TechSpot

Can only access internet in safe mode...

Solved
By Justin Bronw
Jul 14, 2013
  1. Alright so I'm running Windows 7 on a Sony Vaio computer and I can only actually access the internet in safe mode. In regular mode, it says I'm connected to my Wi-Fi, but there is the red "X" over the network icon in the task bar and I cannot access the internet. However, when I run it in safe mode w/ networking, I can access the internet.

    The computer has had virus problems in the past. I originally had Norton 360 installed, but it did not protect the computer and I tried removing it, but it did not completely delete from my laptop.

    I have a feeling that there is still some program/viruses blocking my internet access since I can access it in safe mode...Any help would be appreciated.
  2. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.
    Safe mode will be fine for now.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.07.14.06

    Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
    Internet Explorer 10.0.9200.16521
    Lin :: LIN-VAIO [administrator]

    7/14/2013 1:16:10 PM
    mbam-log-2013-07-14 (13-16-10).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 218289
    Time elapsed: 6 minute(s), 3 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

    (end)
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
    Internet Explorer: 10.0.9200.16521
    Run by Lin at 14:09:30 on 2013-07-14
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3996.2553 [GMT -5:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\Explorer.EXE
    C:\Windows\syswow64\svchost.exe -k netsvcs
    C:\Windows\system32\ctfmon.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://sony.msn.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{83D384AC-9C88-466A-90B3-F2B40938F7B8} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4} : NameServer = 4.2.2.4
    TCP: Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4} : DHCPNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Lin\AppData\Roaming\Mozilla\Firefox\Profiles\jvbdt7j7.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
    FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
    FF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    FF - ExtSQL: 2013-07-14 13:13; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys [2013-2-26 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys [2013-2-26 1139800]
    R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 787736]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-27 675432]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-15 14336]
    S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-14 65336]
    S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-14 189936]
    S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-14 1030952]
    S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-14 378944]
    S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [2013-3-21 1387608]
    S1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys [2013-2-26 168096]
    S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSviA64.sys [2013-4-12 513184]
    S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys [2013-2-26 224416]
    S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys [2013-2-26 432800]
    S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-14 33400]
    S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-14 80816]
    S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-23 106144]
    S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-14 46808]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Users\New\SMITE\HiPatchService.exe [2012-11-2 8704]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-16 13592]
    S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-6-16 2429544]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    S2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-6-16 128280]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-16 161560]
    S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccsvchst.exe [2013-2-26 144520]
    S2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]
    S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-1-11 386344]
    S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
    S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S2 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]
    S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [2012-6-16 105024]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-16 363800]
    S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
    S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
    S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
    S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-2-23 158880]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-6-16 19968]
    S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
    S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
    S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
    S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
    S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
    S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
    S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
    S3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
    S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
    S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-3 138912]
    S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
    S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-2-23 36128]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-6-16 339048]
    S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-3-14 21264]
    S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]
    S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-6-16 535688]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
    S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-20 54432]
    S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-23 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-07-14 21:54:16 -------- d-sh--w- C:\found.005
    2013-07-14 18:38:57 -------- d-sh--w- C:\found.004
    2013-07-14 18:15:01 -------- d-----w- C:\Users\Lin\AppData\Roaming\Malwarebytes
    2013-07-14 18:14:44 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-07-14 18:14:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-07-14 18:14:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-07-14 18:14:32 -------- d-----w- C:\Users\Lin\AppData\Local\Programs
    2013-07-14 18:13:43 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2013-07-14 18:13:42 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2013-07-14 18:13:42 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2013-07-14 18:13:42 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2013-07-14 18:13:42 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2013-07-14 18:13:02 41664 ----a-w- C:\Windows\avastSS.scr
    2013-07-14 18:12:43 -------- d-----w- C:\Program Files\AVAST Software
    2013-07-14 18:12:28 -------- d-----w- C:\ProgramData\AVAST Software
    2013-07-14 14:23:05 94208 ----a-w- C:\Windows\SysWow64\GTW32N50.dll
    2013-07-14 14:23:05 40960 ----a-w- C:\Windows\SysWow64\USB54G.dll
    2013-07-14 14:23:05 31930 ----a-w- C:\Windows\SysWow64\GTNDIS3.VXD
    2013-07-14 14:23:05 15872 ----a-w- C:\Windows\SysWow64\GTNDIS5.sys
    2013-07-14 14:22:10 -------- d-----w- C:\Program Files (x86)\Wireless-G USB Network Adapter
    2013-07-14 04:30:39 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
    2013-07-14 04:30:38 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
    2013-07-14 04:30:38 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
    2013-07-14 04:30:38 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
    2013-07-14 04:30:38 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
    2013-07-14 04:30:38 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
    2013-07-14 04:30:38 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
    2013-07-14 04:30:08 624128 ----a-w- C:\Windows\System32\qedit.dll
    2013-07-14 04:30:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2013-07-14 04:30:05 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-14 04:30:05 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-14 04:29:07 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-07-14 04:28:56 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
    2013-07-14 04:28:56 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
    2013-07-14 04:28:55 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
    2013-07-14 04:28:55 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
    2013-07-14 04:28:54 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2013-07-14 04:27:19 1643520 ----a-w- C:\Windows\System32\DWrite.dll
    2013-07-14 04:27:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-06-21 02:41:37 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-06-21 02:41:37 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
    2013-06-21 02:41:36 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-06-21 02:41:36 144384 ----a-w- C:\Windows\System32\cdd.dll
    2013-06-21 02:41:32 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
    2013-06-21 02:41:32 230400 ----a-w- C:\Windows\System32\wwansvc.dll
    2013-06-21 02:41:31 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2013-06-21 02:41:31 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-06-21 02:41:03 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
    2013-06-21 02:41:03 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
    2013-06-21 02:40:28 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2013-06-21 02:40:27 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2013-06-21 02:40:22 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
    2013-06-21 02:40:22 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2013-06-21 02:40:22 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-06-21 02:40:21 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-06-21 02:40:21 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
    2013-06-21 02:40:21 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-06-21 02:40:21 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-06-21 02:40:21 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-06-21 02:40:21 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-06-21 02:40:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-06-21 02:25:37 1887232 ----a-w- C:\Windows\System32\d3d11.dll
    2013-06-21 02:25:37 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
    .
    ==================== Find3M ====================
    .
    2013-05-26 03:00:32 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-05-26 03:00:32 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    .
    ============= FINISH: 14:09:40.25 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 8/13/2012 9:19:10 PM
    System Uptime: 7/14/2013 1:58:37 PM (1 hours ago)
    .
    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz | N/A | 2394/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 447 GiB total, 347.073 GiB free.
    D: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: aswRvrt
    Device ID: ROOT\LEGACY_ASWRVRT\0000
    Manufacturer:
    Name: aswRvrt
    PNP Device ID: ROOT\LEGACY_ASWRVRT\0000
    Service: aswRvrt
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: avast! Network Shield Support
    Device ID: ROOT\LEGACY_ASWTDI\0000
    Manufacturer:
    Name: avast! Network Shield Support
    PNP Device ID: ROOT\LEGACY_ASWTDI\0000
    Service: aswTdi
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: aswVmm
    Device ID: ROOT\LEGACY_ASWVMM\0000
    Manufacturer:
    Name: aswVmm
    PNP Device ID: ROOT\LEGACY_ASWVMM\0000
    Service: aswVmm
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Security Processor Loader Driver
    Device ID: ROOT\LEGACY_SPLDR\0000
    Manufacturer:
    Name: Security Processor Loader Driver
    PNP Device ID: ROOT\LEGACY_SPLDR\0000
    Service: spldr
    .
    ==== System Restore Points ===================
    .
    RP97: 5/25/2013 11:32:16 PM - Windows Update
    RP98: 5/29/2013 3:00:32 AM - Windows Update
    RP99: 6/5/2013 7:48:17 PM - Windows Update
    RP100: 6/20/2013 9:15:37 PM - Windows Update
    RP101: 7/13/2013 9:59:15 PM - Windows Update
    RP102: 7/13/2013 11:28:32 PM - Restore Operation
    RP103: 7/14/2013 3:00:32 AM - Windows Update
    RP104: 7/14/2013 9:22:13 AM - Installed Wireless-G USB Adapter
    RP105: 7/14/2013 11:26:11 AM - Removed VAIO Smart Network
    .
    ==== Installed Programs ======================
    .
    ACID Music Studio 8.0
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X MUI
    Apple Application Support
    Apple Software Update
    Application Manager for VAIO
    ArcSoft Magic-I Visual Effects 2
    ArcSoft WebCam Companion 4
    Art Effects for PDR10
    Atheros Bluetooth Suite (64)
    avast! Free Antivirus
    Bing Bar
    BSR Screen Recorder 6
    CyberLink PowerDirector 10
    CyberLink PowerDVD
    CyberLink WaveEditor
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    DVD Architect Studio 5.0
    Evernote v. 4.5.2
    FDUx86
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hi-Rez Studios Authenticate and Update Service
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) SDK for OpenCL - CPU Only Runtime Package
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    Java Auto Updater
    Java(TM) 7 Update 1
    Java(TM) 7 Update 1 (64-bit)
    Junk Mail filter update
    Keyboard_Shortcuts
    KUx86
    Malwarebytes Anti-Malware version 1.75.0.1300
    Media Gallery
    Media Go
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Office 2010
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Starter 2010 - English
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server Compact 3.5 SP2 ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Mozilla Firefox 21.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT Redists
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    MuseScore 1.3
    Oasis2Service
    PlayMemories Home
    PlayReady PC Runtime amd64
    PlayStation(R)Network Downloader
    PlayStation(R)Store
    PowerDirector
    Qualcomm Atheros WiFi Driver Installation
    QuickTime
    Reader for PC
    Realtek High Definition Audio Driver
    Realtek PCIE Card Reader
    Remote Keyboard
    Remote Play with PlayStation(R)3
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
    Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
    Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
    Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
    Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
    Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
    Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
    Skype Click to Call
    Skype™ 6.3
    SmartSound Quicktracks 5
    Sound Forge Audio Studio 10.0
    Spotify
    SSLx64
    SSLx86
    Synaptics Pointing Device Driver
    TrackID(TM) with BRAVIA
    TriDef 3D (Sony) 2.0.5
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2836939)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    V3DPx86
    VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
    VAIO - PlayMemories Home Plug-in
    VAIO - Remote Keyboard
    VAIO - Remote Keyboard with PlayStation®3
    VAIO - Remote Play with PlayStation®3
    VAIO - TrackID™ with BRAVIA
    VAIO 3D Portal
    VAIO Care
    VAIO Control Center
    VAIO CPU Fan Diagnostic
    VAIO Data Restore Tool
    VAIO Easy Connect
    VAIO Gate
    VAIO Gate Default
    VAIO Gesture Control
    VAIO Help and Support
    VAIO Improvement
    VAIO Manual
    VAIO OOBE
    VAIO Sample Contents
    VAIO Satisfaction Survey.
    VAIO Transfer Support
    VAIO Update
    VAIO Update Merge Module x64
    VCCx64
    VCCx86
    Vegas Movie Studio HD Platinum 11.0
    Ventrilo Client for Windows x64
    VHD
    VIx64
    VIx86
    VMLx86
    VPMx64
    VSSTx64
    VSSTx86
    VU5x64
    VU5x86
    VWSTx86
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.20 (64-bit)
    Wireless-G USB Adapter
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/14/2013 9:07:47 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
    7/14/2013 8:29:31 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2846071).
    7/14/2013 3:01:41 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2813170).
    7/14/2013 2:01:21 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    7/14/2013 2:01:03 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    7/14/2013 12:36:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    7/14/2013 12:24:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
    7/14/2013 12:00:55 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8007948bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071413-60075-01.
    7/14/2013 11:45:56 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{FD750996-A87F-4C4A-9258-CEF5616169A4} because another computer on the network has the same name. The server could not start.
    7/14/2013 1:59:24 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    7/14/2013 1:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/14/2013 1:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/14/2013 1:59:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/14/2013 1:59:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/14/2013 1:59:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
    7/14/2013 1:58:57 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
    7/14/2013 1:58:06 PM, Error: Service Control Manager [7023] - The VAIO Content Metadata Intelligent Network Service Manager service terminated with the following error: %%-2147467243
    7/14/2013 1:58:05 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The pipe has been ended.
    7/14/2013 1:58:05 PM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The pipe has been ended.
    7/14/2013 1:58:00 PM, Error: Service Control Manager [7023] - The VAIO Content Metadata Intelligent Analyzing Manager service terminated with the following error: %%-2147467243
    7/14/2013 1:58:00 PM, Error: Service Control Manager [7023] - The VAIO Content Folder Watcher service terminated with the following error: %%-2147467243
    7/14/2013 1:57:59 PM, Error: Microsoft-Windows-DistributedCOM [10004] - DCOM got error "1115" and was unable to logon nt authority\localservice in order to run the server: {CB45D4CA-8A34-4EF1-9957-6134E5270E83}
    7/14/2013 1:57:57 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
    7/14/2013 1:57:06 PM, Error: SRTSP [4] - Error loading virus definitions.
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SRTSP
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: A system shutdown is in progress.
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The system cannot find the path specified.
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The system cannot find the path specified.
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The system cannot find the path specified.
    7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress.
    7/14/2013 1:46:43 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    7/14/2013 1:13:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    7/13/2013 11:36:36 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.
    7/13/2013 11:32:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VcmIAlzMgr service.
    7/13/2013 11:27:19 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.
    7/13/2013 10:19:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.
    .
    ==== End Of File ===========================
  4. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  5. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    10:17:17.0150 1620 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
    10:17:17.0587 1620 ============================================================
    10:17:17.0587 1620 Current date / time: 2013/07/15 10:17:17.0587
    10:17:17.0587 1620 SystemInfo:
    10:17:17.0587 1620
    10:17:17.0587 1620 OS Version: 6.1.7601 ServicePack: 1.0
    10:17:17.0587 1620 Product type: Workstation
    10:17:17.0587 1620 ComputerName: LIN-VAIO
    10:17:17.0587 1620 UserName: Lin
    10:17:17.0587 1620 Windows directory: C:\Windows
    10:17:17.0587 1620 System windows directory: C:\Windows
    10:17:17.0587 1620 Running under WOW64
    10:17:17.0587 1620 Processor architecture: Intel x64
    10:17:17.0587 1620 Number of processors: 4
    10:17:17.0587 1620 Page size: 0x1000
    10:17:17.0587 1620 Boot type: Safe boot with network
    10:17:17.0587 1620 ============================================================
    10:17:18.0195 1620 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    10:17:18.0195 1620 ============================================================
    10:17:18.0195 1620 \Device\Harddisk0\DR0:
    10:17:18.0195 1620 MBR partitions:
    10:17:18.0195 1620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24FE800, BlocksNum 0xAF000
    10:17:18.0195 1620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25AD800, BlocksNum 0x37DD8030
    10:17:18.0195 1620 ============================================================
    10:17:18.0226 1620 C: <-> \Device\Harddisk0\DR0\Partition2
    10:17:18.0226 1620 ============================================================
    10:17:18.0226 1620 Initialize success
    10:17:18.0226 1620 ============================================================
    10:17:28.0725 1160 ============================================================
    10:17:28.0725 1160 Scan started
    10:17:28.0725 1160 Mode: Manual;
    10:17:28.0725 1160 ============================================================
    10:17:28.0772 1160 ================ Scan system memory ========================
    10:17:28.0772 1160 System memory - ok
    10:17:28.0772 1160 ================ Scan services =============================
    10:17:28.0975 1160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    10:17:28.0975 1160 1394ohci - ok
    10:17:29.0068 1160 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    10:17:29.0084 1160 ACDaemon - ok
    10:17:29.0131 1160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    10:17:29.0131 1160 ACPI - ok
    10:17:29.0193 1160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    10:17:29.0193 1160 AcpiPmi - ok
    10:17:29.0302 1160 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    10:17:29.0302 1160 AdobeFlashPlayerUpdateSvc - ok
    10:17:29.0365 1160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    10:17:29.0365 1160 adp94xx - ok
    10:17:29.0427 1160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    10:17:29.0427 1160 adpahci - ok
    10:17:29.0458 1160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    10:17:29.0458 1160 adpu320 - ok
    10:17:29.0505 1160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    10:17:29.0505 1160 AeLookupSvc - ok
    10:17:29.0583 1160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    10:17:29.0583 1160 AFD - ok
    10:17:29.0645 1160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    10:17:29.0645 1160 agp440 - ok
    10:17:29.0677 1160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    10:17:29.0708 1160 ALG - ok
    10:17:29.0770 1160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    10:17:29.0770 1160 aliide - ok
    10:17:29.0786 1160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    10:17:29.0786 1160 amdide - ok
    10:17:29.0801 1160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    10:17:29.0817 1160 AmdK8 - ok
    10:17:29.0833 1160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    10:17:29.0833 1160 AmdPPM - ok
    10:17:29.0895 1160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    10:17:29.0895 1160 amdsata - ok
    10:17:29.0942 1160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    10:17:29.0942 1160 amdsbs - ok
    10:17:29.0973 1160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    10:17:29.0973 1160 amdxata - ok
    10:17:30.0020 1160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    10:17:30.0020 1160 AppID - ok
    10:17:30.0035 1160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    10:17:30.0035 1160 AppIDSvc - ok
    10:17:30.0082 1160 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
    10:17:30.0082 1160 Appinfo - ok
    10:17:30.0129 1160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    10:17:30.0129 1160 arc - ok
    10:17:30.0145 1160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    10:17:30.0145 1160 arcsas - ok
    10:17:30.0207 1160 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
    10:17:30.0207 1160 ArcSoftKsUFilter - ok
    10:17:30.0332 1160 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    10:17:30.0379 1160 aspnet_state - ok
    10:17:30.0441 1160 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
    10:17:30.0441 1160 aswFsBlk - ok
    10:17:30.0519 1160 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    10:17:30.0519 1160 aswMonFlt - ok
    10:17:30.0535 1160 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
    10:17:30.0535 1160 aswRdr - ok
    10:17:30.0581 1160 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
    10:17:30.0581 1160 aswRvrt - ok
    10:17:30.0644 1160 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    10:17:30.0644 1160 aswSnx - ok
    10:17:30.0737 1160 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
    10:17:30.0737 1160 aswSP - ok
    10:17:30.0800 1160 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
    10:17:30.0800 1160 aswTdi - ok
    10:17:30.0847 1160 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
    10:17:30.0862 1160 aswVmm - ok
    10:17:30.0909 1160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    10:17:30.0909 1160 AsyncMac - ok
    10:17:30.0971 1160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    10:17:30.0971 1160 atapi - ok
    10:17:31.0018 1160 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
    10:17:31.0018 1160 AthBTPort - ok
    10:17:31.0096 1160 [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
    10:17:31.0096 1160 ATHDFU - ok
    10:17:31.0159 1160 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    10:17:31.0159 1160 AtherosSvc - ok
    10:17:31.0252 1160 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys
    10:17:31.0299 1160 athr - ok
    10:17:31.0361 1160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    10:17:31.0377 1160 AudioEndpointBuilder - ok
    10:17:31.0377 1160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    10:17:31.0393 1160 AudioSrv - ok
    10:17:31.0502 1160 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    10:17:31.0502 1160 avast! Antivirus - ok
    10:17:31.0549 1160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    10:17:31.0549 1160 AxInstSV - ok
    10:17:31.0595 1160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    10:17:31.0595 1160 b06bdrv - ok
    10:17:31.0658 1160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    10:17:31.0658 1160 b57nd60a - ok
    10:17:31.0798 1160 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
    10:17:31.0798 1160 BBSvc - ok
    10:17:31.0861 1160 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
    10:17:31.0861 1160 BBUpdate - ok
    10:17:31.0892 1160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    10:17:31.0892 1160 BDESVC - ok
    10:17:31.0939 1160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    10:17:31.0939 1160 Beep - ok
    10:17:32.0017 1160 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    10:17:32.0032 1160 BFE - ok
    10:17:32.0266 1160 [ E92A3DA47BED7CC65D264235617ED46E ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys
    10:17:32.0297 1160 BHDrvx64 - ok
    10:17:32.0329 1160 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    10:17:32.0469 1160 BITS - ok
    10:17:32.0516 1160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
    10:17:32.0516 1160 blbdrive - ok
    10:17:32.0563 1160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    10:17:32.0563 1160 bowser - ok
    10:17:32.0609 1160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    10:17:32.0609 1160 BrFiltLo - ok
    10:17:32.0641 1160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    10:17:32.0641 1160 BrFiltUp - ok
    10:17:32.0672 1160 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    10:17:32.0672 1160 Browser - ok
    10:17:32.0703 1160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    10:17:32.0703 1160 Brserid - ok
    10:17:32.0734 1160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    10:17:32.0734 1160 BrSerWdm - ok
    10:17:32.0750 1160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    10:17:32.0750 1160 BrUsbMdm - ok
    10:17:32.0797 1160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    10:17:32.0797 1160 BrUsbSer - ok
    10:17:32.0859 1160 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
    10:17:32.0859 1160 BTATH_A2DP - ok
    10:17:32.0890 1160 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
    10:17:32.0890 1160 btath_avdt - ok
    10:17:32.0937 1160 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
    10:17:32.0937 1160 BTATH_BUS - ok
    10:17:32.0984 1160 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
    10:17:32.0984 1160 BTATH_HCRP - ok
    10:17:33.0015 1160 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
    10:17:33.0015 1160 BTATH_LWFLT - ok
    10:17:33.0031 1160 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
    10:17:33.0031 1160 BTATH_RCP - ok
    10:17:33.0062 1160 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
    10:17:33.0077 1160 BTATH_VDP - ok
    10:17:33.0140 1160 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
    10:17:33.0140 1160 BtFilter - ok
    10:17:33.0202 1160 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
    10:17:33.0202 1160 BthEnum - ok
    10:17:33.0249 1160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    10:17:33.0249 1160 BTHMODEM - ok
    10:17:33.0296 1160 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    10:17:33.0296 1160 BthPan - ok
    10:17:33.0343 1160 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
    10:17:33.0343 1160 BTHPORT - ok
    10:17:33.0389 1160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    10:17:33.0389 1160 bthserv - ok
    10:17:33.0421 1160 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
    10:17:33.0421 1160 BTHUSB - ok
    10:17:33.0499 1160 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1403000.024\ccSetx64.sys
    10:17:33.0499 1160 ccSet_N360 - ok
    10:17:33.0545 1160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    10:17:33.0545 1160 cdfs - ok
    10:17:33.0608 1160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    10:17:33.0608 1160 cdrom - ok
    10:17:33.0655 1160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    10:17:33.0670 1160 CertPropSvc - ok
    10:17:33.0717 1160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    10:17:33.0717 1160 circlass - ok
    10:17:33.0748 1160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    10:17:33.0764 1160 CLFS - ok
    10:17:33.0842 1160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:17:33.0842 1160 clr_optimization_v2.0.50727_32 - ok
    10:17:33.0889 1160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    10:17:33.0889 1160 clr_optimization_v2.0.50727_64 - ok
    10:17:33.0982 1160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:17:34.0060 1160 clr_optimization_v4.0.30319_32 - ok
    10:17:34.0091 1160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    10:17:34.0123 1160 clr_optimization_v4.0.30319_64 - ok
    10:17:34.0185 1160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
    10:17:34.0185 1160 CmBatt - ok
    10:17:34.0216 1160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    10:17:34.0216 1160 cmdide - ok
    10:17:34.0247 1160 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    10:17:34.0263 1160 CNG - ok
    10:17:34.0325 1160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    10:17:34.0325 1160 Compbatt - ok
    10:17:34.0341 1160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    10:17:34.0357 1160 CompositeBus - ok
    10:17:34.0372 1160 COMSysApp - ok
    10:17:34.0466 1160 [ 7324EC715932A12B09715B50891396F7 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
    10:17:34.0513 1160 cphs - ok
    10:17:34.0528 1160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    10:17:34.0528 1160 crcdisk - ok
    10:17:34.0591 1160 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
    10:17:34.0591 1160 CryptSvc - ok
    10:17:34.0684 1160 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    10:17:34.0700 1160 cvhsvc - ok
    10:17:34.0762 1160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    10:17:34.0778 1160 DcomLaunch - ok
    10:17:34.0840 1160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    10:17:34.0856 1160 defragsvc - ok
    10:17:34.0903 1160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    10:17:34.0903 1160 DfsC - ok
    10:17:34.0965 1160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    10:17:34.0965 1160 Dhcp - ok
    10:17:34.0981 1160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    10:17:34.0981 1160 discache - ok
    10:17:35.0059 1160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    10:17:35.0059 1160 Disk - ok
    10:17:35.0090 1160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    10:17:35.0090 1160 Dnscache - ok
    10:17:35.0152 1160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    10:17:35.0152 1160 dot3svc - ok
    10:17:35.0168 1160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    10:17:35.0168 1160 DPS - ok
    10:17:35.0215 1160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    10:17:35.0215 1160 drmkaud - ok
    10:17:35.0261 1160 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    10:17:35.0277 1160 DXGKrnl - ok
    10:17:35.0324 1160 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
    10:17:35.0339 1160 e1yexpress - ok
    10:17:35.0402 1160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    10:17:35.0402 1160 EapHost - ok
    10:17:35.0480 1160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    10:17:35.0527 1160 ebdrv - ok
    10:17:35.0605 1160 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    10:17:35.0605 1160 eeCtrl - ok
    10:17:35.0651 1160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    10:17:35.0651 1160 EFS - ok
    10:17:35.0745 1160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    10:17:35.0745 1160 ehRecvr - ok
    10:17:35.0792 1160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    10:17:35.0792 1160 ehSched - ok
    10:17:35.0885 1160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    10:17:35.0885 1160 elxstor - ok
    10:17:35.0995 1160 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    10:17:35.0995 1160 EraserUtilRebootDrv - ok
    10:17:36.0041 1160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    10:17:36.0041 1160 ErrDev - ok
    10:17:36.0119 1160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    10:17:36.0119 1160 EventSystem - ok
    10:17:36.0182 1160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    10:17:36.0197 1160 exfat - ok
    10:17:36.0229 1160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    10:17:36.0229 1160 fastfat - ok
    10:17:36.0291 1160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    10:17:36.0307 1160 Fax - ok
    10:17:36.0353 1160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    10:17:36.0353 1160 fdc - ok
    10:17:36.0400 1160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    10:17:36.0400 1160 fdPHost - ok
    10:17:36.0463 1160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    10:17:36.0463 1160 FDResPub - ok
    10:17:36.0509 1160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    10:17:36.0509 1160 FileInfo - ok
    10:17:36.0556 1160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    10:17:36.0556 1160 Filetrace - ok
    10:17:36.0572 1160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    10:17:36.0572 1160 flpydisk - ok
    10:17:36.0650 1160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    10:17:36.0665 1160 FltMgr - ok
    10:17:36.0759 1160 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
    10:17:36.0775 1160 FontCache - ok
    10:17:36.0821 1160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    10:17:36.0821 1160 FontCache3.0.0.0 - ok
    10:17:36.0868 1160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    10:17:36.0884 1160 FsDepends - ok
    10:17:36.0946 1160 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    10:17:36.0946 1160 Fs_Rec - ok
    10:17:37.0009 1160 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    10:17:37.0009 1160 fvevol - ok
    10:17:37.0055 1160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    10:17:37.0071 1160 gagp30kx - ok
    10:17:37.0133 1160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    10:17:37.0133 1160 gpsvc - ok
    10:17:37.0258 1160 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    10:17:37.0258 1160 gupdate - ok
    10:17:37.0258 1160 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    10:17:37.0274 1160 gupdatem - ok
    10:17:37.0321 1160 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    10:17:37.0321 1160 gusvc - ok
    10:17:37.0367 1160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    10:17:37.0367 1160 hcw85cir - ok
    10:17:37.0430 1160 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    10:17:37.0445 1160 HdAudAddService - ok
    10:17:37.0508 1160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    10:17:37.0508 1160 HDAudBus - ok
    10:17:37.0570 1160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    10:17:37.0570 1160 HidBatt - ok
    10:17:37.0586 1160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    10:17:37.0586 1160 HidBth - ok
    10:17:37.0633 1160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    10:17:37.0648 1160 HidIr - ok
    10:17:37.0664 1160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    10:17:37.0664 1160 hidserv - ok
    10:17:37.0711 1160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    10:17:37.0711 1160 HidUsb - ok
    10:17:37.0835 1160 [ D946C4E00B10BE82F8D142F508ECE41D ] HiPatchService C:\Users\New\SMITE\HiPatchService.exe
    10:17:37.0851 1160 HiPatchService - ok
    10:17:37.0867 1160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    10:17:37.0867 1160 hkmsvc - ok
    10:17:37.0882 1160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    10:17:37.0882 1160 HomeGroupListener - ok
    10:17:37.0945 1160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    10:17:37.0960 1160 HomeGroupProvider - ok
    10:17:38.0023 1160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    10:17:38.0023 1160 HpSAMD - ok
    10:17:38.0069 1160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    10:17:38.0069 1160 HTTP - ok
    10:17:38.0101 1160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    10:17:38.0101 1160 hwpolicy - ok
    10:17:38.0194 1160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    10:17:38.0194 1160 i8042prt - ok
    10:17:38.0257 1160 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
    10:17:38.0257 1160 iaStor - ok
    10:17:38.0381 1160 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    10:17:38.0381 1160 IAStorDataMgrSvc - ok
    10:17:38.0444 1160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    10:17:38.0444 1160 iaStorV - ok
    10:17:38.0506 1160 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    10:17:38.0537 1160 IconMan_R - ok
    10:17:38.0600 1160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    10:17:38.0615 1160 idsvc - ok
    10:17:38.0803 1160 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys
    10:17:38.0834 1160 IDSVia64 - ok
    10:17:38.0959 1160 [ FCAA07539A6137EF78AAB39CC455CC5E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    10:17:39.0130 1160 igfx - ok
    10:17:39.0193 1160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    10:17:39.0193 1160 iirsp - ok
    10:17:39.0271 1160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    10:17:39.0271 1160 IKEEXT - ok
    10:17:39.0427 1160 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    10:17:39.0520 1160 IntcAzAudAddService - ok
    10:17:39.0598 1160 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    10:17:39.0598 1160 IntcDAud - ok
    10:17:39.0707 1160 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
    10:17:39.0707 1160 Intel(R) Capability Licensing Service Interface - ok
    10:17:39.0785 1160 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    10:17:39.0785 1160 Intel(R) ME Service - ok
    10:17:39.0848 1160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    10:17:39.0848 1160 intelide - ok
    10:17:39.0895 1160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
    10:17:39.0895 1160 intelppm - ok
    10:17:39.0941 1160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    10:17:39.0973 1160 IPBusEnum - ok
    10:17:39.0988 1160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:17:40.0004 1160 IpFilterDriver - ok
    10:17:40.0035 1160 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    10:17:40.0051 1160 iphlpsvc - ok
    10:17:40.0097 1160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    10:17:40.0097 1160 IPMIDRV - ok
    10:17:40.0144 1160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    10:17:40.0144 1160 IPNAT - ok
    10:17:40.0191 1160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    10:17:40.0191 1160 IRENUM - ok
    10:17:40.0222 1160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    10:17:40.0222 1160 isapnp - ok
    10:17:40.0269 1160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    10:17:40.0269 1160 iScsiPrt - ok
    10:17:40.0316 1160 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
    10:17:40.0316 1160 iusb3hcs - ok
    10:17:40.0394 1160 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
    10:17:40.0394 1160 iusb3hub - ok
    10:17:40.0456 1160 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
    10:17:40.0472 1160 iusb3xhc - ok
    10:17:40.0519 1160 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    10:17:40.0519 1160 jhi_service - ok
    10:17:40.0565 1160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    10:17:40.0565 1160 kbdclass - ok
    10:17:40.0628 1160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    10:17:40.0628 1160 kbdhid - ok
    10:17:40.0643 1160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    10:17:40.0643 1160 KeyIso - ok
    10:17:40.0690 1160 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    10:17:40.0690 1160 KSecDD - ok
    10:17:40.0721 1160 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    10:17:40.0737 1160 KSecPkg - ok
    10:17:40.0753 1160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    10:17:40.0753 1160 ksthunk - ok
    10:17:40.0815 1160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    10:17:40.0815 1160 KtmRm - ok
    10:17:40.0877 1160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    10:17:40.0893 1160 LanmanServer - ok
    10:17:40.0955 1160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    10:17:40.0955 1160 LanmanWorkstation - ok
    10:17:41.0065 1160 [ 6CE0F55287EB8E8E472656E84DDCF4EA ] lehidmini C:\Windows\system32\drivers\leath_hid.sys
    10:17:41.0065 1160 lehidmini - ok
    10:17:41.0127 1160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    10:17:41.0127 1160 lltdio - ok
    10:17:41.0174 1160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    10:17:41.0174 1160 lltdsvc - ok
    10:17:41.0189 1160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    10:17:41.0189 1160 lmhosts - ok
    10:17:41.0267 1160 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    10:17:41.0267 1160 LMS - ok
    10:17:41.0345 1160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    10:17:41.0345 1160 LSI_FC - ok
    10:17:41.0361 1160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    10:17:41.0361 1160 LSI_SAS - ok
    10:17:41.0408 1160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    10:17:41.0408 1160 LSI_SAS2 - ok
    10:17:41.0455 1160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    10:17:41.0455 1160 LSI_SCSI - ok
    10:17:41.0501 1160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    10:17:41.0517 1160 luafv - ok
    10:17:41.0564 1160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    10:17:41.0564 1160 Mcx2Svc - ok
    10:17:41.0595 1160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    10:17:41.0595 1160 megasas - ok
    10:17:41.0642 1160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    10:17:41.0642 1160 MegaSR - ok
    10:17:41.0689 1160 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
    10:17:41.0689 1160 MEIx64 - ok
    10:17:41.0798 1160 Microsoft SharePoint Workspace Audit Service - ok
    10:17:41.0860 1160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    10:17:41.0860 1160 MMCSS - ok
    10:17:41.0907 1160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    10:17:41.0907 1160 Modem - ok
    10:17:41.0954 1160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    10:17:41.0954 1160 monitor - ok
    10:17:41.0969 1160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    10:17:41.0969 1160 mouclass - ok
    10:17:42.0016 1160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    10:17:42.0032 1160 mouhid - ok
    10:17:42.0079 1160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    10:17:42.0079 1160 mountmgr - ok
    10:17:42.0188 1160 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    10:17:42.0188 1160 MozillaMaintenance - ok
    10:17:42.0203 1160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    10:17:42.0203 1160 mpio - ok
    10:17:42.0250 1160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    10:17:42.0250 1160 mpsdrv - ok
    10:17:42.0281 1160 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    10:17:42.0297 1160 MpsSvc - ok
    10:17:42.0313 1160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    10:17:42.0313 1160 MRxDAV - ok
    10:17:42.0359 1160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:17:42.0359 1160 mrxsmb - ok
    10:17:42.0406 1160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:17:42.0406 1160 mrxsmb10 - ok
    10:17:42.0453 1160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:17:42.0453 1160 mrxsmb20 - ok
    10:17:42.0515 1160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    10:17:42.0515 1160 msahci - ok
    10:17:42.0547 1160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    10:17:42.0562 1160 msdsm - ok
    10:17:42.0609 1160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    10:17:42.0609 1160 MSDTC - ok
    10:17:42.0640 1160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    10:17:42.0640 1160 Msfs - ok
    10:17:42.0687 1160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    10:17:42.0687 1160 mshidkmdf - ok
    10:17:42.0749 1160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    10:17:42.0749 1160 msisadrv - ok
    10:17:42.0796 1160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    10:17:42.0796 1160 MSiSCSI - ok
    10:17:42.0796 1160 msiserver - ok
    10:17:42.0859 1160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    10:17:42.0859 1160 MSKSSRV - ok
    10:17:42.0874 1160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    10:17:42.0874 1160 MSPCLOCK - ok
    10:17:42.0890 1160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    10:17:42.0890 1160 MSPQM - ok
    10:17:42.0905 1160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    10:17:42.0905 1160 MsRPC - ok
    10:17:42.0968 1160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    10:17:42.0968 1160 mssmbios - ok
    10:17:42.0999 1160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    10:17:42.0999 1160 MSTEE - ok
    10:17:43.0061 1160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    10:17:43.0061 1160 MTConfig - ok
    10:17:43.0093 1160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    10:17:43.0093 1160 Mup - ok
    10:17:43.0171 1160 [ 241BD3019FB31E812A51B31B06906335 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    10:17:43.0171 1160 N360 - ok
    10:17:43.0233 1160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    10:17:43.0233 1160 napagent - ok
    10:17:43.0311 1160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    10:17:43.0311 1160 NativeWifiP - ok
    10:17:43.0420 1160 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS
    10:17:43.0436 1160 NAVENG - ok
    10:17:43.0498 1160 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS
    10:17:43.0514 1160 NAVEX15 - ok
    10:17:43.0576 1160 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    10:17:43.0592 1160 NDIS - ok
    10:17:43.0639 1160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    10:17:43.0639 1160 NdisCap - ok
    10:17:43.0685 1160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
  6. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    (second part)...

    10:17:43.0685 1160 NdisTapi - ok
    10:17:43.0748 1160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    10:17:43.0748 1160 Ndisuio - ok
    10:17:43.0763 1160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    10:17:43.0763 1160 NdisWan - ok
    10:17:43.0779 1160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    10:17:43.0779 1160 NDProxy - ok
    10:17:43.0810 1160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    10:17:43.0810 1160 NetBIOS - ok
    10:17:43.0857 1160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    10:17:43.0857 1160 NetBT - ok
    10:17:43.0904 1160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    10:17:43.0904 1160 Netlogon - ok
    10:17:43.0966 1160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    10:17:43.0966 1160 Netman - ok
    10:17:44.0060 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    10:17:44.0122 1160 NetMsmqActivator - ok
    10:17:44.0122 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    10:17:44.0122 1160 NetPipeActivator - ok
    10:17:44.0153 1160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    10:17:44.0169 1160 netprofm - ok
    10:17:44.0169 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    10:17:44.0169 1160 NetTcpActivator - ok
    10:17:44.0169 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    10:17:44.0169 1160 NetTcpPortSharing - ok
    10:17:44.0216 1160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    10:17:44.0216 1160 nfrd960 - ok
    10:17:44.0231 1160 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
    10:17:44.0231 1160 NlaSvc - ok
    10:17:44.0294 1160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    10:17:44.0294 1160 Npfs - ok
    10:17:44.0309 1160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    10:17:44.0309 1160 nsi - ok
    10:17:44.0356 1160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    10:17:44.0356 1160 nsiproxy - ok
    10:17:44.0450 1160 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    10:17:44.0465 1160 Ntfs - ok
    10:17:44.0512 1160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    10:17:44.0512 1160 Null - ok
    10:17:44.0715 1160 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    10:17:44.0918 1160 nvlddmkm - ok
    10:17:44.0980 1160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    10:17:44.0980 1160 nvraid - ok
    10:17:44.0996 1160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    10:17:44.0996 1160 nvstor - ok
    10:17:45.0027 1160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    10:17:45.0027 1160 nv_agp - ok
    10:17:45.0136 1160 [ 07D0A535A44DD048EE346853B0BB9349 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
    10:17:45.0136 1160 Oasis2Service - ok
    10:17:45.0245 1160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    10:17:45.0245 1160 ohci1394 - ok
    10:17:45.0323 1160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:17:45.0339 1160 ose - ok
    10:17:45.0433 1160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:17:45.0542 1160 osppsvc - ok
    10:17:45.0573 1160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    10:17:45.0573 1160 p2pimsvc - ok
    10:17:45.0604 1160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    10:17:45.0604 1160 p2psvc - ok
    10:17:45.0635 1160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    10:17:45.0635 1160 Parport - ok
    10:17:45.0667 1160 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    10:17:45.0667 1160 partmgr - ok
    10:17:45.0682 1160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    10:17:45.0682 1160 PcaSvc - ok
    10:17:45.0698 1160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    10:17:45.0698 1160 pci - ok
    10:17:45.0729 1160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    10:17:45.0729 1160 pciide - ok
    10:17:45.0760 1160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    10:17:45.0760 1160 pcmcia - ok
    10:17:45.0791 1160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    10:17:45.0791 1160 pcw - ok
    10:17:45.0807 1160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    10:17:45.0823 1160 PEAUTH - ok
    10:17:46.0291 1160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    10:17:46.0322 1160 PerfHost - ok
    10:17:46.0369 1160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    10:17:46.0384 1160 pla - ok
    10:17:46.0447 1160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    10:17:46.0447 1160 PlugPlay - ok
    10:17:46.0571 1160 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    10:17:46.0603 1160 PMBDeviceInfoProvider - ok
    10:17:46.0649 1160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    10:17:46.0649 1160 PNRPAutoReg - ok
    10:17:46.0681 1160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    10:17:46.0681 1160 PNRPsvc - ok
    10:17:46.0712 1160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    10:17:46.0712 1160 PolicyAgent - ok
    10:17:46.0727 1160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    10:17:46.0727 1160 Power - ok
    10:17:46.0790 1160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    10:17:46.0790 1160 PptpMiniport - ok
    10:17:46.0821 1160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    10:17:46.0821 1160 Processor - ok
    10:17:46.0883 1160 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    10:17:46.0883 1160 ProfSvc - ok
    10:17:46.0915 1160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    10:17:46.0915 1160 ProtectedStorage - ok
    10:17:46.0946 1160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    10:17:46.0946 1160 Psched - ok
    10:17:47.0086 1160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    10:17:47.0102 1160 ql2300 - ok
    10:17:47.0211 1160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    10:17:47.0227 1160 ql40xx - ok
    10:17:47.0383 1160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    10:17:47.0398 1160 QWAVE - ok
    10:17:47.0476 1160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    10:17:47.0492 1160 QWAVEdrv - ok
    10:17:47.0539 1160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    10:17:47.0554 1160 RasAcd - ok
    10:17:47.0663 1160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    10:17:47.0679 1160 RasAgileVpn - ok
    10:17:47.0757 1160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    10:17:47.0757 1160 RasAuto - ok
    10:17:47.0804 1160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:17:47.0819 1160 Rasl2tp - ok
    10:17:47.0835 1160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    10:17:47.0851 1160 RasMan - ok
    10:17:47.0866 1160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    10:17:47.0866 1160 RasPppoe - ok
    10:17:47.0866 1160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    10:17:47.0866 1160 RasSstp - ok
    10:17:47.0897 1160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    10:17:47.0897 1160 rdbss - ok
    10:17:47.0913 1160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    10:17:47.0913 1160 rdpbus - ok
    10:17:47.0929 1160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:17:47.0944 1160 RDPCDD - ok
    10:17:47.0975 1160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    10:17:47.0991 1160 RDPENCDD - ok
    10:17:47.0991 1160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    10:17:47.0991 1160 RDPREFMP - ok
    10:17:48.0038 1160 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    10:17:48.0038 1160 RDPWD - ok
    10:17:48.0085 1160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    10:17:48.0085 1160 rdyboost - ok
    10:17:48.0116 1160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    10:17:48.0116 1160 RemoteAccess - ok
    10:17:48.0131 1160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    10:17:48.0131 1160 RemoteRegistry - ok
    10:17:48.0194 1160 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    10:17:48.0194 1160 RFCOMM - ok
    10:17:48.0319 1160 [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    10:17:48.0319 1160 RichVideo64 - ok
    10:17:48.0381 1160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    10:17:48.0381 1160 RpcEptMapper - ok
    10:17:48.0397 1160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    10:17:48.0397 1160 RpcLocator - ok
    10:17:48.0428 1160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    10:17:48.0443 1160 RpcSs - ok
    10:17:48.0490 1160 [ 9BD6DEBC9862FBE0C0467F0633B34962 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
    10:17:48.0490 1160 RSPCIESTOR - ok
    10:17:48.0521 1160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    10:17:48.0521 1160 rspndr - ok
    10:17:48.0568 1160 [ EB8EA1C4C5E076D9EA61FB59960C5830 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    10:17:48.0568 1160 RTL8167 - ok
    10:17:48.0646 1160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    10:17:48.0646 1160 SamSs - ok
    10:17:48.0677 1160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    10:17:48.0677 1160 sbp2port - ok
    10:17:48.0709 1160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    10:17:48.0709 1160 SCardSvr - ok
    10:17:48.0740 1160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    10:17:48.0740 1160 scfilter - ok
    10:17:48.0771 1160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    10:17:48.0787 1160 Schedule - ok
    10:17:48.0802 1160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    10:17:48.0802 1160 SCPolicySvc - ok
    10:17:48.0833 1160 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    10:17:48.0849 1160 sdbus - ok
    10:17:48.0880 1160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    10:17:48.0880 1160 SDRSVC - ok
    10:17:48.0927 1160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    10:17:48.0927 1160 secdrv - ok
    10:17:48.0943 1160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    10:17:48.0943 1160 seclogon - ok
    10:17:48.0958 1160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    10:17:48.0958 1160 SENS - ok
    10:17:49.0005 1160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    10:17:49.0005 1160 SensrSvc - ok
    10:17:49.0052 1160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    10:17:49.0052 1160 Serenum - ok
    10:17:49.0067 1160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    10:17:49.0083 1160 Serial - ok
    10:17:49.0114 1160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    10:17:49.0114 1160 sermouse - ok
    10:17:49.0145 1160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    10:17:49.0145 1160 SessionEnv - ok
    10:17:49.0208 1160 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\drivers\SFEP.sys
    10:17:49.0208 1160 SFEP - ok
    10:17:49.0239 1160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    10:17:49.0239 1160 sffdisk - ok
    10:17:49.0255 1160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    10:17:49.0255 1160 sffp_mmc - ok
    10:17:49.0286 1160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    10:17:49.0286 1160 sffp_sd - ok
    10:17:49.0301 1160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    10:17:49.0301 1160 sfloppy - ok
    10:17:49.0379 1160 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
    10:17:49.0379 1160 Sftfs - ok
    10:17:49.0442 1160 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    10:17:49.0442 1160 sftlist - ok
    10:17:49.0489 1160 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
    10:17:49.0489 1160 Sftplay - ok
    10:17:49.0504 1160 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
    10:17:49.0504 1160 Sftredir - ok
    10:17:49.0520 1160 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
    10:17:49.0520 1160 Sftvol - ok
    10:17:49.0567 1160 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    10:17:49.0567 1160 sftvsa - ok
    10:17:49.0629 1160 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    10:17:49.0629 1160 SharedAccess - ok
    10:17:49.0660 1160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    10:17:49.0660 1160 ShellHWDetection - ok
    10:17:49.0723 1160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    10:17:49.0723 1160 SiSRaid2 - ok
    10:17:49.0754 1160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    10:17:49.0754 1160 SiSRaid4 - ok
    10:17:49.0925 1160 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    10:17:49.0972 1160 Skype C2C Service - ok
    10:17:50.0019 1160 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    10:17:50.0019 1160 SkypeUpdate - ok
    10:17:50.0081 1160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    10:17:50.0081 1160 Smb - ok
    10:17:50.0128 1160 [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
    10:17:50.0128 1160 SmbDrv - ok
    10:17:50.0191 1160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    10:17:50.0191 1160 SNMPTRAP - ok
    10:17:50.0315 1160 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    10:17:50.0315 1160 SOHCImp - ok
    10:17:50.0331 1160 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    10:17:50.0331 1160 SOHDs - ok
    10:17:50.0378 1160 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
    10:17:50.0378 1160 Sony SCSI Helper Service - ok
    10:17:50.0440 1160 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    10:17:50.0440 1160 SpfService - ok
    10:17:50.0471 1160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    10:17:50.0471 1160 spldr - ok
    10:17:50.0503 1160 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    10:17:50.0518 1160 Spooler - ok
    10:17:50.0581 1160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    10:17:50.0627 1160 sppsvc - ok
    10:17:50.0643 1160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    10:17:50.0643 1160 sppuinotify - ok
    10:17:50.0721 1160 [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP C:\Windows\System32\Drivers\N360x64\1403000.024\SRTSP64.SYS
    10:17:50.0737 1160 SRTSP - ok
    10:17:50.0737 1160 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\N360x64\1403000.024\SRTSPX64.SYS
    10:17:50.0737 1160 SRTSPX - ok
    10:17:50.0783 1160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    10:17:50.0783 1160 srv - ok
    10:17:50.0815 1160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    10:17:50.0815 1160 srv2 - ok
    10:17:50.0830 1160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    10:17:50.0830 1160 srvnet - ok
    10:17:50.0877 1160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    10:17:50.0877 1160 SSDPSRV - ok
    10:17:50.0908 1160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    10:17:50.0908 1160 SstpSvc - ok
    10:17:50.0939 1160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    10:17:50.0939 1160 stexstor - ok
    10:17:50.0971 1160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    10:17:50.0971 1160 stisvc - ok
    10:17:51.0002 1160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    10:17:51.0002 1160 swenum - ok
    10:17:51.0033 1160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    10:17:51.0033 1160 swprv - ok
    10:17:51.0064 1160 [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS C:\Windows\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
    10:17:51.0064 1160 SymDS - ok
    10:17:51.0127 1160 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
    10:17:51.0142 1160 SymEFA - ok
    10:17:51.0173 1160 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    10:17:51.0173 1160 SymEvent - ok
    10:17:51.0205 1160 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1403000.024\Ironx64.SYS
    10:17:51.0205 1160 SymIRON - ok
    10:17:51.0251 1160 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1403000.024\SYMNETS.SYS
    10:17:51.0251 1160 SymNetS - ok
    10:17:51.0345 1160 [ 321EA1320771419C0956DE50F270C3E5 ] SynTP C:\Windows\system32\drivers\SynTP.sys
    10:17:51.0345 1160 SynTP - ok
    10:17:51.0392 1160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    10:17:51.0407 1160 SysMain - ok
    10:17:51.0423 1160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    10:17:51.0423 1160 TabletInputService - ok
    10:17:51.0454 1160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    10:17:51.0454 1160 TapiSrv - ok
    10:17:51.0470 1160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    10:17:51.0470 1160 TBS - ok
    10:17:51.0579 1160 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    10:17:51.0595 1160 Tcpip - ok
    10:17:51.0626 1160 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    10:17:51.0641 1160 TCPIP6 - ok
    10:17:51.0673 1160 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    10:17:51.0673 1160 tcpipreg - ok
    10:17:51.0719 1160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    10:17:51.0719 1160 TDPIPE - ok
    10:17:51.0735 1160 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    10:17:51.0735 1160 TDTCP - ok
    10:17:51.0782 1160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    10:17:51.0782 1160 tdx - ok
    10:17:51.0797 1160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    10:17:51.0797 1160 TermDD - ok
    10:17:51.0829 1160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    10:17:51.0844 1160 TermService - ok
    10:17:51.0860 1160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    10:17:51.0860 1160 Themes - ok
    10:17:51.0875 1160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    10:17:51.0891 1160 THREADORDER - ok
    10:17:51.0907 1160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    10:17:51.0907 1160 TrkWks - ok
    10:17:51.0953 1160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    10:17:51.0953 1160 TrustedInstaller - ok
    10:17:51.0985 1160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:17:51.0985 1160 tssecsrv - ok
    10:17:52.0031 1160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    10:17:52.0031 1160 TsUsbFlt - ok
    10:17:52.0063 1160 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    10:17:52.0063 1160 TsUsbGD - ok
    10:17:52.0109 1160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    10:17:52.0109 1160 tunnel - ok
    10:17:52.0141 1160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    10:17:52.0141 1160 uagp35 - ok
    10:17:52.0219 1160 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
    10:17:52.0219 1160 uCamMonitor - ok
    10:17:52.0265 1160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    10:17:52.0265 1160 udfs - ok
    10:17:52.0297 1160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    10:17:52.0297 1160 UI0Detect - ok
    10:17:52.0328 1160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    10:17:52.0328 1160 uliagpkx - ok
    10:17:52.0390 1160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    10:17:52.0390 1160 umbus - ok
    10:17:52.0437 1160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    10:17:52.0437 1160 UmPass - ok
    10:17:52.0546 1160 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    10:17:52.0546 1160 UNS - ok
    10:17:52.0609 1160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    10:17:52.0609 1160 upnphost - ok
    10:17:52.0640 1160 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    10:17:52.0640 1160 usbccgp - ok
    10:17:52.0687 1160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    10:17:52.0687 1160 usbcir - ok
    10:17:52.0718 1160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    10:17:52.0718 1160 usbehci - ok
    10:17:52.0765 1160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
    10:17:52.0780 1160 usbhub - ok
    10:17:52.0811 1160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    10:17:52.0811 1160 usbohci - ok
    10:17:52.0827 1160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
    10:17:52.0827 1160 usbprint - ok
    10:17:52.0858 1160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:17:52.0858 1160 USBSTOR - ok
    10:17:52.0874 1160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    10:17:52.0889 1160 usbuhci - ok
    10:17:52.0936 1160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    10:17:52.0936 1160 usbvideo - ok
    10:17:52.0983 1160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    10:17:52.0983 1160 UxSms - ok
    10:17:53.0014 1160 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    10:17:53.0030 1160 VAIO Event Service - ok
    10:17:53.0092 1160 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    10:17:53.0108 1160 VAIO Power Management - ok
    10:17:53.0123 1160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    10:17:53.0123 1160 VaultSvc - ok
    10:17:53.0170 1160 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    10:17:53.0186 1160 VCFw - ok
    10:17:53.0233 1160 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    10:17:53.0248 1160 VcmIAlzMgr - ok
    10:17:53.0264 1160 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    10:17:53.0279 1160 VcmINSMgr - ok
    10:17:53.0326 1160 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
    10:17:53.0326 1160 VcmXmlIfHelper - ok
    10:17:53.0435 1160 [ D076011ECD0D1310E879F32EBF3B4886 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
    10:17:53.0435 1160 VCService - ok
    10:17:53.0498 1160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    10:17:53.0498 1160 vdrvroot - ok
    10:17:53.0529 1160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    10:17:53.0529 1160 vds - ok
    10:17:53.0576 1160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    10:17:53.0576 1160 vga - ok
    10:17:53.0591 1160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    10:17:53.0591 1160 VgaSave - ok
    10:17:53.0623 1160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    10:17:53.0623 1160 vhdmp - ok
    10:17:53.0638 1160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    10:17:53.0638 1160 viaide - ok
    10:17:53.0685 1160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    10:17:53.0685 1160 volmgr - ok
    10:17:53.0701 1160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    10:17:53.0701 1160 volmgrx - ok
    10:17:53.0716 1160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    10:17:53.0732 1160 volsnap - ok
    10:17:53.0794 1160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    10:17:53.0794 1160 vsmraid - ok
    10:17:53.0841 1160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    10:17:53.0857 1160 VSS - ok
    10:17:53.0903 1160 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    10:17:53.0919 1160 VUAgent - ok
    10:17:53.0950 1160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    10:17:53.0950 1160 vwifibus - ok
    10:17:53.0997 1160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    10:17:53.0997 1160 vwififlt - ok
    10:17:54.0044 1160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    10:17:54.0044 1160 vwifimp - ok
    10:17:54.0075 1160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    10:17:54.0091 1160 W32Time - ok
    10:17:54.0106 1160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    10:17:54.0106 1160 WacomPen - ok
    10:17:54.0137 1160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    10:17:54.0137 1160 WANARP - ok
    10:17:54.0153 1160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    10:17:54.0153 1160 Wanarpv6 - ok
    10:17:54.0231 1160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    10:17:54.0247 1160 WatAdminSvc - ok
    10:17:54.0293 1160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    10:17:54.0309 1160 wbengine - ok
    10:17:54.0356 1160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    10:17:54.0356 1160 WbioSrvc - ok
    10:17:54.0387 1160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    10:17:54.0387 1160 wcncsvc - ok
    10:17:54.0418 1160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    10:17:54.0434 1160 WcsPlugInService - ok
    10:17:54.0465 1160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    10:17:54.0465 1160 Wd - ok
    10:17:54.0496 1160 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    10:17:54.0512 1160 Wdf01000 - ok
    10:17:54.0527 1160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    10:17:54.0527 1160 WdiServiceHost - ok
    10:17:54.0527 1160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    10:17:54.0527 1160 WdiSystemHost - ok
    10:17:54.0559 1160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    10:17:54.0559 1160 WebClient - ok
    10:17:54.0574 1160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    10:17:54.0574 1160 Wecsvc - ok
    10:17:54.0590 1160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    10:17:54.0590 1160 wercplsupport - ok
    10:17:54.0621 1160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    10:17:54.0637 1160 WerSvc - ok
    10:17:54.0683 1160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    10:17:54.0683 1160 WfpLwf - ok
    10:17:54.0715 1160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    10:17:54.0715 1160 WIMMount - ok
    10:17:54.0746 1160 WinDefend - ok
    10:17:54.0761 1160 WinHttpAutoProxySvc - ok
    10:17:54.0839 1160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    10:17:54.0839 1160 Winmgmt - ok
    10:17:54.0902 1160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    10:17:54.0917 1160 WinRM - ok
    10:17:54.0995 1160 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    10:17:54.0995 1160 WinUsb - ok
    10:17:55.0027 1160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    10:17:55.0042 1160 Wlansvc - ok
    10:17:55.0105 1160 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    10:17:55.0105 1160 wlcrasvc - ok
    10:17:55.0198 1160 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:17:55.0229 1160 wlidsvc - ok
    10:17:55.0245 1160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    10:17:55.0245 1160 WmiAcpi - ok
    10:17:55.0276 1160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    10:17:55.0276 1160 wmiApSrv - ok
    10:17:55.0323 1160 WMPNetworkSvc - ok
    10:17:55.0354 1160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    10:17:55.0354 1160 WPCSvc - ok
    10:17:55.0370 1160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    10:17:55.0370 1160 WPDBusEnum - ok
    10:17:55.0401 1160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    10:17:55.0401 1160 ws2ifsl - ok
    10:17:55.0417 1160 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    10:17:55.0417 1160 wscsvc - ok
    10:17:55.0479 1160 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
    10:17:55.0479 1160 WSDPrintDevice - ok
    10:17:55.0479 1160 WSearch - ok
    10:17:55.0557 1160 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    10:17:55.0573 1160 wuauserv - ok
    10:17:55.0619 1160 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    10:17:55.0619 1160 WudfPf - ok
    10:17:55.0666 1160 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    10:17:55.0666 1160 WUDFRd - ok
    10:17:55.0713 1160 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    10:17:55.0713 1160 wudfsvc - ok
    10:17:55.0760 1160 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
    10:17:55.0760 1160 WwanSvc - ok
    10:17:55.0838 1160 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    10:17:55.0838 1160 ZAtheros Bt&Wlan Coex Agent - ok
    10:17:55.0869 1160 ================ Scan global ===============================
    10:17:55.0900 1160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    10:17:55.0978 1160 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    10:17:56.0009 1160 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    10:17:56.0056 1160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    10:17:56.0087 1160 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    10:17:56.0087 1160 [Global] - ok
    10:17:56.0087 1160 ================ Scan MBR ==================================
    10:17:56.0103 1160 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    10:17:56.0103 1160 Suspicious mbr (Forged): \Device\Harddisk0\DR0
    10:17:56.0165 1160 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
    10:17:56.0165 1160 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
    10:17:56.0165 1160 ================ Scan VBR ==================================
    10:17:56.0165 1160 [ 8C4315C51212EE753D0DF958841CA5F6 ] \Device\Harddisk0\DR0\Partition1
    10:17:56.0165 1160 \Device\Harddisk0\DR0\Partition1 - ok
    10:17:56.0181 1160 [ 6E53122C8AF07CE113C351938E4FE5E1 ] \Device\Harddisk0\DR0\Partition2
    10:17:56.0181 1160 \Device\Harddisk0\DR0\Partition2 - ok
    10:17:56.0181 1160 ============================================================
    10:17:56.0181 1160 Scan finished
    10:17:56.0181 1160 ============================================================
    10:17:56.0181 1648 Detected object count: 1
    10:17:56.0181 1648 Actual detected object count: 1
    10:18:08.0146 1648 \Device\Harddisk0\DR0\# - copied to quarantine
    10:18:08.0146 1648 \Device\Harddisk0\DR0 - copied to quarantine
    10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
    10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
    10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
    10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
    10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
    10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
    10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
    10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
    10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ua - copied to quarantine
    10:18:08.0224 1648 \Device\Harddisk0\DR0\TDLFS\x - copied to quarantine
    10:18:08.0349 1648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
    10:18:08.0349 1648 \Device\Harddisk0\DR0 - ok
    10:18:10.0424 1648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
    10:18:31.0738 0984 Deinitialize success
  7. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Good :)

    Restart computer normally and see if you can connect.

    Next...

    [​IMG] Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to:
    - Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
    - Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
    - XP: http://support.microsoft.com/kb/948247

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
  8. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Just before I start, should I run the programs in regular mode or continue in safe mode with networking?
  9. Broni

    Broni Malware Annihilator Posts: 46,447   +252

  10. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Still can't connect in regular mode (posting this in safe mode)
    I attached a screenshot of my network in regular mode...

    Attached Files:

  11. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Continue in safe mode with networking.
     
  12. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : hxxp://www.adlice.com/forum/
    Website : hxxp://www.adlice.com/softwares/roguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Safe mode with network support
    User : Lin [Admin rights]
    Mode : Remove -- Date : 07/15/2013 10:59:17
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 2 ¤¤¤
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 0 ¤¤¤

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST500LM012 HN-M500MBB +++++
    --- User ---
    [MBR] f3cf41453ecbc884d072f6027fc3d8e7
    [BSP] fe653986d72f9ce43cef146b53b9970e : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18940 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 38791168 | Size: 350 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 39507968 | Size: 457648 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_07152013_105917.txt >>
    RKreport[0]_S_07152013_105904.txt
    Malwarebytes Anti-Rootkit BETA 1.06.0.1004
    www.malwarebytes.org

    Database version: v2013.07.15.04

    Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
    Internet Explorer 10.0.9200.16635
    Lin :: LIN-VAIO [administrator]

    7/15/2013 11:43:43 AM
    mbar-log-2013-07-15 (11-43-43).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
    Scan options disabled: PUP
    Objects scanned: 244932
    Time elapsed: 9 minute(s), 6 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.06.0.1004

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    System is currently in a safe mode

    Account is Administrative

    Internet Explorer version: 10.0.9200.16635

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.394000 GHz
    Memory total: 4190486528, free: 3129700352

    Downloaded database version: v2013.07.15.04
    Initializing...
    ------------ Kernel report ------------
    07/15/2013 11:27:01
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\iusb3hcs.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\compbatt.sys
    \SystemRoot\system32\drivers\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\wd.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\Drivers\aswrdr2.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\drivers\iusb3xhc.sys
    \SystemRoot\system32\drivers\USBD.SYS
    \SystemRoot\system32\drivers\HECIx64.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\athrx.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\SFEP.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\drivers\SynTP.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\blbdrive.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\btath_bus.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\drivers\iusb3hub.sys
    \SystemRoot\system32\drivers\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\drivers\dxg.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\framebuf.dll
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\iertutil.dll
    \Windows\System32\msctf.dll
    \Windows\System32\Wldap32.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8007254060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa8004dc2050
    Lower Device Driver Name: \Driver\iaStor\
    <<<2>>>
    Device number: 0, partition: 3
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80070f5870, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8004dc2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\Windows\system32\drivers...
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 3107966

    Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 38789120

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 38791168 Numsec = 716800
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 39507968 Numsec = 937263152

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
    Done!
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
    Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_38791168_i.mbam...
    Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
    Removal finished
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.06.0.1004

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    System is currently in a safe mode

    Account is Administrative

    Internet Explorer version: 10.0.9200.16635

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.394000 GHz
    Memory total: 4190486528, free: 3397603328

    Initializing...
    ------------ Kernel report ------------
    07/15/2013 11:43:39
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\iusb3hcs.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\compbatt.sys
    \SystemRoot\system32\drivers\BATTC.SYS
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\iaStor.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\wd.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\drivers\disk.sys
    \SystemRoot\system32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\System32\Drivers\aswrdr2.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\drivers\iusb3xhc.sys
    \SystemRoot\system32\drivers\USBD.SYS
    \SystemRoot\system32\drivers\HECIx64.sys
    \SystemRoot\system32\drivers\usbehci.sys
    \SystemRoot\system32\drivers\USBPORT.SYS
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\athrx.sys
    \SystemRoot\system32\DRIVERS\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt64win7.sys
    \SystemRoot\system32\drivers\SFEP.sys
    \SystemRoot\system32\drivers\i8042prt.sys
    \SystemRoot\system32\DRIVERS\kbdclass.sys
    \SystemRoot\system32\drivers\SynTP.sys
    \SystemRoot\system32\DRIVERS\mouclass.sys
    \SystemRoot\system32\DRIVERS\cdrom.sys
    \SystemRoot\system32\drivers\blbdrive.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\btath_bus.sys
    \SystemRoot\system32\DRIVERS\umbus.sys
    \SystemRoot\system32\drivers\iusb3hub.sys
    \SystemRoot\system32\drivers\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\drivers\dxg.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\DRIVERS\hidusb.sys
    \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\framebuf.dll
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_iaStor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\iertutil.dll
    \Windows\System32\msctf.dll
    \Windows\System32\Wldap32.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8007254060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\Ide\IAAStorageDevice-1\
    Lower Device Object: 0xfffffa8004dc2050
    Lower Device Driver Name: \Driver\iaStor\
    <<<2>>>
    Device number: 0, partition: 3
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80070f5870, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8004dc2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\Windows\system32\drivers...
    <<<2>>>
    Device number: 0, partition: 3
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 3107966

    Partition information:

    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048 Numsec = 38789120

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 38791168 Numsec = 716800
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 39507968 Numsec = 937263152

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
    Done!
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
    Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_38791168_i.mbam...
    Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
    Removal finished
  13. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Download following two tools in Safe Mode with Networking but run them from NORMAL mode.

    [​IMG] Please download Farbar Service Scanner Download Link and run it on the computer with the issue.

    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center/Action Center
      • Windows Update
      • Windows Defender
      • Other Services
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    [​IMG] Please download MiniToolBox, save it to your desktop and run it.

    Checkmark following boxes:
    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices (do NOT change any settings)
    • List Users, Partitions and Memory size
    • List Restore Points
    Click Go and post the result.
  14. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Farbar Service Scanner Version: 13-07-2013
    Ran by Lin (administrator) on 15-07-2013 at 12:15:48
    Running from "C:\Users\Lin\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is OK.
    The ImagePath of wuauserv service is OK.
    The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => MD5 is legit
    C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\System32\dhcpcore.dll => MD5 is legit
    C:\Windows\System32\drivers\afd.sys => MD5 is legit
    C:\Windows\System32\drivers\tdx.sys => MD5 is legit
    C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\System32\dnsrslvr.dll => MD5 is legit
    C:\Windows\System32\mpssvc.dll => MD5 is legit
    C:\Windows\System32\bfe.dll => MD5 is legit
    C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\System32\SDRSVC.dll => MD5 is legit
    C:\Windows\System32\vssvc.exe => MD5 is legit
    C:\Windows\System32\wscsvc.dll => MD5 is legit
    C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\System32\wuaueng.dll => MD5 is legit
    C:\Windows\System32\qmgr.dll => MD5 is legit
    C:\Windows\System32\es.dll => MD5 is legit
    C:\Windows\System32\cryptsvc.dll => MD5 is legit
    C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
    C:\Windows\System32\ipnathlp.dll => MD5 is legit
    C:\Windows\System32\iphlpsvc.dll => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit


    **** End of log ****
    MiniToolBox by Farbar Version: 13-07-2013
    Ran by Lin (administrator) on 15-07-2013 at 12:17:23
    Running from "C:\Users\Lin\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================



    ========================= IP Configuration: ================================

    Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
    Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Lin-VAIO
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
    Physical Address. . . . . . . . . : 2A-ED-B9-CB-54-4D
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
    Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4D
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::2519:718:7dfe:86da%21(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Monday, July 15, 2013 12:12:16 PM
    Lease Expires . . . . . . . . . . : Tuesday, July 16, 2013 12:12:18 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 235466169
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7A-C4-50-30-F9-ED-B5-31-4B
    DNS Servers . . . . . . . . . . . : 4.2.2.4
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 30-F9-ED-B5-31-4B
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Bluetooth Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
    Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4E
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft 6to4 Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{FD750996-A87F-4C4A-9258-CEF5616169A4}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 4:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{595923B2-8B4E-4B41-B39F-7623700E0E27}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{83D384AC-9C88-466A-90B3-F2B40938F7B8}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{4B1DB241-E295-4B04-8059-E10FF5295842}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: d.resolvers.level3.net
    Address: 4.2.2.4

    Name: google.com
    Addresses: 2607:f8b0:4009:801::1001
    74.125.225.32
    74.125.225.34
    74.125.225.39
    74.125.225.38
    74.125.225.36
    74.125.225.35
    74.125.225.46
    74.125.225.41
    74.125.225.40
    74.125.225.37
    74.125.225.33


    Pinging google.com [173.194.46.32] with 32 bytes of data:
    Reply from 173.194.46.32: bytes=32 time=15ms TTL=49
    Reply from 173.194.46.32: bytes=32 time=14ms TTL=49

    Ping statistics for 173.194.46.32:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 14ms, Maximum = 15ms, Average = 14ms
    Server: d.resolvers.level3.net
    Address: 4.2.2.4

    Name: yahoo.com
    Addresses: 206.190.36.45
    98.138.253.109
    98.139.183.24


    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
    Reply from 98.139.183.24: bytes=32 time=77ms TTL=41
    Reply from 98.139.183.24: bytes=32 time=71ms TTL=41

    Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 71ms, Maximum = 77ms, Average = 74ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    22...2a ed b9 cb 54 4d ......Microsoft Virtual WiFi Miniport Adapter
    21...08 ed b9 cb 54 4d ......Atheros AR9485WB-EG Wireless Network Adapter
    13...30 f9 ed b5 31 4b ......Realtek PCIe GBE Family Controller
    11...08 ed b9 cb 54 4e ......Bluetooth Device (Personal Area Network)
    1...........................Software Loopback Interface 1
    14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
    23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
    37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
    38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
    39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 25
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.11 281
    192.168.1.11 255.255.255.255 On-link 192.168.1.11 281
    192.168.1.255 255.255.255.255 On-link 192.168.1.11 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.11 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.11 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    21 281 fe80::/64 On-link
    21 281 fe80::2519:718:7dfe:86da/128
    On-link
    1 306 ff00::/8 On-link
    21 281 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (07/15/2013 00:16:16 PM) (Source: Application Error) (User: )
    Description: Faulting application name: VCAgent.exe, version: 7.3.0.13120, time stamp: 0x4f27637e
    Faulting module name: mscorlib.ni.dll, version: 4.0.30319.1008, time stamp: 0x517a19ee
    Exception code: 0xc0000005
    Fault offset: 0x00000000003a2149
    Faulting process id: 0xfdc
    Faulting application start time: 0xVCAgent.exe0
    Faulting application path: VCAgent.exe1
    Faulting module path: VCAgent.exe2
    Report Id: VCAgent.exe3

    Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime) (User: )
    Description: Application: VCAgent.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    Stack:
    at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client) (User: )
    Description: {tid=760}
    The Application Virtualization Client could not determine the size of the file system cache (FS status 16D07A0A-0000E0A2).

    Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client) (User: )
    Description: {tid=760}
    The Application Virtualization Client could not disconnect session 35 (FS status 16D1200A-0000E0A2).

    Error: (07/15/2013 11:16:32 AM) (Source: CVHSVC) (User: )
    Description: Information only.
    (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The connection with the server was terminated abnormally

    Error: (07/15/2013 11:07:35 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 10:49:48 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 10:42:29 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (07/15/2013 00:13:56 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (07/15/2013 00:13:15 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    BHDrvx64
    SRTSP

    Error: (07/15/2013 00:12:04 PM) (Source: SRTSP) (User: )
    Description: Error loading virus definitions.

    Error: (07/15/2013 00:09:44 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:09:44 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:07:44 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:07:44 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:07:36 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:07:36 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 00:05:44 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================
    Error: (07/15/2013 00:16:16 PM) (Source: Application Error)(User: )
    Description: VCAgent.exe7.3.0.131204f27637emscorlib.ni.dll4.0.30319.1008517a19eec000000500000000003a2149fdc01ce817f0208343bC:\Program Files\Sony\VAIO Care\VCAgent.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll416d44be-ed72-11e2-9882-08edb9cb544e

    Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime)(User: )
    Description: Application: VCAgent.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    Stack:
    at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client)(User: )
    Description: {tid=760}
    16D07A0A-0000E0A2

    Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client)(User: )
    Description: {tid=760}
    3516D1200A-0000E0A2

    Error: (07/15/2013 11:16:32 AM) (Source: CVHSVC)(User: )
    Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The connection with the server was terminated abnormally

    Error: (07/15/2013 11:07:35 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 10:49:48 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 10:42:29 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    ========================= Devices: ================================

    Name: BHDrvx64
    Description: BHDrvx64
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: BHDrvx64
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ========================= Memory info: ===================================

    Percentage of memory in use: 55%
    Total physical RAM: 3996.36 MB
    Available physical RAM: 1791.15 MB
    Total Pagefile: 7990.9 MB
    Available Pagefile: 5613.95 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3973.99 MB

    ========================= Partitions: =====================================

    1 Drive c: () (Fixed) (Total:446.92 GB) (Free:346.07 GB) NTFS
    2 Drive d: (WUSB54G) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

    ========================= Users: ========================================

    User accounts for \\LIN-VAIO

    Administrator Guest Lin

    ========================= Restore Points ==================================

    29-05-2013 08:00:32 Windows Update
    06-06-2013 00:48:17 Windows Update
    21-06-2013 02:15:37 Windows Update
    14-07-2013 02:59:15 Windows Update
    14-07-2013 04:28:32 Restore Operation
    14-07-2013 08:00:32 Windows Update
    14-07-2013 14:22:13 Installed Wireless-G USB Adapter
    14-07-2013 16:26:11 Removed VAIO Smart Network
    15-07-2013 16:10:17 Windows Update
    15-07-2013 16:10:56 After the thingy, but before the other thingy

    **** End of log ****
  15. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Your connection looks perfectly fine.
    "Ping" finds Google no problem.

    What does actually make you think there is no connection?
    Browser doesn't work?
  16. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Browser does not work, and the red "X" is on the connection in the task bar. I'll attach the picture again.

    Everything seems like it should be working fine, wireless is working with other computers, connection works. just no internet access except in safe mode

    Attached Files:

  17. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Please check IE.
  18. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Attempt with IE didn't work either...

    Attached Files:

  19. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Get ethernet cable and see it wired connection works.
  20. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Alright so I connected the ethernet cable and it recognizes the network, but it says "No internet access". See attached pic...

    Attached Files:

  21. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Keep the ethernet cable connected and re-run MiniToolbox with only this options checked:

    • Report IE Proxy Settings
    • Report FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Devices (do NOT change any settings)
  22. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    MiniToolBox by Farbar Version: 13-07-2013
    Ran by Lin (administrator) on 15-07-2013 at 15:19:17
    Running from "C:\Users\Lin\Downloads"
    Microsoft Windows 7 Home Premium Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    ========================= FF Proxy Settings: ==============================

    ========================= Hosts content: =================================



    ========================= IP Configuration: ================================

    Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
    Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Media disconnected)
    Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Lin-VAIO
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
    Physical Address. . . . . . . . . : 2A-ED-B9-CB-54-4D
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
    Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4D
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 30-F9-ED-B5-31-4B
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::2c4c:9d4e:ecc1:e91a%13(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Monday, July 15, 2013 3:17:07 PM
    Lease Expires . . . . . . . . . . : Tuesday, July 16, 2013 3:18:34 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 288422381
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7A-C4-50-30-F9-ED-B5-31-4B
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Bluetooth Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
    Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4E
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 11:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft 6to4 Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{FD750996-A87F-4C4A-9258-CEF5616169A4}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Reusable ISATAP Interface {C13875F3-A074-4DE0-85D7-0B71DA1376AC}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{83D384AC-9C88-466A-90B3-F2B40938F7B8}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: UnKnown
    Address: 192.168.1.1

    Name: google.com
    Addresses: 2607:f8b0:4009:803::1003
    173.194.46.66
    173.194.46.67
    173.194.46.68
    173.194.46.69
    173.194.46.70
    173.194.46.71
    173.194.46.72
    173.194.46.73
    173.194.46.78
    173.194.46.64
    173.194.46.65


    Pinging google.com [74.125.225.135] with 32 bytes of data:
    Reply from 74.125.225.135: bytes=32 time=10ms TTL=49
    Reply from 74.125.225.135: bytes=32 time=13ms TTL=49

    Ping statistics for 74.125.225.135:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 13ms, Average = 11ms
    Server: UnKnown
    Address: 192.168.1.1

    Name: yahoo.com
    Addresses: 206.190.36.45
    98.138.253.109
    98.139.183.24


    Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
    Reply from 206.190.36.45: bytes=32 time=118ms TTL=45
    Reply from 206.190.36.45: bytes=32 time=107ms TTL=45

    Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 107ms, Maximum = 118ms, Average = 112ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    22...2a ed b9 cb 54 4d ......Microsoft Virtual WiFi Miniport Adapter
    21...08 ed b9 cb 54 4d ......Atheros AR9485WB-EG Wireless Network Adapter
    13...30 f9 ed b5 31 4b ......Realtek PCIe GBE Family Controller
    11...08 ed b9 cb 54 4e ......Bluetooth Device (Personal Area Network)
    1...........................Software Loopback Interface 1
    14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
    23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
    25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
    192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
    192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    13 276 fe80::/64 On-link
    13 276 fe80::2c4c:9d4e:ecc1:e91a/128
    On-link
    1 306 ff00::/8 On-link
    13 276 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (07/15/2013 03:18:32 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:43:24 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:37:52 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:23:28 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:18:45 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 00:20:50 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 00:16:16 PM) (Source: Application Error) (User: )
    Description: Faulting application name: VCAgent.exe, version: 7.3.0.13120, time stamp: 0x4f27637e
    Faulting module name: mscorlib.ni.dll, version: 4.0.30319.1008, time stamp: 0x517a19ee
    Exception code: 0xc0000005
    Fault offset: 0x00000000003a2149
    Faulting process id: 0xfdc
    Faulting application start time: 0xVCAgent.exe0
    Faulting application path: VCAgent.exe1
    Faulting module path: VCAgent.exe2
    Report Id: VCAgent.exe3

    Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime) (User: )
    Description: Application: VCAgent.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    Stack:
    at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (07/15/2013 03:18:09 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (07/15/2013 03:17:25 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    BHDrvx64
    SRTSP

    Error: (07/15/2013 03:16:38 PM) (Source: SRTSP) (User: )
    Description: Error loading virus definitions.

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================
    Error: (07/15/2013 03:18:32 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:43:24 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:37:52 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:23:28 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 01:18:45 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 00:20:50 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 00:16:16 PM) (Source: Application Error)(User: )
    Description: VCAgent.exe7.3.0.131204f27637emscorlib.ni.dll4.0.30319.1008517a19eec000000500000000003a2149fdc01ce817f0208343bC:\Program Files\Sony\VAIO Care\VCAgent.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll416d44be-ed72-11e2-9882-08edb9cb544e

    Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime)(User: )
    Description: Application: VCAgent.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    Stack:
    at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
    at System.Threading.ThreadHelper.ThreadStart()

    Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    ========================= Devices: ================================

    Name: BHDrvx64
    Description: BHDrvx64
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: BHDrvx64
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    **** End of log ****
  23. Broni

    Broni Malware Annihilator Posts: 46,447   +252

    Your connection is definitely fine.
    Something seems to be blocking browsers.

    You can download following tool from Safe Mode with Networking but run it from NORMAL MODE.

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
  24. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
    Ran by Lin (administrator) on 15-07-2013 20:28:13
    Running from C:\Users\Lin\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
    (Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    (Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
    (Sony Corporation) c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
    (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO [1156712 2012-03-13] (Realtek Semiconductor)
    HKLM\...\Run: [AtherosBtStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [1020576 2012-02-23] (Atheros Commnucations)
    HKLM\...\Run: [AthBtTray] - "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [800416 2012-02-23] (Atheros Commnucations)
    HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
    HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
    MountPoints2: {9c52da4d-bf2b-11e1-af82-806e6f6e6963} - D:\Setup.exe
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
    HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-22] (Intel Corporation)
    HKLM-x32\...\Run: [] - [x]
    HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [60552 2011-09-20] (Sony Corporation)
    HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
    HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
    HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
    HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP43&ocid=UP43DHP
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
    HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4}: [NameServer]4.2.2.4

    FireFox:
    ========
    FF ProfilePath: C:\Users\Lin\AppData\Roaming\Mozilla\Firefox\Profiles\jvbdt7j7.default
    FF SelectedSearchEngine: Google
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
    FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
    FF Plugin-x32: sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
    FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR RestoreOnStartup: "hxxp://www.google.com/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.445_0\plugin/npUrlAdvisor.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.445_0\plugin/npVKPlugin.dll No File
    CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.445_0\plugin/npABPlugin.dll No File
    CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll (Oracle Corporation)
    CHR Plugin: (Java(TM) Platform SE 7 U1) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
    CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
    CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
    CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Extension: (YouTube) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (AdBlock) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0
    CHR Extension: (FVD Video Downloader) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.1.4_0
    CHR Extension: (Skype Click to Call) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0
    CHR Extension: (Gmail) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

    ==================== Services (Whitelisted) =================

    S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
    S2 HiPatchService; C:\Users\New\SMITE\HiPatchService.exe [8704 2012-10-26] ()
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe [144520 2012-12-23] (Symantec Corporation)
    R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
    R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
    S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
    R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros)

    ==================== Drivers (Whitelisted) ====================

    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
    R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
    R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
    R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-14] (AVAST Software)
    R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-14] (AVAST Software)
    R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-14] ()
    S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
    S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
    R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1403000.024\ccSetx64.sys [168096 2012-11-15] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-11-25] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-11-25] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-02-26] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
    S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-02-23] (Atheros)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS [126192 2013-04-13] (Symantec Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS [126192 2013-04-13] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS [2087664 2013-04-13] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS [2087664 2013-04-13] (Symantec Corporation)
    S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-13] (Synaptics Incorporated)
    S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1403000.024\SRTSP64.SYS [796248 2013-01-28] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1403000.024\SRTSPX64.SYS [36952 2013-01-28] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1403000.024\SYMDS64.SYS [493656 2013-01-21] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1403000.024\SYMEFA64.SYS [1139800 2013-01-30] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-25] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1403000.024\Ironx64.SYS [224416 2012-11-15] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1403000.024\SYMNETS.SYS [432800 2013-01-30] (Symantec Corporation)

    ==================== NetSvcs (Whitelisted) ===================
  25. Justin Bronw

    Justin Bronw Newcomer, in training Topic Starter Posts: 34

    Part 2...

    ==================== One Month Created Files and Folders ========

    2013-07-15 20:28 - 2013-07-15 20:28 - 00000000 ____D C:\FRST
    2013-07-15 20:27 - 2013-07-15 20:27 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2013-07-15 20:23 - 2013-07-15 20:23 - 01778135 _____ (Farbar) C:\Users\Lin\Downloads\FRST64.exe
    2013-07-15 20:23 - 2013-07-15 20:23 - 00000822 _____ C:\Users\Lin\Desktop\more instructions.txt
    2013-07-15 15:20 - 2013-07-15 15:20 - 00022137 _____ C:\Users\Lin\Desktop\[pst this.txt
    2013-07-15 15:15 - 2013-07-15 15:15 - 00000224 _____ C:\Users\Lin\Desktop\instructions 2.txt
    2013-07-15 12:17 - 2013-07-15 15:19 - 00022137 _____ C:\Users\Lin\Downloads\Result.txt
    2013-07-15 12:15 - 2013-07-15 12:15 - 00002696 _____ C:\Users\Lin\Downloads\FSS.txt
    2013-07-15 12:11 - 2013-07-15 12:11 - 00001014 _____ C:\Users\Lin\Desktop\instructions.txt
    2013-07-15 12:07 - 2013-07-15 12:07 - 00760937 _____ (Farbar) C:\Users\Lin\Downloads\MiniToolBox.exe
    2013-07-15 12:07 - 2013-07-15 12:07 - 00357077 _____ (Farbar) C:\Users\Lin\Downloads\FSS.exe
    2013-07-15 11:27 - 2013-07-15 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2013-07-15 11:26 - 2013-07-15 11:53 - 00000000 ____D C:\Users\Lin\Desktop\mbar
    2013-07-15 11:25 - 2013-07-15 11:25 - 13399154 _____ C:\Users\Lin\Downloads\mbar-1.06.0.1004.zip
    2013-07-15 11:24 - 2013-07-15 11:24 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
    2013-07-15 11:12 - 2013-06-11 18:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-15 11:12 - 2013-06-11 18:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-15 11:12 - 2013-06-11 18:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-15 11:12 - 2013-06-11 18:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-15 11:12 - 2013-06-11 18:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-15 11:12 - 2013-06-11 18:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-15 11:12 - 2013-06-11 18:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-15 11:12 - 2013-06-11 18:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-15 11:12 - 2013-06-11 18:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-07-15 11:12 - 2013-06-11 18:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-07-15 11:12 - 2013-06-11 18:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-07-15 11:12 - 2013-06-11 17:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-15 11:12 - 2013-06-11 17:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-07-15 11:12 - 2013-06-06 22:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-07-15 11:12 - 2013-06-06 21:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-15 11:11 - 2013-06-11 18:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-15 11:11 - 2013-06-11 18:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-15 11:11 - 2013-06-11 18:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-15 11:11 - 2013-06-11 18:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-15 11:11 - 2013-06-11 18:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-15 11:11 - 2013-06-11 18:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-07-15 11:11 - 2013-06-11 18:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-07-15 11:11 - 2013-06-11 18:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-07-15 11:11 - 2013-06-11 18:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-07-15 11:11 - 2013-06-11 18:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-07-15 11:01 - 2013-07-15 11:01 - 00000355 _____ C:\Users\Lin\Desktop\Computer - Shortcut.lnk
    2013-07-15 10:59 - 2013-07-15 10:59 - 00001625 _____ C:\Users\Lin\Desktop\RKreport[0]_D_07152013_105917.txt
    2013-07-15 10:59 - 2013-07-15 10:59 - 00001576 _____ C:\Users\Lin\Desktop\RKreport[0]_S_07152013_105904.txt
    2013-07-15 10:57 - 2013-07-15 11:01 - 00000000 ____D C:\Users\Lin\Desktop\RK_Quarantine
    2013-07-15 10:57 - 2013-07-15 10:57 - 03775488 _____ C:\Users\Lin\Downloads\RogueKillerX64.exe
    2013-07-15 10:18 - 2013-07-15 10:18 - 00000000 ____D C:\TDSSKiller_Quarantine
    2013-07-15 10:17 - 2013-02-11 18:51 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Lin\Desktop\TDSSKiller.exe
    2013-07-15 10:17 - 2011-01-01 01:14 - 00002254 ____R C:\Users\Lin\Desktop\eula.txt
    2013-07-15 10:16 - 2013-07-15 10:16 - 02218636 _____ C:\Users\Lin\Downloads\tdsskiller.zip
    2013-07-14 17:49 - 2013-07-14 17:49 - 00270272 _____ C:\Windows\Minidump\071413-31824-01.dmp
    2013-07-14 16:54 - 2013-07-14 16:54 - 00000000 __SHD C:\found.005
    2013-07-14 14:09 - 2013-07-14 14:09 - 00026085 _____ C:\Users\Lin\Desktop\dds.txt
    2013-07-14 14:09 - 2013-07-14 14:09 - 00019111 _____ C:\Users\Lin\Desktop\attach.txt
    2013-07-14 13:58 - 2013-07-14 13:58 - 00000116 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2013-07-14 13:38 - 2013-07-14 13:38 - 00000000 __SHD C:\found.004
    2013-07-14 13:15 - 2013-07-14 13:15 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Malwarebytes
    2013-07-14 13:14 - 2013-07-14 13:14 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-07-14 13:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
    2013-07-14 13:13 - 2013-05-09 03:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2013-07-14 13:13 - 2013-05-09 03:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2013-07-14 13:13 - 2013-05-09 03:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
    2013-07-14 13:13 - 2013-05-09 03:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
    2013-07-14 13:13 - 2013-05-09 03:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
    2013-07-14 13:13 - 2013-05-09 03:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2013-07-14 13:13 - 2013-05-09 03:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
    2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\ProgramData\AVAST Software
    2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\Program Files\AVAST Software
    2013-07-14 13:02 - 2013-07-14 13:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lin\Downloads\mbam-setup-1.75.0.1300.exe
    2013-07-14 13:02 - 2013-07-14 13:02 - 00688992 ____R (Swearware) C:\Users\Lin\Downloads\dds.com
    2013-07-14 13:00 - 2013-07-14 13:11 - 117478104 _____ C:\Users\Lin\Downloads\avast_free_antivirus_setup.exe
    2013-07-14 09:23 - 2004-01-15 11:58 - 00040960 _____ C:\Windows\SysWOW64\USB54G.dll
    2013-07-14 09:23 - 2003-10-13 15:30 - 00094208 _____ () C:\Windows\SysWOW64\GTW32N50.dll
    2013-07-14 09:23 - 2003-09-25 23:28 - 00031930 _____ C:\Windows\SysWOW64\GTNDIS3.VXD
    2013-07-14 09:23 - 2003-09-25 22:15 - 00015872 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\GTNDIS5.sys
    2013-07-14 09:22 - 2013-07-14 12:43 - 00000000 ____D C:\Program Files (x86)\Wireless-G USB Network Adapter
    2013-07-14 09:07 - 2013-07-14 09:07 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
    2013-07-14 03:20 - 2013-07-14 03:20 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-07-14 03:20 - 2013-07-14 03:20 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-07-14 03:20 - 2013-07-14 03:20 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-07-14 03:20 - 2013-07-14 03:20 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-07-14 03:20 - 2013-07-14 03:20 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-07-14 03:20 - 2013-07-14 03:20 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-07-14 03:20 - 2013-07-14 03:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-07-13 23:30 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2013-07-13 23:30 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2013-07-13 23:30 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2013-07-13 23:30 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-07-13 23:29 - 2013-06-04 22:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-07-13 23:27 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-07-13 23:27 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2013-07-13 22:12 - 2013-07-14 03:23 - 00010530 _____ C:\Windows\IE10_main.log
    2013-06-20 21:41 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
    2013-06-20 21:41 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2013-06-20 21:41 - 2013-05-08 01:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2013-06-20 21:41 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2013-06-20 21:41 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2013-06-20 21:41 - 2013-04-10 01:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2013-06-20 21:41 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2013-06-20 21:41 - 2013-03-19 00:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2013-06-20 21:41 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2013-06-20 21:41 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2013-06-20 21:40 - 2013-05-13 00:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2013-06-20 21:40 - 2013-05-13 00:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2013-06-20 21:40 - 2013-05-13 00:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2013-06-20 21:40 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
    2013-06-20 21:40 - 2013-05-12 23:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2013-06-20 21:40 - 2013-05-12 23:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2013-06-20 21:40 - 2013-05-12 23:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2013-06-20 21:40 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
    2013-06-20 21:40 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
    2013-06-20 21:40 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
    2013-06-20 21:40 - 2013-04-17 02:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2013-06-20 21:40 - 2013-04-17 01:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2013-06-20 21:25 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2013-06-20 21:25 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

    ==================== One Month Modified Files and Folders =======

    2013-07-15 20:28 - 2013-07-15 20:28 - 00000000 ____D C:\FRST
    2013-07-15 20:27 - 2013-07-15 20:27 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
    2013-07-15 20:27 - 2012-09-04 21:35 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-15 20:27 - 2012-08-13 22:18 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Skype
    2013-07-15 20:24 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-15 20:24 - 2009-07-13 23:51 - 00068464 _____ C:\Windows\setupact.log
    2013-07-15 20:23 - 2013-07-15 20:23 - 01778135 _____ (Farbar) C:\Users\Lin\Downloads\FRST64.exe
    2013-07-15 20:23 - 2013-07-15 20:23 - 00000822 _____ C:\Users\Lin\Desktop\more instructions.txt
    2013-07-15 15:20 - 2013-07-15 15:20 - 00022137 _____ C:\Users\Lin\Desktop\[pst this.txt
    2013-07-15 15:20 - 2012-06-25 20:14 - 01322752 _____ C:\Windows\WindowsUpdate.log
    2013-07-15 15:20 - 2009-07-13 23:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-15 15:20 - 2009-07-13 23:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-15 15:19 - 2013-07-15 12:17 - 00022137 _____ C:\Users\Lin\Downloads\Result.txt
    2013-07-15 15:15 - 2013-07-15 15:15 - 00000224 _____ C:\Users\Lin\Desktop\instructions 2.txt
    2013-07-15 12:15 - 2013-07-15 12:15 - 00002696 _____ C:\Users\Lin\Downloads\FSS.txt
    2013-07-15 12:11 - 2013-07-15 12:11 - 00001014 _____ C:\Users\Lin\Desktop\instructions.txt
    2013-07-15 12:07 - 2013-07-15 12:07 - 00760937 _____ (Farbar) C:\Users\Lin\Downloads\MiniToolBox.exe
    2013-07-15 12:07 - 2013-07-15 12:07 - 00357077 _____ (Farbar) C:\Users\Lin\Downloads\FSS.exe
    2013-07-15 11:53 - 2013-07-15 11:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2013-07-15 11:53 - 2013-07-15 11:26 - 00000000 ____D C:\Users\Lin\Desktop\mbar
    2013-07-15 11:25 - 2013-07-15 11:25 - 13399154 _____ C:\Users\Lin\Downloads\mbar-1.06.0.1004.zip
    2013-07-15 11:24 - 2013-07-15 11:24 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
    2013-07-15 11:11 - 2012-09-04 21:35 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-15 11:01 - 2013-07-15 11:01 - 00000355 _____ C:\Users\Lin\Desktop\Computer - Shortcut.lnk
    2013-07-15 11:01 - 2013-07-15 10:57 - 00000000 ____D C:\Users\Lin\Desktop\RK_Quarantine
    2013-07-15 10:59 - 2013-07-15 10:59 - 00001625 _____ C:\Users\Lin\Desktop\RKreport[0]_D_07152013_105917.txt
    2013-07-15 10:59 - 2013-07-15 10:59 - 00001576 _____ C:\Users\Lin\Desktop\RKreport[0]_S_07152013_105904.txt
    2013-07-15 10:57 - 2013-07-15 10:57 - 03775488 _____ C:\Users\Lin\Downloads\RogueKillerX64.exe
    2013-07-15 10:28 - 2013-05-27 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-07-15 10:18 - 2013-07-15 10:18 - 00000000 ____D C:\TDSSKiller_Quarantine
    2013-07-15 10:16 - 2013-07-15 10:16 - 02218636 _____ C:\Users\Lin\Downloads\tdsskiller.zip
    2013-07-14 17:49 - 2013-07-14 17:49 - 00270272 _____ C:\Windows\Minidump\071413-31824-01.dmp
    2013-07-14 17:49 - 2013-01-08 12:35 - 339398593 _____ C:\Windows\MEMORY.DMP
    2013-07-14 17:49 - 2013-01-08 12:35 - 00000000 ____D C:\Windows\Minidump
    2013-07-14 16:54 - 2013-07-14 16:54 - 00000000 __SHD C:\found.005
    2013-07-14 14:09 - 2013-07-14 14:09 - 00026085 _____ C:\Users\Lin\Desktop\dds.txt
    2013-07-14 14:09 - 2013-07-14 14:09 - 00019111 _____ C:\Users\Lin\Desktop\attach.txt
    2013-07-14 13:58 - 2013-07-14 13:58 - 00000116 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    2013-07-14 13:55 - 2010-11-20 22:47 - 00074006 _____ C:\Windows\PFRO.log
    2013-07-14 13:38 - 2013-07-14 13:38 - 00000000 __SHD C:\found.004
    2013-07-14 13:15 - 2013-07-14 13:15 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Malwarebytes
    2013-07-14 13:14 - 2013-07-14 13:14 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\ProgramData\Malwarebytes
    2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-07-14 13:14 - 2012-08-13 21:19 - 00000000 ____D C:\Users\Lin
    2013-07-14 13:13 - 2013-07-14 13:13 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
    2013-07-14 13:13 - 2013-07-14 13:13 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
    2013-07-14 13:13 - 2013-07-14 13:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
    2013-07-14 13:13 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Offline Web Pages
    2013-07-14 13:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2013-07-14 13:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\ProgramData\AVAST Software
    2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\Program Files\AVAST Software
    2013-07-14 13:11 - 2013-07-14 13:00 - 117478104 _____ C:\Users\Lin\Downloads\avast_free_antivirus_setup.exe
    2013-07-14 13:02 - 2013-07-14 13:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lin\Downloads\mbam-setup-1.75.0.1300.exe
    2013-07-14 13:02 - 2013-07-14 13:02 - 00688992 ____R (Swearware) C:\Users\Lin\Downloads\dds.com
    2013-07-14 12:43 - 2013-07-14 09:22 - 00000000 ____D C:\Program Files (x86)\Wireless-G USB Network Adapter
    2013-07-14 12:43 - 2013-03-13 17:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-07-14 12:43 - 2013-03-13 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-07-14 12:43 - 2012-12-05 20:12 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-07-14 12:43 - 2012-02-23 23:01 - 00000000 ____D C:\Program Files\Windows Journal
    2013-07-14 12:43 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
    2013-07-14 12:43 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2013-07-14 12:43 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2013-07-14 12:40 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
    2013-07-14 12:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
    2013-07-14 12:00 - 2012-06-16 02:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-14 11:29 - 2012-06-16 01:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-07-14 11:27 - 2012-06-16 02:12 - 00000000 ____D C:\Program Files\Sony
    2013-07-14 11:26 - 2012-06-16 01:18 - 00000000 ____D C:\ProgramData\Sony Corporation
    2013-07-14 11:11 - 2012-08-13 21:25 - 00000000 ____D C:\Users\Lin\Documents\Bluetooth Folder
    2013-07-14 09:22 - 2004-04-15 00:13 - 00001365 _____ C:\Windows\SysWOW64\wlan.ini
    2013-07-14 09:08 - 2009-07-14 00:13 - 00783876 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-07-14 09:07 - 2013-07-14 09:07 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
    2013-07-14 08:28 - 2012-08-13 21:25 - 00001417 _____ C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-07-14 08:25 - 2009-07-13 23:45 - 00451272 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-07-14 03:23 - 2013-07-13 22:12 - 00010530 _____ C:\Windows\IE10_main.log
    2013-07-14 03:20 - 2013-07-14 03:20 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-07-14 03:20 - 2013-07-14 03:20 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-07-14 03:20 - 2013-07-14 03:20 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-07-14 03:20 - 2013-07-14 03:20 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-07-14 03:20 - 2013-07-14 03:20 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-07-14 03:20 - 2013-07-14 03:20 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-07-14 03:20 - 2013-07-14 03:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-07-14 03:20 - 2013-07-14 03:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-07-14 03:20 - 2013-07-14 03:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-07-14 03:15 - 2012-02-23 23:01 - 00000000 ____D C:\Windows\ShellNew
    2013-07-14 03:15 - 2011-02-10 18:03 - 00778092 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2013-07-14 03:14 - 2012-08-13 22:19 - 00000000 ____D C:\Users\Lin\AppData\Roaming\ArcSoft
    2013-07-14 03:14 - 2012-08-13 21:25 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-07-14 03:14 - 2012-08-13 21:25 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-07-14 03:13 - 2013-06-05 19:50 - 00000000 ____D C:\3ea25586d073a50fab7413154c54d4
    2013-07-14 03:13 - 2013-02-27 00:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-07-13 21:57 - 2012-09-04 21:36 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-07-14 01:02

    ==================== End Of Log ============================


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.