.0642 4108 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:35:25.0845 4108 MozillaMaintenance - ok
10:35:26.0048 4108 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:35:26.0048 4108 MpFilter - ok
10:35:26.0219 4108 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:35:26.0235 4108 mpio - ok
10:35:26.0360 4108 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:35:26.0360 4108 mpsdrv - ok
10:35:26.0609 4108 MREMP50 - ok
10:35:26.0860 4108 MREMP50a64 - ok
10:35:26.0876 4108 MREMPR5 - ok
10:35:26.0969 4108 MRENDIS5 - ok
10:35:27.0000 4108 MRESP50 - ok
10:35:27.0016 4108 MRESP50a64 - ok
10:35:27.0156 4108 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:35:27.0156 4108 MRxDAV - ok
10:35:27.0250 4108 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:35:27.0250 4108 mrxsmb - ok
10:35:27.0344 4108 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:35:27.0344 4108 mrxsmb10 - ok
10:35:27.0609 4108 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:35:27.0609 4108 mrxsmb20 - ok
10:35:27.0640 4108 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:35:27.0656 4108 msahci - ok
10:35:27.0687 4108 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:35:27.0687 4108 msdsm - ok
10:35:27.0734 4108 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:35:27.0749 4108 MSDTC - ok
10:35:28.0077 4108 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:35:28.0077 4108 Msfs - ok
10:35:28.0108 4108 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:35:28.0108 4108 mshidkmdf - ok
10:35:28.0139 4108 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:35:28.0139 4108 msisadrv - ok
10:35:28.0170 4108 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:35:28.0170 4108 MSiSCSI - ok
10:35:28.0170 4108 msiserver - ok
10:35:28.0202 4108 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:35:28.0202 4108 MSKSSRV - ok
10:35:28.0264 4108 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:35:28.0264 4108 MSPCLOCK - ok
10:35:28.0295 4108 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:35:28.0295 4108 MSPQM - ok
10:35:28.0326 4108 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:35:28.0342 4108 MsRPC - ok
10:35:28.0451 4108 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:35:28.0451 4108 mssmbios - ok
10:35:28.0482 4108 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:35:28.0498 4108 MSTEE - ok
10:35:28.0576 4108 [ C83829C280F0207677B7AAA151EF9C4D ] msvad_simple C:\Windows\system32\drivers\povrtdev.sys
10:35:28.0576 4108 msvad_simple - ok
10:35:28.0607 4108 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:35:28.0607 4108 MTConfig - ok
10:35:28.0638 4108 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:35:28.0654 4108 Mup - ok
10:35:28.0794 4108 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:35:28.0810 4108 MyWiFiDHCPDNS - ok
10:35:28.0904 4108 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:35:28.0904 4108 napagent - ok
10:35:28.0935 4108 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:35:28.0935 4108 NativeWifiP - ok
10:35:29.0216 4108 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
10:35:29.0216 4108 NAUpdate - ok
10:35:29.0247 4108 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:35:29.0247 4108 NDIS - ok
10:35:29.0294 4108 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:35:29.0294 4108 NdisCap - ok
10:35:29.0309 4108 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:35:29.0309 4108 NdisTapi - ok
10:35:29.0340 4108 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:35:29.0340 4108 Ndisuio - ok
10:35:29.0403 4108 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:35:29.0403 4108 NdisWan - ok
10:35:29.0496 4108 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:35:29.0496 4108 NDProxy - ok
10:35:29.0996 4108 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
10:35:29.0996 4108 Nero BackItUp Scheduler 4.0 - ok
10:35:30.0058 4108 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:35:30.0058 4108 NetBIOS - ok
10:35:30.0089 4108 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:35:30.0089 4108 NetBT - ok
10:35:30.0120 4108 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:35:30.0120 4108 Netlogon - ok
10:35:30.0198 4108 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:35:30.0198 4108 Netman - ok
10:35:30.0401 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:30.0464 4108 NetMsmqActivator - ok
10:35:30.0479 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:30.0479 4108 NetPipeActivator - ok
10:35:30.0604 4108 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:35:30.0604 4108 netprofm - ok
10:35:30.0620 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:30.0620 4108 NetTcpActivator - ok
10:35:30.0635 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:30.0635 4108 NetTcpPortSharing - ok
10:35:31.0634 4108 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
10:35:31.0680 4108 NETwNs64 - ok
10:35:31.0758 4108 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:35:31.0758 4108 nfrd960 - ok
10:35:31.0852 4108 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:35:31.0852 4108 NisDrv - ok
10:35:31.0977 4108 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:35:31.0992 4108 NisSrv - ok
10:35:32.0148 4108 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:35:32.0148 4108 NlaSvc - ok
10:35:32.0211 4108 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:35:32.0211 4108 Npfs - ok
10:35:32.0242 4108 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:35:32.0242 4108 nsi - ok
10:35:32.0258 4108 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:35:32.0258 4108 nsiproxy - ok
10:35:32.0414 4108 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:35:32.0460 4108 Ntfs - ok
10:35:32.0492 4108 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:35:32.0492 4108 Null - ok
10:35:33.0303 4108 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:35:33.0552 4108 nvlddmkm - ok
10:35:33.0599 4108 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:35:33.0615 4108 nvraid - ok
10:35:33.0693 4108 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:35:33.0693 4108 nvstor - ok
10:35:33.0708 4108 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:35:33.0708 4108 nv_agp - ok
10:35:33.0802 4108 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:35:33.0818 4108 ohci1394 - ok
10:35:33.0958 4108 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:35:33.0974 4108 ose - ok
10:35:34.0520 4108 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:35:34.0629 4108 osppsvc - ok
10:35:34.0691 4108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:35:34.0691 4108 p2pimsvc - ok
10:35:34.0738 4108 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:35:34.0754 4108 p2psvc - ok
10:35:34.0863 4108 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:35:34.0863 4108 Parport - ok
10:35:34.0972 4108 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:35:34.0972 4108 partmgr - ok
10:35:35.0050 4108 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:35:35.0066 4108 PcaSvc - ok
10:35:35.0144 4108 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:35:35.0159 4108 pci - ok
10:35:35.0190 4108 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:35:35.0206 4108 pciide - ok
10:35:35.0222 4108 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:35:35.0222 4108 pcmcia - ok
10:35:35.0284 4108 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:35:35.0284 4108 pcw - ok
10:35:35.0378 4108 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:35:35.0378 4108 PEAUTH - ok
10:35:39.0699 4108 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:35:39.0699 4108 PerfHost - ok
10:35:40.0089 4108 [ 8BA0E6570112C4F27571A3C21B3A02A6 ] PGMTrusted C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
10:35:40.0089 4108 PGMTrusted - ok
10:35:41.0352 4108 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:35:41.0368 4108 pla - ok
10:35:41.0524 4108 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:35:41.0711 4108 PlugPlay - ok
10:35:42.0257 4108 [ AE6C778717DE2F6B0C0B5335036D3363 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
10:35:42.0491 4108 PMBDeviceInfoProvider - ok
10:35:42.0554 4108 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:35:42.0585 4108 PNRPAutoReg - ok
10:35:42.0663 4108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:35:42.0663 4108 PNRPsvc - ok
10:35:42.0850 4108 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:35:43.0037 4108 PolicyAgent - ok
10:35:43.0224 4108 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:35:43.0224 4108 Power - ok
10:35:43.0490 4108 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:35:43.0490 4108 PptpMiniport - ok
10:35:43.0521 4108 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:35:43.0536 4108 Processor - ok
10:35:43.0614 4108 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:35:43.0614 4108 ProfSvc - ok
10:35:43.0724 4108 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:35:43.0724 4108 ProtectedStorage - ok
10:35:43.0833 4108 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:35:43.0833 4108 Psched - ok
10:35:44.0207 4108 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:35:44.0285 4108 ql2300 - ok
10:35:44.0348 4108 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:35:44.0348 4108 ql40xx - ok
10:35:44.0410 4108 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:35:44.0410 4108 QWAVE - ok
10:35:44.0519 4108 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:35:44.0519 4108 QWAVEdrv - ok
10:35:44.0550 4108 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:35:44.0550 4108 RasAcd - ok
10:35:44.0613 4108 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:35:44.0613 4108 RasAgileVpn - ok
10:35:44.0660 4108 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:35:44.0675 4108 RasAuto - ok
10:35:44.0706 4108 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:35:44.0706 4108 Rasl2tp - ok
10:35:44.0753 4108 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:35:44.0769 4108 RasMan - ok
10:35:44.0784 4108 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:35:44.0784 4108 RasPppoe - ok
10:35:44.0816 4108 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:35:44.0816 4108 RasSstp - ok
10:35:44.0925 4108 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:35:44.0925 4108 rdbss - ok
10:35:45.0003 4108 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:35:45.0003 4108 rdpbus - ok
10:35:45.0081 4108 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:35:45.0081 4108 RDPCDD - ok
10:35:45.0096 4108 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:35:45.0096 4108 RDPENCDD - ok
10:35:45.0112 4108 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:35:45.0112 4108 RDPREFMP - ok
10:35:45.0206 4108 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:35:45.0206 4108 RDPWD - ok
10:35:45.0221 4108 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:35:45.0237 4108 rdyboost - ok
10:35:45.0315 4108 [ 6B220CC1B8EB7F8723F5082F4A990B3C ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
10:35:45.0315 4108 RealNetworks Downloader Resolver Service - ok
10:35:46.0454 4108 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:35:46.0454 4108 RegSrvc - ok
10:35:46.0563 4108 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:35:46.0563 4108 RemoteAccess - ok
10:35:46.0656 4108 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:35:46.0656 4108 RemoteRegistry - ok
10:35:46.0750 4108 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:35:46.0766 4108 RFCOMM - ok
10:35:46.0812 4108 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:35:46.0812 4108 RpcEptMapper - ok
10:35:46.0890 4108 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:35:46.0890 4108 RpcLocator - ok
10:35:47.0062 4108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:35:47.0078 4108 RpcSs - ok
10:35:47.0234 4108 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:35:47.0249 4108 RSPCIESTOR - ok
10:35:47.0468 4108 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:35:47.0468 4108 rspndr - ok
10:35:47.0639 4108 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:35:47.0639 4108 RTL8167 - ok
10:35:47.0764 4108 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:35:47.0764 4108 SamSs - ok
10:35:48.0372 4108 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:35:48.0372 4108 SASDIFSV - ok
10:35:48.0388 4108 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:35:48.0388 4108 SASKUTIL - ok
10:35:48.0435 4108 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:35:48.0450 4108 sbp2port - ok
10:35:48.0497 4108 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:35:48.0497 4108 SCardSvr - ok
10:35:48.0528 4108 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:35:48.0528 4108 scfilter - ok
10:35:48.0700 4108 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:35:48.0716 4108 Schedule - ok
10:35:48.0809 4108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:35:48.0809 4108 SCPolicySvc - ok
10:35:48.0856 4108 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:35:48.0872 4108 sdbus - ok
10:35:48.0965 4108 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:35:48.0965 4108 SDRSVC - ok
10:35:49.0028 4108 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:35:49.0028 4108 secdrv - ok
10:35:49.0059 4108 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:35:49.0059 4108 seclogon - ok
10:35:49.0090 4108 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:35:49.0090 4108 SENS - ok
10:35:49.0137 4108 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:35:49.0152 4108 SensrSvc - ok
10:35:49.0215 4108 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:35:49.0230 4108 Serenum - ok
10:35:49.0293 4108 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:35:49.0308 4108 Serial - ok
10:35:49.0340 4108 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:35:49.0355 4108 sermouse - ok
10:35:49.0402 4108 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:35:49.0449 4108 SessionEnv - ok
10:35:49.0527 4108 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
10:35:49.0527 4108 SFEP - ok
10:35:49.0574 4108 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:35:49.0574 4108 sffdisk - ok
10:35:49.0605 4108 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:35:49.0620 4108 sffp_mmc - ok
10:35:49.0667 4108 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:35:49.0667 4108 sffp_sd - ok
10:35:49.0714 4108 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:35:49.0730 4108 sfloppy - ok
10:35:50.0010 4108 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:35:50.0026 4108 Sftfs - ok
10:35:50.0198 4108 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:35:50.0198 4108 sftlist - ok
10:35:50.0307 4108 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:35:50.0322 4108 Sftplay - ok
10:35:50.0400 4108 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:35:50.0400 4108 Sftredir - ok
10:35:50.0494 4108 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:35:50.0494 4108 Sftvol - ok
10:35:50.0588 4108 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:35:50.0588 4108 sftvsa - ok
10:35:50.0790 4108 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:35:50.0790 4108 ShellHWDetection - ok
10:35:50.0900 4108 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:35:50.0900 4108 SiSRaid2 - ok
10:35:50.0931 4108 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:35:50.0931 4108 SiSRaid4 - ok
10:35:50.0962 4108 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:35:50.0962 4108 Smb - ok
10:35:51.0009 4108 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:35:51.0009 4108 SNMPTRAP - ok
10:35:51.0196 4108 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:35:51.0196 4108 SOHCImp - ok
10:35:51.0227 4108 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:35:51.0259 4108 SOHDs - ok
10:35:51.0415 4108 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:35:51.0415 4108 SpfService - ok
10:35:51.0446 4108 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:35:51.0446 4108 spldr - ok
10:35:51.0539 4108 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:35:51.0539 4108 Spooler - ok
10:35:51.0898 4108 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:35:51.0914 4108 sppsvc - ok
10:35:51.0992 4108 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:35:51.0992 4108 sppuinotify - ok
10:35:52.0163 4108 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:35:52.0163 4108 srv - ok
10:35:52.0288 4108 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:35:52.0304 4108 srv2 - ok
10:35:52.0366 4108 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:35:52.0366 4108 srvnet - ok
10:35:52.0413 4108 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:35:52.0413 4108 SSDPSRV - ok
10:35:52.0460 4108 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:35:52.0460 4108 SstpSvc - ok
10:35:52.0491 4108 Steam Client Service - ok
10:35:52.0522 4108 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:35:52.0522 4108 stexstor - ok
10:35:52.0616 4108 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:35:52.0616 4108 stisvc - ok
10:35:52.0694 4108 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:35:52.0694 4108 swenum - ok
10:35:52.0819 4108 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:35:52.0819 4108 swprv - ok
10:35:52.0959 4108 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:35:52.0975 4108 SysMain - ok
10:35:53.0037 4108 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:35:53.0037 4108 TabletInputService - ok
10:35:53.0068 4108 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:35:53.0068 4108 TapiSrv - ok
10:35:53.0131 4108 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:35:53.0131 4108 TBS - ok
10:35:53.0318 4108 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:35:53.0380 4108 Tcpip - ok
10:35:53.0521 4108 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:35:53.0552 4108 TCPIP6 - ok
10:35:53.0692 4108 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:35:53.0692 4108 tcpipreg - ok
10:35:53.0739 4108 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:35:53.0755 4108 TDPIPE - ok
10:35:53.0879 4108 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:35:53.0879 4108 TDTCP - ok
10:35:53.0911 4108 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:35:53.0911 4108 tdx - ok
10:35:53.0957 4108 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:35:53.0957 4108 TermDD - ok
10:35:54.0020 4108 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:35:54.0020 4108 TermService - ok
10:35:54.0067 4108 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:35:54.0067 4108 Themes - ok
10:35:54.0098 4108 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:35:54.0113 4108 THREADORDER - ok
10:35:54.0129 4108 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:35:54.0129 4108 TrkWks - ok
10:35:54.0191 4108 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:35:54.0191 4108 TrustedInstaller - ok
10:35:54.0223 4108 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:35:54.0223 4108 tssecsrv - ok
10:35:54.0238 4108 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:35:54.0238 4108 TsUsbFlt - ok
10:35:54.0269 4108 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:35:54.0285 4108 TsUsbGD - ok
10:35:54.0301 4108 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:35:54.0301 4108 tunnel - ok
10:35:54.0332 4108 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:35:54.0332 4108 uagp35 - ok
10:35:54.0457 4108 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:35:54.0457 4108 uCamMonitor - ok
10:35:54.0613 4108 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:35:54.0691 4108 udfs - ok
10:35:54.0753 4108 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:35:54.0925 4108 UI0Detect - ok
10:35:55.0003 4108 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:35:55.0018 4108 uliagpkx - ok
10:35:55.0049 4108 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:35:55.0049 4108 umbus - ok
10:35:55.0081 4108 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:35:55.0096 4108 UmPass - ok
10:35:55.0502 4108 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:35:55.0564 4108 UNS - ok
10:35:55.0642 4108 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:35:55.0642 4108 upnphost - ok
10:35:56.0297 4108 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:35:56.0297 4108 USBAAPL64 - ok
10:35:56.0578 4108 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:35:56.0578 4108 usbccgp - ok
10:35:56.0609 4108 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:35:56.0625 4108 usbcir - ok
10:35:56.0921 4108 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:35:56.0921 4108 usbehci - ok
10:35:56.0999 4108 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:35:56.0999 4108 usbhub - ok
10:35:57.0218 4108 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:35:57.0233 4108 usbohci - ok
10:35:57.0280 4108 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:35:57.0296 4108 usbprint - ok
10:35:57.0389 4108 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:35:57.0389 4108 usbscan - ok
10:35:57.0545 4108 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:35:57.0577 4108 USBSTOR - ok
10:35:57.0701 4108 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:35:57.0733 4108 usbuhci - ok
10:35:57.0842 4108 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:35:57.0857 4108 usbvideo - ok
10:35:57.0904 4108 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:35:57.0904 4108 UxSms - ok
10:35:58.0559 4108 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
10:35:58.0559 4108 VAIO Event Service - ok
10:35:58.0622 4108 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:35:58.0622 4108 VaultSvc - ok
10:35:59.0308 4108 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:35:59.0308 4108 VCFw - ok
10:35:59.0511 4108 [ BFFDE5AF83DBEF61F8AFE1781482521D ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:35:59.0527 4108 VcmIAlzMgr - ok
10:35:59.0636 4108 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:35:59.0651 4108 VcmINSMgr - ok
10:35:59.0917 4108 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:35:59.0932 4108 VcmXmlIfHelper - ok
10:36:00.0603 4108 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
10:36:00.0619 4108 VCService - ok
10:36:00.0697 4108 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:36:00.0697 4108 vdrvroot - ok
10:36:00.0946 4108 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:36:00.0962 4108 vds - ok
10:36:00.0993 4108 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:36:01.0009 4108 vga - ok
10:36:01.0024 4108 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:36:01.0024 4108 VgaSave - ok
10:36:01.0040 4108 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:36:01.0055 4108 vhdmp - ok
10:36:01.0118 4108 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:36:01.0118 4108 viaide - ok
10:36:01.0180 4108 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:36:01.0180 4108 volmgr - ok
10:36:01.0243 4108 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:36:01.0258 4108 volmgrx - ok
10:36:01.0289 4108 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:36:01.0305 4108 volsnap - ok
10:36:01.0336 4108 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:36:01.0336 4108 vsmraid - ok
10:36:01.0570 4108 [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:36:01.0570 4108 VSNService - ok
10:36:01.0898 4108 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:36:01.0913 4108 VSS - ok
10:36:02.0101 4108 [ D62D16E057BE87F5B84A54D1B83822C4 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
10:36:02.0116 4108 VUAgent - ok
10:36:02.0132 4108 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:36:02.0132 4108 vwifibus - ok
10:36:02.0147 4108 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:36:02.0147 4108 vwififlt - ok
10:36:02.0163 4108 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:36:02.0179 4108 vwifimp - ok
10:36:02.0210 4108 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:36:02.0225 4108 W32Time - ok
10:36:02.0288 4108 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:36:02.0303 4108 WacomPen - ok
10:36:02.0350 4108 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:36:02.0350 4108 WANARP - ok
10:36:02.0366 4108 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:36:02.0366 4108 Wanarpv6 - ok
10:36:02.0506 4108 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:36:02.0615 4108 WatAdminSvc - ok
10:36:02.0818 4108 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:36:02.0849 4108 wbengine - ok
10:36:02.0865 4108 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:36:02.0865 4108 WbioSrvc - ok
10:36:02.0881 4108 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:36:02.0881 4108 wcncsvc - ok
10:36:02.0912 4108 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:36:02.0912 4108 WcsPlugInService - ok
10:36:02.0943 4108 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:36:02.0943 4108 Wd - ok
10:36:03.0224 4108 [ 6A1AEF46AC445EF4013E494BAC9D66C2 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
10:36:03.0239 4108 WDBackup - ok
10:36:03.0395 4108 [ 46DA6F2C6B084069EC9C4A1C79BFE8C7 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
10:36:03.0395 4108 WDDriveService - ok
10:36:03.0505 4108 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:36:03.0536 4108 Wdf01000 - ok
10:36:03.0567 4108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:36:03.0567 4108 WdiServiceHost - ok
10:36:03.0598 4108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:36:03.0598 4108 WdiSystemHost - ok
10:36:03.0676 4108 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
10:36:03.0676 4108 wdkmd - ok
10:36:03.0863 4108 [ B1C9682B3AC27567BDBA4DEDAFB6FA79 ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
10:36:03.0879 4108 WDRulesService - ok
10:36:03.0926 4108 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:36:03.0926 4108 WebClient - ok
10:36:03.0957 4108 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:36:03.0957 4108 Wecsvc - ok
10:36:04.0004 4108 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:36:04.0004 4108 wercplsupport - ok
10:36:04.0113 4108 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:36:04.0113 4108 WerSvc - ok
10:36:04.0222 4108 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:36:04.0222 4108 WfpLwf - ok
10:36:04.0253 4108 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:36:04.0253 4108 WIMMount - ok
10:36:04.0285 4108 WinHttpAutoProxySvc - ok
10:36:04.0441 4108 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:36:04.0441 4108 Winmgmt - ok
10:36:04.0643 4108 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:36:04.0659 4108 WinRM - ok
10:36:04.0815 4108 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:36:04.0815 4108 WinUsb - ok
10:36:04.0987 4108 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:36:05.0002 4108 Wlansvc - ok
10:36:05.0423 4108 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:36:05.0455 4108 wlidsvc - ok
10:36:05.0470 4108 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:36:05.0486 4108 WmiAcpi - ok
10:36:05.0548 4108 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:36:05.0548 4108 wmiApSrv - ok
10:36:05.0595 4108 WMPNetworkSvc - ok
10:36:05.0642 4108 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:36:05.0642 4108 WPCSvc - ok
10:36:05.0657 4108 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:36:05.0657 4108 WPDBusEnum - ok
10:36:05.0704 4108 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:36:05.0704 4108 ws2ifsl - ok
10:36:05.0720 4108 WSearch - ok
10:36:05.0735 4108 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:36:05.0735 4108 WudfPf - ok
10:36:05.0829 4108 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:36:05.0845 4108 WUDFRd - ok
10:36:05.0907 4108 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:36:05.0907 4108 wudfsvc - ok
10:36:05.0954 4108 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:36:05.0954 4108 WwanSvc - ok
10:36:06.0063 4108 [ 8C6413D62C891D8DA084A31DA53A09E6 ] X5XSEx C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
10:36:06.0063 4108 X5XSEx - ok
10:36:06.0219 4108 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:36:06.0219 4108 YahooAUService - ok
10:36:06.0266 4108 ================ Scan global ===============================
10:36:06.0359 4108 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:36:06.0437 4108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:36:06.0453 4108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:36:06.0484 4108 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:36:06.0531 4108 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:36:06.0531 4108 [Global] - ok
10:36:06.0531 4108 ================ Scan MBR ==================================
10:36:06.0547 4108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:36:09.0323 4108 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:36:09.0323 4108 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:36:09.0323 4108 ================ Scan VBR ==================================
10:36:09.0339 4108 [ 71F066EEE6C7DF062280543CB45FBFD0 ] \Device\Harddisk0\DR0\Partition1
10:36:09.0339 4108 \Device\Harddisk0\DR0\Partition1 - ok
10:36:09.0355 4108 [ 808D31D341C49A3A9DE229C60231CB24 ] \Device\Harddisk0\DR0\Partition2
10:36:09.0355 4108 \Device\Harddisk0\DR0\Partition2 - ok
10:36:09.0355 4108 ============================================================
10:36:09.0355 4108 Scan finished
10:36:09.0355 4108 ============================================================
10:36:09.0370 2336 Detected object count: 1
10:36:09.0370 2336 Actual detected object count: 1
10:36:14.0409 2336 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:36:14.0409 2336 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
10:36:17.0669 4984 Deinitialize success

#4 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 13 September 2012 - 09:46 AM

aswBER:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-13 10:36:59
-----------------------------
10:36:59.216 OS Version: Windows x64 6.1.7601 Service Pack 1
10:36:59.216 Number of processors: 4 586 0x2A07
10:36:59.216 ComputerName: ST0114-VAIO UserName: ST0114
10:37:05.800 Initialize success
10:37:50.056 AVAST engine defs: 12091300
10:37:57.497 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:37:57.513 Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
10:37:57.560 Disk 0 MBR read successfully
10:37:57.560 Disk 0 MBR scan
10:37:57.575 Disk 0 Windows 7 default MBR code
10:37:57.731 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10757 MB offset 2048
10:37:57.778 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 22034432
10:37:57.856 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466080 MB offset 22239232
10:37:58.074 Disk 0 scanning C:\Windows\system32\drivers
10:38:31.973 Service scanning
10:41:03.405 Modules scanning
10:41:03.421 Disk 0 trace - called modules:
10:41:03.530 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:41:04.123 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d6b060]
10:41:04.123 3 CLASSPNP.SYS[fffff88001b6243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004abf050]
10:41:30.567 Disk 0 MBR has been saved successfully to "C:\Users\ST0114\Desktop\MBR.dat"
10:41:30.567 The log file has been saved successfully to "C:\Users\ST0114\Desktop\aswMBR.txt"



eset is still running..

#5 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 13 September 2012 - 02:20 PM

ok finally... here is the ESET one.

C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Olmarik.AXV trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0007.dta a variant of Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.Z trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.09.2012_10.25.17\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AYG trojan cleaned by deleting - quarantined
C:\Users\Misty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7J0GI74M\imgres[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Misty\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6dba6b7e-30fc3681 Java/Exploit.CVE-2012-4681.Y trojan deleted - quarantined
C:\Users\ST0114\AppData\Local\Temp\emocanxswr.exe Win32/Adware.SystemSecurity.AL application cleaned by deleting - quarantined
C:\Users\ST0114\AppData\Local\{56254F5C-FC7A-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\ST0114\AppData\Roaming\msdrin.dll a variant of Win32/Medfos.DM trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\ST0114\Downloads\gimp_app_1201.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\ST0114\Downloads\gimp_installer_1606.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\ST0114\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache1006512736256735950.tmp probably a variant of Java/Exploit.CVE-2010-0840.AQ trojan deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache2521791379173392110.tmp multiple threats deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache2630782220391974451.tmp multiple threats deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache3469807250443948755.tmp a variant of Java/Exploit.CVE-2010-0840.NAA trojan deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache3769290402997202808.tmp multiple threats deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache4118427298428483988.tmp multiple threats deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache6294165363428590779.tmp a variant of Java/Exploit.CVE-2010-0840.NAA trojan deleted - quarantined
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\jar_cache7044096915678946053.tmp multiple threats deleted - quarantined
C:\Windows\System32\config\systemprofile\0.3382560079084256.exe Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9T5U49M3\abctale_net[1].htm HTML/TrojanDownloader.Applet.A trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3Q209V9\abctale_net[1].htm HTML/TrojanDownloader.Applet.A trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E3Q209V9\abctale_net[2].htm HTML/TrojanDownloader.Applet.A trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HDBL4O8K\lazy-cat-snacking[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HQV3WE4X\contact-us[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6708TRP\firstload_com[1].txt HTML/Hoax.FastDownload.C.Gen application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LGOUV68Q\fpi[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN96REFB\nine-wild-kittens-playing-on-bed[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WAUQN5FT\cat-and-dolphin-playing-together[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WAUQN5FT\fpi[3].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\35d5f98b-5afe8e35 Java/Exploit.Agent.NBJ trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\5544783-6a889260 a variant of Java/Exploit.CVE-2012-0507.AH trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-23481f12 multiple threats deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\3a880d65-4451c17d a variant of Java/Exploit.CVE-2012-0507.AH trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\4c7d3b67-60a34d90 Java/Exploit.Agent.NBJ trojan deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\f913439-475c42f3 a variant of Java/Exploit.Blacole.AN trojan deleted - quarantined
Operating memory multiple threats

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:19 AM

Posted 13 September 2012 - 09:27 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#7 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 15 September 2012 - 05:07 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by ST0114 (administrator) on 15-09-2012 at 18:05:01
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.137.1 mask=255.255.255.0
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ST0114-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-A5-FA-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4581:20e7:4a3f:651b%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 14, 2012 5:45:21 AM
Lease Expires . . . . . . . . . . : Sunday, September 16, 2012 6:01:54 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 311208322
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A5-5A-A2-78-84-3C-E6-19-24
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ga.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 78-84-3C-E6-19-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C2137551-F7BE-4938-AB0C-E1A4729B140E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0520123C-AFC0-4959-9686-A8BBBB04C9C0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{065E33EA-CEFB-4FBA-BF31-9079D1C62B51}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ga.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2001:4860:800a::66
74.125.134.101
74.125.134.100
74.125.134.138
74.125.134.113
74.125.134.102
74.125.134.139


Pinging google.com [74.125.139.102] with 32 bytes of data:
Reply from 74.125.139.102: bytes=32 time=54ms TTL=44
Reply from 74.125.139.102: bytes=32 time=34ms TTL=44

Ping statistics for 74.125.139.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 54ms, Average = 44ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=1005ms TTL=46
Reply from 72.30.38.140: bytes=32 time=900ms TTL=46

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 900ms, Maximum = 1005ms, Average = 952ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...8c a9 82 a5 fa fd ......Microsoft Virtual WiFi Miniport Adapter #2
14...8c a9 82 a5 fa fd ......Microsoft Virtual WiFi Miniport Adapter
12...8c a9 82 a5 fa fc ......Intel® WiFi Link 1000 BGN
11...78 84 3c e6 19 24 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.100 281
192.168.2.100 255.255.255.255 On-link 192.168.2.100 281
192.168.2.255 255.255.255.255 On-link 192.168.2.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::4581:20e7:4a3f:651b/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62328328

Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62328328

Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62327329

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62327329

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62326315

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62326315

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62325317


System errors:
=============
Error: (09/15/2012 06:01:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VcmINSMgr service.

Error: (09/14/2012 05:45:17 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/14/2012 05:45:17 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.

Error: (09/14/2012 05:45:17 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (09/14/2012 05:45:17 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/14/2012 05:42:58 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (09/13/2012 08:16:11 PM) (Source: Service Control Manager) (User: )
Description: The VAIO Content Metadata Intelligent Network Service Manager service terminated unexpectedly. It has done this 1 time(s).

Error: (09/13/2012 08:02:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (09/13/2012 08:02:12 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EvtEng service.

Error: (09/13/2012 10:33:38 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VCFw service.


Microsoft Office Sessions:
=========================
Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62328328

Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62328328

Error: (09/15/2012 06:01:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62327329

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62327329

Error: (09/15/2012 06:01:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62326315

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62326315

Error: (09/15/2012 06:01:50 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2012 06:01:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62325317


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Advertising Center (Version: 0.0.0.1)
Airport Mania 2: Wild Trips
Alps Pointing-device for VAIO
Amazon Kindle
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Amazon MP3 Uploader (Version: 1.0.8)
Amelie's Cafe: Summer Time
Angry Birds Rio (Version: 1.4.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (Version: 4.0.21.444)
Ask Toolbar for Pogo (Version: 1.15.4.0)
Ask Toolbar for Pogo Updater (Version: 1.2.2.23821)
ASPCA Reminder by We-Care.com v5.0.5.1 (Version: 5.0.5.1)
Audible Download Manager (Version: 6.6.0.15)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2221)
Bejeweled 2 Deluxe 1.1 (Version: 1.1)
Belarc Advisor 8.2 (Version: 8.2.7.6)
Big Fish Games Toolbar Installer
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Bookworm Adventures Deluxe 1.0.1.100 (Version: 1.0.1.100)
Brainville
Build-a-lot -- The Elizabethan Era (remove only)
Build-a-lot: Fairy Tales
Campgrounds
Canon MP280 series MP Drivers
CCleaner (Version: 3.21)
Chicken Invaders 4 Xmas (App) (Version: 4.10.0)
ClearSkinFX for Digital Cameras
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 8.54.18.51)
Cosmic Bugs
Coupon Printer for Windows (Version: 5.0.0.1)
Crop Busters (Version: 1.0)
D3DX10 (Version: 15.4.2368.0902)
Daycare Nightmare: Mini-Monsters
Diner Dash 5: Boom
Diner Dash: Flo Through Time (remove only)
DIRECTV Player (Version: 6.1)
Dolphin Futures XPS Viewer version 1.1.0 (Version: 1.1.0)
Dropbox (Version: 1.4.7)
DVDFab 8.1.0.5 (04/07/2011) Qt
DX-Ball 1.09
DX-Ball 2
ESET Online Scanner v3
Faerie Solitaire
Fairway ™ Collector's Edition
Fairway Solitaire
Farm Frenzy - Pizza Party! (Version: 1.0)
Farm Frenzy (Version: 1.0)
Farm Frenzy 2
Farm Frenzy 3
Farm Frenzy 3: American Pie
Farm Frenzy 3: Ice Age
Farm Frenzy 3: Madagascar (Version: 1.0)
Farm Frenzy 3: Russian Roulette
Farm Frenzy: Ancient Rome
Farm Frenzy: Gone Fishing
Farm Mania
Farm Mania 2 (remove only)
Fireplace by PES Screen Saver
Fishdom - Frosty Splash
Fishdom H2O - Hidden Odyssey
Fitness Dash
Fix-It-Up Eighties: Meet Kate's Parents
Free Realms
Free Ride Games Player
GabCab
Garmin Lifetime Updater (Version: 2.1.7)
GIMP (Version: 2.6.11)
Gimp 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 21.0.1180.89)
Google Gmail Notifier
High-Definition Video Playback (Version: 11.1.10500.2.65)
Hornil StylePix (Version: 1.10.0.0)
iLivid (Version: 1.92)
Insaniquarium Deluxe 1.1 (Version: 1.1)
Intel AppUp(SM) center (Version: 35228)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Intel® Wireless Display (Version: 2.0.27.0)
iTunes (Version: 10.6.3.25)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
JavaFX 2.1.1 (Version: 2.1.1)
Jessica's BowWow Bistro
Jet Set Go
Jewel Quest Mysteries 2 Trail of the Midnight Heart (remove only)
Junk Mail filter update (Version: 16.4.3503.0728)
Katy and Bob: Way Back Home
Life Quest&reg; 2: Metropoville
Lisa's Fleet Flight
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Media Gallery (Version: 1.5.0.16020)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nanny Mania (remove only)
Nano 1.1.1 (Version: 1.1.1)
Neon Wars v1.11a (Version: 1.11)
Nero 11 Kwik Themes 1 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes 2 (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 9 Essentials
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero ControlCenter (Version: 9.0.0.1)
Nero Core Components 11 (Version: 11.0.13500.1.0)
Nero Installer (Version: 4.4.9.0)
Nero Kwik Media (Version: 1.10.24000.138.100)
Nero Kwik Media (Version: 11.0.16401)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
Nero Update (Version: 11.0.11500.28.0)
nero.prerequisites.msi (Version: 11.0.20008)
neroxml (Version: 1.0.0)
Nightfall Mysteries: Asylum Conspiracy
OOBE (Version: 11.2.1.10)
Origin (Version: 8.3.1.9)
Peggle Deluxe 1.0 (Version: 1.0)
Photo Common (Version: 16.4.3503.0728)
Photo Mania
Plants vs. Zombies
PlayReady PC Runtime x86 (Version: 1.3.0)
PMB (Version: 5.8.01.09211)
PMB VAIO Edition Plug-in (Version: 1.5.00.02250)
PMB VAIO Edition Plug-in (Version: 1.5.01.04010)
Pocket Tanks v1.6 (Version: 1.6)
Pogo Games (remove only)
QuickTime (Version: 7.72.80.56)
Ranch Rush (remove only)
Ranch Rush 2 Collector's Edition
RealDownloader (Version: 1.0.2)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Remote Keyboard (Version: 1.1.1.07060)
Remote Play with PlayStation 3 (Version: 1.1.0.15070)
Rescue Team
Rescue Team 2
Rival Ball Tournament
Road to Riches
Sansa Updater (Version: 1.313)
Scholastic eReader Support Files (Version: 1.1.4246)
Shop-N-Spree: Family Fortune
Shop-n-Spree: Shopping Paradise
Sid Meier's Railroads! (Version: 1.00)
Sid Meier's Railroads! (Version: 1.10)
SimilarImages (Version: 2006.3.0.81)
SleepyHead version 0.9.1 beta (Version: 0.9.1 beta)
Sony Corporation (Version: 1.0.0)
Spooky Mall
SSLx64 (Version: 1.0.0)
SSLx86 (Version: 1.0.0)
Steam
Steam (Version: 1.0.0.0)
Storia (Version: 1.1.4246)
Sunshine Acres
Super DX-Ball v1.1 (Version: 1.1)
SUPERAntiSpyware (Version: 5.0.1146)
Supermarket Management 2
Supermarket Mania &reg; 2
Supermarket Mania (remove only)
swMSM (Version: 12.0.0.1)
The Sims™ 3 (Version: 1.36.45)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Outdoor Living Stuff (Version: 7.0.55)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Town Life Stuff (Version: 9.0.73)
Toddler Keys (Version: 00.97.0000)
Toolbar - Big Fish Games (Version: 2.2.0.10)
TuneSync Server 2.0.20 (Version: 2.0.20)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VAIO - Media Gallery (Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.02250)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.01.04060)
VAIO - Remote Keyboard (Version: 1.1.0.07060)
VAIO - Remote Play with PlayStation®3 (Version: 1.1.0.15070)
VAIO Care (Version: 6.4.1.05290)
VAIO Control Center (Version: 4.5.0.03040)
VAIO Data Restore Tool (Version: 1.6.0.13140)
VAIO Easy Connect (Version: 1.0.0.03050)
VAIO Event Service (Version: 5.5.0.03040)
VAIO Gate (Version: 2.4.0.06210)
VAIO Gate Default (Version: 2.4.0.03240)
VAIO Hardware Diagnostics (Version: 4.2.0.14280)
VAIO Help and Support (Version: 14.00.0125)
VAIO Improvement (Version: 1.0.0.14150)
VAIO Manual (Version: 2.0.0.02250)
VAIO Quick Web Access (Version: 1.4.5.3)
VAIO Sample Contents (Version: 1.4.0.09010)
VAIO Satisfaction Survey. (Version: 3.0)
VAIO Smart Network (Version: 3.5.0.02280)
VAIO Transfer Support (Version: 1.4.0.14230)
VAIO Update (Version: 5.5.1.09220)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VCCx86 (Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (Version: 1.0.0)
Virtual Villagers (Version: 32.0.0.0)
Virtual Villagers: New Believers
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VIx64 (Version: 1.0.0)
VIx86 (Version: 1.0.0)
VSNx64 (Version: 1.0.0)
VWSTx86 (Version: 1.0.0)
WD SmartWare (Version: 1.6.0.25)
Weather Lord
Westward IV: All Aboard
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live Family Safety (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
XFINITY Toolbar (Version: 3.5.1.10)
Xfire (remove only)
XnView 1.98.5 (Version: 1.98.5)
XnView Shell Extension 3.1.0 (64bits) (Version: 3.1.0)
Yahoo! Messenger
Yahoo! Software Update
Youda Jewel Shop
Youda Survivor 2
Zuma's Revenge! - Adventure
Zuma Deluxe 1.0.0.0 (Version: 1.0.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 4043.86 MB
Available physical RAM: 1737 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 4804.9 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.06 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:455.16 GB) (Free:274.54 GB) NTFS

========================= Users: ========================================

User accounts for \\ST0114-VAIO

Administrator Guest Misty
ST0114


**** End of log ****





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Farbar Service Scanner Version: 06-08-2012
Ran by ST0114 (administrator) on 15-09-2012 at 18:06:48
Running from "C:\Users\ST0114\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 15 September 2012 - 05:15 PM

When I restarted the PC I received this error message:

RunDLL

There was a problem starting C:\Users\ST0114\AppData\Roaming\msdrin.dll
The Specified Module could not be found.


Here is the AdwCleaner log:

# AdwCleaner v2.001 - Logfile created 09/15/2012 at 18:08:21
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ST0114 - ST0114-VAIO
# Boot Mode : Normal
# Running from : C:\Users\ST0114\Downloads\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\ST0114\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\searchplugins\MyStart Search.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Ilivid
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Misty\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\ST0114\AppData\Local\APN
Folder Deleted : C:\Users\ST0114\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\ST0114\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\ST0114\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\extensions\wecarereminder@bryan
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\ST0114\AppData\Roaming\Mozilla\Firefox\Profiles\t6lojzkz.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Deleted : user_pref("extensions.asktb.apn_dbr", "ff_12.0");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "^ADW");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.cr-o", "APN10625cr");
Deleted : user_pref("extensions.asktb.crumb", "2012.05.03+13.08.59-toolbar016iad-US-SGluZXN2aWxsZSxHQSxVbml0ZW[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^US");
Deleted : user_pref("extensions.asktb.first-launch-url", "hxxp://www.thoosje.com/welcome-windows-7-gadgets.htm[...]
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.guid", "C8125E1C-B68E-495A-A32E-E50000015A8F");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "first");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1347671767530");
Deleted : user_pref("extensions.asktb.last-search-timestamp", "1346854914823");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.location", "Hinesville,GA,United States");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
Deleted : user_pref("extensions.asktb.news-native-on", true);
Deleted : user_pref("extensions.asktb.o", "APN10625");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "2");
Deleted : user_pref("extensions.asktb.sa", "NO");
Deleted : user_pref("extensions.asktb.search-history-queries", "Kung Fu The legend continues||album96.com||Win[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.timeinstalled", "5/3/2012 4:09:15 PM");
Deleted : user_pref("extensions.asktb.to", "");
Deleted : user_pref("extensions.asktb.v", "3.15.4.100013");
Deleted : user_pref("extensions.asktb.version", "5.15.4.23821");
Deleted : user_pref("extensions.asktb.volume", "");
Deleted : user_pref("extensions.enabledAddons", "amznUWL2@amazon.com:1.9,printedit@DW-dev:8.6,simpletimer@grbr[...]
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7Bbb8305ca-1361-4739-b6c6-bc6d279ce90a[...]

Profile name : default
File : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\dedyjexw.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.0.5");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={017484E6-F162-4821-8869-165DAF3BC18B}&[...]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\ST0114\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [12519 octets] - [15/09/2012 18:08:21]

########## EOF - C:\AdwCleaner[S2].txt - [12580 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:19 AM

Posted 15 September 2012 - 05:22 PM

Malwarebytes log?

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#10 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 16 September 2012 - 09:03 AM

Sorry I forgot the Malaware log because I restarted my pc (well they did) & when I scanned it again, it came back clean.. here is the log though. I ran it last night just to be sure.. off to do the things you posted above..



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.15.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ST0114 :: ST0114-VAIO [administrator]

9/15/2012 11:26:14 PM
mbam-log-2012-09-15 (23-26-14).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 838472
Time elapsed: 10 hour(s), 34 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 16 September 2012 - 09:31 AM

FSS

Farbar Service Scanner Version: 06-08-2012
Ran by ST0114 (administrator) on 16-09-2012 at 10:30:29
Running from "C:\Users\ST0114\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rkill

Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/16/2012 10:32:19 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\L\00000004.@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\L\201d3dde [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$be589d9bf04a1e0145ea6f5580e284f9\U\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-2749176277-1097856338-3472885861-1005\$be589d9bf04a1e0145ea6f5580e284f9\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-2749176277-1097856338-3472885861-1005\$be589d9bf04a1e0145ea6f5580e284f9\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-21-2749176277-1097856338-3472885861-1005\$be589d9bf04a1e0145ea6f5580e284f9\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-2749176277-1097856338-3472885861-1005\$be589d9bf04a1e0145ea6f5580e284f9\U\ [ZA Dir]
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/16/2012 10:32:42 AM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint\apoint.exe"
+ "fssui" "Windows Live Family Safety Filter" "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsui.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelWireless" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc." "c:\windows\system32\logilda.dll"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files (x86)\garmin\lifetime updater\garminlifetime.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "ISBMgr.exe" "" "Sony Corporation" "c:\program files (x86)\sony\isb utility\isbmgr.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" "Gmail Notifier" "Google Inc." "c:\program files (x86)\google\gmail notifier\gnotify.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "STPStartUp.lnk" "" "NONE" "c:\users\public\documents\hzlp\snap.exe"
"C:\Users\ST0114\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\st0114\appdata\local\google\update\googleupdate.exe"
+ "msdrin" "" "" "File not found: C:\Users\ST0114\AppData\Roaming\msdrin.dll"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "PCShowServer" "PC Show power management wrapper" "NDS Technologies" "c:\users\st0114\appdata\local\directv player\pcshowserverpmwrapper.exe"
+ "SPMTray" "" "" "File not found: C:\Program Files (x86)\PC Speed Maximizer\SPMTray.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "IXnView" "XnViewShellExt Module" "" "c:\program files (x86)\xnview\shellex\xnviewshellext64.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AudibleShlExt Class" "AudibleExt Module" "Audible, Inc." "c:\program files (x86)\audible\bin\audibleext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll"
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\st0114\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\program files (x86)\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "Toolbar - Big Fish Games" "Toolbar - Big Fish Games Link Library" "" "c:\program files (x86)\bfgbartb\bfgbardx.dll"
+ "Updater For XFIN_PORTAL" "AUX BHO" "Visicom Media" "c:\program files (x86)\xfin_portal\auxi\comcastau.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "XFINITY Toolbar" "dtx Dynamic Link Library" "" "c:\program files (x86)\xfin_portal\comcastdx.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Toolbar - Big Fish Games" "Toolbar - Big Fish Games Link Library" "" "c:\program files (x86)\bfgbartb\bfgbardx.dll"
+ "XFINITY Toolbar" "dtx Dynamic Link Library" "" "c:\program files (x86)\xfin_portal\comcastdx.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiex.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2749176277-1097856338-3472885861-1005Core" "Google Installer" "Google Inc." "c:\users\st0114\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2749176277-1097856338-3472885861-1005UA" "Google Installer" "Google Inc." "c:\users\st0114\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-2749176277-1097856338-3472885861-1005" "RealDownloader" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2749176277-1097856338-3472885861-1005" "RealUpgrade" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2749176277-1097856338-3472885861-1005" "RealUpgrade" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RunAsStdUser Task" "Pogo Games Manager application" "iWin Inc." "c:\program files (x86)\pogo games\pogodgc.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\Sony Corporation\Sony Home Network Library\SOHLib TaskTray" "SHTtray" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\shttray.exe"
+ "\Sony Corporation\VAIO Care\VAIO Care" "VAIO Care" "Sony Corporation" "c:\program files\sony\vaio care\vcsystray.exe"
+ "\Sony Corporation\VAIO Care\VCOneClick" "VCOneClick" "Sony Corporation" "c:\program files\sony\vaio care\vconeclick.exe"
+ "\Sony Corporation\VAIO Gate\VAIO Gate" "VAIO Gate" "Sony Corporation" "c:\program files\sony\vaio gate\vaio gate.exe"
+ "\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music ST0114" "VAIO Personalization Manager" "Sony Corporation" "c:\program files\sony\vaio personalization manager\vpmlm.exe"
+ "\Sony Corporation\VAIO Smart Network\VSN Logon Start" "VAIO Smart Network" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnclient.exe"
+ "\Sony Corporation\VAIO Update\Launch Application" "ShellExeProxy.exe" "Sony Corporation" "c:\program files\sony\vaio update common\shellexeproxy.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AntiSpywareService" "" "" "c:\program files (x86)\comcasttb\comcastspywarescan\comcastantispyservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PGMTrusted" "PGM Trusted Game Service" "iWin Inc." "c:\program files (x86)\pogo games\pgmtrusted.exe"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SampleCollector" "Checks the systems performance for VAIO Care." "Sony Corporation" "c:\program files\sony\vaio care\vcperfservice.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SOHCImp" "VAIO Content Importer" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe"
+ "SOHDs" "VAIO Device Searcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohds.exe"
+ "SpfService" "VAIO Entertainment Common Service" "Sony Corporation" "c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "uCamMonitor" "Monitor the status of the webcam on PC startup." "ArcSoft, Inc." "c:\program files (x86)\arcsoft\magic-i visual effects 2\ucammonitor.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VAIO Event Service" "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited." "Sony Corporation" "c:\program files (x86)\sony\vaio event service\vesmgr.exe"
+ "VCFw" "VAIO Content Folder Watcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe"
+ "VcmIAlzMgr" "Provides the content analysis function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe"
+ "VcmINSMgr" "Provides the information retrieval service function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent network service manager\vcminsmgr.exe"
+ "VcmXmlIfHelper" "VcmXml Helper Interface" "Sony Corporation" "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe"
+ "VCService" "Provides important VAIO Care functionality. If this service is stopped or disabled, VAIO Care may not function correctly." "Sony Corporation" "c:\program files\sony\vaio care\vcservice.exe"
+ "VSNService" "VAIO Smart Network Service" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnservice.exe"
+ "VUAgent" "Agent for VAIO Update." "Sony Corporation" "c:\program files\sony\vaio update common\vuagent.exe"
+ "WDBackup" "WD SmartWare Backup Engine" "Western Digital " "c:\program files (x86)\western digital\wd smartware\wdbackupengine.exe"
+ "WDDriveService" "Provides discovery of WD Drives" "Western Digital" "c:\program files (x86)\western digital\wd drive manager\wddriveservice.exe"
+ "WDRulesService" "WD SmartWare Rules Engine" "Western Digital " "c:\program files (x86)\western digital\wd smartware\wdrulesengine.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ArcSoftKsUFilter" "For X64" "ArcSoft, Inc." "c:\windows\system32\drivers\arcsoftksufilter.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1y60x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "MREMP50" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "" "" "File not found: C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "msvad_simple" "PlayOn Virtual Audio Device" "MediaMall Technologies, Inc." "c:\windows\system32\drivers\povrtdev.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 185.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SFEP" "Sony Firmware Extension Parser driver" "Sony Corporation" "c:\windows\system32\drivers\sfep.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
+ "X5XSEx" "X5XSEx Kernel Mode Driver" "Exent Technologies Ltd." "c:\program files (x86)\free ride games\x5xsex.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audible Words Codec" "Audible Audio Files DirectShow Source Filter" "Audible, Inc." "c:\windows\syswow64\awrdscdc.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Media SDK AAC Encoder" "Intel® Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel® Media SDK MPEG-2 Muxer" "Intel® Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel® Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "VAIO Content Metadata Univ Filter" "DirectShow Filter for VCM Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax"
+ "VcmIAlzGPDFilter" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter.ax"
+ "VcmIAlzGPDFilter2" "VCM Intelligent Analyzing Manager GPD Library" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzgpdfilter2.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP280 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmaa.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"

Edited by MistyC, 16 September 2012 - 09:35 AM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:19 AM

Posted 16 September 2012 - 09:45 AM

Run RKILL again and post the new log

Edited by narenxp, 16 September 2012 - 04:06 PM.


#13 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 16 September 2012 - 04:05 PM

Rkill 2.3.15 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/16/2012 05:04:13 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/16/2012 05:04:37 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:19 AM

Posted 16 September 2012 - 04:06 PM

EDIT:

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "msdrin" "" "" "File not found: C:\Users\ST0114\AppData\Roaming\msdrin.dll"


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 16 September 2012 - 04:31 PM.


#15 MistyC

MistyC
  • Topic Starter

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Riceboro, GA
  • Local time:03:19 AM

Posted 16 September 2012 - 05:34 PM

ok done! So far so good! Nice & quiet on this end lol. TY so Much for your help!!! <3




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users