I have run the spybot program and keep getting this virus even after it was supposed to have been cured of it. Any help in removing it would be appreciated.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464
Run by Dad at 22:27:29 on 2013-03-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3996.2036 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\ProgramData\DatacardService\DCService.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\splwow64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files\Sony\VAIO Care\VCAdmin.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://sony.msn.com
uURLSearchHooks: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [HW_OPENEYE_OUC_Cricket Broadband EC1705] "C:\Program Files (x86)\Cricket Broadband EC1705\UpdateDog\ouc.exe"
uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
StartupFolder: C:\Users\Dad\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{65DA58AE-ED11-45A6-8AC3-8385AA9B28A4} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{65DA58AE-ED11-45A6-8AC3-8385AA9B28A4}\2375942554236313 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{83D384AC-9C88-466A-90B3-F2B40938F7B8} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-13 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-13 370288]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-13 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-13 71600]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-2-23 106144]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-12-13 44808]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-13 249648]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2009-12-22 225280]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-15 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-6-15 2429544]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-6-15 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-15 161560]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-21 473960]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-13 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2012-6-16 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-15 363800]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-6-16 978056]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-2-23 158880]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2012-6-16 19968]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2012-2-23 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2012-2-23 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2012-2-23 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2012-2-23 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2012-2-23 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2012-2-23 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2012-2-23 280992]
R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\drivers\btath_vdp.sys [2012-2-23 421664]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2012-2-23 550560]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-8-16 83456]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-14 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 787736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-6-15 339048]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-27 675432]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-15 14336]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-20 54432]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2012-2-23 51872]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-9-15 195320]
S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-6-16 112256]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-8-16 114560]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-8-16 252928]
S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2012-2-23 36128]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-3-13 21264]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-1-6 138392]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-1-6 74904]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-6-16 535688]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-25 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-03-02 05:08:09 20480 ----a-w- C:\Windows\svchost.exe
2013-02-27 17:10:50 -------- d-----w- C:\Users\Dad\AppData\Roaming\AVG2013
2013-02-27 17:07:33 -------- d-----w- C:\Users\Dad\AppData\Roaming\TuneUp Software
2013-02-27 17:06:34 -------- d--h--w- C:\$AVG
2013-02-27 17:06:34 -------- d-----w- C:\ProgramData\AVG2013
2013-02-27 17:05:10 -------- d-----w- C:\Program Files (x86)\AVG
2013-02-27 16:57:47 -------- d--h--w- C:\ProgramData\Common Files
2013-02-27 16:57:47 -------- d-----w- C:\Users\Dad\AppData\Local\MFAData
2013-02-27 16:57:47 -------- d-----w- C:\Users\Dad\AppData\Local\Avg2013
2013-02-27 16:57:47 -------- d-----w- C:\ProgramData\MFAData
2013-02-27 14:49:02 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-02-27 14:49:02 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-02-27 14:49:02 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-02-27 14:49:02 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-02-27 14:49:00 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-02-26 14:40:16 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0252B325-14FF-442A-AD9B-6036DB10D5AF}\mpengine.dll
2013-02-14 01:37:32 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-14 01:37:32 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-02-14 01:33:49 -------- d-----w- C:\Program Files (x86)\Iminent
2013-02-14 01:30:15 -------- d-----w- C:\Users\Dad\AppData\Local\Coupon Companion Plugin
2013-02-14 01:29:58 -------- d-----w- C:\Users\Dad\AppData\Local\Updater21804
2013-02-14 01:29:51 -------- d-----w- C:\Program Files (x86)\Coupon Companion Plugin
2013-02-14 00:59:47 -------- d-----w- C:\Users\Dad\AppData\Local\PackageAware
2013-02-14 00:16:00 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 00:16:00 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 22:19:16 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 22:19:12 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 22:19:12 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 22:19:11 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 22:19:11 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 22:19:11 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 22:19:07 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 22:19:04 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 22:19:03 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
.
==================== Find3M ====================
.
2013-02-27 18:02:00 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-27 18:01:59 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 08:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-26 01:59:02 106496 ----a-w- C:\Windows\SysWow64\ATL71.DLL
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
.
============= FINISH: 22:28:21.07 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/12/2012 4:36:10 PM
System Uptime: 3/1/2013 10:06:35 PM (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz | N/A | 2400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 447 GiB total, 384.236 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP70: 2/14/2013 3:00:24 AM - Windows Update
RP71: 2/15/2013 3:00:23 AM - Windows Update
RP72: 2/16/2013 3:00:23 AM - Windows Update
RP73: 2/17/2013 9:38:14 AM - Windows Update
RP74: 2/17/2013 7:17:10 PM - Windows Update
RP75: 2/20/2013 11:39:17 AM - Windows Update
RP76: 2/20/2013 6:50:20 PM - Windows Update
RP77: 2/21/2013 10:22:26 AM - Windows Update
RP78: 2/23/2013 4:44:21 PM - Windows Update
RP79: 2/23/2013 10:02:59 PM - Windows Update
RP80: 2/26/2013 11:55:17 PM - Windows Update
RP81: 2/27/2013 7:48:32 AM - Windows Update
RP82: 2/27/2013 10:04:40 AM - Installed AVG 2013
RP83: 2/27/2013 10:05:33 AM - Installed AVG 2013
RP84: 3/1/2013 8:38:45 PM - Windows Update
.
==== Installed Programs ======================
.
ACID Music Studio 8.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Apple Application Support
Apple Software Update
Application Manager for VAIO
ArcSoft Magic-i Visual Effects 2
ArcSoft MediaImpression for Kodak
ArcSoft Panorama Maker 6
ArcSoft WebCam Companion 4
Atheros Bluetooth Suite (64)
avast! Free Antivirus
AVG 2013
Bing Bar
Business Contact Manager for Microsoft Outlook 2010
Canon Easy-PhotoPrint EX
Canon MG2100 series MP Drivers
Canon MG2100 series On-screen Manual
Canon MG2100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Coupon Companion Plugin
Cricket Broadband EC1705
CyberLink PowerDVD
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Architect Studio 5.0
ERUNT 1.1j
Evernote v. 4.5.2
FDUx86
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Java Auto Updater
Java(TM) 7 Update 1
Java(TM) 7 Update 1 (64-bit)
Junk Mail filter update
Keyboard_Shortcuts
KUx86
Media Gallery
Media Go
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
Nikon Message Center 2
Nikon Movie Editor
Picture Control Utility x64
PlayMemories Home
PlayReady PC Runtime amd64
PlayStation(R)Network Downloader
PlayStation(R)Store
Qualcomm Atheros Direct Connect
Qualcomm Atheros WiFi Driver Installation
QuickTime
Reader for PC
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Remote Keyboard
Remote Play with PlayStation(R)3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Service Pack 1 for SQL Server 2008 (KB968369)
Skype™ 5.10
Sound Forge Audio Studio 10.0
Spybot - Search & Destroy
Sql Server Customer Experience Improvement Program
SSLx64
SSLx86
Synaptics Pointing Device Driver
TrackID(TM) with BRAVIA
TriDef 3D (Sony) 2.0.5
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
V3DPx86
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
VAIO - PlayMemories Home Plug-in
VAIO - Remote Keyboard
VAIO - Remote Keyboard with PlayStation®3
VAIO - Remote Play with PlayStation®3
VAIO - TrackID™ with BRAVIA
VAIO 3D Portal
VAIO Care
VAIO Control Center
VAIO CPU Fan Diagnostic
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Gate
VAIO Gate Default
VAIO Gesture Control
VAIO Help and Support
VAIO Improvement
VAIO Manual
VAIO OOBE
VAIO Sample Contents
VAIO Satisfaction Survey.
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VAIO Update Merge Module x64
VCCx64
VCCx86
Vegas Movie Studio HD Platinum 11.0
VHD
ViewNX 2
Visual Studio 2010 x64 Redistributables
VIx64
VIx86
VMLx86
VPMx64
VSNx64
VSNx86
VSSTx64
VSSTx86
VU5x64
VU5x86
VWSTx86
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
3/1/2013 9:43:04 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/1/2013 9:42:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/1/2013 9:42:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/1/2013 9:42:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/1/2013 9:42:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/1/2013 9:42:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/1/2013 9:42:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
3/1/2013 9:42:20 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
3/1/2013 8:39:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2799494).
3/1/2013 10:07:17 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
2/28/2013 2:43:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user GhostFish\Dad SID (S-1-5-21-652040781-2395288936-2057330824-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/27/2013 11:30:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
2/22/2013 1:23:52 AM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/22/2013 1:23:52 AM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/22/2013 1:23:52 AM, Error: Service Control Manager [7038] - The Dhcp service was unable to log on as NT Authority\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/22/2013 1:23:52 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The service did not start due to a logon failure.
2/22/2013 1:23:52 AM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.
2/22/2013 1:23:52 AM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.
2/22/2013 1:23:52 AM, Error: Service Control Manager [7000] - The DHCP Client service failed to start due to the following error: The service did not start due to a logon failure.
2/22/2013 1:23:51 AM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The pipe has been ended.
2/22/2013 1:23:51 AM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: A system shutdown is in progress.
2/22/2013 1:23:51 AM, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The pipe has been ended.
2/22/2013 1:23:50 AM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The authentication service is unknown.
2/22/2013 1:23:50 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The pipe has been ended.
2/22/2013 1:23:49 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================


Whenever I try to run the aswMBR scan, my computer crashed soon after finishing before I can save the log results. Any suggestions? It has happenbed three times. Thanks.

Forgot to mention its a Sony Vaio E series running windows 7. I also have avast, and avg on it just as a fyi.

This is as much as I was able to save before it crashed again. Not sure if there was more missing. Also forgot to mention that the symptoms are that avast! Network Shield pops up every 5 seconds blocking a supposed harmful site even though i'm not even on the internet and worse if i am actually on the internet.

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-02 18:51:52
-----------------------------
18:51:52.685 OS Version: Windows x64 6.1.7601 Service Pack 1
18:51:52.686 Number of processors: 4 586 0x2A07
18:51:52.688 ComputerName: GHOSTFISH UserName: Dad
18:51:56.486 Initialize success
18:51:57.911 AVAST engine defs: 13030201
18:52:00.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:52:00.083 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
18:52:00.089 Device \Driver\iaStor -> MajorFunction fffffa80077845e8
18:52:00.097 Disk 0 MBR read successfully
18:52:00.104 Disk 0 MBR scan
18:52:00.112 Disk 0 Windows 7 default MBR code
18:52:00.120 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18940 MB offset 2048
18:52:00.140 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 38791168
18:52:00.156 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 457648 MB offset 39507968
18:52:00.189 Disk 0 scanning C:\Windows\system32\drivers
18:52:15.432 Service scanning
18:53:13.351 Modules scanning
18:53:13.371 Disk 0 trace - called modules:
18:53:13.716 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80077845e8]<<
18:53:13.727 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800729b060]
18:53:13.739 3 CLASSPNP.SYS[fffff88001c7d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004de6050]
18:53:13.750 \Driver\iaStor[0xfffffa8007af8060] -> IRP_MJ_CREATE -> 0xfffffa80077845e8
18:53:15.291 AVAST engine scan C:\Windows
18:53:19.179 AVAST engine scan C:\Windows\system32
18:58:30.296 AVAST engine scan C:\Windows\system32\drivers
18:58:44.941 AVAST engine scan C:\Users\Dad
18:58:55.078 Disk 0 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
18:58:55.083 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"
19:03:50.557 AVAST engine scan C:\ProgramData
19:06:50.558 Disk 0 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
19:06:50.559 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"
19:07:38.206 Scan finished successfully
19:10:25.453 Disk 0 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
19:10:25.459 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"

Hello blackskyhyper and welcome to the Safer Networking Forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

please follow all instructions in the order posted
please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
if you don't understand something, please don't hesitate to ask for clarification before proceeding
the fixes are specific to your problem and should only be used for this issue on this machine.
please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

I am looking at your logs now and will reply with instructions shortly.

Satchfan

Hello again blackskyhyper

A few things to point out before we run some more scans.

Multiple antiviruses

You have Avast and AVG antivirus programs installed.

You can not run two real-time antiviruses at the same time. Although many have different methods of searching for and recognising threats, they will all be 'fighting' in memory to kick each other out, rendering them all ineffective. This is likely the problem with aswMBR not being able to run.

You must uninstall one of them and I would suggest you uninstall AVG as it is quite a resource hog these days but it is your choice as long as you remove one of them.

from the Start menu, select Control Panel
in Large or Small icon view, click Programs and Features. If you're using Category view, under "Programs", click Uninstall a program
select the program you want to remove, and click Uninstall. Alternatively, right-click the program and select Uninstall.

If you have uninstalled AVG do the following:

Run AVG removal tool

There will still be some remnants of AVG on your computer even after the uninstall so please download and run AVG Removal Tool from here (http://www.avg.com/gb-en/utilities).

===================================================

Disable Spybot’s TeaTimer

Spybot’s TeaTimer can sometimes prevent some things from being fixed.

Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your log is clean.

open Spybot Search & Destroy
in the Mode menu click "Advanced mode" if not already selected
choose "Yes" at the Warning prompt
expand the "Tools" menu
click "Resident"
uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box
in the File menu click "Exit" to exit Spybot Search & Destroy.
===================================================

Run RogueKiller

IMPORTANT: Please remove any usb or external drives from the computer before you run this scan!

Close all running programs.

Download RogueKiller (http://tigzy.geekstogo.com/Tools/RogueKillerX64.exe) to your desktop.
close all running programs
double-click on RogueKiller.exe
when the pre-scan is finished, click on Scan
click on Report and copy/paste the content in your next post
NOTE: DO NOT attempt to remove anything that the scan detects –everything that is reported is not necessarily bad
If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.

Please post the contents of the RKreport.txt in your next reply.

===================================================

Run TDSSKiller

Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip)

extract it to your desktop
double click TDSSKiller.exe
press Start Scan


only if Malicious objects are found then ensure Cure is selected. Do not change it to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.
click Continue > Reboot now
copy and paste the log in your next reply
a copy of the log will be saved automatically to the root of the drive (typically C:\) called TDSSKiller_*** (*** denotes version & date)

Logs to include with next post:

RKreport.txt
TDSSKiller log

Thanks

Satchfan

I uninstalled the AVG antivirus program and installed the removal tool to ensure it was all removed.

I unchecked the TeaTime box.

Everytime i run the rkreport the program closes unexpectedly. It happens everytime it says searching for MBR or somethine to that effect. It has happened about 6 or 7 times now. Even after renaming it and ensuring all programs are closed. However, while it does this scan the AVAST network shield still pops up frequently saying it is blocking harmful sites. should I disable avast as well?

Tdsskiller report:

19:55:56.0470 4652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:55:58.0506 4652 ============================================================
19:55:58.0506 4652 Current date / time: 2013/03/06 19:55:58.0506
19:55:58.0506 4652 SystemInfo:
19:55:58.0506 4652
19:55:58.0506 4652 OS Version: 6.1.7601 ServicePack: 1.0
19:55:58.0506 4652 Product type: Workstation
19:55:58.0507 4652 ComputerName: GHOSTFISH
19:55:58.0507 4652 UserName: Dad
19:55:58.0507 4652 Windows directory: C:\Windows
19:55:58.0507 4652 System windows directory: C:\Windows
19:55:58.0507 4652 Running under WOW64
19:55:58.0507 4652 Processor architecture: Intel x64
19:55:58.0507 4652 Number of processors: 4
19:55:58.0507 4652 Page size: 0x1000
19:55:58.0507 4652 Boot type: Normal boot
19:55:58.0507 4652 ============================================================
19:55:59.0218 4652 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:59.0226 4652 Drive \Device\Harddisk1\DR1 - Size: 0x1DDC00000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:55:59.0232 4652 ============================================================
19:55:59.0233 4652 \Device\Harddisk0\DR0:
19:55:59.0233 4652 MBR partitions:
19:55:59.0233 4652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24FE800, BlocksNum 0xAF000
19:55:59.0233 4652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25AD800, BlocksNum 0x37DD8030
19:55:59.0233 4652 \Device\Harddisk1\DR1:
19:55:59.0233 4652 MBR partitions:
19:55:59.0233 4652 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xEEC000
19:55:59.0233 4652 ============================================================
19:55:59.0267 4652 C: <-> \Device\Harddisk0\DR0\Partition2
19:55:59.0268 4652 ============================================================
19:55:59.0268 4652 Initialize success
19:55:59.0268 4652 ============================================================
19:56:09.0990 5004 ============================================================
19:56:09.0990 5004 Scan started
19:56:09.0990 5004 Mode: Manual;
19:56:09.0990 5004 ============================================================
19:56:10.0478 5004 ================ Scan system memory ========================
19:56:10.0478 5004 System memory - ok
19:56:10.0479 5004 ================ Scan services =============================
19:56:10.0808 5004 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:56:10.0812 5004 1394ohci - ok
19:56:11.0018 5004 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:56:11.0021 5004 ACDaemon - ok
19:56:11.0077 5004 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:56:11.0083 5004 ACPI - ok
19:56:11.0108 5004 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:56:11.0109 5004 AcpiPmi - ok
19:56:11.0250 5004 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:11.0255 5004 AdobeFlashPlayerUpdateSvc - ok
19:56:11.0319 5004 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:11.0327 5004 adp94xx - ok
19:56:11.0386 5004 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:11.0391 5004 adpahci - ok
19:56:11.0430 5004 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:11.0434 5004 adpu320 - ok
19:56:11.0473 5004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:11.0476 5004 AeLookupSvc - ok
19:56:11.0569 5004 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys
19:56:11.0572 5004 Afc - ok
19:56:11.0648 5004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:11.0656 5004 AFD - ok
19:56:11.0698 5004 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:11.0699 5004 agp440 - ok
19:56:11.0736 5004 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:56:11.0739 5004 ALG - ok
19:56:11.0769 5004 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:11.0771 5004 aliide - ok
19:56:11.0786 5004 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:11.0788 5004 amdide - ok
19:56:11.0811 5004 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:11.0813 5004 AmdK8 - ok
19:56:11.0830 5004 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:56:11.0832 5004 AmdPPM - ok
19:56:11.0873 5004 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:56:11.0876 5004 amdsata - ok
19:56:11.0918 5004 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:56:11.0922 5004 amdsbs - ok
19:56:11.0945 5004 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:56:11.0946 5004 amdxata - ok
19:56:11.0986 5004 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:11.0988 5004 AppID - ok
19:56:12.0019 5004 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:12.0021 5004 AppIDSvc - ok
19:56:12.0050 5004 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:12.0054 5004 Appinfo - ok
19:56:12.0082 5004 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:56:12.0085 5004 arc - ok
19:56:12.0102 5004 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:12.0105 5004 arcsas - ok
19:56:12.0149 5004 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
19:56:12.0151 5004 ArcSoftKsUFilter - ok
19:56:12.0252 5004 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:56:12.0255 5004 aspnet_state - ok
19:56:12.0302 5004 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:56:12.0304 5004 aswFsBlk - ok
19:56:12.0339 5004 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:56:12.0341 5004 aswMonFlt - ok
19:56:12.0378 5004 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
19:56:12.0380 5004 aswRdr - ok
19:56:12.0435 5004 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:56:12.0450 5004 aswSnx - ok
19:56:12.0483 5004 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:56:12.0489 5004 aswSP - ok
19:56:12.0567 5004 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:56:12.0569 5004 aswTdi - ok
19:56:12.0618 5004 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:12.0620 5004 AsyncMac - ok
19:56:12.0655 5004 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:12.0656 5004 atapi - ok
19:56:12.0685 5004 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:56:12.0687 5004 AthBTPort - ok
19:56:12.0747 5004 [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
19:56:12.0749 5004 ATHDFU - ok
19:56:12.0801 5004 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:56:12.0803 5004 AtherosSvc - ok
19:56:12.0916 5004 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:56:12.0957 5004 athr - ok
19:56:13.0007 5004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:13.0023 5004 AudioEndpointBuilder - ok
19:56:13.0044 5004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:13.0056 5004 AudioSrv - ok
19:56:13.0153 5004 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:56:13.0155 5004 avast! Antivirus - ok
19:56:13.0200 5004 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:13.0204 5004 AxInstSV - ok
19:56:13.0240 5004 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:56:13.0249 5004 b06bdrv - ok
19:56:13.0294 5004 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:13.0299 5004 b57nd60a - ok
19:56:13.0356 5004 [ 216EC30BEAA9AE6818B21C969500D308 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:56:13.0360 5004 BBSvc - ok
19:56:13.0399 5004 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:56:13.0404 5004 BBUpdate - ok
19:56:13.0467 5004 [ 2E552B658273B90251E0441631DE2CA3 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:56:13.0470 5004 BcmSqlStartupSvc - ok
19:56:13.0498 5004 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:13.0502 5004 BDESVC - ok
19:56:13.0538 5004 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:13.0539 5004 Beep - ok
19:56:13.0682 5004 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:56:13.0699 5004 BFE - ok
19:56:13.0771 5004 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:56:13.0795 5004 BITS - ok
19:56:13.0833 5004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:13.0835 5004 blbdrive - ok
19:56:13.0864 5004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:13.0867 5004 bowser - ok
19:56:13.0895 5004 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:56:13.0897 5004 BrFiltLo - ok
19:56:13.0906 5004 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:56:13.0907 5004 BrFiltUp - ok
19:56:13.0946 5004 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:56:13.0951 5004 Browser - ok
19:56:13.0987 5004 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:13.0992 5004 Brserid - ok
19:56:14.0025 5004 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:14.0027 5004 BrSerWdm - ok
19:56:14.0045 5004 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:14.0047 5004 BrUsbMdm - ok
19:56:14.0063 5004 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:14.0065 5004 BrUsbSer - ok
19:56:14.0113 5004 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:56:14.0119 5004 BTATH_A2DP - ok
19:56:14.0143 5004 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
19:56:14.0146 5004 btath_avdt - ok
19:56:14.0194 5004 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
19:56:14.0196 5004 BTATH_BUS - ok
19:56:14.0252 5004 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
19:56:14.0256 5004 BTATH_HCRP - ok
19:56:14.0272 5004 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:56:14.0274 5004 BTATH_LWFLT - ok
19:56:14.0343 5004 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
19:56:14.0348 5004 BTATH_RCP - ok
19:56:14.0403 5004 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
19:56:14.0410 5004 BTATH_VDP - ok
19:56:14.0477 5004 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:56:14.0486 5004 BtFilter - ok
19:56:14.0557 5004 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:56:14.0559 5004 BthEnum - ok
19:56:14.0622 5004 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:56:14.0625 5004 BTHMODEM - ok
19:56:14.0694 5004 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:56:14.0697 5004 BthPan - ok
19:56:14.0748 5004 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:56:14.0758 5004 BTHPORT - ok
19:56:14.0801 5004 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:56:14.0804 5004 bthserv - ok
19:56:14.0823 5004 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:56:14.0825 5004 BTHUSB - ok
19:56:14.0860 5004 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:14.0863 5004 cdfs - ok
19:56:14.0891 5004 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:14.0894 5004 cdrom - ok
19:56:14.0975 5004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:14.0978 5004 CertPropSvc - ok
19:56:15.0011 5004 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:56:15.0012 5004 circlass - ok
19:56:15.0054 5004 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:56:15.0062 5004 CLFS - ok
19:56:15.0114 5004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:15.0117 5004 clr_optimization_v2.0.50727_32 - ok
19:56:15.0162 5004 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:15.0165 5004 clr_optimization_v2.0.50727_64 - ok
19:56:15.0220 5004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:15.0224 5004 clr_optimization_v4.0.30319_32 - ok
19:56:15.0257 5004 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:15.0260 5004 clr_optimization_v4.0.30319_64 - ok
19:56:15.0306 5004 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:56:15.0307 5004 CmBatt - ok
19:56:15.0340 5004 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:15.0341 5004 cmdide - ok
19:56:15.0395 5004 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:56:15.0402 5004 CNG - ok
19:56:15.0443 5004 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:56:15.0444 5004 Compbatt - ok
19:56:15.0474 5004 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:56:15.0476 5004 CompositeBus - ok
19:56:15.0488 5004 COMSysApp - ok
19:56:15.0624 5004 [ 453A8D09DB02EB0DF64709B1603EAA2C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:56:15.0646 5004 cphs - ok
19:56:15.0709 5004 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:56:15.0710 5004 crcdisk - ok
19:56:15.0803 5004 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:15.0808 5004 CryptSvc - ok
19:56:15.0889 5004 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:56:15.0900 5004 cvhsvc - ok
19:56:16.0023 5004 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
19:56:16.0026 5004 DCDhcpService - ok
19:56:16.0087 5004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:16.0105 5004 DcomLaunch - ok
19:56:16.0194 5004 [ 00EAF3956092A8008608CA6E2C5D649D ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
19:56:16.0201 5004 DCService.exe - ok
19:56:16.0237 5004 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:56:16.0245 5004 defragsvc - ok
19:56:16.0283 5004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:16.0286 5004 DfsC - ok
19:56:16.0331 5004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:56:16.0340 5004 Dhcp - ok
19:56:16.0360 5004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:56:16.0362 5004 discache - ok
19:56:16.0404 5004 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:56:16.0406 5004 Disk - ok
19:56:16.0442 5004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:16.0449 5004 Dnscache - ok
19:56:16.0477 5004 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:16.0486 5004 dot3svc - ok
19:56:16.0497 5004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:56:16.0504 5004 DPS - ok
19:56:16.0549 5004 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:16.0550 5004 drmkaud - ok
19:56:16.0595 5004 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:16.0611 5004 DXGKrnl - ok
19:56:16.0647 5004 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
19:56:16.0652 5004 e1yexpress - ok
19:56:16.0684 5004 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:16.0690 5004 EapHost - ok
19:56:16.0808 5004 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:56:16.0857 5004 ebdrv - ok
19:56:16.0881 5004 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:56:16.0888 5004 EFS - ok
19:56:16.0960 5004 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:16.0971 5004 ehRecvr - ok
19:56:16.0993 5004 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:56:16.0997 5004 ehSched - ok
19:56:17.0052 5004 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:56:17.0061 5004 elxstor - ok
19:56:17.0093 5004 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:17.0095 5004 ErrDev - ok
19:56:17.0149 5004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:56:17.0158 5004 EventSystem - ok
19:56:17.0222 5004 [ DA7CEF9FFBBD6498DF106BCAB84EB10A ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
19:56:17.0228 5004 ewusbnet - ok
19:56:17.0275 5004 [ E2CBB821C7CAE0EF8B56DE28ED85C740 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
19:56:17.0279 5004 ew_hwusbdev - ok
19:56:17.0329 5004 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:17.0333 5004 exfat - ok
19:56:17.0362 5004 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:17.0367 5004 fastfat - ok
19:56:17.0421 5004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:56:17.0434 5004 Fax - ok
19:56:17.0470 5004 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:56:17.0471 5004 fdc - ok
19:56:17.0505 5004 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:17.0510 5004 fdPHost - ok
19:56:17.0532 5004 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:17.0536 5004 FDResPub - ok
19:56:17.0571 5004 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:17.0573 5004 FileInfo - ok
19:56:17.0589 5004 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:17.0592 5004 Filetrace - ok
19:56:17.0667 5004 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:56:17.0668 5004 flpydisk - ok
19:56:17.0705 5004 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:17.0711 5004 FltMgr - ok
19:56:17.0921 5004 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:56:17.0957 5004 FontCache - ok
19:56:18.0008 5004 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:18.0010 5004 FontCache3.0.0.0 - ok
19:56:18.0048 5004 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:56:18.0051 5004 FsDepends - ok
19:56:18.0097 5004 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:18.0099 5004 Fs_Rec - ok
19:56:18.0140 5004 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:56:18.0145 5004 fvevol - ok
19:56:18.0186 5004 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:56:18.0188 5004 gagp30kx - ok
19:56:18.0235 5004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:18.0254 5004 gpsvc - ok
19:56:18.0332 5004 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:18.0336 5004 gupdate - ok
19:56:18.0362 5004 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:18.0365 5004 gupdatem - ok
19:56:18.0409 5004 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:18.0413 5004 gusvc - ok
19:56:18.0450 5004 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:56:18.0452 5004 hcw85cir - ok
19:56:18.0485 5004 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:18.0492 5004 HdAudAddService - ok
19:56:18.0536 5004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:56:18.0540 5004 HDAudBus - ok
19:56:18.0572 5004 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:56:18.0574 5004 HidBatt - ok
19:56:18.0590 5004 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:56:18.0594 5004 HidBth - ok
19:56:18.0651 5004 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:56:18.0653 5004 HidIr - ok
19:56:18.0683 5004 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:56:18.0688 5004 hidserv - ok
19:56:18.0735 5004 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:56:18.0737 5004 HidUsb - ok
19:56:18.0764 5004 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:18.0771 5004 hkmsvc - ok
19:56:18.0798 5004 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:18.0807 5004 HomeGroupListener - ok
19:56:18.0840 5004 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:18.0849 5004 HomeGroupProvider - ok
19:56:18.0879 5004 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:56:18.0882 5004 HpSAMD - ok
19:56:18.0924 5004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:18.0937 5004 HTTP - ok
19:56:18.0969 5004 [ 6DBD08BC1331C78548298E82C4B667C5 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
19:56:18.0972 5004 huawei_enumerator - ok
19:56:19.0003 5004 [ 6E5CD3984742A922D0C183C7E82C3C94 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:56:19.0006 5004 hwdatacard - ok
19:56:19.0021 5004 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:19.0023 5004 hwpolicy - ok
19:56:19.0075 5004 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:56:19.0079 5004 i8042prt - ok
19:56:19.0136 5004 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:56:19.0146 5004 iaStor - ok
19:56:19.0212 5004 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:56:19.0214 5004 IAStorDataMgrSvc - ok
19:56:19.0268 5004 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:56:19.0275 5004 iaStorV - ok
19:56:19.0405 5004 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:56:19.0441 5004 IconMan_R - ok
19:56:19.0527 5004 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:19.0550 5004 idsvc - ok
19:56:20.0048 5004 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:56:20.0262 5004 igfx - ok
19:56:20.0298 5004 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:56:20.0300 5004 iirsp - ok
19:56:20.0347 5004 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:20.0370 5004 IKEEXT - ok
19:56:20.0569 5004 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:20.0643 5004 IntcAzAudAddService - ok
19:56:20.0714 5004 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:56:20.0720 5004 IntcDAud - ok
19:56:20.0776 5004 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
19:56:20.0786 5004 Intel(R) Capability Licensing Service Interface - ok
19:56:20.0834 5004 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:56:20.0837 5004 Intel(R) ME Service - ok
19:56:20.0855 5004 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:20.0857 5004 intelide - ok
19:56:20.0899 5004 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:56:20.0902 5004 intelppm - ok
19:56:20.0927 5004 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:20.0934 5004 IPBusEnum - ok
19:56:20.0963 5004 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:20.0966 5004 IpFilterDriver - ok
19:56:21.0019 5004 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:21.0034 5004 iphlpsvc - ok
19:56:21.0068 5004 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:56:21.0071 5004 IPMIDRV - ok
19:56:21.0111 5004 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:56:21.0114 5004 IPNAT - ok
19:56:21.0146 5004 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:21.0148 5004 IRENUM - ok
19:56:21.0184 5004 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:21.0186 5004 isapnp - ok
19:56:21.0224 5004 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:56:21.0230 5004 iScsiPrt - ok
19:56:21.0258 5004 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
19:56:21.0260 5004 iusb3hcs - ok
19:56:21.0306 5004 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
19:56:21.0312 5004 iusb3hub - ok
19:56:21.0370 5004 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
19:56:21.0383 5004 iusb3xhc - ok
19:56:21.0426 5004 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:56:21.0429 5004 jhi_service - ok
19:56:21.0466 5004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:56:21.0469 5004 kbdclass - ok
19:56:21.0506 5004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:56:21.0508 5004 kbdhid - ok
19:56:21.0526 5004 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:56:21.0532 5004 KeyIso - ok
19:56:21.0573 5004 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:21.0576 5004 KSecDD - ok
19:56:21.0593 5004 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:56:21.0597 5004 KSecPkg - ok
19:56:21.0671 5004 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:21.0673 5004 ksthunk - ok
19:56:21.0718 5004 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:21.0731 5004 KtmRm - ok
19:56:21.0770 5004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:21.0784 5004 LanmanServer - ok
19:56:21.0815 5004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:21.0827 5004 LanmanWorkstation - ok
19:56:21.0861 5004 [ 6CE0F55287EB8E8E472656E84DDCF4EA ] lehidmini C:\Windows\system32\drivers\leath_hid.sys
19:56:21.0863 5004 lehidmini - ok
19:56:21.0903 5004 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:21.0906 5004 lltdio - ok
19:56:21.0939 5004 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:21.0950 5004 lltdsvc - ok
19:56:21.0969 5004 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:21.0976 5004 lmhosts - ok
19:56:22.0010 5004 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:56:22.0015 5004 LMS - ok
19:56:22.0054 5004 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:56:22.0057 5004 LSI_FC - ok
19:56:22.0090 5004 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:56:22.0093 5004 LSI_SAS - ok
19:56:22.0133 5004 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2

Everthing didnt fit in the first post:


C:\Windows\system32\drivers\lsi_sas2.sys
19:56:22.0136 5004 LSI_SAS2 - ok
19:56:22.0154 5004 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:56:22.0158 5004 LSI_SCSI - ok
19:56:22.0180 5004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:22.0183 5004 luafv - ok
19:56:22.0222 5004 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:22.0229 5004 Mcx2Svc - ok
19:56:22.0259 5004 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:56:22.0261 5004 megasas - ok
19:56:22.0296 5004 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:56:22.0301 5004 MegaSR - ok
19:56:22.0342 5004 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
19:56:22.0345 5004 MEIx64 - ok
19:56:22.0428 5004 Microsoft SharePoint Workspace Audit Service - ok
19:56:22.0456 5004 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:56:22.0463 5004 MMCSS - ok
19:56:22.0496 5004 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:56:22.0498 5004 Modem - ok
19:56:22.0525 5004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:22.0527 5004 monitor - ok
19:56:22.0540 5004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:56:22.0543 5004 mouclass - ok
19:56:22.0568 5004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
19:56:22.0570 5004 mouhid - ok
19:56:22.0602 5004 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:56:22.0608 5004 mountmgr - ok
19:56:22.0628 5004 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:22.0632 5004 mpio - ok
19:56:22.0647 5004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:22.0649 5004 mpsdrv - ok
19:56:22.0701 5004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:22.0724 5004 MpsSvc - ok
19:56:22.0763 5004 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:22.0767 5004 MRxDAV - ok
19:56:22.0791 5004 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:22.0795 5004 mrxsmb - ok
19:56:22.0821 5004 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:22.0827 5004 mrxsmb10 - ok
19:56:22.0865 5004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:22.0868 5004 mrxsmb20 - ok
19:56:22.0899 5004 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:22.0901 5004 msahci - ok
19:56:22.0923 5004 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:22.0926 5004 msdsm - ok
19:56:22.0949 5004 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:56:22.0958 5004 MSDTC - ok
19:56:23.0019 5004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:23.0021 5004 Msfs - ok
19:56:23.0036 5004 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:56:23.0041 5004 mshidkmdf - ok
19:56:23.0065 5004 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:23.0067 5004 msisadrv - ok
19:56:23.0103 5004 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:23.0112 5004 MSiSCSI - ok
19:56:23.0119 5004 msiserver - ok
19:56:23.0138 5004 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:23.0140 5004 MSKSSRV - ok
19:56:23.0160 5004 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:23.0161 5004 MSPCLOCK - ok
19:56:23.0168 5004 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:23.0170 5004 MSPQM - ok
19:56:23.0201 5004 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:23.0209 5004 MsRPC - ok
19:56:23.0243 5004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:56:23.0245 5004 mssmbios - ok
19:56:23.0303 5004 MSSQL$MSSMLBIZ - ok
19:56:23.0378 5004 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:56:23.0381 5004 MSSQLServerADHelper100 - ok
19:56:23.0415 5004 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:23.0417 5004 MSTEE - ok
19:56:23.0434 5004 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:56:23.0436 5004 MTConfig - ok
19:56:23.0454 5004 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:23.0457 5004 Mup - ok
19:56:23.0490 5004 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:56:23.0506 5004 napagent - ok
19:56:23.0559 5004 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:23.0565 5004 NativeWifiP - ok
19:56:23.0691 5004 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:23.0706 5004 NDIS - ok
19:56:23.0763 5004 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:23.0765 5004 NdisCap - ok
19:56:23.0803 5004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:23.0805 5004 NdisTapi - ok
19:56:23.0828 5004 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:23.0831 5004 Ndisuio - ok
19:56:23.0859 5004 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:23.0864 5004 NdisWan - ok
19:56:23.0878 5004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:23.0880 5004 NDProxy - ok
19:56:23.0914 5004 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:23.0916 5004 NetBIOS - ok
19:56:23.0933 5004 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:56:23.0939 5004 NetBT - ok
19:56:23.0971 5004 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:56:23.0977 5004 Netlogon - ok
19:56:24.0030 5004 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:56:24.0043 5004 Netman - ok
19:56:24.0105 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:24.0109 5004 NetMsmqActivator - ok
19:56:24.0117 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:24.0121 5004 NetPipeActivator - ok
19:56:24.0172 5004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:56:24.0188 5004 netprofm - ok
19:56:24.0205 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:24.0209 5004 NetTcpActivator - ok
19:56:24.0219 5004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:24.0222 5004 NetTcpPortSharing - ok
19:56:24.0259 5004 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:56:24.0261 5004 nfrd960 - ok
19:56:24.0291 5004 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:24.0304 5004 NlaSvc - ok
19:56:24.0333 5004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:24.0336 5004 Npfs - ok
19:56:24.0364 5004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:56:24.0371 5004 nsi - ok
19:56:24.0391 5004 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:24.0393 5004 nsiproxy - ok
19:56:24.0483 5004 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:24.0510 5004 Ntfs - ok
19:56:24.0555 5004 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:56:24.0557 5004 Null - ok
19:56:25.0089 5004 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:56:25.0246 5004 nvlddmkm - ok
19:56:25.0297 5004 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:25.0300 5004 nvraid - ok
19:56:25.0323 5004 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:25.0327 5004 nvstor - ok
19:56:25.0358 5004 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:25.0360 5004 nv_agp - ok
19:56:25.0392 5004 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:56:25.0394 5004 ohci1394 - ok
19:56:25.0425 5004 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:25.0428 5004 ose - ok
19:56:25.0589 5004 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:25.0660 5004 osppsvc - ok
19:56:25.0719 5004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:56:25.0732 5004 p2pimsvc - ok
19:56:25.0760 5004 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:25.0785 5004 p2psvc - ok
19:56:25.0826 5004 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:56:25.0830 5004 Parport - ok
19:56:25.0864 5004 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:25.0867 5004 partmgr - ok
19:56:25.0893 5004 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:25.0904 5004 PcaSvc - ok
19:56:25.0921 5004 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:56:25.0925 5004 pci - ok
19:56:25.0961 5004 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:25.0963 5004 pciide - ok
19:56:26.0003 5004 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:56:26.0008 5004 pcmcia - ok
19:56:26.0028 5004 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:56:26.0030 5004 pcw - ok
19:56:26.0062 5004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:26.0074 5004 PEAUTH - ok
19:56:26.0154 5004 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:26.0160 5004 PerfHost - ok
19:56:26.0232 5004 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:56:26.0262 5004 pla - ok
19:56:26.0306 5004 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:26.0321 5004 PlugPlay - ok
19:56:26.0428 5004 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
19:56:26.0437 5004 PMBDeviceInfoProvider - ok
19:56:26.0466 5004 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:56:26.0474 5004 PNRPAutoReg - ok
19:56:26.0496 5004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:56:26.0508 5004 PNRPsvc - ok
19:56:26.0539 5004 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:26.0553 5004 PolicyAgent - ok
19:56:26.0579 5004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:56:26.0592 5004 Power - ok
19:56:26.0633 5004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:26.0637 5004 PptpMiniport - ok
19:56:26.0652 5004 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:56:26.0654 5004 Processor - ok
19:56:26.0697 5004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:26.0709 5004 ProfSvc - ok
19:56:26.0726 5004 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:26.0732 5004 ProtectedStorage - ok
19:56:26.0776 5004 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:56:26.0779 5004 Psched - ok
19:56:26.0852 5004 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:56:26.0876 5004 ql2300 - ok
19:56:26.0923 5004 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:56:26.0926 5004 ql40xx - ok
19:56:26.0970 5004 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:56:26.0982 5004 QWAVE - ok
19:56:26.0997 5004 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:27.0001 5004 QWAVEdrv - ok
19:56:27.0024 5004 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:27.0026 5004 RasAcd - ok
19:56:27.0072 5004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:27.0074 5004 RasAgileVpn - ok
19:56:27.0108 5004 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:27.0120 5004 RasAuto - ok
19:56:27.0169 5004 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:27.0173 5004 Rasl2tp - ok
19:56:27.0209 5004 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:56:27.0223 5004 RasMan - ok
19:56:27.0254 5004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:27.0257 5004 RasPppoe - ok
19:56:27.0279 5004 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:27.0282 5004 RasSstp - ok
19:56:27.0308 5004 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:27.0314 5004 rdbss - ok
19:56:27.0350 5004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:56:27.0352 5004 rdpbus - ok
19:56:27.0374 5004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:27.0376 5004 RDPCDD - ok
19:56:27.0400 5004 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:27.0402 5004 RDPENCDD - ok
19:56:27.0420 5004 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:56:27.0423 5004 RDPREFMP - ok
19:56:27.0454 5004 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:27.0459 5004 RDPWD - ok
19:56:27.0495 5004 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:56:27.0500 5004 rdyboost - ok
19:56:27.0529 5004 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:27.0536 5004 RemoteAccess - ok
19:56:27.0568 5004 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:27.0580 5004 RemoteRegistry - ok
19:56:27.0622 5004 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:56:27.0626 5004 RFCOMM - ok
19:56:27.0649 5004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:56:27.0658 5004 RpcEptMapper - ok
19:56:27.0687 5004 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:56:27.0692 5004 RpcLocator - ok
19:56:27.0766 5004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:27.0781 5004 RpcSs - ok
19:56:27.0847 5004 [ 9BD6DEBC9862FBE0C0467F0633B34962 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
19:56:27.0854 5004 RSPCIESTOR - ok
19:56:27.0890 5004 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:27.0893 5004 rspndr - ok
19:56:27.0934 5004 [ EB8EA1C4C5E076D9EA61FB59960C5830 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:56:27.0946 5004 RTL8167 - ok
19:56:27.0971 5004 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:56:27.0977 5004 SamSs - ok
19:56:28.0011 5004 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:28.0014 5004 sbp2port - ok
19:56:28.0125 5004 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:56:28.0143 5004 SBSDWSCService - ok
19:56:28.0183 5004 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:28.0195 5004 SCardSvr - ok
19:56:28.0227 5004 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:56:28.0230 5004 scfilter - ok
19:56:28.0281 5004 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:56:28.0310 5004 Schedule - ok
19:56:28.0342 5004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:28.0346 5004 SCPolicySvc - ok
19:56:28.0414 5004 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:56:28.0417 5004 sdbus - ok
19:56:28.0458 5004 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:28.0469 5004 SDRSVC - ok
19:56:28.0496 5004 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:56:28.0499 5004 secdrv - ok
19:56:28.0525 5004 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:56:28.0533 5004 seclogon - ok
19:56:28.0572 5004 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:56:28.0582 5004 SENS - ok
19:56:28.0627 5004 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:56:28.0636 5004 SensrSvc - ok
19:56:28.0658 5004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:56:28.0660 5004 Serenum - ok
19:56:28.0683 5004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:56:28.0686 5004 Serial - ok
19:56:28.0722 5004 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:56:28.0725 5004 sermouse - ok
19:56:28.0780 5004 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:28.0790 5004 SessionEnv - ok
19:56:28.0866 5004 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\drivers\SFEP.sys
19:56:28.0869 5004 SFEP - ok
19:56:28.0896 5004 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:28.0898 5004 sffdisk - ok
19:56:28.0925 5004 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:28.0927 5004 sffp_mmc - ok
19:56:28.0947 5004 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:28.0950 5004 sffp_sd - ok
19:56:28.0983 5004 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:56:28.0985 5004 sfloppy - ok
19:56:29.0028 5004 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
19:56:29.0040 5004 Sftfs - ok
19:56:29.0102 5004 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:56:29.0110 5004 sftlist - ok
19:56:29.0130 5004 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:56:29.0136 5004 Sftplay - ok
19:56:29.0151 5004 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:56:29.0154 5004 Sftredir - ok
19:56:29.0187 5004 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
19:56:29.0189 5004 Sftvol - ok
19:56:29.0230 5004 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:56:29.0235 5004 sftvsa - ok
19:56:29.0286 5004 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:29.0298 5004 SharedAccess - ok
19:56:29.0339 5004 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:29.0355 5004 ShellHWDetection - ok
19:56:29.0391 5004 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:56:29.0394 5004 SiSRaid2 - ok
19:56:29.0421 5004 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:56:29.0424 5004 SiSRaid4 - ok
19:56:29.0490 5004 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:56:29.0494 5004 SkypeUpdate - ok
19:56:29.0557 5004 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:29.0560 5004 Smb - ok
19:56:29.0602 5004 [ AA17A14DA3B572C886D8064C72E9CC50 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
19:56:29.0605 5004 SmbDrv - ok
19:56:29.0735 5004 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:29.0743 5004 SNMPTRAP - ok
19:56:29.0812 5004 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
19:56:29.0816 5004 SOHCImp - ok
19:56:29.0831 5004 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
19:56:29.0833 5004 SOHDs - ok
19:56:29.0873 5004 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
19:56:29.0876 5004 Sony SCSI Helper Service - ok
19:56:29.0941 5004 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
19:56:29.0946 5004 SpfService - ok
19:56:29.0972 5004 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:29.0974 5004 spldr - ok
19:56:30.0033 5004 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:30.0052 5004 Spooler - ok
19:56:30.0162 5004 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:56:30.0265 5004 sppsvc - ok
19:56:30.0283 5004 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:56:30.0293 5004 sppuinotify - ok
19:56:30.0356 5004 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
19:56:30.0362 5004 SQLAgent$MSSMLBIZ - ok
19:56:30.0423 5004 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:56:30.0428 5004 SQLBrowser - ok
19:56:30.0504 5004 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:56:30.0508 5004 SQLWriter - ok
19:56:30.0536 5004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:30.0544 5004 srv - ok
19:56:30.0569 5004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:30.0577 5004 srv2 - ok
19:56:30.0599 5004 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:30.0603 5004 srvnet - ok
19:56:30.0649 5004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:30.0660 5004 SSDPSRV - ok
19:56:30.0683 5004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:30.0693 5004 SstpSvc - ok
19:56:30.0730 5004 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:56:30.0732 5004 stexstor - ok
19:56:30.0774 5004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:30.0794 5004 stisvc - ok
19:56:30.0816 5004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:56:30.0818 5004 swenum - ok
19:56:30.0856 5004 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:56:30.0875 5004 swprv - ok
19:56:30.0940 5004 [ 321EA1320771419C0956DE50F270C3E5 ] SynTP C:\Windows\system32\drivers\SynTP.sys
19:56:30.0948 5004 SynTP - ok
19:56:31.0020 5004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:56:31.0061 5004 SysMain - ok
19:56:31.0084 5004 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:31.0095 5004 TabletInputService - ok
19:56:31.0124 5004 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:31.0139 5004 TapiSrv - ok
19:56:31.0158 5004 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:56:31.0168 5004 TBS - ok
19:56:31.0251 5004 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:31.0280 5004 Tcpip - ok
19:56:31.0362 5004 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:31.0391 5004 TCPIP6 - ok
19:56:31.0448 5004 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:31.0451 5004 tcpipreg - ok
19:56:31.0478 5004 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:31.0481 5004 TDPIPE - ok
19:56:31.0513 5004 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:31.0516 5004 TDTCP - ok
19:56:31.0562 5004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:31.0566 5004 tdx - ok
19:56:31.0582 5004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:56:31.0585 5004 TermDD - ok
19:56:31.0654 5004 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:56:31.0676 5004 TermService - ok
19:56:31.0700 5004 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:56:31.0710 5004 Themes - ok
19:56:31.0744 5004 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:31.0751 5004 THREADORDER - ok
19:56:31.0795 5004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:56:31.0806 5004 TrkWks - ok
19:56:31.0863 5004 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:31.0867 5004 TrustedInstaller - ok
19:56:31.0920 5004 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:31.0923 5004 tssecsrv - ok
19:56:31.0952 5004 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:56:31.0955 5004 TsUsbFlt - ok
19:56:31.0978 5004 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:56:31.0981 5004 TsUsbGD - ok
19:56:32.0017 5004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:32.0020 5004 tunnel - ok
19:56:32.0043 5004 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:56:32.0046 5004 uagp35 - ok
19:56:32.0105 5004 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
19:56:32.0108 5004 uCamMonitor - ok
19:56:32.0153 5004 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:32.0159 5004 udfs - ok
19:56:32.0200 5004 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:32.0209 5004 UI0Detect - ok
19:56:32.0244 5004 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:32.0247 5004 uliagpkx - ok
19:56:32.0285 5004 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:32.0288 5004 umbus - ok
19:56:32.0320 5004 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:56:32.0322 5004 UmPass - ok
19:56:32.0413 5004 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:56:32.0419 5004 UNS - ok
19:56:32.0456 5004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:56:32.0472 5004 upnphost - ok
19:56:32.0499 5004 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:32.0503 5004 usbccgp - ok
19:56:32.0544 5004 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:32.0547 5004 usbcir - ok
19:56:32.0566 5004 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:56:32.0569 5004 usbehci - ok
19:56:32.0604 5004 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:56:32.0611 5004 usbhub - ok
19:56:32.0647 5004 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:56:32.0649 5004 usbohci - ok
19:56:32.0687 5004 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:32.0690 5004 usbprint - ok
19:56:32.0741 5004 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:56:32.0744 5004 usbscan - ok
19:56:32.0774 5004 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:32.0778 5004 USBSTOR - ok
19:56:32.0796 5004 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:56:32.0798 5004 usbuhci - ok
19:56:32.0833 5004 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:56:32.0839 5004 usbvideo - ok
19:56:32.0862 5004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:56:32.0872 5004 UxSms - ok
19:56:32.0927 5004 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
19:56:32.0930 5004 VAIO Event Service - ok
19:56:33.0022 5004 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
19:56:33.0030 5004 VAIO Power Management - ok
19:56:33.0070 5004 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:56:33.0076 5004 VaultSvc - ok
19:56:33.0147 5004 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
19:56:33.0164 5004 VCFw - ok
19:56:33.0244 5004 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
19:56:33.0254 5004 VcmIAlzMgr - ok
19:56:33.0290 5004 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
19:56:33.0297 5004 VcmINSMgr - ok
19:56:33.0341 5004 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
19:56:33.0345 5004 VcmXmlIfHelper - ok
19:56:33.0377 5004 [ D076011ECD0D1310E879F32EBF3B4886 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
19:56:33.0379 5004 VCService - ok
19:56:33.0426 5004 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:56:33.0428 5004 vdrvroot - ok
19:56:33.0465 5004 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:56:33.0483 5004 vds - ok
19:56:33.0533 5004 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:33.0535 5004 vga - ok
19:56:33.0551 5004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:33.0554 5004 VgaSave - ok
19:56:33.0585 5004 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:56:33.0591 5004 vhdmp - ok
19:56:33.0656 5004 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:33.0658 5004 viaide - ok
19:56:33.0721 5004 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:33.0724 5004 volmgr - ok
19:56:33.0769 5004 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:33.0776 5004 volmgrx - ok
19:56:33.0887 5004 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:33.0893 5004 volsnap - ok
19:56:34.0010 5004 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:56:34.0014 5004 vsmraid - ok
19:56:34.0109 5004 [ 596E65BDEE804CC6658A39756CC61849 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
19:56:34.0124 5004 VSNService - ok
19:56:34.0195 5004 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:56:34.0227 5004 VSS - ok
19:56:34.0300 5004 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
19:56:34.0319 5004 VUAgent - ok
19:56:34.0350 5004 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:34.0353 5004 vwifibus - ok
19:56:34.0391 5004 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:34.0394 5004 vwififlt - ok
19:56:34.0423 5004 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:56:34.0425 5004 vwifimp - ok
19:56:34.0465 5004 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:56:34.0482 5004 W32Time - ok
19:56:34.0514 5004 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:56:34.0517 5004 WacomPen - ok
19:56:34.0570 5004 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:56:34.0574 5004 WANARP - ok
19:56:34.0584 5004 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:34.0587 5004 Wanarpv6 - ok
19:56:34.0680 5004 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:56:34.0699 5004 WatAdminSvc - ok
19:56:34.0776 5004 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:56:34.0807 5004 wbengine - ok
19:56:34.0833 5004 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:56:34.0846 5004 WbioSrvc - ok
19:56:34.0888 5004 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:34.0905 5004 wcncsvc - ok
19:56:34.0928 5004 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:34.0944 5004 WcsPlugInService - ok
19:56:34.0974 5004 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:56:34.0977 5004 Wd - ok
19:56:35.0041 5004 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:35.0054 5004 Wdf01000 - ok
19:56:35.0076 5004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:35.0087 5004 WdiServiceHost - ok
19:56:35.0098 5004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:35.0111 5004 WdiSystemHost - ok
19:56:35.0154 5004 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:56:35.0168 5004 WebClient - ok
19:56:35.0193 5004 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:35.0210 5004 Wecsvc - ok
19:56:35.0232 5004 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:35.0245 5004 wercplsupport - ok
19:56:35.0283 5004 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:35.0293 5004 WerSvc - ok
19:56:35.0333 5004 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:35.0335 5004 WfpLwf - ok
19:56:35.0352 5004 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:56:35.0354 5004 WIMMount - ok
19:56:35.0388 5004 WinDefend - ok
19:56:35.0406 5004 WinHttpAutoProxySvc - ok
19:56:35.0480 5004 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:35.0486 5004 Winmgmt - ok
19:56:35.0562 5004 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:35.0611 5004 WinRM - ok
19:56:35.0686 5004 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:35.0712 5004 Wlansvc - ok
19:56:35.0765 5004 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:56:35.0767 5004 wlcrasvc - ok
19:56:35.0859 5004 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:35.0893 5004 wlidsvc - ok
19:56:35.0920 5004 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:56:35.0922 5004 WmiAcpi - ok
19:56:35.0999 5004 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:36.0004 5004 wmiApSrv - ok
19:56:36.0056 5004 WMPNetworkSvc - ok
19:56:36.0091 5004 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:36.0102 5004 WPCSvc - ok
19:56:36.0125 5004 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:36.0137 5004 WPDBusEnum - ok
19:56:36.0169 5004 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:36.0172 5004 ws2ifsl - ok
19:56:36.0203 5004 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:56:36.0215 5004 wscsvc - ok
19:56:36.0228 5004 WSearch - ok
19:56:36.0331 5004 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:36.0390 5004 wuauserv - ok
19:56:36.0442 5004 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:36.0446 5004 WudfPf - ok
19:56:36.0535 5004 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:36.0539 5004 WUDFRd - ok
19:56:36.0587 5004 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:36.0600 5004 wudfsvc - ok
19:56:36.0636 5004 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:56:36.0648 5004 WwanSvc - ok
19:56:36.0718 5004 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
19:56:36.0721 5004 ZAtheros Bt&Wlan Coex Agent - ok
19:56:36.0801 5004 ================ Scan global ===============================
19:56:36.0832 5004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:56:36.0875 5004 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:56:36.0893 5004 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:56:36.0928 5004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:56:36.0959 5004 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:56:36.0969 5004 [Global] - ok
19:56:36.0970 5004 ================ Scan MBR ==================================
19:56:36.0977 5004 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:56:36.0978 5004 Suspicious mbr (Forged): \Device\Harddisk0\DR0
19:56:37.0077 5004 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
19:56:37.0077 5004 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
19:56:37.0087 5004 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:56:37.0103 5004 \Device\Harddisk1\DR1 - ok
19:56:37.0104 5004 ================ Scan VBR ==================================
19:56:37.0109 5004 [ 8C4315C51212EE753D0DF958841CA5F6 ] \Device\Harddisk0\DR0\Partition1
19:56:37.0112 5004 \Device\Harddisk0\DR0\Partition1 - ok
19:56:37.0132 5004 [ 6E53122C8AF07CE113C351938E4FE5E1 ] \Device\Harddisk0\DR0\Partition2
19:56:37.0136 5004 \Device\Harddisk0\DR0\Partition2 - ok
19:56:37.0142 5004 [ 94B848308465503F65434424F8120929 ] \Device\Harddisk1\DR1\Partition1
19:56:37.0145 5004 \Device\Harddisk1\DR1\Partition1 - ok
19:56:37.0148 5004 ============================================================
19:56:37.0148 5004 Scan finished
19:56:37.0148 5004 ============================================================
19:56:37.0171 5888 Detected object count: 1
19:56:37.0171 5888 Actual detected object count: 1
19:57:00.0799 5888 \Device\Harddisk0\DR0\# - copied to quarantine
19:57:00.0803 5888 \Device\Harddisk0\DR0 - copied to quarantine
19:57:00.0911 5888 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
19:57:00.0992 5888 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
19:57:01.0031 5888 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
19:57:08.0932 5888 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:57:09.0022 5888 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:57:09.0024 5888 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:57:09.0028 5888 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:57:09.0033 5888 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:57:09.0104 5888 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:57:09.0168 5888 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:57:09.0172 5888 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:57:09.0176 5888 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:57:09.0286 5888 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
19:57:09.0335 5888 \Device\Harddisk0\DR0 - ok
19:57:09.0729 5888 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
19:57:25.0278 1892 Deinitialize success




This was also saved as a text file:

19:59:26.0485 5000 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:59:27.0328 5000 ============================================================
19:59:27.0328 5000 Current date / time: 2013/03/06 19:59:27.0328
19:59:27.0328 5000 SystemInfo:
19:59:27.0328 5000
19:59:27.0328 5000 OS Version: 6.1.7601 ServicePack: 1.0
19:59:27.0328 5000 Product type: Workstation
19:59:27.0328 5000 ComputerName: GHOSTFISH
19:59:27.0328 5000 UserName: Dad
19:59:27.0328 5000 Windows directory: C:\Windows
19:59:27.0328 5000 System windows directory: C:\Windows
19:59:27.0328 5000 Running under WOW64
19:59:27.0328 5000 Processor architecture: Intel x64
19:59:27.0328 5000 Number of processors: 4
19:59:27.0328 5000 Page size: 0x1000
19:59:27.0328 5000 Boot type: Normal boot
19:59:27.0328 5000 ============================================================
19:59:27.0718 5000 BG loaded
19:59:28.0186 5000 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:59:28.0201 5000 Drive \Device\Harddisk1\DR1 - Size: 0x1DDC00000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:59:28.0217 5000 ============================================================
19:59:28.0217 5000 \Device\Harddisk0\DR0:
19:59:28.0232 5000 MBR partitions:
19:59:28.0232 5000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24FE800, BlocksNum 0xAF000
19:59:28.0232 5000 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25AD800, BlocksNum 0x37DD8030
19:59:28.0232 5000 \Device\Harddisk1\DR1:
19:59:28.0232 5000 MBR partitions:
19:59:28.0232 5000 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xEEC000
19:59:28.0232 5000 ============================================================
19:59:28.0310 5000 C: <-> \Device\Harddisk0\DR0\Partition2
19:59:28.0310 5000 ============================================================
19:59:28.0310 5000 Initialize success
19:59:28.0310 5000 ============================================================
19:59:39.0243 4952 Deinitialize success

It finally was able to have one complete the process but it happened after I ran the Tdsskiller and posted the report. Not sure if they needed to be run in order but when i tried the roguekiller first it would not finish.

RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dad [Admin rights]
Mode : Scan -- Date : 03/06/2013 20:26:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] ouc.exe -- C:\ProgramData\Cricket Broadband EC1705\userdata\ouc.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[TASK][SUSP PATH] Updater21804.exe : C:\Users\Dad\AppData\Local\Updater21804\Updater21804.exe /extensionid=21804 /extensionname="Coupon Companion Plugin" /chromeid=jneaojaoiajhnemidnjhoempalnidbhj [-] -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547550A9E384 +++++
--- User ---
[MBR] f3cf41453ecbc884d072f6027fc3d8e7
[BSP] fe653986d72f9ce43cef146b53b9970e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18940 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 38791168 | Size: 350 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 39507968 | Size: 457648 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_03062013_02d2026.txt >>
RKreport[1]_S_03062013_02d2026.txt

Well done on getting those to run.

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

close all programs
double-click RogueKiller.exe - Windows 7: right-click the program and select Run as Administrator'
after it has completed it's prescan click on the “Registry” tab
make sure this entry there is checked, then click on Delete


[TASK][SUSP PATH] Updater21804.exe : C:\Users\Dad\AppData\Local\Updater21804\Updater21804.exe /extensionid=21804 /extensionname="Coupon Companion Plugin" /chromeid=jneaojaoiajhnemidnjhoempalnidbhj [-] -> FOUND


please provide the RKreport (Mode: Delete) created on the Desktop.

(The RKreport also opens using the Report button on the console.)

===================================================

Download and run ComboFix

Download Combofix from either of the links below, and save it to your desktop.

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)

**Note: It MUST be saved directly to your desktop. Choose save as and then make sure you choose Desktop

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here (http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html&pid=494216#entry494216)

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
when finished, it will produce a report for you.
please post C:\ComboFix.txt in your reply.

Logs to include in your next post:

RKreport (Mode: Delete)
ComboFix.txt

Thanks

Satchfan

RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dad [Admin rights]
Mode : Remove -- Date : 03/07/2013 05:19:41
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[TASK][SUSP PATH] Updater21804.exe : C:\Users\Dad\AppData\Local\Updater21804\Updater21804.exe /extensionid=21804 /extensionname="Coupon Companion Plugin" /chromeid=jneaojaoiajhnemidnjhoempalnidbhj [-] -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NOT SELECTED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547550A9E384 +++++
--- User ---
[MBR] f3cf41453ecbc884d072f6027fc3d8e7
[BSP] fe653986d72f9ce43cef146b53b9970e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18940 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 38791168 | Size: 350 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 39507968 | Size: 457648 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] 5ed921ac9c57145f34199e90902ec12b
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7640 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[3]_D_03072013_02d0519.txt >>
RKreport[1]_S_03062013_02d2026.txt ; RKreport[2]_S_03072013_02d0518.txt ; RKreport[3]_D_03072013_02d0519.txt










ComboFix 13-03-05.01 - Dad 03/07/2013 5:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3996.2068 [GMT -7:00]
Running from: c:\users\Dad\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Coupon Companion Plugin\CoUPon companion plugin.dll
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-07 to 2013-03-07 )))))))))))))))))))))))))))))))
.
.
2013-03-07 12:35 . 2013-03-07 12:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-07 12:35 . 2013-03-07 12:35 -------- d-----w- c:\users\Ritz\AppData\Local\temp
2013-03-07 02:56 . 2013-03-07 02:56 -------- d-----w- C:\TDSSKiller_Quarantine
2013-03-07 02:10 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{62DAAB43-C955-41D0-9781-3707323AE8F2}\mpengine.dll
2013-03-07 02:02 . 2013-03-07 02:02 -------- d-----w- c:\users\Dad\AppData\Local\Avg2013
2013-03-04 17:12 . 2013-03-04 17:12 0 ----a-w- c:\windows\SysWow64\sho6A66.tmp
2013-03-02 05:24 . 2013-03-03 02:05 -------- d-----w- c:\program files (x86)\ERUNT
2013-02-27 17:07 . 2013-02-27 17:07 -------- d-----w- c:\users\Dad\AppData\Roaming\TuneUp Software
2013-02-27 16:57 . 2013-03-07 02:03 -------- d-----w- c:\programdata\MFAData
2013-02-27 16:57 . 2013-02-27 16:57 -------- d--h--w- c:\programdata\Common Files
2013-02-27 16:57 . 2013-02-27 16:57 -------- d-----w- c:\users\Dad\AppData\Local\MFAData
2013-02-27 14:49 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-02-27 14:49 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-27 14:49 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-02-27 14:49 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-02-27 14:49 . 2013-01-13 19:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-02-14 01:37 . 2013-03-07 02:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-14 01:37 . 2013-02-14 01:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2013-02-14 01:33 . 2013-02-14 01:43 -------- d-----w- c:\program files (x86)\Iminent
2013-02-14 01:30 . 2013-02-14 01:30 -------- d-----w- c:\users\Dad\AppData\Local\Coupon Companion Plugin
2013-02-14 01:29 . 2013-02-14 01:29 -------- d-----w- c:\users\Dad\AppData\Local\Updater21804
2013-02-14 01:29 . 2013-03-07 12:35 -------- d-----w- c:\program files (x86)\Coupon Companion Plugin
2013-02-14 00:59 . 2013-02-14 00:59 -------- d-----w- c:\users\Dad\AppData\Local\PackageAware
2013-02-14 00:16 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 00:16 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 22:19 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 22:19 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 22:19 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 22:19 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 22:19 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 22:19 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 22:19 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 22:19 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 22:19 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 18:02 . 2012-06-16 07:58 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-27 18:01 . 2012-06-16 07:58 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 08:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-13 22:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-26 02:00 . 2012-12-26 02:00 61440 ----a-r- c:\users\Dad\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2012-12-26 01:59 . 2012-12-26 01:59 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2012-12-16 17:11 . 2012-12-22 03:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 03:22 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 03:22 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 03:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-12 00:43 . 2011-03-29 01:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-07 13:20 . 2013-01-09 00:37 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 00:37 2746368 ----a-w- c:\windows\system32\gameux.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_Cricket Broadband EC1705"="c:\program files (x86)\Cricket Broadband EC1705\UpdateDog\ouc.exe" [2012-08-16 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-22 291608]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"ArcSoft MediaImpression Monitor"="c:\program files (x86)\Kodak\MediaImpression\ArcMonitor.exe" [2010-11-12 73728]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2009-12-22 225280]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2012-02-23 51872]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-09-15 195320]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-22 112256]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-08-16 114560]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2012-08-16 252928]
R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys [2012-02-24 36128]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2012-03-13 21264]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-27 101600]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-25 1255736]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);c:\program files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-02-22 16152]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-02-23 106144]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-07-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-02-08 2429544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-13 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-13 161560]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-12-01 260768]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-13 363800]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2012-03-26 978056]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-02-24 158880]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-02-23 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-02-23 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-02-23 110752]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-02-23 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-02-23 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-02-24 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-02-24 280992]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys [2012-02-24 421664]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-02-24 550560]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-16 83456]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-03-14 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2012-02-22 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2012-02-22 787736]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-02-08 339048]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-13 675432]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2012-01-16 14336]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-06 06:06 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 18:02]
.
2013-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-13 22:50]
.
2013-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-13 22:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-13 1156712]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-02-23 1020576]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-02-23 800416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-14 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-14 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-14 440600]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
BHO-{11111111-1111-1111-1111-110211181104} - c:\program files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
Wow6432Node-HKCU-Run-BitTorrent - c:\program files (x86)\BitTorrent\BitTorrent.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-68668969.sys
WebBrowser-{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-CanonMyPrinter - c:\program files\Canon\MyPrinter\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-07 05:39:20
ComboFix-quarantined-files.txt 2013-03-07 12:39
.
Pre-Run: 408,500,789,248 bytes free
Post-Run: 408,084,291,584 bytes free
.
- - End Of File - - 14BB8D2CFEF3D83DA80FE1A31C842984

Download and run AdwCleaner

Download AdwCleaner from here (http://api.viglink.com/api/click?format=go&key=bf4adfcbb328b51c165afd7f95bfc060&loc=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F322162-avg-secure-search-and-google-sync%2F&v=1&libid=1348314395808&out=http%3A%2F%2Fgeneral-changelog-team.fr%2Fen%2Fdownloads%2Ffinish%2F20-outils-de-xplode%2F2-adwcleaner&ref=http%3A%2F%2Fwww.google.co.uk%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Ddownload%2520and%2520run%2520adwcleaner%26source%3Dweb%26cd%3D5%26sqi%3D2%26ved%3D0CEAQFjAE%26url%3Dhttp%253A%252F%252Fwww.geekstogo.com%252Fforum%252Ftopic%252F322162-avg-secure-search-and-google-sync%252F%26ei%3DDKVdULHtOo7P0AWZ6oDQBA%26usg%3DAFQjCNEzNnaWddR5PWyz-MxdM_0U0UVz1A&title=AVG%20Secure%20Search%20and%20Google%20sync%20-%20Geeks%20to%20Go%20Forums&txt=ADWCLEANER&jsonp=vglnk_jsonp_13483144033661) and save it to your desktop.

run AdwCleaner and select Delete
when it has finished it will ask to reboot - allow the reboot
on reboot a log will be produced; please attach the content of the log to your next reply

===================================================

Download and run Junkware Removal Tool

http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.

Logs to include in the next post:

AdwCleaner log
JRT.txt

Can you tell me how your computer is running now.

Thanks

Satchfan

The only system my computer was showing was that the AVAST network shield kept popping up frequently saying it was blocking a harmful site from trying to access computer. That is no longer happening. Computer runs fine now.



# AdwCleaner v2.114 - Logfile created 03/07/2013 at 06:31:25
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Dad - GHOSTFISH
# Boot Mode : Normal
# Running from : C:\Users\Dad\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Coupon Companion Plugin
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Users\Dad\AppData\Local\Conduit
Folder Deleted : C:\Users\Dad\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Dad\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Dad\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3272718
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Ritz\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12039 octets] - [07/03/2013 06:31:25]

########## EOF - C:\AdwCleaner[S1].txt - [12100 octets] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dad on Thu 03/07/2013 at 6:37:19.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dad\appdata\local\updater21804"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Dad\appdata\local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/07/2013 at 6:47:06.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

*** meant to say the only symptom instead of system***

*** meant to say the only symptom instead of system*** I got that :)

Looking and sounding good but we need to do a few final checks before I can give you instructions on how to clean up the tools we’ve used.


First we need to take care of Chrome. Unfortunately, when Chrome has “bad” entries, the easiest, (and usually the only) way to deal with this is to uninstall and re-install it.
.
Uninstall Chrome and, if asked about user data or settings, remove those also.

Restart the computer and re-install Chrome

====================================================

Download Malwarebytes-Anti-Malware

Click here (http://www.filehippo.com/download_malwarebytes_anti_malware/).


double-click mbam-setup.exe and follow the prompts to install the program.
at the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware. and Launch Malwarebytes' Anti-Malware, then click Finish..
if an update is found, it will download and install the latest version.
once the program has loaded, select Perform quick scan, then click Scan.
when the scan is complete, click OK, then Show Results to view the results.
be sure that everything is checked, and click Remove Selected.
when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
copy and paste the contents of that report in your next reply and exit MBAM.


NOTE: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

====================================================

Run Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).


save it to your Desktop. double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. a Notepad document should open automatically called checkup.txt; please post the contents of that document.


Logs to include with the next post:

Mbam.txt
checkup.txt

Satchfan

Do i have to reinstall chrome. I do not use it and i believe it came on the computer already. Can I just uninstall it or do you recommend reinstalling it?

I don't like it and it's more trouble than it's worth so I would agree with you - don't bother with it. ;)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.07.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dad :: GHOSTFISH [administrator]

3/7/2013 10:10:58 AM
mbam-log-2013-03-07 (10-10-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243336
Time elapsed: 3 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Results of screen317's Security Check version 0.99.60
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
Java(TM) 7 Update 1
Java version out of Date!
Adobe Flash Player 11.6.602.171
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

Another positive.

One final scan and if all is well I'll give instructions to tidy up.

Run ESET Online Scan

IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here (http://www.bleepingcomputer.com/forums/topic114351.html).

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan (http://www.eset.com/online-scanner)
click the Eset online Scanner button.
for alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
double click on the Eset installer icon on your desktop. check Yes, I accept the Terms of Use
click the Start button.
accept any security warnings from your browser.
check Scan archives
click Advanced settings and select the following:

scan potentially unwanted applications
scan for potentially unsafe applications
enable Anti-Stealth technology
click the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take quite a long time.
when the scan completes, push List of found threats
click on Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Note - if ESET doesn't find any threats, no report will be created.
click on the back button.
click on Finish If a log has been produced post it in your next reply.

Satchfan

No report was created.

As Eset found nothing your computer appears to be clean.

Now that you’re free from malware, as long as your computer seems to be running well, please follow these simple steps to tidy up you computer and decrease the likelihood of getting infected again:

Uninstall Combofix

Follow these steps to uninstall Combofix

click START then RUN
now type Combofix /uninstall in the runbox and click OK.
Note the space between the X and the /, it needs to be there.
http://i944.photobucket.com/albums/ad283/Ninamf/WTT/CFuninstall.jpg

please follow the prompts to uninstall Combofix.
once it's finished uninstalling itself you will receive a message saying Combofix was uninstalled successfully. ===================================================

Uninstall AdwCleaner
double-click on adwcleaner.exe to run the tool
click on Uninstall
confirm with Yes. You can delete all other logs and programs we’ve used that are on your desktop. Just click on them and press Delete.

===================================================

Uninstall and update Java

The version you have is old and therefore vulnerable to infections

Remove Java(TM) 7 Update 1 and Java(TM) 7 Update 1 (64-bit)

From the Start menu, select Control Panel.
In Classic View, double-click Programs and Features. In Control Panel Home view, under "Programs", click Uninstall a program.
Select the program you want to remove, and click Uninstall. Alternatively, right-click the program and select Uninstall.

Install the latest version of Java from here (http://www.java.com/en/download/manual.jsp)

NOTE – when you install Java, before clicking on Install, be sure to Uncheck “Install the Ask Toolbar and make Ask my default search provider”

http://i944.photobucket.com/albums/ad283/Ninamf/Java.gif

===================================================

Spybot - Search and Destroy’ – Re-enable TeaTimer and remember to scan your computer with the program on a regular basis as you would with your anti-virus software.

===================================================

Update and run Malwarebytes. This really is an excellent program that you should also update and run on a regular basis, probably weekly.

===================================================

It’s important to keep programs up to date so that malware doesn't exploit any old security flaws.

FileHippo Update Checker (http://www.filehippo.com/updatechecker/FHsetup.exe) is an extremely helpful program that will tell you which of your programs need to be updated.

===================================================

I also recommend that you read the following:

How to prevent malware (http://miekiemoes.blogspot.com/2008/02/how-to-prevent-malware.html) by miekiemoes

I'll leave this thread open for 24 hours and if I hear nothing from you I'll assume that all is well and close the topic.

Safe computing

Satchfan

I've done all the steps you have outlined. Thank you very much for your time, patience, and help. I am truly humbled and grateful to have had the pleasure of your assistance. I hope that one day when you need a helping hand, whether it be online or offline, there will be a personal of equal generosity and zeal to aid you. Goodbye, and thanks once again.

Just and FYI, the File hippo link downloads the program but for some reason it doesnt ever load properly. It always says something like an addon or plug in that is needs is not functioning.

I don’t know why that is happening with File Hippo but a good alternative is to visit Secunia Software Inspector (http://secunia.com/software_inspector) and check at regular intervals. Secunia will detect vulnerable and out-dated programs and plug-ins which leave your computer vulnerable to infections.