Solved Can only access internet in safe mode...

J

Justin Bronw

Posts: 34   +0
Alright so I'm running Windows 7 on a Sony Vaio computer and I can only actually access the internet in safe mode. In regular mode, it says I'm connected to my Wi-Fi, but there is the red "X" over the network icon in the task bar and I cannot access the internet. However, when I run it in safe mode w/ networking, I can access the internet.

The computer has had virus problems in the past. I originally had Norton 360 installed, but it did not protect the computer and I tried removing it, but it did not completely delete from my laptop.

I have a feeling that there is still some program/viruses blocking my internet access since I can access it in safe mode...Any help would be appreciated.
 
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Safe mode will be fine for now.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.14.06

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16521
Lin :: LIN-VAIO [administrator]

7/14/2013 1:16:10 PM
mbam-log-2013-07-14 (13-16-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218289
Time elapsed: 6 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16521
Run by Lin at 14:09:30 on 2013-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3996.2553 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\syswow64\svchost.exe -k netsvcs
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://sony.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{83D384AC-9C88-466A-90B3-F2B40938F7B8} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4} : NameServer = 4.2.2.4
TCP: Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lin\AppData\Roaming\Mozilla\Firefox\Profiles\jvbdt7j7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
FF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - ExtSQL: 2013-07-14 13:13; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403000.024\symds64.sys [2013-2-26 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403000.024\symefa64.sys [2013-2-26 1139800]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 787736]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-27 675432]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-15 14336]
S0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-14 65336]
S0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-7-14 189936]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-7-14 1030952]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-7-14 378944]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [2013-3-21 1387608]
S1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403000.024\ccsetx64.sys [2013-2-26 168096]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSviA64.sys [2013-4-12 513184]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403000.024\ironx64.sys [2013-2-26 224416]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403000.024\symnets.sys [2013-2-26 432800]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-7-14 33400]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-14 80816]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-23 106144]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-14 46808]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Users\New\SMITE\HiPatchService.exe [2012-11-2 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-16 13592]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-6-16 2429544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-6-16 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-16 161560]
S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccsvchst.exe [2013-2-26 144520]
S2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-1-11 386344]
S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S2 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [2012-6-16 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-16 363800]
S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-2-23 158880]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-6-16 19968]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
S3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-3 138912]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-2-23 36128]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-6-16 339048]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-3-14 21264]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-6-16 535688]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-20 54432]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-23 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-14 21:54:16 -------- d-sh--w- C:\found.005
2013-07-14 18:38:57 -------- d-sh--w- C:\found.004
2013-07-14 18:15:01 -------- d-----w- C:\Users\Lin\AppData\Roaming\Malwarebytes
2013-07-14 18:14:44 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-14 18:14:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-14 18:14:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 18:14:32 -------- d-----w- C:\Users\Lin\AppData\Local\Programs
2013-07-14 18:13:43 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-07-14 18:13:42 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-07-14 18:13:42 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-07-14 18:13:42 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-07-14 18:13:42 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-07-14 18:13:02 41664 ----a-w- C:\Windows\avastSS.scr
2013-07-14 18:12:43 -------- d-----w- C:\Program Files\AVAST Software
2013-07-14 18:12:28 -------- d-----w- C:\ProgramData\AVAST Software
2013-07-14 14:23:05 94208 ----a-w- C:\Windows\SysWow64\GTW32N50.dll
2013-07-14 14:23:05 40960 ----a-w- C:\Windows\SysWow64\USB54G.dll
2013-07-14 14:23:05 31930 ----a-w- C:\Windows\SysWow64\GTNDIS3.VXD
2013-07-14 14:23:05 15872 ----a-w- C:\Windows\SysWow64\GTNDIS5.sys
2013-07-14 14:22:10 -------- d-----w- C:\Program Files (x86)\Wireless-G USB Network Adapter
2013-07-14 04:30:39 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-14 04:30:38 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-14 04:30:38 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-14 04:30:38 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-14 04:30:38 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-14 04:30:38 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-14 04:30:38 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-14 04:30:08 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-14 04:30:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-14 04:30:05 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-14 04:30:05 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-14 04:29:07 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-14 04:28:56 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-14 04:28:56 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-14 04:28:55 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-14 04:28:55 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-14 04:28:54 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-14 04:27:19 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-14 04:27:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-06-21 02:41:37 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-06-21 02:41:37 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-06-21 02:41:36 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-21 02:41:36 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-06-21 02:41:32 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-06-21 02:41:32 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-06-21 02:41:31 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-21 02:41:31 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-21 02:41:03 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-21 02:41:03 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-21 02:40:28 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-06-21 02:40:27 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-06-21 02:40:22 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-21 02:40:22 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-21 02:40:22 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-21 02:40:21 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-21 02:40:21 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-21 02:40:21 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-21 02:40:21 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-21 02:40:21 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-21 02:40:21 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-21 02:40:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-06-21 02:25:37 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-06-21 02:25:37 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
.
==================== Find3M ====================
.
2013-05-26 03:00:32 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-26 03:00:32 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 14:09:40.25 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/13/2012 9:19:10 PM
System Uptime: 7/14/2013 1:58:37 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz | N/A | 2394/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 447 GiB total, 347.073 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswRvrt
Device ID: ROOT\LEGACY_ASWRVRT\0000
Manufacturer:
Name: aswRvrt
PNP Device ID: ROOT\LEGACY_ASWRVRT\0000
Service: aswRvrt
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: aswVmm
Device ID: ROOT\LEGACY_ASWVMM\0000
Manufacturer:
Name: aswVmm
PNP Device ID: ROOT\LEGACY_ASWVMM\0000
Service: aswVmm
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP97: 5/25/2013 11:32:16 PM - Windows Update
RP98: 5/29/2013 3:00:32 AM - Windows Update
RP99: 6/5/2013 7:48:17 PM - Windows Update
RP100: 6/20/2013 9:15:37 PM - Windows Update
RP101: 7/13/2013 9:59:15 PM - Windows Update
RP102: 7/13/2013 11:28:32 PM - Restore Operation
RP103: 7/14/2013 3:00:32 AM - Windows Update
RP104: 7/14/2013 9:22:13 AM - Installed Wireless-G USB Adapter
RP105: 7/14/2013 11:26:11 AM - Removed VAIO Smart Network
.
==== Installed Programs ======================
.
ACID Music Studio 8.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Apple Application Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-I Visual Effects 2
ArcSoft WebCam Companion 4
Art Effects for PDR10
Atheros Bluetooth Suite (64)
avast! Free Antivirus
Bing Bar
BSR Screen Recorder 6
CyberLink PowerDirector 10
CyberLink PowerDVD
CyberLink WaveEditor
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Architect Studio 5.0
Evernote v. 4.5.2
FDUx86
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hi-Rez Studios Authenticate and Update Service
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Java Auto Updater
Java(TM) 7 Update 1
Java(TM) 7 Update 1 (64-bit)
Junk Mail filter update
Keyboard_Shortcuts
KUx86
Malwarebytes Anti-Malware version 1.75.0.1300
Media Gallery
Media Go
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Starter 2010 - English
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MuseScore 1.3
Oasis2Service
PlayMemories Home
PlayReady PC Runtime amd64
PlayStation(R)Network Downloader
PlayStation(R)Store
PowerDirector
Qualcomm Atheros WiFi Driver Installation
QuickTime
Reader for PC
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Remote Keyboard
Remote Play with PlayStation(R)3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype Click to Call
Skype™ 6.3
SmartSound Quicktracks 5
Sound Forge Audio Studio 10.0
Spotify
SSLx64
SSLx86
Synaptics Pointing Device Driver
TrackID(TM) with BRAVIA
TriDef 3D (Sony) 2.0.5
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
V3DPx86
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
VAIO - PlayMemories Home Plug-in
VAIO - Remote Keyboard
VAIO - Remote Keyboard with PlayStation®3
VAIO - Remote Play with PlayStation®3
VAIO - TrackID™ with BRAVIA
VAIO 3D Portal
VAIO Care
VAIO Control Center
VAIO CPU Fan Diagnostic
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Gate
VAIO Gate Default
VAIO Gesture Control
VAIO Help and Support
VAIO Improvement
VAIO Manual
VAIO OOBE
VAIO Sample Contents
VAIO Satisfaction Survey.
VAIO Transfer Support
VAIO Update
VAIO Update Merge Module x64
VCCx64
VCCx86
Vegas Movie Studio HD Platinum 11.0
Ventrilo Client for Windows x64
VHD
VIx64
VIx86
VMLx86
VPMx64
VSSTx64
VSSTx86
VU5x64
VU5x86
VWSTx86
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
Wireless-G USB Adapter
.
==== Event Viewer Messages From Past Week ========
.
7/14/2013 9:07:47 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
7/14/2013 8:29:31 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2846071).
7/14/2013 3:01:41 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2813170).
7/14/2013 2:01:21 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2013 2:01:03 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2013 12:36:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
7/14/2013 12:24:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
7/14/2013 12:00:55 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8007948bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 071413-60075-01.
7/14/2013 11:45:56 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{FD750996-A87F-4C4A-9258-CEF5616169A4} because another computer on the network has the same name. The server could not start.
7/14/2013 1:59:24 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2013 1:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/14/2013 1:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/14/2013 1:59:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/14/2013 1:59:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/14/2013 1:59:03 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6
7/14/2013 1:58:57 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2013 1:58:06 PM, Error: Service Control Manager [7023] - The VAIO Content Metadata Intelligent Network Service Manager service terminated with the following error: %%-2147467243
7/14/2013 1:58:05 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The pipe has been ended.
7/14/2013 1:58:05 PM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The pipe has been ended.
7/14/2013 1:58:00 PM, Error: Service Control Manager [7023] - The VAIO Content Metadata Intelligent Analyzing Manager service terminated with the following error: %%-2147467243
7/14/2013 1:58:00 PM, Error: Service Control Manager [7023] - The VAIO Content Folder Watcher service terminated with the following error: %%-2147467243
7/14/2013 1:57:59 PM, Error: Microsoft-Windows-DistributedCOM [10004] - DCOM got error "1115" and was unable to logon nt authority\localservice in order to run the server: {CB45D4CA-8A34-4EF1-9957-6134E5270E83}
7/14/2013 1:57:57 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
7/14/2013 1:57:06 PM, Error: SRTSP [4] - Error loading virus definitions.
7/14/2013 1:56:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 SRTSP
7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: A system shutdown is in progress.
7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The system cannot find the path specified.
7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Network Connections service failed to start due to the following error: The system cannot find the path specified.
7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The system cannot find the path specified.
7/14/2013 1:56:42 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress.
7/14/2013 1:46:43 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/14/2013 1:13:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/13/2013 11:36:36 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy1.
7/13/2013 11:32:38 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VcmIAlzMgr service.
7/13/2013 11:27:19 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting.
7/13/2013 10:19:13 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.
.
==== End Of File ===========================
 
Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
10:17:17.0150 1620 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:17:17.0587 1620 ============================================================
10:17:17.0587 1620 Current date / time: 2013/07/15 10:17:17.0587
10:17:17.0587 1620 SystemInfo:
10:17:17.0587 1620
10:17:17.0587 1620 OS Version: 6.1.7601 ServicePack: 1.0
10:17:17.0587 1620 Product type: Workstation
10:17:17.0587 1620 ComputerName: LIN-VAIO
10:17:17.0587 1620 UserName: Lin
10:17:17.0587 1620 Windows directory: C:\Windows
10:17:17.0587 1620 System windows directory: C:\Windows
10:17:17.0587 1620 Running under WOW64
10:17:17.0587 1620 Processor architecture: Intel x64
10:17:17.0587 1620 Number of processors: 4
10:17:17.0587 1620 Page size: 0x1000
10:17:17.0587 1620 Boot type: Safe boot with network
10:17:17.0587 1620 ============================================================
10:17:18.0195 1620 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:17:18.0195 1620 ============================================================
10:17:18.0195 1620 \Device\Harddisk0\DR0:
10:17:18.0195 1620 MBR partitions:
10:17:18.0195 1620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24FE800, BlocksNum 0xAF000
10:17:18.0195 1620 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25AD800, BlocksNum 0x37DD8030
10:17:18.0195 1620 ============================================================
10:17:18.0226 1620 C: <-> \Device\Harddisk0\DR0\Partition2
10:17:18.0226 1620 ============================================================
10:17:18.0226 1620 Initialize success
10:17:18.0226 1620 ============================================================
10:17:28.0725 1160 ============================================================
10:17:28.0725 1160 Scan started
10:17:28.0725 1160 Mode: Manual;
10:17:28.0725 1160 ============================================================
10:17:28.0772 1160 ================ Scan system memory ========================
10:17:28.0772 1160 System memory - ok
10:17:28.0772 1160 ================ Scan services =============================
10:17:28.0975 1160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:17:28.0975 1160 1394ohci - ok
10:17:29.0068 1160 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:17:29.0084 1160 ACDaemon - ok
10:17:29.0131 1160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:17:29.0131 1160 ACPI - ok
10:17:29.0193 1160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:17:29.0193 1160 AcpiPmi - ok
10:17:29.0302 1160 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:17:29.0302 1160 AdobeFlashPlayerUpdateSvc - ok
10:17:29.0365 1160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:17:29.0365 1160 adp94xx - ok
10:17:29.0427 1160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:17:29.0427 1160 adpahci - ok
10:17:29.0458 1160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:17:29.0458 1160 adpu320 - ok
10:17:29.0505 1160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:17:29.0505 1160 AeLookupSvc - ok
10:17:29.0583 1160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:17:29.0583 1160 AFD - ok
10:17:29.0645 1160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:17:29.0645 1160 agp440 - ok
10:17:29.0677 1160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:17:29.0708 1160 ALG - ok
10:17:29.0770 1160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:17:29.0770 1160 aliide - ok
10:17:29.0786 1160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:17:29.0786 1160 amdide - ok
10:17:29.0801 1160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:17:29.0817 1160 AmdK8 - ok
10:17:29.0833 1160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:17:29.0833 1160 AmdPPM - ok
10:17:29.0895 1160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:17:29.0895 1160 amdsata - ok
10:17:29.0942 1160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:17:29.0942 1160 amdsbs - ok
10:17:29.0973 1160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:17:29.0973 1160 amdxata - ok
10:17:30.0020 1160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:17:30.0020 1160 AppID - ok
10:17:30.0035 1160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:17:30.0035 1160 AppIDSvc - ok
10:17:30.0082 1160 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
10:17:30.0082 1160 Appinfo - ok
10:17:30.0129 1160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:17:30.0129 1160 arc - ok
10:17:30.0145 1160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:17:30.0145 1160 arcsas - ok
10:17:30.0207 1160 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:17:30.0207 1160 ArcSoftKsUFilter - ok
10:17:30.0332 1160 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:17:30.0379 1160 aspnet_state - ok
10:17:30.0441 1160 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:17:30.0441 1160 aswFsBlk - ok
10:17:30.0519 1160 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:17:30.0519 1160 aswMonFlt - ok
10:17:30.0535 1160 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
10:17:30.0535 1160 aswRdr - ok
10:17:30.0581 1160 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:17:30.0581 1160 aswRvrt - ok
10:17:30.0644 1160 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:17:30.0644 1160 aswSnx - ok
10:17:30.0737 1160 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:17:30.0737 1160 aswSP - ok
10:17:30.0800 1160 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:17:30.0800 1160 aswTdi - ok
10:17:30.0847 1160 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:17:30.0862 1160 aswVmm - ok
10:17:30.0909 1160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:17:30.0909 1160 AsyncMac - ok
10:17:30.0971 1160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:17:30.0971 1160 atapi - ok
10:17:31.0018 1160 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
10:17:31.0018 1160 AthBTPort - ok
10:17:31.0096 1160 [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
10:17:31.0096 1160 ATHDFU - ok
10:17:31.0159 1160 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:17:31.0159 1160 AtherosSvc - ok
10:17:31.0252 1160 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:17:31.0299 1160 athr - ok
10:17:31.0361 1160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:17:31.0377 1160 AudioEndpointBuilder - ok
10:17:31.0377 1160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:17:31.0393 1160 AudioSrv - ok
10:17:31.0502 1160 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:17:31.0502 1160 avast! Antivirus - ok
10:17:31.0549 1160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:17:31.0549 1160 AxInstSV - ok
10:17:31.0595 1160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:17:31.0595 1160 b06bdrv - ok
10:17:31.0658 1160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:17:31.0658 1160 b57nd60a - ok
10:17:31.0798 1160 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
10:17:31.0798 1160 BBSvc - ok
10:17:31.0861 1160 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
10:17:31.0861 1160 BBUpdate - ok
10:17:31.0892 1160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:17:31.0892 1160 BDESVC - ok
10:17:31.0939 1160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:17:31.0939 1160 Beep - ok
10:17:32.0017 1160 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:17:32.0032 1160 BFE - ok
10:17:32.0266 1160 [ E92A3DA47BED7CC65D264235617ED46E ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys
10:17:32.0297 1160 BHDrvx64 - ok
10:17:32.0329 1160 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:17:32.0469 1160 BITS - ok
10:17:32.0516 1160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:17:32.0516 1160 blbdrive - ok
10:17:32.0563 1160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:17:32.0563 1160 bowser - ok
10:17:32.0609 1160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:17:32.0609 1160 BrFiltLo - ok
10:17:32.0641 1160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:17:32.0641 1160 BrFiltUp - ok
10:17:32.0672 1160 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:17:32.0672 1160 Browser - ok
10:17:32.0703 1160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:17:32.0703 1160 Brserid - ok
10:17:32.0734 1160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:17:32.0734 1160 BrSerWdm - ok
10:17:32.0750 1160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:17:32.0750 1160 BrUsbMdm - ok
10:17:32.0797 1160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:17:32.0797 1160 BrUsbSer - ok
10:17:32.0859 1160 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
10:17:32.0859 1160 BTATH_A2DP - ok
10:17:32.0890 1160 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
10:17:32.0890 1160 btath_avdt - ok
10:17:32.0937 1160 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
10:17:32.0937 1160 BTATH_BUS - ok
10:17:32.0984 1160 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
10:17:32.0984 1160 BTATH_HCRP - ok
10:17:33.0015 1160 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:17:33.0015 1160 BTATH_LWFLT - ok
10:17:33.0031 1160 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
10:17:33.0031 1160 BTATH_RCP - ok
10:17:33.0062 1160 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
10:17:33.0077 1160 BTATH_VDP - ok
10:17:33.0140 1160 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
10:17:33.0140 1160 BtFilter - ok
10:17:33.0202 1160 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:17:33.0202 1160 BthEnum - ok
10:17:33.0249 1160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:17:33.0249 1160 BTHMODEM - ok
10:17:33.0296 1160 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:17:33.0296 1160 BthPan - ok
10:17:33.0343 1160 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:17:33.0343 1160 BTHPORT - ok
10:17:33.0389 1160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:17:33.0389 1160 bthserv - ok
10:17:33.0421 1160 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:17:33.0421 1160 BTHUSB - ok
10:17:33.0499 1160 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1403000.024\ccSetx64.sys
10:17:33.0499 1160 ccSet_N360 - ok
10:17:33.0545 1160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:17:33.0545 1160 cdfs - ok
10:17:33.0608 1160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:17:33.0608 1160 cdrom - ok
10:17:33.0655 1160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:17:33.0670 1160 CertPropSvc - ok
10:17:33.0717 1160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:17:33.0717 1160 circlass - ok
10:17:33.0748 1160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:17:33.0764 1160 CLFS - ok
10:17:33.0842 1160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:17:33.0842 1160 clr_optimization_v2.0.50727_32 - ok
10:17:33.0889 1160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:17:33.0889 1160 clr_optimization_v2.0.50727_64 - ok
10:17:33.0982 1160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:17:34.0060 1160 clr_optimization_v4.0.30319_32 - ok
10:17:34.0091 1160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:17:34.0123 1160 clr_optimization_v4.0.30319_64 - ok
10:17:34.0185 1160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:17:34.0185 1160 CmBatt - ok
10:17:34.0216 1160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:17:34.0216 1160 cmdide - ok
10:17:34.0247 1160 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:17:34.0263 1160 CNG - ok
10:17:34.0325 1160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:17:34.0325 1160 Compbatt - ok
10:17:34.0341 1160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:17:34.0357 1160 CompositeBus - ok
10:17:34.0372 1160 COMSysApp - ok
10:17:34.0466 1160 [ 7324EC715932A12B09715B50891396F7 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:17:34.0513 1160 cphs - ok
10:17:34.0528 1160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:17:34.0528 1160 crcdisk - ok
10:17:34.0591 1160 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:17:34.0591 1160 CryptSvc - ok
10:17:34.0684 1160 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:17:34.0700 1160 cvhsvc - ok
10:17:34.0762 1160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:17:34.0778 1160 DcomLaunch - ok
10:17:34.0840 1160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:17:34.0856 1160 defragsvc - ok
10:17:34.0903 1160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:17:34.0903 1160 DfsC - ok
10:17:34.0965 1160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:17:34.0965 1160 Dhcp - ok
10:17:34.0981 1160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:17:34.0981 1160 discache - ok
10:17:35.0059 1160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:17:35.0059 1160 Disk - ok
10:17:35.0090 1160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:17:35.0090 1160 Dnscache - ok
10:17:35.0152 1160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:17:35.0152 1160 dot3svc - ok
10:17:35.0168 1160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:17:35.0168 1160 DPS - ok
10:17:35.0215 1160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:17:35.0215 1160 drmkaud - ok
10:17:35.0261 1160 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:17:35.0277 1160 DXGKrnl - ok
10:17:35.0324 1160 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
10:17:35.0339 1160 e1yexpress - ok
10:17:35.0402 1160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:17:35.0402 1160 EapHost - ok
10:17:35.0480 1160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:17:35.0527 1160 ebdrv - ok
10:17:35.0605 1160 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:17:35.0605 1160 eeCtrl - ok
10:17:35.0651 1160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:17:35.0651 1160 EFS - ok
10:17:35.0745 1160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:17:35.0745 1160 ehRecvr - ok
10:17:35.0792 1160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:17:35.0792 1160 ehSched - ok
10:17:35.0885 1160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:17:35.0885 1160 elxstor - ok
10:17:35.0995 1160 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:17:35.0995 1160 EraserUtilRebootDrv - ok
10:17:36.0041 1160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:17:36.0041 1160 ErrDev - ok
10:17:36.0119 1160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:17:36.0119 1160 EventSystem - ok
10:17:36.0182 1160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:17:36.0197 1160 exfat - ok
10:17:36.0229 1160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:17:36.0229 1160 fastfat - ok
10:17:36.0291 1160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:17:36.0307 1160 Fax - ok
10:17:36.0353 1160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:17:36.0353 1160 fdc - ok
10:17:36.0400 1160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:17:36.0400 1160 fdPHost - ok
10:17:36.0463 1160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:17:36.0463 1160 FDResPub - ok
10:17:36.0509 1160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:17:36.0509 1160 FileInfo - ok
10:17:36.0556 1160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:17:36.0556 1160 Filetrace - ok
10:17:36.0572 1160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:17:36.0572 1160 flpydisk - ok
10:17:36.0650 1160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:17:36.0665 1160 FltMgr - ok
10:17:36.0759 1160 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
10:17:36.0775 1160 FontCache - ok
10:17:36.0821 1160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:17:36.0821 1160 FontCache3.0.0.0 - ok
10:17:36.0868 1160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:17:36.0884 1160 FsDepends - ok
10:17:36.0946 1160 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:17:36.0946 1160 Fs_Rec - ok
10:17:37.0009 1160 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:17:37.0009 1160 fvevol - ok
10:17:37.0055 1160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:17:37.0071 1160 gagp30kx - ok
10:17:37.0133 1160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:17:37.0133 1160 gpsvc - ok
10:17:37.0258 1160 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:17:37.0258 1160 gupdate - ok
10:17:37.0258 1160 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:17:37.0274 1160 gupdatem - ok
10:17:37.0321 1160 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:17:37.0321 1160 gusvc - ok
10:17:37.0367 1160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:17:37.0367 1160 hcw85cir - ok
10:17:37.0430 1160 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:17:37.0445 1160 HdAudAddService - ok
10:17:37.0508 1160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:17:37.0508 1160 HDAudBus - ok
10:17:37.0570 1160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:17:37.0570 1160 HidBatt - ok
10:17:37.0586 1160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:17:37.0586 1160 HidBth - ok
10:17:37.0633 1160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:17:37.0648 1160 HidIr - ok
10:17:37.0664 1160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:17:37.0664 1160 hidserv - ok
10:17:37.0711 1160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:17:37.0711 1160 HidUsb - ok
10:17:37.0835 1160 [ D946C4E00B10BE82F8D142F508ECE41D ] HiPatchService C:\Users\New\SMITE\HiPatchService.exe
10:17:37.0851 1160 HiPatchService - ok
10:17:37.0867 1160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:17:37.0867 1160 hkmsvc - ok
10:17:37.0882 1160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:17:37.0882 1160 HomeGroupListener - ok
10:17:37.0945 1160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:17:37.0960 1160 HomeGroupProvider - ok
10:17:38.0023 1160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:17:38.0023 1160 HpSAMD - ok
10:17:38.0069 1160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:17:38.0069 1160 HTTP - ok
10:17:38.0101 1160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:17:38.0101 1160 hwpolicy - ok
10:17:38.0194 1160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:17:38.0194 1160 i8042prt - ok
10:17:38.0257 1160 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:17:38.0257 1160 iaStor - ok
10:17:38.0381 1160 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:17:38.0381 1160 IAStorDataMgrSvc - ok
10:17:38.0444 1160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:17:38.0444 1160 iaStorV - ok
10:17:38.0506 1160 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:17:38.0537 1160 IconMan_R - ok
10:17:38.0600 1160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:17:38.0615 1160 idsvc - ok
10:17:38.0803 1160 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys
10:17:38.0834 1160 IDSVia64 - ok
10:17:38.0959 1160 [ FCAA07539A6137EF78AAB39CC455CC5E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:17:39.0130 1160 igfx - ok
10:17:39.0193 1160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:17:39.0193 1160 iirsp - ok
10:17:39.0271 1160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:17:39.0271 1160 IKEEXT - ok
10:17:39.0427 1160 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:17:39.0520 1160 IntcAzAudAddService - ok
10:17:39.0598 1160 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:17:39.0598 1160 IntcDAud - ok
10:17:39.0707 1160 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
10:17:39.0707 1160 Intel(R) Capability Licensing Service Interface - ok
10:17:39.0785 1160 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
10:17:39.0785 1160 Intel(R) ME Service - ok
10:17:39.0848 1160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:17:39.0848 1160 intelide - ok
10:17:39.0895 1160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:17:39.0895 1160 intelppm - ok
10:17:39.0941 1160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:17:39.0973 1160 IPBusEnum - ok
10:17:39.0988 1160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:17:40.0004 1160 IpFilterDriver - ok
10:17:40.0035 1160 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:17:40.0051 1160 iphlpsvc - ok
10:17:40.0097 1160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:17:40.0097 1160 IPMIDRV - ok
10:17:40.0144 1160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:17:40.0144 1160 IPNAT - ok
10:17:40.0191 1160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:17:40.0191 1160 IRENUM - ok
10:17:40.0222 1160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:17:40.0222 1160 isapnp - ok
10:17:40.0269 1160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:17:40.0269 1160 iScsiPrt - ok
10:17:40.0316 1160 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
10:17:40.0316 1160 iusb3hcs - ok
10:17:40.0394 1160 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
10:17:40.0394 1160 iusb3hub - ok
10:17:40.0456 1160 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
10:17:40.0472 1160 iusb3xhc - ok
10:17:40.0519 1160 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:17:40.0519 1160 jhi_service - ok
10:17:40.0565 1160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:17:40.0565 1160 kbdclass - ok
10:17:40.0628 1160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:17:40.0628 1160 kbdhid - ok
10:17:40.0643 1160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:17:40.0643 1160 KeyIso - ok
10:17:40.0690 1160 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:17:40.0690 1160 KSecDD - ok
10:17:40.0721 1160 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:17:40.0737 1160 KSecPkg - ok
10:17:40.0753 1160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:17:40.0753 1160 ksthunk - ok
10:17:40.0815 1160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:17:40.0815 1160 KtmRm - ok
10:17:40.0877 1160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:17:40.0893 1160 LanmanServer - ok
10:17:40.0955 1160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:17:40.0955 1160 LanmanWorkstation - ok
10:17:41.0065 1160 [ 6CE0F55287EB8E8E472656E84DDCF4EA ] lehidmini C:\Windows\system32\drivers\leath_hid.sys
10:17:41.0065 1160 lehidmini - ok
10:17:41.0127 1160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:17:41.0127 1160 lltdio - ok
10:17:41.0174 1160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:17:41.0174 1160 lltdsvc - ok
10:17:41.0189 1160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:17:41.0189 1160 lmhosts - ok
10:17:41.0267 1160 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:17:41.0267 1160 LMS - ok
10:17:41.0345 1160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:17:41.0345 1160 LSI_FC - ok
10:17:41.0361 1160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:17:41.0361 1160 LSI_SAS - ok
10:17:41.0408 1160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:17:41.0408 1160 LSI_SAS2 - ok
10:17:41.0455 1160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:17:41.0455 1160 LSI_SCSI - ok
10:17:41.0501 1160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:17:41.0517 1160 luafv - ok
10:17:41.0564 1160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:17:41.0564 1160 Mcx2Svc - ok
10:17:41.0595 1160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:17:41.0595 1160 megasas - ok
10:17:41.0642 1160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:17:41.0642 1160 MegaSR - ok
10:17:41.0689 1160 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
10:17:41.0689 1160 MEIx64 - ok
10:17:41.0798 1160 Microsoft SharePoint Workspace Audit Service - ok
10:17:41.0860 1160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:17:41.0860 1160 MMCSS - ok
10:17:41.0907 1160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:17:41.0907 1160 Modem - ok
10:17:41.0954 1160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:17:41.0954 1160 monitor - ok
10:17:41.0969 1160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:17:41.0969 1160 mouclass - ok
10:17:42.0016 1160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:17:42.0032 1160 mouhid - ok
10:17:42.0079 1160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:17:42.0079 1160 mountmgr - ok
10:17:42.0188 1160 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:17:42.0188 1160 MozillaMaintenance - ok
10:17:42.0203 1160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:17:42.0203 1160 mpio - ok
10:17:42.0250 1160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:17:42.0250 1160 mpsdrv - ok
10:17:42.0281 1160 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:17:42.0297 1160 MpsSvc - ok
10:17:42.0313 1160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:17:42.0313 1160 MRxDAV - ok
10:17:42.0359 1160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:17:42.0359 1160 mrxsmb - ok
10:17:42.0406 1160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:17:42.0406 1160 mrxsmb10 - ok
10:17:42.0453 1160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:17:42.0453 1160 mrxsmb20 - ok
10:17:42.0515 1160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:17:42.0515 1160 msahci - ok
10:17:42.0547 1160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:17:42.0562 1160 msdsm - ok
10:17:42.0609 1160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:17:42.0609 1160 MSDTC - ok
10:17:42.0640 1160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:17:42.0640 1160 Msfs - ok
10:17:42.0687 1160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:17:42.0687 1160 mshidkmdf - ok
10:17:42.0749 1160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:17:42.0749 1160 msisadrv - ok
10:17:42.0796 1160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:17:42.0796 1160 MSiSCSI - ok
10:17:42.0796 1160 msiserver - ok
10:17:42.0859 1160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:17:42.0859 1160 MSKSSRV - ok
10:17:42.0874 1160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:17:42.0874 1160 MSPCLOCK - ok
10:17:42.0890 1160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:17:42.0890 1160 MSPQM - ok
10:17:42.0905 1160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:17:42.0905 1160 MsRPC - ok
10:17:42.0968 1160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:17:42.0968 1160 mssmbios - ok
10:17:42.0999 1160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:17:42.0999 1160 MSTEE - ok
10:17:43.0061 1160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:17:43.0061 1160 MTConfig - ok
10:17:43.0093 1160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:17:43.0093 1160 Mup - ok
10:17:43.0171 1160 [ 241BD3019FB31E812A51B31B06906335 ] N360 C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
10:17:43.0171 1160 N360 - ok
10:17:43.0233 1160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:17:43.0233 1160 napagent - ok
10:17:43.0311 1160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:17:43.0311 1160 NativeWifiP - ok
10:17:43.0420 1160 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS
10:17:43.0436 1160 NAVENG - ok
10:17:43.0498 1160 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS
10:17:43.0514 1160 NAVEX15 - ok
10:17:43.0576 1160 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:17:43.0592 1160 NDIS - ok
10:17:43.0639 1160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:17:43.0639 1160 NdisCap - ok
10:17:43.0685 1160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
 
(second part)...

10:17:43.0685 1160 NdisTapi - ok
10:17:43.0748 1160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:17:43.0748 1160 Ndisuio - ok
10:17:43.0763 1160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:17:43.0763 1160 NdisWan - ok
10:17:43.0779 1160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:17:43.0779 1160 NDProxy - ok
10:17:43.0810 1160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:17:43.0810 1160 NetBIOS - ok
10:17:43.0857 1160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:17:43.0857 1160 NetBT - ok
10:17:43.0904 1160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:17:43.0904 1160 Netlogon - ok
10:17:43.0966 1160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:17:43.0966 1160 Netman - ok
10:17:44.0060 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:17:44.0122 1160 NetMsmqActivator - ok
10:17:44.0122 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:17:44.0122 1160 NetPipeActivator - ok
10:17:44.0153 1160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:17:44.0169 1160 netprofm - ok
10:17:44.0169 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:17:44.0169 1160 NetTcpActivator - ok
10:17:44.0169 1160 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:17:44.0169 1160 NetTcpPortSharing - ok
10:17:44.0216 1160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:17:44.0216 1160 nfrd960 - ok
10:17:44.0231 1160 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:17:44.0231 1160 NlaSvc - ok
10:17:44.0294 1160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:17:44.0294 1160 Npfs - ok
10:17:44.0309 1160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:17:44.0309 1160 nsi - ok
10:17:44.0356 1160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:17:44.0356 1160 nsiproxy - ok
10:17:44.0450 1160 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:17:44.0465 1160 Ntfs - ok
10:17:44.0512 1160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:17:44.0512 1160 Null - ok
10:17:44.0715 1160 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:17:44.0918 1160 nvlddmkm - ok
10:17:44.0980 1160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:17:44.0980 1160 nvraid - ok
10:17:44.0996 1160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:17:44.0996 1160 nvstor - ok
10:17:45.0027 1160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:17:45.0027 1160 nv_agp - ok
10:17:45.0136 1160 [ 07D0A535A44DD048EE346853B0BB9349 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
10:17:45.0136 1160 Oasis2Service - ok
10:17:45.0245 1160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:17:45.0245 1160 ohci1394 - ok
10:17:45.0323 1160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:17:45.0339 1160 ose - ok
10:17:45.0433 1160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:17:45.0542 1160 osppsvc - ok
10:17:45.0573 1160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:17:45.0573 1160 p2pimsvc - ok
10:17:45.0604 1160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:17:45.0604 1160 p2psvc - ok
10:17:45.0635 1160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:17:45.0635 1160 Parport - ok
10:17:45.0667 1160 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:17:45.0667 1160 partmgr - ok
10:17:45.0682 1160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:17:45.0682 1160 PcaSvc - ok
10:17:45.0698 1160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:17:45.0698 1160 pci - ok
10:17:45.0729 1160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:17:45.0729 1160 pciide - ok
10:17:45.0760 1160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:17:45.0760 1160 pcmcia - ok
10:17:45.0791 1160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:17:45.0791 1160 pcw - ok
10:17:45.0807 1160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:17:45.0823 1160 PEAUTH - ok
10:17:46.0291 1160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:17:46.0322 1160 PerfHost - ok
10:17:46.0369 1160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:17:46.0384 1160 pla - ok
10:17:46.0447 1160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:17:46.0447 1160 PlugPlay - ok
10:17:46.0571 1160 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
10:17:46.0603 1160 PMBDeviceInfoProvider - ok
10:17:46.0649 1160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:17:46.0649 1160 PNRPAutoReg - ok
10:17:46.0681 1160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:17:46.0681 1160 PNRPsvc - ok
10:17:46.0712 1160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:17:46.0712 1160 PolicyAgent - ok
10:17:46.0727 1160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:17:46.0727 1160 Power - ok
10:17:46.0790 1160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:17:46.0790 1160 PptpMiniport - ok
10:17:46.0821 1160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:17:46.0821 1160 Processor - ok
10:17:46.0883 1160 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:17:46.0883 1160 ProfSvc - ok
10:17:46.0915 1160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:17:46.0915 1160 ProtectedStorage - ok
10:17:46.0946 1160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:17:46.0946 1160 Psched - ok
10:17:47.0086 1160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:17:47.0102 1160 ql2300 - ok
10:17:47.0211 1160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:17:47.0227 1160 ql40xx - ok
10:17:47.0383 1160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:17:47.0398 1160 QWAVE - ok
10:17:47.0476 1160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:17:47.0492 1160 QWAVEdrv - ok
10:17:47.0539 1160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:17:47.0554 1160 RasAcd - ok
10:17:47.0663 1160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:17:47.0679 1160 RasAgileVpn - ok
10:17:47.0757 1160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:17:47.0757 1160 RasAuto - ok
10:17:47.0804 1160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:17:47.0819 1160 Rasl2tp - ok
10:17:47.0835 1160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:17:47.0851 1160 RasMan - ok
10:17:47.0866 1160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:17:47.0866 1160 RasPppoe - ok
10:17:47.0866 1160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:17:47.0866 1160 RasSstp - ok
10:17:47.0897 1160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:17:47.0897 1160 rdbss - ok
10:17:47.0913 1160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:17:47.0913 1160 rdpbus - ok
10:17:47.0929 1160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:17:47.0944 1160 RDPCDD - ok
10:17:47.0975 1160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:17:47.0991 1160 RDPENCDD - ok
10:17:47.0991 1160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:17:47.0991 1160 RDPREFMP - ok
10:17:48.0038 1160 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:17:48.0038 1160 RDPWD - ok
10:17:48.0085 1160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:17:48.0085 1160 rdyboost - ok
10:17:48.0116 1160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:17:48.0116 1160 RemoteAccess - ok
10:17:48.0131 1160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:17:48.0131 1160 RemoteRegistry - ok
10:17:48.0194 1160 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:17:48.0194 1160 RFCOMM - ok
10:17:48.0319 1160 [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
10:17:48.0319 1160 RichVideo64 - ok
10:17:48.0381 1160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:17:48.0381 1160 RpcEptMapper - ok
10:17:48.0397 1160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:17:48.0397 1160 RpcLocator - ok
10:17:48.0428 1160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:17:48.0443 1160 RpcSs - ok
10:17:48.0490 1160 [ 9BD6DEBC9862FBE0C0467F0633B34962 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:17:48.0490 1160 RSPCIESTOR - ok
10:17:48.0521 1160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:17:48.0521 1160 rspndr - ok
10:17:48.0568 1160 [ EB8EA1C4C5E076D9EA61FB59960C5830 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:17:48.0568 1160 RTL8167 - ok
10:17:48.0646 1160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:17:48.0646 1160 SamSs - ok
10:17:48.0677 1160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:17:48.0677 1160 sbp2port - ok
10:17:48.0709 1160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:17:48.0709 1160 SCardSvr - ok
10:17:48.0740 1160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:17:48.0740 1160 scfilter - ok
10:17:48.0771 1160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:17:48.0787 1160 Schedule - ok
10:17:48.0802 1160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:17:48.0802 1160 SCPolicySvc - ok
10:17:48.0833 1160 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:17:48.0849 1160 sdbus - ok
10:17:48.0880 1160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:17:48.0880 1160 SDRSVC - ok
10:17:48.0927 1160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:17:48.0927 1160 secdrv - ok
10:17:48.0943 1160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:17:48.0943 1160 seclogon - ok
10:17:48.0958 1160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:17:48.0958 1160 SENS - ok
10:17:49.0005 1160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:17:49.0005 1160 SensrSvc - ok
10:17:49.0052 1160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:17:49.0052 1160 Serenum - ok
10:17:49.0067 1160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:17:49.0083 1160 Serial - ok
10:17:49.0114 1160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:17:49.0114 1160 sermouse - ok
10:17:49.0145 1160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:17:49.0145 1160 SessionEnv - ok
10:17:49.0208 1160 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\drivers\SFEP.sys
10:17:49.0208 1160 SFEP - ok
10:17:49.0239 1160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:17:49.0239 1160 sffdisk - ok
10:17:49.0255 1160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:17:49.0255 1160 sffp_mmc - ok
10:17:49.0286 1160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:17:49.0286 1160 sffp_sd - ok
10:17:49.0301 1160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:17:49.0301 1160 sfloppy - ok
10:17:49.0379 1160 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:17:49.0379 1160 Sftfs - ok
10:17:49.0442 1160 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:17:49.0442 1160 sftlist - ok
10:17:49.0489 1160 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:17:49.0489 1160 Sftplay - ok
10:17:49.0504 1160 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:17:49.0504 1160 Sftredir - ok
10:17:49.0520 1160 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:17:49.0520 1160 Sftvol - ok
10:17:49.0567 1160 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:17:49.0567 1160 sftvsa - ok
10:17:49.0629 1160 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:17:49.0629 1160 SharedAccess - ok
10:17:49.0660 1160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:17:49.0660 1160 ShellHWDetection - ok
10:17:49.0723 1160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:17:49.0723 1160 SiSRaid2 - ok
10:17:49.0754 1160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:17:49.0754 1160 SiSRaid4 - ok
10:17:49.0925 1160 [ 23E3C83DFF7B09A97B01A85ED8A44478 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:17:49.0972 1160 Skype C2C Service - ok
10:17:50.0019 1160 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:17:50.0019 1160 SkypeUpdate - ok
10:17:50.0081 1160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:17:50.0081 1160 Smb - ok
10:17:50.0128 1160 [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
10:17:50.0128 1160 SmbDrv - ok
10:17:50.0191 1160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:17:50.0191 1160 SNMPTRAP - ok
10:17:50.0315 1160 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:17:50.0315 1160 SOHCImp - ok
10:17:50.0331 1160 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:17:50.0331 1160 SOHDs - ok
10:17:50.0378 1160 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
10:17:50.0378 1160 Sony SCSI Helper Service - ok
10:17:50.0440 1160 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:17:50.0440 1160 SpfService - ok
10:17:50.0471 1160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:17:50.0471 1160 spldr - ok
10:17:50.0503 1160 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:17:50.0518 1160 Spooler - ok
10:17:50.0581 1160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:17:50.0627 1160 sppsvc - ok
10:17:50.0643 1160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:17:50.0643 1160 sppuinotify - ok
10:17:50.0721 1160 [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP C:\Windows\System32\Drivers\N360x64\1403000.024\SRTSP64.SYS
10:17:50.0737 1160 SRTSP - ok
10:17:50.0737 1160 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\N360x64\1403000.024\SRTSPX64.SYS
10:17:50.0737 1160 SRTSPX - ok
10:17:50.0783 1160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:17:50.0783 1160 srv - ok
10:17:50.0815 1160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:17:50.0815 1160 srv2 - ok
10:17:50.0830 1160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:17:50.0830 1160 srvnet - ok
10:17:50.0877 1160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:17:50.0877 1160 SSDPSRV - ok
10:17:50.0908 1160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:17:50.0908 1160 SstpSvc - ok
10:17:50.0939 1160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:17:50.0939 1160 stexstor - ok
10:17:50.0971 1160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:17:50.0971 1160 stisvc - ok
10:17:51.0002 1160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:17:51.0002 1160 swenum - ok
10:17:51.0033 1160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:17:51.0033 1160 swprv - ok
10:17:51.0064 1160 [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS C:\Windows\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
10:17:51.0064 1160 SymDS - ok
10:17:51.0127 1160 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
10:17:51.0142 1160 SymEFA - ok
10:17:51.0173 1160 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:17:51.0173 1160 SymEvent - ok
10:17:51.0205 1160 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1403000.024\Ironx64.SYS
10:17:51.0205 1160 SymIRON - ok
10:17:51.0251 1160 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1403000.024\SYMNETS.SYS
10:17:51.0251 1160 SymNetS - ok
10:17:51.0345 1160 [ 321EA1320771419C0956DE50F270C3E5 ] SynTP C:\Windows\system32\drivers\SynTP.sys
10:17:51.0345 1160 SynTP - ok
10:17:51.0392 1160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:17:51.0407 1160 SysMain - ok
10:17:51.0423 1160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:17:51.0423 1160 TabletInputService - ok
10:17:51.0454 1160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:17:51.0454 1160 TapiSrv - ok
10:17:51.0470 1160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:17:51.0470 1160 TBS - ok
10:17:51.0579 1160 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:17:51.0595 1160 Tcpip - ok
10:17:51.0626 1160 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:17:51.0641 1160 TCPIP6 - ok
10:17:51.0673 1160 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:17:51.0673 1160 tcpipreg - ok
10:17:51.0719 1160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:17:51.0719 1160 TDPIPE - ok
10:17:51.0735 1160 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:17:51.0735 1160 TDTCP - ok
10:17:51.0782 1160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:17:51.0782 1160 tdx - ok
10:17:51.0797 1160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:17:51.0797 1160 TermDD - ok
10:17:51.0829 1160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:17:51.0844 1160 TermService - ok
10:17:51.0860 1160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:17:51.0860 1160 Themes - ok
10:17:51.0875 1160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:17:51.0891 1160 THREADORDER - ok
10:17:51.0907 1160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:17:51.0907 1160 TrkWks - ok
10:17:51.0953 1160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:17:51.0953 1160 TrustedInstaller - ok
10:17:51.0985 1160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:17:51.0985 1160 tssecsrv - ok
10:17:52.0031 1160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:17:52.0031 1160 TsUsbFlt - ok
10:17:52.0063 1160 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:17:52.0063 1160 TsUsbGD - ok
10:17:52.0109 1160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:17:52.0109 1160 tunnel - ok
10:17:52.0141 1160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:17:52.0141 1160 uagp35 - ok
10:17:52.0219 1160 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe
10:17:52.0219 1160 uCamMonitor - ok
10:17:52.0265 1160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:17:52.0265 1160 udfs - ok
10:17:52.0297 1160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:17:52.0297 1160 UI0Detect - ok
10:17:52.0328 1160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:17:52.0328 1160 uliagpkx - ok
10:17:52.0390 1160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:17:52.0390 1160 umbus - ok
10:17:52.0437 1160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:17:52.0437 1160 UmPass - ok
10:17:52.0546 1160 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:17:52.0546 1160 UNS - ok
10:17:52.0609 1160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:17:52.0609 1160 upnphost - ok
10:17:52.0640 1160 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:17:52.0640 1160 usbccgp - ok
10:17:52.0687 1160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:17:52.0687 1160 usbcir - ok
10:17:52.0718 1160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:17:52.0718 1160 usbehci - ok
10:17:52.0765 1160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:17:52.0780 1160 usbhub - ok
10:17:52.0811 1160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:17:52.0811 1160 usbohci - ok
10:17:52.0827 1160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:17:52.0827 1160 usbprint - ok
10:17:52.0858 1160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:17:52.0858 1160 USBSTOR - ok
10:17:52.0874 1160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:17:52.0889 1160 usbuhci - ok
10:17:52.0936 1160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:17:52.0936 1160 usbvideo - ok
10:17:52.0983 1160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:17:52.0983 1160 UxSms - ok
10:17:53.0014 1160 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
10:17:53.0030 1160 VAIO Event Service - ok
10:17:53.0092 1160 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:17:53.0108 1160 VAIO Power Management - ok
10:17:53.0123 1160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:17:53.0123 1160 VaultSvc - ok
10:17:53.0170 1160 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:17:53.0186 1160 VCFw - ok
10:17:53.0233 1160 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:17:53.0248 1160 VcmIAlzMgr - ok
10:17:53.0264 1160 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:17:53.0279 1160 VcmINSMgr - ok
10:17:53.0326 1160 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:17:53.0326 1160 VcmXmlIfHelper - ok
10:17:53.0435 1160 [ D076011ECD0D1310E879F32EBF3B4886 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
10:17:53.0435 1160 VCService - ok
10:17:53.0498 1160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:17:53.0498 1160 vdrvroot - ok
10:17:53.0529 1160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:17:53.0529 1160 vds - ok
10:17:53.0576 1160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:17:53.0576 1160 vga - ok
10:17:53.0591 1160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:17:53.0591 1160 VgaSave - ok
10:17:53.0623 1160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:17:53.0623 1160 vhdmp - ok
10:17:53.0638 1160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:17:53.0638 1160 viaide - ok
10:17:53.0685 1160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:17:53.0685 1160 volmgr - ok
10:17:53.0701 1160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:17:53.0701 1160 volmgrx - ok
10:17:53.0716 1160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:17:53.0732 1160 volsnap - ok
10:17:53.0794 1160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:17:53.0794 1160 vsmraid - ok
10:17:53.0841 1160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:17:53.0857 1160 VSS - ok
10:17:53.0903 1160 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
10:17:53.0919 1160 VUAgent - ok
10:17:53.0950 1160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:17:53.0950 1160 vwifibus - ok
10:17:53.0997 1160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:17:53.0997 1160 vwififlt - ok
10:17:54.0044 1160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:17:54.0044 1160 vwifimp - ok
10:17:54.0075 1160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:17:54.0091 1160 W32Time - ok
10:17:54.0106 1160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:17:54.0106 1160 WacomPen - ok
10:17:54.0137 1160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:17:54.0137 1160 WANARP - ok
10:17:54.0153 1160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:17:54.0153 1160 Wanarpv6 - ok
10:17:54.0231 1160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:17:54.0247 1160 WatAdminSvc - ok
10:17:54.0293 1160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:17:54.0309 1160 wbengine - ok
10:17:54.0356 1160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:17:54.0356 1160 WbioSrvc - ok
10:17:54.0387 1160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:17:54.0387 1160 wcncsvc - ok
10:17:54.0418 1160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:17:54.0434 1160 WcsPlugInService - ok
10:17:54.0465 1160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:17:54.0465 1160 Wd - ok
10:17:54.0496 1160 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:17:54.0512 1160 Wdf01000 - ok
10:17:54.0527 1160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:17:54.0527 1160 WdiServiceHost - ok
10:17:54.0527 1160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:17:54.0527 1160 WdiSystemHost - ok
10:17:54.0559 1160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:17:54.0559 1160 WebClient - ok
10:17:54.0574 1160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:17:54.0574 1160 Wecsvc - ok
10:17:54.0590 1160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:17:54.0590 1160 wercplsupport - ok
10:17:54.0621 1160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:17:54.0637 1160 WerSvc - ok
10:17:54.0683 1160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:17:54.0683 1160 WfpLwf - ok
10:17:54.0715 1160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:17:54.0715 1160 WIMMount - ok
10:17:54.0746 1160 WinDefend - ok
10:17:54.0761 1160 WinHttpAutoProxySvc - ok
10:17:54.0839 1160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:17:54.0839 1160 Winmgmt - ok
10:17:54.0902 1160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:17:54.0917 1160 WinRM - ok
10:17:54.0995 1160 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:17:54.0995 1160 WinUsb - ok
10:17:55.0027 1160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:17:55.0042 1160 Wlansvc - ok
10:17:55.0105 1160 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:17:55.0105 1160 wlcrasvc - ok
10:17:55.0198 1160 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:17:55.0229 1160 wlidsvc - ok
10:17:55.0245 1160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:17:55.0245 1160 WmiAcpi - ok
10:17:55.0276 1160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:17:55.0276 1160 wmiApSrv - ok
10:17:55.0323 1160 WMPNetworkSvc - ok
10:17:55.0354 1160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:17:55.0354 1160 WPCSvc - ok
10:17:55.0370 1160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:17:55.0370 1160 WPDBusEnum - ok
10:17:55.0401 1160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:17:55.0401 1160 ws2ifsl - ok
10:17:55.0417 1160 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:17:55.0417 1160 wscsvc - ok
10:17:55.0479 1160 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:17:55.0479 1160 WSDPrintDevice - ok
10:17:55.0479 1160 WSearch - ok
10:17:55.0557 1160 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:17:55.0573 1160 wuauserv - ok
10:17:55.0619 1160 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:17:55.0619 1160 WudfPf - ok
10:17:55.0666 1160 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:17:55.0666 1160 WUDFRd - ok
10:17:55.0713 1160 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:17:55.0713 1160 wudfsvc - ok
10:17:55.0760 1160 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:17:55.0760 1160 WwanSvc - ok
10:17:55.0838 1160 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
10:17:55.0838 1160 ZAtheros Bt&Wlan Coex Agent - ok
10:17:55.0869 1160 ================ Scan global ===============================
10:17:55.0900 1160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:17:55.0978 1160 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:17:56.0009 1160 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
10:17:56.0056 1160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:17:56.0087 1160 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:17:56.0087 1160 [Global] - ok
10:17:56.0087 1160 ================ Scan MBR ==================================
10:17:56.0103 1160 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:17:56.0103 1160 Suspicious mbr (Forged): \Device\Harddisk0\DR0
10:17:56.0165 1160 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
10:17:56.0165 1160 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
10:17:56.0165 1160 ================ Scan VBR ==================================
10:17:56.0165 1160 [ 8C4315C51212EE753D0DF958841CA5F6 ] \Device\Harddisk0\DR0\Partition1
10:17:56.0165 1160 \Device\Harddisk0\DR0\Partition1 - ok
10:17:56.0181 1160 [ 6E53122C8AF07CE113C351938E4FE5E1 ] \Device\Harddisk0\DR0\Partition2
10:17:56.0181 1160 \Device\Harddisk0\DR0\Partition2 - ok
10:17:56.0181 1160 ============================================================
10:17:56.0181 1160 Scan finished
10:17:56.0181 1160 ============================================================
10:17:56.0181 1648 Detected object count: 1
10:17:56.0181 1648 Actual detected object count: 1
10:18:08.0146 1648 \Device\Harddisk0\DR0\# - copied to quarantine
10:18:08.0146 1648 \Device\Harddisk0\DR0 - copied to quarantine
10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
10:18:08.0177 1648 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
10:18:08.0193 1648 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
10:18:08.0209 1648 \Device\Harddisk0\DR0\TDLFS\ua - copied to quarantine
10:18:08.0224 1648 \Device\Harddisk0\DR0\TDLFS\x - copied to quarantine
10:18:08.0349 1648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
10:18:08.0349 1648 \Device\Harddisk0\DR0 - ok
10:18:10.0424 1648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
10:18:31.0738 0984 Deinitialize success
 
Good :)

Restart computer normally and see if you can connect.

Next...

redtarget.gif
Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
Still can't connect in regular mode (posting this in safe mode)
I attached a screenshot of my network in regular mode...
 

Attachments

  • Capture.PNG
    Capture.PNG
    174.4 KB · Views: 3
RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : hxxp://www.adlice.com/forum/
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Lin [Admin rights]
Mode : Remove -- Date : 07/15/2013 10:59:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST500LM012 HN-M500MBB +++++
--- User ---
[MBR] f3cf41453ecbc884d072f6027fc3d8e7
[BSP] fe653986d72f9ce43cef146b53b9970e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18940 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 38791168 | Size: 350 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 39507968 | Size: 457648 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_07152013_105917.txt >>
RKreport[0]_S_07152013_105904.txt
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.15.04

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16635
Lin :: LIN-VAIO [administrator]

7/15/2013 11:43:43 AM
mbar-log-2013-07-15 (11-43-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 244932
Time elapsed: 9 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 10.0.9200.16635

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4190486528, free: 3129700352

Downloaded database version: v2013.07.15.04
Initializing...
------------ Kernel report ------------
07/15/2013 11:27:01
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\iusb3xhc.sys
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\SFEP.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\iusb3hub.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\framebuf.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\msctf.dll
\Windows\System32\Wldap32.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007254060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004dc2050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80070f5870, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004dc2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3107966

Partition information:

Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 38789120

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 38791168 Numsec = 716800
Partition file system is NTFS
Partition is bootable

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 39507968 Numsec = 937263152

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_38791168_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 10.0.9200.16635

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 4190486528, free: 3397603328

Initializing...
------------ Kernel report ------------
07/15/2013 11:43:39
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\N360x64\1403000.024\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\N360x64\1403000.024\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\iusb3xhc.sys
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\SFEP.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\iusb3hub.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\framebuf.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\msctf.dll
\Windows\System32\Wldap32.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007254060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8004dc2050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80070f5870, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007254060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004dc2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3107966

Partition information:

Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 38789120

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 38791168 Numsec = 716800
Partition file system is NTFS
Partition is bootable

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 39507968 Numsec = 937263152

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_38791168_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
 
Download following two tools in Safe Mode with Networking but run them from NORMAL mode.

redtarget.gif
Please download Farbar Service Scanner Download Link and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Please download MiniToolBox, save it to your desktop and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Devices (do NOT change any settings)
  • List Users, Partitions and Memory size
  • List Restore Points
Click Go and post the result.
 
Farbar Service Scanner Version: 13-07-2013
Ran by Lin (administrator) on 15-07-2013 at 12:15:48
Running from "C:\Users\Lin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
MiniToolBox by Farbar Version: 13-07-2013
Ran by Lin (administrator) on 15-07-2013 at 12:17:23
Running from "C:\Users\Lin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lin-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-ED-B9-CB-54-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2519:718:7dfe:86da%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.11(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 15, 2013 12:12:16 PM
Lease Expires . . . . . . . . . . : Tuesday, July 16, 2013 12:12:18 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 235466169
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7A-C4-50-30-F9-ED-B5-31-4B
DNS Servers . . . . . . . . . . . : 4.2.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-F9-ED-B5-31-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FD750996-A87F-4C4A-9258-CEF5616169A4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{595923B2-8B4E-4B41-B39F-7623700E0E27}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{83D384AC-9C88-466A-90B3-F2B40938F7B8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4B1DB241-E295-4B04-8059-E10FF5295842}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: d.resolvers.level3.net
Address: 4.2.2.4

Name: google.com
Addresses: 2607:f8b0:4009:801::1001
74.125.225.32
74.125.225.34
74.125.225.39
74.125.225.38
74.125.225.36
74.125.225.35
74.125.225.46
74.125.225.41
74.125.225.40
74.125.225.37
74.125.225.33


Pinging google.com [173.194.46.32] with 32 bytes of data:
Reply from 173.194.46.32: bytes=32 time=15ms TTL=49
Reply from 173.194.46.32: bytes=32 time=14ms TTL=49

Ping statistics for 173.194.46.32:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: d.resolvers.level3.net
Address: 4.2.2.4

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=77ms TTL=41
Reply from 98.139.183.24: bytes=32 time=71ms TTL=41

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 77ms, Average = 74ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
22...2a ed b9 cb 54 4d ......Microsoft Virtual WiFi Miniport Adapter
21...08 ed b9 cb 54 4d ......Atheros AR9485WB-EG Wireless Network Adapter
13...30 f9 ed b5 31 4b ......Realtek PCIe GBE Family Controller
11...08 ed b9 cb 54 4e ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.11 281
192.168.1.11 255.255.255.255 On-link 192.168.1.11 281
192.168.1.255 255.255.255.255 On-link 192.168.1.11 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.11 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
21 281 fe80::/64 On-link
21 281 fe80::2519:718:7dfe:86da/128
On-link
1 306 ff00::/8 On-link
21 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/15/2013 00:16:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCAgent.exe, version: 7.3.0.13120, time stamp: 0x4f27637e
Faulting module name: mscorlib.ni.dll, version: 4.0.30319.1008, time stamp: 0x517a19ee
Exception code: 0xc0000005
Fault offset: 0x00000000003a2149
Faulting process id: 0xfdc
Faulting application start time: 0xVCAgent.exe0
Faulting application path: VCAgent.exe1
Faulting module path: VCAgent.exe2
Report Id: VCAgent.exe3

Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client) (User: )
Description: {tid=760}
The Application Virtualization Client could not determine the size of the file system cache (FS status 16D07A0A-0000E0A2).

Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client) (User: )
Description: {tid=760}
The Application Virtualization Client could not disconnect session 35 (FS status 16D1200A-0000E0A2).

Error: (07/15/2013 11:16:32 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The connection with the server was terminated abnormally

Error: (07/15/2013 11:07:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 10:49:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 10:42:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/15/2013 00:13:56 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/15/2013 00:13:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SRTSP

Error: (07/15/2013 00:12:04 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (07/15/2013 00:09:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:09:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:07:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:07:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:07:36 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:07:36 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 00:05:44 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/15/2013 00:16:16 PM) (Source: Application Error)(User: )
Description: VCAgent.exe7.3.0.131204f27637emscorlib.ni.dll4.0.30319.1008517a19eec000000500000000003a2149fdc01ce817f0208343bC:\Program Files\Sony\VAIO Care\VCAgent.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll416d44be-ed72-11e2-9882-08edb9cb544e

Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime)(User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client)(User: )
Description: {tid=760}
16D07A0A-0000E0A2

Error: (07/15/2013 11:24:00 AM) (Source: Application Virtualization Client)(User: )
Description: {tid=760}
3516D1200A-0000E0A2

Error: (07/15/2013 11:16:32 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The connection with the server was terminated abnormally

Error: (07/15/2013 11:07:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 10:49:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 10:42:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


========================= Devices: ================================

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 3996.36 MB
Available physical RAM: 1791.15 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5613.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.99 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:446.92 GB) (Free:346.07 GB) NTFS
2 Drive d: (WUSB54G) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\LIN-VAIO

Administrator Guest Lin

========================= Restore Points ==================================

29-05-2013 08:00:32 Windows Update
06-06-2013 00:48:17 Windows Update
21-06-2013 02:15:37 Windows Update
14-07-2013 02:59:15 Windows Update
14-07-2013 04:28:32 Restore Operation
14-07-2013 08:00:32 Windows Update
14-07-2013 14:22:13 Installed Wireless-G USB Adapter
14-07-2013 16:26:11 Removed VAIO Smart Network
15-07-2013 16:10:17 Windows Update
15-07-2013 16:10:56 After the thingy, but before the other thingy

**** End of log ****
 
Your connection looks perfectly fine.
"Ping" finds Google no problem.

What does actually make you think there is no connection?
Browser doesn't work?
 
Browser does not work, and the red "X" is on the connection in the task bar. I'll attach the picture again.

Everything seems like it should be working fine, wireless is working with other computers, connection works. just no internet access except in safe mode
 

Attachments

  • Capture.PNG
    Capture.PNG
    174.4 KB · Views: 2
Alright so I connected the ethernet cable and it recognizes the network, but it says "No internet access". See attached pic...
 

Attachments

  • capture 4.PNG
    capture 4.PNG
    140.2 KB · Views: 2
Keep the ethernet cable connected and re-run MiniToolbox with only this options checked:

  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Devices (do NOT change any settings)
 
MiniToolBox by Farbar Version: 13-07-2013
Ran by Lin (administrator) on 15-07-2013 at 15:19:17
Running from "C:\Users\Lin\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lin-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 2A-ED-B9-CB-54-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 30-F9-ED-B5-31-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c4c:9d4e:ecc1:e91a%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 15, 2013 3:17:07 PM
Lease Expires . . . . . . . . . . : Tuesday, July 16, 2013 3:18:34 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 288422381
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7A-C4-50-30-F9-ED-B5-31-4B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 08-ED-B9-CB-54-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FD750996-A87F-4C4A-9258-CEF5616169A4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {C13875F3-A074-4DE0-85D7-0B71DA1376AC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{83D384AC-9C88-466A-90B3-F2B40938F7B8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4009:803::1003
173.194.46.66
173.194.46.67
173.194.46.68
173.194.46.69
173.194.46.70
173.194.46.71
173.194.46.72
173.194.46.73
173.194.46.78
173.194.46.64
173.194.46.65


Pinging google.com [74.125.225.135] with 32 bytes of data:
Reply from 74.125.225.135: bytes=32 time=10ms TTL=49
Reply from 74.125.225.135: bytes=32 time=13ms TTL=49

Ping statistics for 74.125.225.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 13ms, Average = 11ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=118ms TTL=45
Reply from 206.190.36.45: bytes=32 time=107ms TTL=45

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 107ms, Maximum = 118ms, Average = 112ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
22...2a ed b9 cb 54 4d ......Microsoft Virtual WiFi Miniport Adapter
21...08 ed b9 cb 54 4d ......Atheros AR9485WB-EG Wireless Network Adapter
13...30 f9 ed b5 31 4b ......Realtek PCIe GBE Family Controller
11...08 ed b9 cb 54 4e ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 276 fe80::/64 On-link
13 276 fe80::2c4c:9d4e:ecc1:e91a/128
On-link
1 306 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/15/2013 03:18:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:43:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:37:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:23:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:18:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 00:20:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 00:16:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: VCAgent.exe, version: 7.3.0.13120, time stamp: 0x4f27637e
Faulting module name: mscorlib.ni.dll, version: 4.0.30319.1008, time stamp: 0x517a19ee
Exception code: 0xc0000005
Fault offset: 0x00000000003a2149
Faulting process id: 0xfdc
Faulting application start time: 0xVCAgent.exe0
Faulting application path: VCAgent.exe1
Faulting module path: VCAgent.exe2
Report Id: VCAgent.exe3

Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/15/2013 03:18:09 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/15/2013 03:17:25 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
SRTSP

Error: (07/15/2013 03:16:38 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/15/2013 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/15/2013 03:18:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:43:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:37:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:23:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 01:18:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 00:20:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 00:16:16 PM) (Source: Application Error)(User: )
Description: VCAgent.exe7.3.0.131204f27637emscorlib.ni.dll4.0.30319.1008517a19eec000000500000000003a2149fdc01ce817f0208343bC:\Program Files\Sony\VAIO Care\VCAgent.exeC:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\cb653b6b8da0966098d70da98cba1ef3\mscorlib.ni.dll416d44be-ed72-11e2-9882-08edb9cb544e

Error: (07/15/2013 00:16:15 PM) (Source: .NET Runtime)(User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at System.Collections.Generic.Dictionary`2[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(System.__Canon, System.__Canon, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (07/15/2013 00:14:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2013 11:26:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


========================= Devices: ================================

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


**** End of log ****
 
Your connection is definitely fine.
Something seems to be blocking browsers.

You can download following tool from Safe Mode with Networking but run it from NORMAL MODE.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by Lin (administrator) on 15-07-2013 20:28:13
Running from C:\Users\Lin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Sony Corporation) c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO [1156712 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [1020576 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [800416 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
MountPoints2: {9c52da4d-bf2b-11e1-af82-806e6f6e6963} - D:\Setup.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP43&ocid=UP43DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FD750996-A87F-4C4A-9258-CEF5616169A4}: [NameServer]4.2.2.4

FireFox:
========
FF ProfilePath: C:\Users\Lin\AppData\Roaming\Mozilla\Firefox\Profiles\jvbdt7j7.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: sony.com/ReaderDesktop - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.445_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.445_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.445_0\plugin/npABPlugin.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U1) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0
CHR Extension: (FVD Video Downloader) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.1.4_0
CHR Extension: (Skype Click to Call) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0
CHR Extension: (Gmail) - C:\Users\Lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 HiPatchService; C:\Users\New\SMITE\HiPatchService.exe [8704 2012-10-26] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe [144520 2012-12-23] (Symantec Corporation)
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-14] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-21] (Symantec Corporation)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1403000.024\ccSetx64.sys [168096 2012-11-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-11-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-11-25] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-02-26] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130412.001_32c\IDSvia64.sys [513184 2013-04-12] (Symantec Corporation)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-02-23] (Atheros)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS [126192 2013-04-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\ENG64.SYS [126192 2013-04-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS [2087664 2013-04-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130414.006\EX64.SYS [2087664 2013-04-13] (Symantec Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-13] (Synaptics Incorporated)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1403000.024\SRTSP64.SYS [796248 2013-01-28] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1403000.024\SRTSPX64.SYS [36952 2013-01-28] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1403000.024\SYMDS64.SYS [493656 2013-01-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1403000.024\SYMEFA64.SYS [1139800 2013-01-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1403000.024\Ironx64.SYS [224416 2012-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1403000.024\SYMNETS.SYS [432800 2013-01-30] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================
 
Part 2...

==================== One Month Created Files and Folders ========

2013-07-15 20:28 - 2013-07-15 20:28 - 00000000 ____D C:\FRST
2013-07-15 20:27 - 2013-07-15 20:27 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-07-15 20:23 - 2013-07-15 20:23 - 01778135 _____ (Farbar) C:\Users\Lin\Downloads\FRST64.exe
2013-07-15 20:23 - 2013-07-15 20:23 - 00000822 _____ C:\Users\Lin\Desktop\more instructions.txt
2013-07-15 15:20 - 2013-07-15 15:20 - 00022137 _____ C:\Users\Lin\Desktop\[pst this.txt
2013-07-15 15:15 - 2013-07-15 15:15 - 00000224 _____ C:\Users\Lin\Desktop\instructions 2.txt
2013-07-15 12:17 - 2013-07-15 15:19 - 00022137 _____ C:\Users\Lin\Downloads\Result.txt
2013-07-15 12:15 - 2013-07-15 12:15 - 00002696 _____ C:\Users\Lin\Downloads\FSS.txt
2013-07-15 12:11 - 2013-07-15 12:11 - 00001014 _____ C:\Users\Lin\Desktop\instructions.txt
2013-07-15 12:07 - 2013-07-15 12:07 - 00760937 _____ (Farbar) C:\Users\Lin\Downloads\MiniToolBox.exe
2013-07-15 12:07 - 2013-07-15 12:07 - 00357077 _____ (Farbar) C:\Users\Lin\Downloads\FSS.exe
2013-07-15 11:27 - 2013-07-15 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-15 11:26 - 2013-07-15 11:53 - 00000000 ____D C:\Users\Lin\Desktop\mbar
2013-07-15 11:25 - 2013-07-15 11:25 - 13399154 _____ C:\Users\Lin\Downloads\mbar-1.06.0.1004.zip
2013-07-15 11:24 - 2013-07-15 11:24 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2013-07-15 11:12 - 2013-06-11 18:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-15 11:12 - 2013-06-11 18:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-15 11:12 - 2013-06-11 18:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-15 11:12 - 2013-06-11 18:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-15 11:12 - 2013-06-11 18:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-15 11:12 - 2013-06-11 18:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-15 11:12 - 2013-06-11 18:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-15 11:12 - 2013-06-11 18:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-15 11:12 - 2013-06-11 18:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-15 11:12 - 2013-06-11 18:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-15 11:12 - 2013-06-11 18:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-15 11:12 - 2013-06-11 17:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-15 11:12 - 2013-06-11 17:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-15 11:12 - 2013-06-06 22:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-15 11:12 - 2013-06-06 21:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-15 11:11 - 2013-06-11 18:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-15 11:11 - 2013-06-11 18:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-15 11:11 - 2013-06-11 18:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-15 11:11 - 2013-06-11 18:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-15 11:11 - 2013-06-11 18:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-15 11:11 - 2013-06-11 18:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-15 11:11 - 2013-06-11 18:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-15 11:11 - 2013-06-11 18:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-15 11:11 - 2013-06-11 18:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-15 11:11 - 2013-06-11 18:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-15 11:01 - 2013-07-15 11:01 - 00000355 _____ C:\Users\Lin\Desktop\Computer - Shortcut.lnk
2013-07-15 10:59 - 2013-07-15 10:59 - 00001625 _____ C:\Users\Lin\Desktop\RKreport[0]_D_07152013_105917.txt
2013-07-15 10:59 - 2013-07-15 10:59 - 00001576 _____ C:\Users\Lin\Desktop\RKreport[0]_S_07152013_105904.txt
2013-07-15 10:57 - 2013-07-15 11:01 - 00000000 ____D C:\Users\Lin\Desktop\RK_Quarantine
2013-07-15 10:57 - 2013-07-15 10:57 - 03775488 _____ C:\Users\Lin\Downloads\RogueKillerX64.exe
2013-07-15 10:18 - 2013-07-15 10:18 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-15 10:17 - 2013-02-11 18:51 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Lin\Desktop\TDSSKiller.exe
2013-07-15 10:17 - 2011-01-01 01:14 - 00002254 ____R C:\Users\Lin\Desktop\eula.txt
2013-07-15 10:16 - 2013-07-15 10:16 - 02218636 _____ C:\Users\Lin\Downloads\tdsskiller.zip
2013-07-14 17:49 - 2013-07-14 17:49 - 00270272 _____ C:\Windows\Minidump\071413-31824-01.dmp
2013-07-14 16:54 - 2013-07-14 16:54 - 00000000 __SHD C:\found.005
2013-07-14 14:09 - 2013-07-14 14:09 - 00026085 _____ C:\Users\Lin\Desktop\dds.txt
2013-07-14 14:09 - 2013-07-14 14:09 - 00019111 _____ C:\Users\Lin\Desktop\attach.txt
2013-07-14 13:58 - 2013-07-14 13:58 - 00000116 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-07-14 13:38 - 2013-07-14 13:38 - 00000000 __SHD C:\found.004
2013-07-14 13:15 - 2013-07-14 13:15 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Malwarebytes
2013-07-14 13:14 - 2013-07-14 13:14 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 13:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-14 13:13 - 2013-07-14 13:13 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-14 13:13 - 2013-05-09 03:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-14 13:13 - 2013-05-09 03:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-14 13:13 - 2013-05-09 03:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-14 13:13 - 2013-05-09 03:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-14 13:13 - 2013-05-09 03:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-14 13:13 - 2013-05-09 03:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-14 13:13 - 2013-05-09 03:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-14 13:02 - 2013-07-14 13:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lin\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:02 - 2013-07-14 13:02 - 00688992 ____R (Swearware) C:\Users\Lin\Downloads\dds.com
2013-07-14 13:00 - 2013-07-14 13:11 - 117478104 _____ C:\Users\Lin\Downloads\avast_free_antivirus_setup.exe
2013-07-14 09:23 - 2004-01-15 11:58 - 00040960 _____ C:\Windows\SysWOW64\USB54G.dll
2013-07-14 09:23 - 2003-10-13 15:30 - 00094208 _____ () C:\Windows\SysWOW64\GTW32N50.dll
2013-07-14 09:23 - 2003-09-25 23:28 - 00031930 _____ C:\Windows\SysWOW64\GTNDIS3.VXD
2013-07-14 09:23 - 2003-09-25 22:15 - 00015872 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\SysWOW64\GTNDIS5.sys
2013-07-14 09:22 - 2013-07-14 12:43 - 00000000 ____D C:\Program Files (x86)\Wireless-G USB Network Adapter
2013-07-14 09:07 - 2013-07-14 09:07 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-14 03:20 - 2013-07-14 03:20 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-14 03:20 - 2013-07-14 03:20 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-14 03:20 - 2013-07-14 03:20 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-14 03:20 - 2013-07-14 03:20 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-14 03:20 - 2013-07-14 03:20 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-14 03:20 - 2013-07-14 03:20 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-14 03:20 - 2013-07-14 03:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-13 23:30 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 23:30 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-13 23:30 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 23:30 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-13 23:29 - 2013-06-04 22:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-13 23:27 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-13 23:27 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 22:12 - 2013-07-14 03:23 - 00010530 _____ C:\Windows\IE10_main.log
2013-06-20 21:41 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-06-20 21:41 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-20 21:41 - 2013-05-08 01:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-06-20 21:41 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-06-20 21:41 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-20 21:41 - 2013-04-10 01:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-06-20 21:41 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-06-20 21:41 - 2013-03-19 00:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-06-20 21:41 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-06-20 21:41 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-06-20 21:40 - 2013-05-13 00:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-06-20 21:40 - 2013-05-13 00:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-06-20 21:40 - 2013-05-13 00:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-06-20 21:40 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-06-20 21:40 - 2013-05-12 23:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-20 21:40 - 2013-05-12 23:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-20 21:40 - 2013-05-12 23:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-20 21:40 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-06-20 21:40 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-20 21:40 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-20 21:40 - 2013-04-17 02:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-20 21:40 - 2013-04-17 01:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-06-20 21:25 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-20 21:25 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

==================== One Month Modified Files and Folders =======

2013-07-15 20:28 - 2013-07-15 20:28 - 00000000 ____D C:\FRST
2013-07-15 20:27 - 2013-07-15 20:27 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-07-15 20:27 - 2012-09-04 21:35 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 20:27 - 2012-08-13 22:18 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Skype
2013-07-15 20:24 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-15 20:24 - 2009-07-13 23:51 - 00068464 _____ C:\Windows\setupact.log
2013-07-15 20:23 - 2013-07-15 20:23 - 01778135 _____ (Farbar) C:\Users\Lin\Downloads\FRST64.exe
2013-07-15 20:23 - 2013-07-15 20:23 - 00000822 _____ C:\Users\Lin\Desktop\more instructions.txt
2013-07-15 15:20 - 2013-07-15 15:20 - 00022137 _____ C:\Users\Lin\Desktop\[pst this.txt
2013-07-15 15:20 - 2012-06-25 20:14 - 01322752 _____ C:\Windows\WindowsUpdate.log
2013-07-15 15:20 - 2009-07-13 23:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 15:20 - 2009-07-13 23:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 15:19 - 2013-07-15 12:17 - 00022137 _____ C:\Users\Lin\Downloads\Result.txt
2013-07-15 15:15 - 2013-07-15 15:15 - 00000224 _____ C:\Users\Lin\Desktop\instructions 2.txt
2013-07-15 12:15 - 2013-07-15 12:15 - 00002696 _____ C:\Users\Lin\Downloads\FSS.txt
2013-07-15 12:11 - 2013-07-15 12:11 - 00001014 _____ C:\Users\Lin\Desktop\instructions.txt
2013-07-15 12:07 - 2013-07-15 12:07 - 00760937 _____ (Farbar) C:\Users\Lin\Downloads\MiniToolBox.exe
2013-07-15 12:07 - 2013-07-15 12:07 - 00357077 _____ (Farbar) C:\Users\Lin\Downloads\FSS.exe
2013-07-15 11:53 - 2013-07-15 11:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-15 11:53 - 2013-07-15 11:26 - 00000000 ____D C:\Users\Lin\Desktop\mbar
2013-07-15 11:25 - 2013-07-15 11:25 - 13399154 _____ C:\Users\Lin\Downloads\mbar-1.06.0.1004.zip
2013-07-15 11:24 - 2013-07-15 11:24 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2013-07-15 11:11 - 2012-09-04 21:35 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 11:01 - 2013-07-15 11:01 - 00000355 _____ C:\Users\Lin\Desktop\Computer - Shortcut.lnk
2013-07-15 11:01 - 2013-07-15 10:57 - 00000000 ____D C:\Users\Lin\Desktop\RK_Quarantine
2013-07-15 10:59 - 2013-07-15 10:59 - 00001625 _____ C:\Users\Lin\Desktop\RKreport[0]_D_07152013_105917.txt
2013-07-15 10:59 - 2013-07-15 10:59 - 00001576 _____ C:\Users\Lin\Desktop\RKreport[0]_S_07152013_105904.txt
2013-07-15 10:57 - 2013-07-15 10:57 - 03775488 _____ C:\Users\Lin\Downloads\RogueKillerX64.exe
2013-07-15 10:28 - 2013-05-27 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-15 10:18 - 2013-07-15 10:18 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-15 10:16 - 2013-07-15 10:16 - 02218636 _____ C:\Users\Lin\Downloads\tdsskiller.zip
2013-07-14 17:49 - 2013-07-14 17:49 - 00270272 _____ C:\Windows\Minidump\071413-31824-01.dmp
2013-07-14 17:49 - 2013-01-08 12:35 - 339398593 _____ C:\Windows\MEMORY.DMP
2013-07-14 17:49 - 2013-01-08 12:35 - 00000000 ____D C:\Windows\Minidump
2013-07-14 16:54 - 2013-07-14 16:54 - 00000000 __SHD C:\found.005
2013-07-14 14:09 - 2013-07-14 14:09 - 00026085 _____ C:\Users\Lin\Desktop\dds.txt
2013-07-14 14:09 - 2013-07-14 14:09 - 00019111 _____ C:\Users\Lin\Desktop\attach.txt
2013-07-14 13:58 - 2013-07-14 13:58 - 00000116 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-07-14 13:55 - 2010-11-20 22:47 - 00074006 _____ C:\Windows\PFRO.log
2013-07-14 13:38 - 2013-07-14 13:38 - 00000000 __SHD C:\found.004
2013-07-14 13:15 - 2013-07-14 13:15 - 00000000 ____D C:\Users\Lin\AppData\Roaming\Malwarebytes
2013-07-14 13:14 - 2013-07-14 13:14 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-14 13:14 - 2013-07-14 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 13:14 - 2012-08-13 21:19 - 00000000 ____D C:\Users\Lin
2013-07-14 13:13 - 2013-07-14 13:13 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-14 13:13 - 2013-07-14 13:13 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-14 13:13 - 2013-07-14 13:13 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-14 13:13 - 2013-07-14 13:13 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-14 13:13 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Offline Web Pages
2013-07-14 13:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-07-14 13:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-14 13:12 - 2013-07-14 13:12 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-14 13:11 - 2013-07-14 13:00 - 117478104 _____ C:\Users\Lin\Downloads\avast_free_antivirus_setup.exe
2013-07-14 13:02 - 2013-07-14 13:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lin\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-14 13:02 - 2013-07-14 13:02 - 00688992 ____R (Swearware) C:\Users\Lin\Downloads\dds.com
2013-07-14 12:43 - 2013-07-14 09:22 - 00000000 ____D C:\Program Files (x86)\Wireless-G USB Network Adapter
2013-07-14 12:43 - 2013-03-13 17:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-14 12:43 - 2013-03-13 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-14 12:43 - 2012-12-05 20:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-14 12:43 - 2012-02-23 23:01 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 12:43 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 12:43 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-14 12:43 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-14 12:40 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-07-14 12:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-14 12:00 - 2012-06-16 02:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-14 11:29 - 2012-06-16 01:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-14 11:27 - 2012-06-16 02:12 - 00000000 ____D C:\Program Files\Sony
2013-07-14 11:26 - 2012-06-16 01:18 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-07-14 11:11 - 2012-08-13 21:25 - 00000000 ____D C:\Users\Lin\Documents\Bluetooth Folder
2013-07-14 09:22 - 2004-04-15 00:13 - 00001365 _____ C:\Windows\SysWOW64\wlan.ini
2013-07-14 09:08 - 2009-07-14 00:13 - 00783876 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-14 09:07 - 2013-07-14 09:07 - 00000375 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-14 08:28 - 2012-08-13 21:25 - 00001417 _____ C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-14 08:25 - 2009-07-13 23:45 - 00451272 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 03:23 - 2013-07-13 22:12 - 00010530 _____ C:\Windows\IE10_main.log
2013-07-14 03:20 - 2013-07-14 03:20 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-14 03:20 - 2013-07-14 03:20 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-14 03:20 - 2013-07-14 03:20 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-14 03:20 - 2013-07-14 03:20 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-14 03:20 - 2013-07-14 03:20 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-14 03:20 - 2013-07-14 03:20 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-14 03:20 - 2013-07-14 03:20 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-14 03:20 - 2013-07-14 03:20 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-14 03:20 - 2013-07-14 03:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-14 03:20 - 2013-07-14 03:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-14 03:15 - 2012-02-23 23:01 - 00000000 ____D C:\Windows\ShellNew
2013-07-14 03:15 - 2011-02-10 18:03 - 00778092 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-14 03:14 - 2012-08-13 22:19 - 00000000 ____D C:\Users\Lin\AppData\Roaming\ArcSoft
2013-07-14 03:14 - 2012-08-13 21:25 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-14 03:14 - 2012-08-13 21:25 - 00000000 ___RD C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-14 03:13 - 2013-06-05 19:50 - 00000000 ____D C:\3ea25586d073a50fab7413154c54d4
2013-07-14 03:13 - 2013-02-27 00:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-13 21:57 - 2012-09-04 21:36 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 01:02

==================== End Of Log ============================
 
You must log in or register to reply here.

Similar threads

Daniel Sims
LG TV owners should update their firmware, webOS vulnerability found in a few models
Replies
8
Views
104
subnex
S
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
465
eriksnyman1
E
A
Latest Windows Insider build hits the Canary Channel with Wi-Fi 7 support
Replies
0
Views
140
Alfonso Maruccia
A

Latest posts

Back