Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake adobe flash player installer and redirect virus


  • This topic is locked This topic is locked
67 replies to this topic

#31 Hexious

Hexious

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:55 AM

Posted 22 July 2012 - 08:36 PM

Did that. Thanks again for all the help. :)

BC AdBot (Login to Remove)

 


#32 dlucky13

dlucky13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 25 November 2012 - 11:30 AM

boopme, I hope you are still around / available.

My wife's laptop is doing nearly the exact same things as the OP, but she uses Chrome as her main browser. I asked her to check other browsers and they were all doing the redirect thing. It is a Sony Vaio running Windows Vista. I'm writing this message on my desktop as I perform the tasks on her infected machine. We do have a router, but my machine so far seems to be fine and free of infection.

I am starting with your first response post and running MiniToolBox. I got a log and will paste it below, but when running it, I also got the error: "The ordinal 1109 could not be located in the dynamic link library WSOCK32.dll" the error window was titled: "nslookup.exe - Ordinal Not Found" When clicking the ok button on that error window, the program crashed and I got a "nslookup has stopped working" window with the MiniToolBox window still open and looking like it is still running (little bar at the bottom keeps going left to right with the heading "getting ipconfig..."

If anyone else is able to help as well, I would much appreciate it!!

Anyway, here is the "Result.txt" file pasted contents:


MiniToolBox by Farbar Version: 25-11-2012
Ran by Amy (administrator) on 25-11-2012 at 11:14:48
Running from "C:\Users\Amy\Desktop"
Windows Vista ™ Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 5100 = Wireless Network Connection (Connected)
Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
The following helper DLL cannot be loaded: IFMON.DLL.
The following command was not found: int ip dump.

Windows IP Configuration

Host Name . . . . . . . . . . . . : Amy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-21-4F-57-0F-90
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 5100
Physical Address. . . . . . . . . : 00-21-5D-22-EC-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7496:6819:fa18:2320%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 21, 2012 7:06:45 PM
Lease Expires . . . . . . . . . . : Monday, November 26, 2012 3:03:20 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : .
Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-BA-25-DD-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E67921E4-6019-4C78-9D5A-BB3C989838BE}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap..
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes


Pinging google.com [74.125.137.139] with 32 bytes of data:

Reply from 74.125.137.139: bytes=32 time=37ms TTL=45

Reply from 74.125.137.139: bytes=32 time=38ms TTL=45



Ping statistics for 74.125.137.139:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 37ms, Maximum = 38ms, Average = 37ms



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=98ms TTL=46

Reply from 98.138.253.109: bytes=32 time=83ms TTL=46



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 83ms, Maximum = 98ms, Average = 90ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
13 ...00 21 4f 57 0f 90 ...... Bluetooth Device (Personal Area Network)
11 ...00 21 5d 22 ec 8e ...... Intel® Wireless WiFi Link 5100
10 ...00 1d ba 25 dd d0 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
1 ........................... Software Loopback Interface 1
16 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
19 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
18 ...00 00 00 00 00 00 00 e0 isatap.{E67921E4-6019-4C78-9D5A-BB3C989838BE}
17 ...00 00 00 00 00 00 00 e0 isatap..
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.105 26
169.254.255.255 255.255.255.255 On-link 192.168.1.105 281
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.2.104 1
169.254.0.0 255.255.0.0 192.168.1.105 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::7496:6819:fa18:2320/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [34816] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [45056] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/25/2012 11:27:46 AM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6001.18000, time stamp 0x47918e19, faulting module ntdll.dll, version 6.0.6001.18538, time stamp 0x4cb733e1, exception code 0xc0000138, fault offset 0x0006f1e7,
process id 0x2588, application start time 0xnslookup.exe0.

Error: (11/25/2012 11:24:13 AM) (Source: Application Error) (User: )
Description: Faulting application nslookup.exe, version 6.0.6001.18000, time stamp 0x47918e19, faulting module ntdll.dll, version 6.0.6001.18538, time stamp 0x4cb733e1, exception code 0xc0000138, fault offset 0x0006f1e7,
process id 0x1950, application start time 0xnslookup.exe0.

Error: (11/25/2012 10:27:46 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 8.0.6001.19088, time stamp 0x4de090ed, exception code 0xc00000fd, fault offset 0x0017e34f,
process id 0x2514, application start time 0xsvchost.exe0.

Error: (11/25/2012 08:45:51 AM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Windows Application, SystemIndex Catalog

Error: (11/25/2012 08:35:52 AM) (Source: Application Error) (User: )
Description: Faulting application ocsetup.exe, version 2.5.2795.6, time stamp 0x482a3285, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00690072,
process id 0x2034, application start time 0xocsetup.exe0.

Error: (11/25/2012 06:35:19 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 8.0.6001.19088, time stamp 0x4de090ed, exception code 0xc00000fd, fault offset 0x0017ec51,
process id 0x2158, application start time 0xsvchost.exe0.

Error: (11/25/2012 05:09:27 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 8.0.6001.19088, time stamp 0x4de090ed, exception code 0xc00000fd, fault offset 0x0017e34f,
process id 0x1108, application start time 0xsvchost.exe0.

Error: (11/25/2012 04:32:10 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 8.0.6001.19088, time stamp 0x4de090ed, exception code 0xc00000fd, fault offset 0x000badff,
process id 0x26a0, application start time 0xsvchost.exe0.

Error: (11/25/2012 04:07:05 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module mshtml.dll, version 8.0.6001.19088, time stamp 0x4de090ed, exception code 0xc00000fd, fault offset 0x0017eb98,
process id 0x1c80, application start time 0xsvchost.exe0.

Error: (11/25/2012 03:00:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35611845


System errors:
=============
Error: (08/12/2010 05:06:58 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/12/2010 05:06:58 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\FNETDEVI.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/07/2010 11:31:33 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/07/2010 11:31:33 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\SysWow64\drivers\FNETDEVI.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/07/2010 11:28:15 AM) (Source: DCOM) (User: )
Description: {657C7A59-4FEC-4C06-A354-607B1EB184FB}

Error: (08/07/2010 11:26:56 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/07/2010 10:44:50 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/07/2010 10:44:44 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/07/2010 10:44:38 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/07/2010 10:44:32 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (11/25/2012 11:27:46 AM) (Source: Application Error)(User: )
Description: nslookup.exe6.0.6001.1800047918e19ntdll.dll6.0.6001.185384cb733e1c00001380006f1e7258801cdcb29cca140b0

Error: (11/25/2012 11:24:13 AM) (Source: Application Error)(User: )
Description: nslookup.exe6.0.6001.1800047918e19ntdll.dll6.0.6001.185384cb733e1c00001380006f1e7195001cdcb2803deb5f0

Error: (11/25/2012 10:27:46 AM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89mshtml.dll8.0.6001.190884de090edc00000fd0017e34f251401cdcb2145cd3c90

Error: (11/25/2012 08:45:51 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Error: (11/25/2012 08:35:52 AM) (Source: Application Error)(User: )
Description: ocsetup.exe2.5.2795.6482a3285unknown0.0.0.000000000c000000500690072203401cdcb1190c080f0

Error: (11/25/2012 06:35:19 AM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89mshtml.dll8.0.6001.190884de090edc00000fd0017ec51215801cdcb0097286d60

Error: (11/25/2012 05:09:27 AM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89mshtml.dll8.0.6001.190884de090edc00000fd0017e34f110801cdcaf4a68c5ca0

Error: (11/25/2012 04:32:10 AM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89mshtml.dll8.0.6001.190884de090edc00000fd000badff26a001cdcaef66c8e9d0

Error: (11/25/2012 04:07:05 AM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89mshtml.dll8.0.6001.190884de090edc00000fd0017eb981c8001cdcaebfa7465f0

Error: (11/25/2012 03:00:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35611845


CodeIntegrity Errors:
===================================
Date: 2011-11-11 04:31:55.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-11 04:31:55.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-11 04:31:55.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-11-11 04:31:55.578
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-07-16 14:58:40.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-07-16 14:58:40.551
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-07-16 14:58:40.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-07-16 14:58:40.380
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-06-04 06:14:34.869
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-06-04 06:14:34.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.4)
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000)
Apple Mobile Device Support (Version: 5.2.0.6)
Bonjour (Version: 3.0.0.10)
Canon MX430 series MP Drivers
Canon MX880 series MP Drivers
Dolby Control Center (Version: 1.2.0702)
Dropbox (Version: 1.4.7)
Google Chrome (Version: 23.0.1271.64)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Officejet 6500 E709 Series (Version: 12.0)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
iCloud (Version: 1.1.0.40)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version: 12.00.0004)
iTunes (Version: 10.6.3.25)
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Protection Service (Version: 2.1.1300.0)
Microsoft Windows Live OneCare Resources v2.5.2795.6 (Version: 2.5.2795.6)
Microsoft Windows OneCare Live AntiSpyware and AntiVirus (Version: 1.5.1944.14)
Microsoft Windows OneCare Live v2.5.2795.6 (Version: 2.5.2795.6)
Move Media Player
Network64 (Version: 140.0.215.000)
NVIDIA Drivers
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Octoshape add-in for Adobe Flash Player
Protector Suite QL 5.6 (Version: 5.6.2.4447)
PVSonyDll (Version: 1.00.0000)
RedMon - Redirection Port Monitor
Regi (Version: 1.00.0000)
Shop for HP Supplies (Version: 14.0)
Smilebox
Synaptics Pointing Device Driver (Version: 10.2.7.0)
Unity Web Player (Version: 2.6.1f3_31223)
WIDCOMM Bluetooth Software 6.2.0.4500 (Version: 6.2.0.4500)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Workspace Desktop

========================= Memory info: ===================================

Percentage of memory in use: 67%
Total physical RAM: 4062.13 MB
Available physical RAM: 1327.2 MB
Total Pagefile: 8327.55 MB
Available Pagefile: 4924.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 4001.73 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.12 GB) (Free:92.37 GB) NTFS

========================= Users: ========================================

User accounts for \\AMY-PC

Administrator Amy Guest

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini071511-01.dmp
C:\Windows\Minidump\Mini111011-01.dmp

**** End of log ****

#33 dlucky13

dlucky13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 25 November 2012 - 11:37 AM

I've completed the second step of running the TDSSKiller utility. It found no threats (processed 429 objects in 30 seconds), and did not require a reboot.

Here is the log:

11:31:59.0395 10160 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:32:00.0366 10160 ============================================================
11:32:00.0366 10160 Current date / time: 2012/11/25 11:32:00.0366
11:32:00.0366 10160 SystemInfo:
11:32:00.0366 10160
11:32:00.0366 10160 OS Version: 6.0.6001 ServicePack: 1.0
11:32:00.0366 10160 Product type: Workstation
11:32:00.0366 10160 ComputerName: AMY-PC
11:32:00.0367 10160 UserName: Amy
11:32:00.0367 10160 Windows directory: C:\Windows
11:32:00.0367 10160 System windows directory: C:\Windows
11:32:00.0367 10160 Running under WOW64
11:32:00.0367 10160 Processor architecture: Intel x64
11:32:00.0367 10160 Number of processors: 2
11:32:00.0367 10160 Page size: 0x1000
11:32:00.0367 10160 Boot type: Normal boot
11:32:00.0367 10160 ============================================================
11:32:02.0464 10160 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:32:02.0529 10160 ============================================================
11:32:02.0529 10160 \Device\Harddisk0\DR0:
11:32:02.0529 10160 MBR partitions:
11:32:02.0529 10160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13EF800, BlocksNum 0x2403EAB0
11:32:02.0529 10160 ============================================================
11:32:02.0700 10160 C: <-> \Device\Harddisk0\DR0\Partition1
11:32:02.0700 10160 ============================================================
11:32:02.0700 10160 Initialize success
11:32:02.0700 10160 ============================================================
11:32:33.0209 1208 ============================================================
11:32:33.0209 1208 Scan started
11:32:33.0209 1208 Mode: Manual; TDLFS;
11:32:33.0209 1208 ============================================================
11:32:36.0073 1208 ================ Scan system memory ========================
11:32:36.0073 1208 System memory - ok
11:32:36.0074 1208 ================ Scan services =============================
11:32:36.0234 1208 [ 8C99ED256A889D647935A97C543B7B85 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:32:36.0240 1208 ACPI - ok
11:32:36.0450 1208 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:32:36.0452 1208 AdobeARMservice - ok
11:32:36.0577 1208 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:32:36.0591 1208 adp94xx - ok
11:32:36.0678 1208 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:32:36.0690 1208 adpahci - ok
11:32:36.0733 1208 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:32:36.0742 1208 adpu160m - ok
11:32:36.0776 1208 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:32:36.0785 1208 adpu320 - ok
11:32:36.0834 1208 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:32:36.0835 1208 AeLookupSvc - ok
11:32:36.0924 1208 [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD C:\Windows\system32\drivers\afd.sys
11:32:36.0947 1208 AFD - ok
11:32:37.0065 1208 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:32:37.0072 1208 agp440 - ok
11:32:37.0128 1208 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:32:37.0136 1208 aic78xx - ok
11:32:37.0175 1208 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
11:32:37.0177 1208 ALG - ok
11:32:37.0197 1208 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
11:32:37.0203 1208 aliide - ok
11:32:37.0228 1208 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
11:32:37.0234 1208 amdide - ok
11:32:37.0261 1208 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:32:37.0268 1208 AmdK8 - ok
11:32:37.0324 1208 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
11:32:37.0326 1208 Appinfo - ok
11:32:37.0432 1208 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:32:37.0434 1208 Apple Mobile Device - ok
11:32:37.0457 1208 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
11:32:37.0470 1208 arc - ok
11:32:37.0551 1208 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:32:37.0559 1208 arcsas - ok
11:32:37.0620 1208 [ 59D2BA1B18F14D0B49B830DC452261B0 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
11:32:37.0626 1208 ArcSoftKsUFilter - ok
11:32:37.0685 1208 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:32:37.0690 1208 AsyncMac - ok
11:32:37.0742 1208 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys
11:32:37.0743 1208 atapi - ok
11:32:37.0841 1208 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:32:37.0848 1208 AudioEndpointBuilder - ok
11:32:37.0858 1208 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:32:37.0861 1208 AudioSrv - ok
11:32:37.0984 1208 [ 1B1DB2FF2168742D9195E483B7D41DE6 ] AVerAVF2 C:\Windows\system32\DRIVERS\AVerAVF2.sys
11:32:38.0006 1208 AVerAVF2 - ok
11:32:38.0120 1208 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll
11:32:38.0128 1208 BFE - ok
11:32:38.0184 1208 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:32:38.0192 1208 blbdrive - ok
11:32:38.0306 1208 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:32:38.0313 1208 Bonjour Service - ok
11:32:38.0386 1208 [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:32:38.0388 1208 bowser - ok
11:32:38.0424 1208 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:32:38.0430 1208 BrFiltLo - ok
11:32:38.0476 1208 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:32:38.0481 1208 BrFiltUp - ok
11:32:38.0559 1208 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
11:32:38.0561 1208 Browser - ok
11:32:38.0626 1208 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
11:32:38.0633 1208 Brserid - ok
11:32:38.0678 1208 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:32:38.0685 1208 BrSerWdm - ok
11:32:38.0733 1208 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:32:38.0740 1208 BrUsbMdm - ok
11:32:38.0784 1208 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:32:38.0845 1208 BrUsbSer - ok
11:32:38.0948 1208 [ D4A3AE275D21B294F9B26F84748054D5 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:32:38.0955 1208 BthEnum - ok
11:32:38.0996 1208 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:32:39.0006 1208 BTHMODEM - ok
11:32:39.0031 1208 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:32:39.0033 1208 BthPan - ok
11:32:39.0089 1208 [ 04E4907FCB00CDFACA052DEA6462B01B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:32:39.0099 1208 BTHPORT - ok
11:32:39.0140 1208 [ 90E967B4BB5556EDC9C2EA0EB653D1B2 ] BthServ C:\Windows\System32\bthserv.dll
11:32:39.0141 1208 BthServ - ok
11:32:39.0170 1208 [ FD8F6802D7564046D933093705F9B9B4 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:32:39.0171 1208 BTHUSB - ok
11:32:39.0210 1208 [ 243661BC849EB1A7AD141680AE62886A ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:32:39.0219 1208 btwaudio - ok
11:32:39.0254 1208 [ 89C6567EBD92BBD2961C634604D6670F ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
11:32:39.0261 1208 btwavdt - ok
11:32:39.0327 1208 [ F1E307CD7DB62855FC0304605278F61F ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:32:39.0341 1208 btwdins - ok
11:32:39.0366 1208 [ 09BAF40735007BDE7DD95830AFCEFD26 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:32:39.0374 1208 btwl2cap - ok
11:32:39.0392 1208 [ 2BBF56E2114FABF63C3D00828FC3C86C ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:32:39.0393 1208 btwrchid - ok
11:32:39.0435 1208 [ FDB53A8D3BC52DC29884587E768E3388 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
11:32:39.0448 1208 CAXHWAZL - ok
11:32:39.0489 1208 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:32:39.0491 1208 cdfs - ok
11:32:39.0520 1208 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:32:39.0530 1208 cdrom - ok
11:32:39.0622 1208 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll
11:32:39.0624 1208 CertPropSvc - ok
11:32:39.0663 1208 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:32:39.0671 1208 circlass - ok
11:32:39.0717 1208 [ CAEDA2572B7042B11062F327F099251D ] CLFS C:\Windows\system32\CLFS.sys
11:32:39.0723 1208 CLFS - ok
11:32:39.0828 1208 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:32:39.0830 1208 clr_optimization_v2.0.50727_32 - ok
11:32:39.0907 1208 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:32:39.0909 1208 clr_optimization_v2.0.50727_64 - ok
11:32:39.0978 1208 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:32:39.0987 1208 CmBatt - ok
11:32:40.0019 1208 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:32:40.0026 1208 cmdide - ok
11:32:40.0068 1208 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:32:40.0069 1208 Compbatt - ok
11:32:40.0075 1208 COMSysApp - ok
11:32:40.0083 1208 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:32:40.0085 1208 crcdisk - ok
11:32:40.0158 1208 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:32:40.0161 1208 CryptSvc - ok
11:32:40.0259 1208 [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch C:\Windows\system32\rpcss.dll
11:32:40.0271 1208 DcomLaunch - ok
11:32:40.0308 1208 [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:32:40.0311 1208 DfsC - ok
11:32:40.0450 1208 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe
11:32:40.0508 1208 DFSR - ok
11:32:40.0600 1208 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:32:40.0605 1208 Dhcp - ok
11:32:40.0660 1208 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys
11:32:40.0663 1208 disk - ok
11:32:40.0704 1208 DMICall - ok
11:32:40.0766 1208 [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:32:40.0769 1208 Dnscache - ok
11:32:40.0816 1208 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll
11:32:40.0821 1208 dot3svc - ok
11:32:40.0883 1208 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:32:40.0891 1208 Dot4 - ok
11:32:40.0936 1208 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:32:40.0942 1208 Dot4Print - ok
11:32:40.0985 1208 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:32:40.0991 1208 dot4usb - ok
11:32:41.0079 1208 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
11:32:41.0083 1208 DPS - ok
11:32:41.0120 1208 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:32:41.0125 1208 drmkaud - ok
11:32:41.0212 1208 [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:32:41.0226 1208 DXGKrnl - ok
11:32:41.0317 1208 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
11:32:41.0326 1208 E1G60 - ok
11:32:41.0383 1208 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
11:32:41.0385 1208 EapHost - ok
11:32:41.0416 1208 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys
11:32:41.0419 1208 Ecache - ok
11:32:41.0487 1208 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:32:41.0493 1208 ehRecvr - ok
11:32:41.0538 1208 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
11:32:41.0541 1208 ehSched - ok
11:32:41.0607 1208 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
11:32:41.0608 1208 ehstart - ok
11:32:41.0688 1208 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:32:41.0700 1208 elxstor - ok
11:32:41.0734 1208 [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:32:41.0741 1208 EMDMgmt - ok
11:32:41.0793 1208 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:32:41.0798 1208 ErrDev - ok
11:32:41.0845 1208 [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem C:\Windows\system32\es.dll
11:32:41.0851 1208 EventSystem - ok
11:32:41.0939 1208 [ 7CD2F2C63693EF90B73F5362A52CAE26 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:32:41.0962 1208 EvtEng - ok
11:32:42.0001 1208 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:32:42.0011 1208 exfat - ok
11:32:42.0058 1208 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:32:42.0068 1208 fastfat - ok
11:32:42.0083 1208 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:32:42.0090 1208 fdc - ok
11:32:42.0127 1208 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
11:32:42.0128 1208 fdPHost - ok
11:32:42.0138 1208 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
11:32:42.0139 1208 FDResPub - ok
11:32:42.0238 1208 [ D3B8DDF0731ADB88B1336231DADB8DD9 ] File Backup C:\Program Files (x86)\Workspace\offSyncService.exe
11:32:42.0259 1208 File Backup - ok
11:32:42.0274 1208 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:32:42.0276 1208 FileInfo - ok
11:32:42.0293 1208 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:32:42.0299 1208 Filetrace - ok
11:32:42.0319 1208 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:32:42.0325 1208 flpydisk - ok
11:32:42.0350 1208 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:32:42.0355 1208 FltMgr - ok
11:32:42.0438 1208 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
11:32:42.0443 1208 FlyUsb - ok
11:32:42.0478 1208 FNETDEVI - ok
11:32:42.0555 1208 [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:32:42.0556 1208 FontCache3.0.0.0 - ok
11:32:42.0614 1208 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:32:42.0620 1208 Fs_Rec - ok
11:32:42.0658 1208 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:32:42.0665 1208 gagp30kx - ok
11:32:42.0715 1208 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:32:42.0722 1208 GEARAspiWDM - ok
11:32:42.0783 1208 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll
11:32:42.0802 1208 gpsvc - ok
11:32:42.0833 1208 [ 38F92E8510B8FAEC9BBB9E31724236DC ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
11:32:42.0839 1208 grmnusb - ok
11:32:42.0878 1208 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:32:42.0889 1208 HdAudAddService - ok
11:32:42.0909 1208 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:32:42.0911 1208 HDAudBus - ok
11:32:42.0932 1208 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:32:42.0938 1208 HidBth - ok
11:32:42.0955 1208 [ 1D4E03E5C5BA4C3679C38CB6B4C60D5F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:32:42.0961 1208 HidIr - ok
11:32:42.0996 1208 [ 0AA154538544E988429DA2D5AA803A6C ] hidserv C:\Windows\system32\hidserv.dll
11:32:42.0998 1208 hidserv - ok
11:32:43.0033 1208 [ 59A7B5E13356C20D67983868242167C5 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:32:43.0034 1208 HidUsb - ok
11:32:43.0069 1208 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
11:32:43.0071 1208 hkmsvc - ok
11:32:43.0113 1208 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:32:43.0119 1208 HpCISSs - ok
11:32:43.0249 1208 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:32:43.0254 1208 hpqcxs08 - ok
11:32:43.0294 1208 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:32:43.0297 1208 hpqddsvc - ok
11:32:43.0390 1208 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:32:43.0406 1208 HPSLPSVC - ok
11:32:43.0495 1208 [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:32:43.0507 1208 HSFHWAZL - ok
11:32:43.0614 1208 [ E90D0E3D9715F3BEC7DB2D6321DDDEE8 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
11:32:43.0644 1208 HSF_DPV - ok
11:32:43.0710 1208 [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:32:43.0720 1208 HTTP - ok
11:32:43.0753 1208 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:32:43.0759 1208 i2omp - ok
11:32:43.0791 1208 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:32:43.0799 1208 i8042prt - ok
11:32:43.0831 1208 [ 8D58627FEF3F8767665D9F4DC91CBD97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:32:43.0834 1208 iaStor - ok
11:32:43.0863 1208 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:32:43.0875 1208 iaStorV - ok
11:32:43.0967 1208 [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:32:43.0988 1208 idsvc - ok
11:32:44.0028 1208 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:32:44.0035 1208 iirsp - ok
11:32:44.0076 1208 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll
11:32:44.0084 1208 IKEEXT - ok
11:32:44.0141 1208 [ E6AD224A57CFC3DBF4EA10C801A09630 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:32:44.0171 1208 IntcAzAudAddService - ok
11:32:44.0187 1208 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
11:32:44.0193 1208 intelide - ok
11:32:44.0230 1208 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:32:44.0232 1208 intelppm - ok
11:32:44.0270 1208 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:32:44.0273 1208 IPBusEnum - ok
11:32:44.0283 1208 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:32:44.0285 1208 IpFilterDriver - ok
11:32:44.0291 1208 IpInIp - ok
11:32:44.0316 1208 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:32:44.0323 1208 IPMIDRV - ok
11:32:44.0345 1208 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:32:44.0354 1208 IPNAT - ok
11:32:44.0459 1208 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:32:44.0473 1208 iPod Service - ok
11:32:44.0506 1208 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:32:44.0512 1208 IRENUM - ok
11:32:44.0566 1208 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:32:44.0571 1208 isapnp - ok
11:32:44.0625 1208 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:32:44.0629 1208 iScsiPrt - ok
11:32:44.0652 1208 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:32:44.0658 1208 iteatapi - ok
11:32:44.0695 1208 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:32:44.0701 1208 iteraid - ok
11:32:44.0761 1208 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:32:44.0763 1208 IviRegMgr - ok
11:32:44.0797 1208 [ 35A1646897A9113F563634CB33B15F23 ] JMCR_CFS C:\Windows\system32\DRIVERS\jmcr_cfs.sys
11:32:44.0798 1208 JMCR_CFS - ok
11:32:44.0815 1208 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:32:44.0822 1208 kbdclass - ok
11:32:44.0840 1208 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:32:44.0848 1208 kbdhid - ok
11:32:44.0884 1208 [ 80F4593E92FF960E4763380D3168E498 ] KeyIso C:\Windows\system32\lsass.exe
11:32:44.0885 1208 KeyIso - ok
11:32:44.0938 1208 [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:32:44.0947 1208 KSecDD - ok
11:32:44.0953 1208 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:32:44.0961 1208 ksthunk - ok
11:32:45.0048 1208 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
11:32:45.0057 1208 KtmRm - ok
11:32:45.0103 1208 [ 3F27C9CDAE606D74431E3AB39571A7F3 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:32:45.0108 1208 LanmanServer - ok
11:32:45.0170 1208 [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:32:45.0176 1208 LanmanWorkstation - ok
11:32:45.0444 1208 [ 3DAEB081420A871224FB6573AC5707F5 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
11:32:45.0584 1208 LeapFrog Connect Device Service - ok
11:32:45.0609 1208 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:32:45.0611 1208 lltdio - ok
11:32:45.0665 1208 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:32:45.0676 1208 lltdsvc - ok
11:32:45.0700 1208 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:32:45.0702 1208 lmhosts - ok
11:32:45.0760 1208 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:32:45.0773 1208 LSI_FC - ok
11:32:45.0814 1208 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:32:45.0823 1208 LSI_SAS - ok
11:32:45.0861 1208 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:32:45.0869 1208 LSI_SCSI - ok
11:32:45.0912 1208 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
11:32:45.0915 1208 luafv - ok
11:32:45.0954 1208 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:32:45.0964 1208 Mcx2Svc - ok
11:32:45.0992 1208 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:32:45.0994 1208 mdmxsdk - ok
11:32:46.0035 1208 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
11:32:46.0041 1208 megasas - ok
11:32:46.0128 1208 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:32:46.0142 1208 MegaSR - ok
11:32:46.0187 1208 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
11:32:46.0189 1208 MMCSS - ok
11:32:46.0241 1208 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
11:32:46.0248 1208 Modem - ok
11:32:46.0298 1208 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:32:46.0300 1208 monitor - ok
11:32:46.0359 1208 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:32:46.0367 1208 mouclass - ok
11:32:46.0383 1208 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:32:46.0391 1208 mouhid - ok
11:32:46.0438 1208 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:32:46.0440 1208 MountMgr - ok
11:32:46.0471 1208 [ 695CC450EF72CEF379B0514ABC00EC22 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:32:46.0474 1208 MpFilter - ok
11:32:46.0498 1208 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
11:32:46.0508 1208 mpio - ok
11:32:46.0533 1208 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:32:46.0535 1208 mpsdrv - ok
11:32:46.0560 1208 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:32:46.0567 1208 Mraid35x - ok
11:32:46.0607 1208 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:32:46.0613 1208 MRxDAV - ok
11:32:46.0658 1208 [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:32:46.0661 1208 mrxsmb - ok
11:32:46.0699 1208 [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:32:46.0705 1208 mrxsmb10 - ok
11:32:46.0731 1208 [ F9425D610712533107A264E2D5B2154B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:32:46.0734 1208 mrxsmb20 - ok
11:32:46.0771 1208 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
11:32:46.0779 1208 msahci - ok
11:32:46.0866 1208 [ A99D2C7E30AD63EF920A894131CAF5F7 ] MSCSPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
11:32:46.0888 1208 MSCSPTISRV - ok
11:32:46.0935 1208 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:32:46.0944 1208 msdsm - ok
11:32:46.0967 1208 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
11:32:46.0971 1208 MSDTC - ok
11:32:46.0980 1208 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:32:46.0981 1208 Msfs - ok
11:32:47.0025 1208 [ 191BB0874910CA5B090AF4E26AD71121 ] MSFWDrv C:\Windows\system32\DRIVERS\msfwdrv.sys
11:32:47.0028 1208 MSFWDrv - ok
11:32:47.0061 1208 [ F0F142B49026B4A1CA6D0D7C397BAF32 ] MSFWHLPR C:\Windows\system32\DRIVERS\msfwhlpr.sys
11:32:47.0069 1208 MSFWHLPR - ok
11:32:47.0197 1208 [ E28AA1C7E1312A18A0D270A8EC53550C ] msfwsvc C:\Program Files (x86)\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
11:32:47.0221 1208 msfwsvc - ok
11:32:47.0287 1208 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:32:47.0289 1208 msisadrv - ok
11:32:47.0358 1208 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:32:47.0392 1208 MSiSCSI - ok
11:32:47.0397 1208 msiserver - ok
11:32:47.0424 1208 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:32:47.0431 1208 MSKSSRV - ok
11:32:47.0464 1208 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:32:47.0471 1208 MSPCLOCK - ok
11:32:47.0508 1208 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:32:47.0515 1208 MSPQM - ok
11:32:47.0558 1208 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:32:47.0564 1208 MsRPC - ok
11:32:47.0602 1208 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:32:47.0603 1208 mssmbios - ok
11:32:47.0658 1208 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:32:47.0664 1208 MSTEE - ok
11:32:47.0702 1208 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys
11:32:47.0736 1208 Mup - ok
11:32:47.0790 1208 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll
11:32:47.0798 1208 napagent - ok
11:32:47.0850 1208 [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:32:47.0854 1208 NativeWifiP - ok
11:32:47.0933 1208 [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS C:\Windows\system32\drivers\ndis.sys
11:32:47.0945 1208 NDIS - ok
11:32:47.0979 1208 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:32:47.0984 1208 NdisTapi - ok
11:32:48.0029 1208 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:32:48.0030 1208 Ndisuio - ok
11:32:48.0068 1208 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:32:48.0079 1208 NdisWan - ok
11:32:48.0110 1208 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:32:48.0119 1208 NDProxy - ok
11:32:48.0169 1208 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:32:48.0172 1208 Net Driver HPZ12 - ok
11:32:48.0214 1208 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:32:48.0216 1208 NetBIOS - ok
11:32:48.0257 1208 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:32:48.0270 1208 netbt - ok
11:32:48.0299 1208 [ 80F4593E92FF960E4763380D3168E498 ] Netlogon C:\Windows\system32\lsass.exe
11:32:48.0300 1208 Netlogon - ok
11:32:48.0445 1208 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
11:32:48.0452 1208 Netman - ok
11:32:48.0484 1208 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
11:32:48.0491 1208 netprofm - ok
11:32:48.0529 1208 [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:32:48.0546 1208 NetTcpPortSharing - ok
11:32:48.0735 1208 [ 93915C41A0DBBD121A0FAD2835E43776 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
11:32:48.0857 1208 NETw5v64 - ok
11:32:48.0909 1208 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:32:48.0917 1208 nfrd960 - ok
11:32:48.0967 1208 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
11:32:48.0971 1208 NlaSvc - ok
11:32:49.0010 1208 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:32:49.0011 1208 Npfs - ok
11:32:49.0068 1208 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
11:32:49.0069 1208 nsi - ok
11:32:49.0113 1208 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:32:49.0118 1208 nsiproxy - ok
11:32:49.0205 1208 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:32:49.0233 1208 Ntfs - ok
11:32:49.0301 1208 [ D4012918D3A3847B44B888D56BC095D6 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
11:32:49.0308 1208 NuidFltr - ok
11:32:49.0355 1208 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
11:32:49.0364 1208 Null - ok
11:32:49.0685 1208 [ 29A70AD61FB913B4E6C587924B23B62C ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:32:49.0693 1208 NVHDA - ok
11:32:49.0968 1208 [ 45ACE5D0F8CA2685E1FADA8F90EB048F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:32:50.0358 1208 nvlddmkm - ok
11:32:50.0411 1208 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:32:50.0420 1208 nvraid - ok
11:32:50.0456 1208 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:32:50.0464 1208 nvstor - ok
11:32:50.0522 1208 [ EB2D4F9591C39F70015728442E0AB8CB ] nvsvc C:\Windows\system32\nvvsvc.exe
11:32:50.0529 1208 nvsvc - ok
11:32:50.0562 1208 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:32:50.0574 1208 nv_agp - ok
11:32:50.0579 1208 NwlnkFlt - ok
11:32:50.0586 1208 NwlnkFwd - ok
11:32:50.0635 1208 [ 2E9CC22051D6C4CC487EEABF478F92C9 ] OcHealthMon C:\Program Files (x86)\Microsoft Windows OneCare Live\OcHealthMon.exe
11:32:50.0637 1208 OcHealthMon - ok
11:32:50.0686 1208 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:32:50.0689 1208 ohci1394 - ok
11:32:50.0755 1208 [ AFEA29A99A2D7F94513C85F6548A9484 ] OneCareMP C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
11:32:50.0756 1208 OneCareMP - ok
11:32:50.0816 1208 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:50.0852 1208 ose - ok
11:32:50.0986 1208 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:32:51.0001 1208 p2pimsvc - ok
11:32:51.0016 1208 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll
11:32:51.0022 1208 p2psvc - ok
11:32:51.0078 1208 [ 41C33FB4FD929FED732A00D2DAEF5BE0 ] PACSPTISVR C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
11:32:51.0099 1208 PACSPTISVR - ok
11:32:51.0133 1208 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
11:32:51.0140 1208 Parport - ok
11:32:51.0157 1208 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:32:51.0160 1208 partmgr - ok
11:32:51.0176 1208 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
11:32:51.0178 1208 PcaSvc - ok
11:32:51.0198 1208 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys
11:32:51.0201 1208 pci - ok
11:32:51.0227 1208 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:32:51.0232 1208 pciide - ok
11:32:51.0255 1208 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:32:51.0265 1208 pcmcia - ok
11:32:51.0302 1208 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:32:51.0313 1208 PEAUTH - ok
11:32:51.0394 1208 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:32:51.0396 1208 PerfHost - ok
11:32:51.0478 1208 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
11:32:51.0508 1208 pla - ok
11:32:51.0570 1208 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:32:51.0578 1208 PlugPlay - ok
11:32:51.0634 1208 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:32:51.0637 1208 Pml Driver HPZ12 - ok
11:32:51.0717 1208 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:32:51.0726 1208 PNRPAutoReg - ok
11:32:51.0746 1208 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:32:51.0755 1208 PNRPsvc - ok
11:32:51.0858 1208 [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:32:51.0868 1208 PolicyAgent - ok
11:32:51.0949 1208 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:32:51.0952 1208 PptpMiniport - ok
11:32:51.0996 1208 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
11:32:52.0004 1208 Processor - ok
11:32:52.0054 1208 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll
11:32:52.0060 1208 ProfSvc - ok
11:32:52.0113 1208 [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:32:52.0114 1208 ProtectedStorage - ok
11:32:52.0170 1208 [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:32:52.0173 1208 PSched - ok
11:32:52.0201 1208 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:32:52.0202 1208 PxHlpa64 - ok
11:32:52.0258 1208 [ 0A2C21B3168F2EFC3468B35FF5508CEA ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
11:32:52.0259 1208 QBCFMonitorService - ok
11:32:52.0299 1208 [ BAB30D2799754F6EA22F0B9076311793 ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
11:32:52.0312 1208 QBFCService - ok
11:32:52.0361 1208 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:32:52.0387 1208 ql2300 - ok
11:32:52.0433 1208 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:32:52.0441 1208 ql40xx - ok
11:32:52.0496 1208 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
11:32:52.0503 1208 QWAVE - ok
11:32:52.0522 1208 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:32:52.0529 1208 QWAVEdrv - ok
11:32:52.0545 1208 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:32:52.0552 1208 RasAcd - ok
11:32:52.0576 1208 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
11:32:52.0580 1208 RasAuto - ok
11:32:52.0641 1208 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:32:52.0649 1208 Rasl2tp - ok
11:32:52.0689 1208 [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan C:\Windows\System32\rasmans.dll
11:32:52.0695 1208 RasMan - ok
11:32:52.0729 1208 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:32:52.0731 1208 RasPppoe - ok
11:32:52.0795 1208 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:32:52.0797 1208 RasSstp - ok
11:32:52.0823 1208 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:32:52.0828 1208 rdbss - ok
11:32:52.0865 1208 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:32:52.0871 1208 RDPCDD - ok
11:32:52.0932 1208 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:32:52.0946 1208 rdpdr - ok
11:32:52.0950 1208 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:32:52.0957 1208 RDPENCDD - ok
11:32:52.0992 1208 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:32:53.0002 1208 RDPWD - ok
11:32:53.0052 1208 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
11:32:53.0053 1208 regi - ok
11:32:53.0181 1208 [ 7A917120A62BCF2883FDD5C352447556 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:32:53.0193 1208 RegSrvc - ok
11:32:53.0267 1208 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:32:53.0269 1208 RemoteAccess - ok
11:32:53.0305 1208 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:32:53.0310 1208 RemoteRegistry - ok
11:32:53.0342 1208 [ 72C35598BA591ABDDC37FCE7D26FE1C4 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:32:53.0352 1208 RFCOMM - ok
11:32:53.0407 1208 [ D345AE15FA0AD4BD8D647C5509714858 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys
11:32:53.0409 1208 rimsptsk - ok
11:32:53.0475 1208 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:32:53.0481 1208 RimUsb - ok
11:32:53.0513 1208 [ C45CD294458FED92E9CC1C68768E9356 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys
11:32:53.0521 1208 risdptsk - ok
11:32:53.0551 1208 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
11:32:53.0552 1208 RpcLocator - ok
11:32:53.0617 1208 [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs C:\Windows\system32\rpcss.dll
11:32:53.0622 1208 RpcSs - ok
11:32:53.0677 1208 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:32:53.0679 1208 rspndr - ok
11:32:53.0711 1208 [ 6E2C4E63E2BAEEBCBC8434201C0044F2 ] RtkAudioService C:\Windows\RtkAudioService.exe
11:32:53.0714 1208 RtkAudioService - ok
11:32:53.0776 1208 [ 80F4593E92FF960E4763380D3168E498 ] SamSs C:\Windows\system32\lsass.exe
11:32:53.0777 1208 SamSs - ok
11:32:53.0831 1208 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:32:53.0839 1208 sbp2port - ok
11:32:53.0904 1208 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:32:53.0908 1208 SCardSvr - ok
11:32:53.0974 1208 [ CE75D26E0A1106129F4D156851E298ED ] Schedule C:\Windows\system32\schedsvc.dll
11:32:53.0988 1208 Schedule - ok
11:32:54.0020 1208 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:32:54.0021 1208 SCPolicySvc - ok
11:32:54.0064 1208 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
11:32:54.0073 1208 sdbus - ok
11:32:54.0109 1208 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:32:54.0113 1208 SDRSVC - ok
11:32:54.0179 1208 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:32:54.0184 1208 SeaPort - ok
11:32:54.0207 1208 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:32:54.0208 1208 secdrv - ok
11:32:54.0220 1208 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
11:32:54.0222 1208 seclogon - ok
11:32:54.0237 1208 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
11:32:54.0240 1208 SENS - ok
11:32:54.0260 1208 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:32:54.0265 1208 Serenum - ok
11:32:54.0305 1208 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
11:32:54.0316 1208 Serial - ok
11:32:54.0341 1208 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:32:54.0349 1208 sermouse - ok
11:32:54.0395 1208 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
11:32:54.0398 1208 SessionEnv - ok
11:32:54.0443 1208 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
11:32:54.0449 1208 SFEP - ok
11:32:54.0469 1208 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:32:54.0475 1208 sffdisk - ok
11:32:54.0520 1208 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:32:54.0525 1208 sffp_mmc - ok
11:32:54.0551 1208 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:32:54.0556 1208 sffp_sd - ok
11:32:54.0608 1208 [ 40567781F0785C4A69411D1B40DA8987 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:32:54.0613 1208 sfloppy - ok
11:32:54.0686 1208 [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:32:54.0691 1208 ShellHWDetection - ok
11:32:54.0750 1208 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:32:54.0757 1208 SiSRaid2 - ok
11:32:54.0778 1208 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:32:54.0786 1208 SiSRaid4 - ok
11:32:54.0944 1208 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:32:54.0947 1208 SkypeUpdate - ok
11:32:55.0182 1208 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe
11:32:55.0260 1208 slsvc - ok
11:32:55.0307 1208 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:32:55.0310 1208 SLUINotify - ok
11:32:55.0338 1208 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:32:55.0349 1208 Smb - ok
11:32:55.0388 1208 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:32:55.0410 1208 SNMPTRAP - ok
11:32:55.0534 1208 [ DC826AFFA608F50C385BCA4C71EF1BDD ] SOHCImp C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe
11:32:55.0561 1208 SOHCImp - ok
11:32:55.0592 1208 [ 1EC739F65C51FA1C7AC4502464A3C3A8 ] SOHDms C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe
11:32:55.0652 1208 SOHDms - ok
11:32:55.0683 1208 [ EC8FAB4AC684445D6032AA5C6E77CA2E ] SOHDs C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe
11:32:55.0707 1208 SOHDs - ok
11:32:55.0731 1208 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys
11:32:55.0733 1208 spldr - ok
11:32:55.0808 1208 [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler C:\Windows\System32\spoolsv.exe
11:32:55.0814 1208 Spooler - ok
11:32:55.0860 1208 [ F63102F289AE2039940B22E9B2A8E0BD ] SPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
11:32:55.0890 1208 SPTISRV - ok
11:32:55.0947 1208 [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:32:55.0955 1208 srv - ok
11:32:56.0014 1208 [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:32:56.0018 1208 srv2 - ok
11:32:56.0078 1208 [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:32:56.0082 1208 srvnet - ok
11:32:56.0145 1208 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:32:56.0149 1208 SSDPSRV - ok
11:32:56.0187 1208 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:32:56.0192 1208 SstpSvc - ok
11:32:56.0244 1208 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:32:56.0251 1208 StillCam - ok
11:32:56.0383 1208 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll
11:32:56.0394 1208 stisvc - ok
11:32:56.0432 1208 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:32:56.0438 1208 swenum - ok
11:32:56.0475 1208 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll
11:32:56.0485 1208 swprv - ok
11:32:56.0510 1208 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:32:56.0518 1208 Symc8xx - ok
11:32:56.0567 1208 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:32:56.0576 1208 Sym_hi - ok
11:32:56.0604 1208 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:32:56.0612 1208 Sym_u3 - ok
11:32:56.0677 1208 [ 465E1231ADF3CB6E0BE5372C0FA83462 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:32:56.0692 1208 SynTP - ok
11:32:56.0747 1208 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll
11:32:56.0762 1208 SysMain - ok
11:32:56.0804 1208 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:32:56.0807 1208 TabletInputService - ok
11:32:56.0870 1208 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll
11:32:56.0877 1208 TapiSrv - ok
11:32:56.0935 1208 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
11:32:56.0938 1208 TBS - ok
11:32:57.0340 1208 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:32:57.0384 1208 Tcpip - ok
11:32:57.0411 1208 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:32:57.0422 1208 Tcpip6 - ok
11:32:57.0451 1208 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:32:57.0453 1208 tcpipreg - ok
11:32:57.0517 1208 [ CBD13E809E81B07116C8D51AA199F69B ] TcUsb C:\Windows\system32\Drivers\tcusb.sys
11:32:57.0526 1208 TcUsb - ok
11:32:57.0538 1208 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:32:57.0545 1208 TDPIPE - ok
11:32:57.0596 1208 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:32:57.0603 1208 TDTCP - ok
11:32:57.0630 1208 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:32:57.0639 1208 tdx - ok
11:32:57.0697 1208 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:32:57.0706 1208 TermDD - ok
11:32:57.0785 1208 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll
11:32:57.0796 1208 TermService - ok
11:32:57.0834 1208 [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes C:\Windows\system32\shsvcs.dll
11:32:57.0837 1208 Themes - ok
11:32:57.0891 1208 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
11:32:57.0893 1208 THREADORDER - ok
11:32:57.0953 1208 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
11:32:57.0956 1208 TrkWks - ok
11:32:58.0064 1208 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:32:58.0131 1208 TrustedInstaller - ok
11:32:58.0188 1208 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:32:58.0195 1208 tssecsrv - ok
11:32:58.0279 1208 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:32:58.0285 1208 tunmp - ok
11:32:58.0387 1208 [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:32:58.0389 1208 tunnel - ok
11:32:58.0441 1208 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:32:58.0449 1208 uagp35 - ok
11:32:58.0510 1208 [ A1CDF0E7CB409B05EE22F9035CB33C8B ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
11:32:58.0512 1208 uCamMonitor - ok
11:32:58.0547 1208 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:32:58.0560 1208 udfs - ok
11:32:58.0611 1208 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:32:58.0614 1208 UI0Detect - ok
11:32:58.0661 1208 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:32:58.0669 1208 uliagpkx - ok
11:32:58.0708 1208 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:32:58.0723 1208 uliahci - ok
11:32:58.0780 1208 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:32:58.0789 1208 UlSata - ok
11:32:58.0838 1208 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:32:58.0848 1208 ulsata2 - ok
11:32:58.0897 1208 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:32:58.0904 1208 umbus - ok
11:32:58.0933 1208 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
11:32:58.0941 1208 upnphost - ok
11:32:59.0002 1208 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:32:59.0003 1208 USBAAPL64 - ok
11:32:59.0047 1208 [ A0059D8567E8D35C6C309C2BDEE7C038 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:32:59.0056 1208 usbccgp - ok
11:32:59.0081 1208 [ 8C39D53E1A343F4C47EE8F3C052126D8 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:32:59.0090 1208 usbcir - ok
11:32:59.0120 1208 [ C58475C202872EEA514B1BD84467F016 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:32:59.0122 1208 usbehci - ok
11:32:59.0145 1208 [ 3EB01DE26C19576B04D39257ADC57D06 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:32:59.0151 1208 usbhub - ok
11:32:59.0172 1208 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:32:59.0179 1208 usbohci - ok
11:32:59.0207 1208 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:32:59.0214 1208 usbprint - ok
11:32:59.0269 1208 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:32:59.0277 1208 usbscan - ok
11:32:59.0298 1208 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:32:59.0306 1208 USBSTOR - ok
11:32:59.0336 1208 [ 9C51A73704BF805A413F13F216BEFEE2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:32:59.0337 1208 usbuhci - ok
11:32:59.0367 1208 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:32:59.0378 1208 usbvideo - ok
11:32:59.0412 1208 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll
11:32:59.0421 1208 UxSms - ok
11:32:59.0499 1208 [ 2A640DC735CB0112AC1DCD1E1549B27E ] VAIO Entertainment TV Device Arbitration Service C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
11:32:59.0524 1208 VAIO Entertainment TV Device Arbitration Service - ok
11:32:59.0618 1208 [ 693A3FDD279C345105FFF9DDE277849B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
11:32:59.0622 1208 VAIO Event Service - ok
11:32:59.0734 1208 [ 564558B7CF97BE373A3A800B4C4C5221 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
11:32:59.0742 1208 VAIO Power Management - ok
11:32:59.0779 1208 [ CBCBE2233D21E9B278F95F5CB28BC8AE ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
11:32:59.0786 1208 VCFw - ok
11:32:59.0841 1208 [ 27888F132D2EE0B72B28093A5F5F20EB ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
11:32:59.0889 1208 VcmIAlzMgr - ok
11:32:59.0942 1208 [ 5D45AB08C70F789CECF45543C3233767 ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
11:32:59.0954 1208 VcmXmlIfHelper - ok
11:32:59.0958 1208 Vcsw - ok
11:33:00.0008 1208 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe
11:33:00.0017 1208 vds - ok
11:33:00.0045 1208 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:33:00.0052 1208 vga - ok
11:33:00.0066 1208 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:33:00.0073 1208 VgaSave - ok
11:33:00.0095 1208 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
11:33:00.0103 1208 viaide - ok
11:33:00.0119 1208 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:33:00.0122 1208 volmgr - ok
11:33:00.0144 1208 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:33:00.0151 1208 volmgrx - ok
11:33:00.0213 1208 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:33:00.0218 1208 volsnap - ok
11:33:00.0255 1208 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:33:00.0264 1208 vsmraid - ok
11:33:00.0343 1208 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe
11:33:00.0356 1208 VSS - ok
11:33:00.0398 1208 [ 071634532066C2E29350D450C3412837 ] VzCdbSvc C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
11:33:00.0402 1208 VzCdbSvc - ok
11:33:00.0470 1208 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll
11:33:00.0478 1208 W32Time - ok
11:33:00.0522 1208 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:33:00.0529 1208 WacomPen - ok
11:33:00.0577 1208 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:33:00.0586 1208 Wanarp - ok
11:33:00.0590 1208 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:33:00.0592 1208 Wanarpv6 - ok
11:33:00.0656 1208 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:33:00.0667 1208 wcncsvc - ok
11:33:00.0709 1208 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:33:00.0711 1208 WcsPlugInService - ok
11:33:00.0772 1208 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
11:33:00.0780 1208 Wd - ok
11:33:00.0894 1208 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:33:00.0909 1208 Wdf01000 - ok
11:33:00.0920 1208 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:33:00.0923 1208 WdiServiceHost - ok
11:33:00.0927 1208 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:33:00.0930 1208 WdiSystemHost - ok
11:33:00.0962 1208 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll
11:33:00.0967 1208 WebClient - ok
11:33:00.0983 1208 [ BD9A749F36710FFA02E0E530F7451936 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:33:00.0989 1208 Wecsvc - ok
11:33:01.0004 1208 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:33:01.0007 1208 wercplsupport - ok
11:33:01.0027 1208 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
11:33:01.0031 1208 WerSvc - ok
11:33:01.0081 1208 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:33:01.0092 1208 WimFltr - ok
11:33:01.0138 1208 [ 057B062CF9A11E04DB45B8C3AFC28B11 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
11:33:01.0157 1208 winachsf - ok
11:33:01.0162 1208 WinHttpAutoProxySvc - ok
11:33:01.0221 1208 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:33:01.0225 1208 Winmgmt - ok
11:33:01.0280 1208 [ AEB6C5200FD5517F06076AF0EE4538E1 ] WinRM C:\Windows\system32\WsmSvc.dll
11:33:01.0300 1208 WinRM - ok
11:33:01.0367 1208 [ 3372E930C36F1FC6144E40E69448E929 ] winss C:\Program Files (x86)\Microsoft Windows OneCare Live\winss.exe
11:33:01.0387 1208 winss - ok
11:33:01.0451 1208 [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc C:\Windows\System32\wlansvc.dll
11:33:01.0463 1208 Wlansvc - ok
11:33:01.0629 1208 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:33:01.0668 1208 wlidsvc - ok
11:33:01.0716 1208 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:33:01.0723 1208 WmiAcpi - ok
11:33:01.0754 1208 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:33:01.0758 1208 wmiApSrv - ok
11:33:01.0789 1208 WMPNetworkSvc - ok
11:33:01.0822 1208 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:33:01.0827 1208 WPCSvc - ok
11:33:01.0853 1208 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:33:01.0856 1208 WPDBusEnum - ok
11:33:01.0973 1208 [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:33:01.0974 1208 WpdUsb - ok
11:33:02.0005 1208 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:33:02.0012 1208 ws2ifsl - ok
11:33:02.0318 1208 [ DE5F5212AB34221DD1618B5FEFE8DB6C ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:33:02.0319 1208 WSDPrintDevice - ok
11:33:02.0361 1208 [ E8B0A94C055E07F42F339B4A7C467954 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:33:02.0362 1208 WSDScan - ok
11:33:02.0367 1208 WSearch - ok
11:33:02.0401 1208 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:33:02.0404 1208 WUDFRd - ok
11:33:02.0437 1208 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:33:02.0440 1208 wudfsvc - ok
11:33:02.0477 1208 [ 638C99D993AFAB0E1FAB226E2BBE6D79 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys
11:33:02.0479 1208 XAudio - ok
11:33:02.0521 1208 [ 3E775F0BD28DDEFF53D78578B97A3CFF ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe
11:33:02.0529 1208 XAudioService - ok
11:33:02.0599 1208 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:33:02.0609 1208 YahooAUService - ok
11:33:02.0640 1208 [ 3C5B0410FABA5B1014EEFEEE77E1296A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
11:33:02.0647 1208 yukonx64 - ok
11:33:02.0656 1208 ================ Scan global ===============================
11:33:02.0684 1208 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
11:33:02.0765 1208 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
11:33:02.0790 1208 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll
11:33:02.0830 1208 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
11:33:02.0836 1208 [Global] - ok
11:33:02.0837 1208 ================ Scan MBR ==================================
11:33:02.0873 1208 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:33:03.0978 1208 \Device\Harddisk0\DR0 - ok
11:33:03.0979 1208 ================ Scan VBR ==================================
11:33:04.0015 1208 [ DDD7BFA1564F4E6E7890589117421186 ] \Device\Harddisk0\DR0\Partition1
11:33:04.0016 1208 \Device\Harddisk0\DR0\Partition1 - ok
11:33:04.0017 1208 ============================================================
11:33:04.0017 1208 Scan finished
11:33:04.0017 1208 ============================================================
11:33:04.0030 2440 Detected object count: 0
11:33:04.0030 2440 Actual detected object count: 0

#34 dlucky13

dlucky13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 25 November 2012 - 11:58 AM

Running the Malwarebytes right now, but every so often it hangs up and the end of the title bar changes from "(Trial)" to "not responding". This is common with just about any program I have tried to run on her laptop today, with the exception that most of the other programs haven't recovered and gone on to full crash. Malwarebytes is still chugging along.

Just finished, ok.

Six objects detected, 219130 objects scanned.

Posting results below, but first I got a message to reboot immediately so doing that as well before moving on.



Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.25.04

Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 8.0.6001.19088
Amy :: AMY-PC [administrator]

Protection: Enabled

11/25/2012 11:44:08 AM
mbam-log-2012-11-25 (11-44-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219130
Time elapsed: 8 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKCU\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\$Recycle.Bin\S-1-5-18\$2a5110191a69622f2b64657919ac45c8\n (Trojan.0Access) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-21-1201161196-3897790737-378787948-1000\$2a5110191a69622f2b64657919ac45c8\n (Trojan.0Access) -> Delete on reboot.

(end)

#35 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 AM

Posted 25 November 2012 - 06:00 PM

Hello,

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.

Rerun MiniToolBox with only this item checked..List Winsock Entries



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How is it now?
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#36 dlucky13

dlucky13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 26 November 2012 - 10:36 AM

Thanks for your reply. I haven't done your new step yet; since the last post I made running the Malwarebytes and subsequent restart, the laptop shows no signs of infection. Is there something you see in the logs that suggest I need to do more? I re-ran the Malwarebytes just to see if something re-infected after the restart, and it came through clean.

Thanks again for your instructions.

#37 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 AM

Posted 26 November 2012 - 05:10 PM

It wil only take 10 minutes.. You Minilogs indicate a possible rootkit that MBAM wont show.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#38 dlucky13

dlucky13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 28 November 2012 - 08:38 AM

ok I will do that as soon as I have some time and my wife's laptop is available as well. Hopefully this morning, but if not I'll be able to tomorrow AM.

Thanks again.

#39 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 AM

Posted 28 November 2012 - 11:46 AM

Thanks
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#40 girl.anachronism

girl.anachronism

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 11 December 2012 - 05:47 PM

Hi there! I'm really hoping you're around to help. I have the same issue as the OP in terms of the fake Adobe update. Instead of my browser redirecting me however, most popular sites just won't load. (ex. Facebook, Google Translate, Hotmail... Gmail was on and off and I almost couldn't get my activation link for this forum). That's the case for Firefox. The problem manifests differently in IE. Instead of not loading a site, it'll give a phony-looking Adobe Update site. I'm also getting fake java updates (juchuk.exe or something?) but less frequently. I'm using a wireless router and two others sharing the router have been experiencing this problem for weeks now. I've been using the same connection for the past month, and only encountered this problem yesterday.

I went through the original three steps that you had instructed for OP. No threats were found except for 2 minor things with the 3rd step (the malware program).

Could you please recommend next steps for me?

Thank you kindly!

#41 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 AM

Posted 11 December 2012 - 07:53 PM

Hello girl.anachronism

I would like to see the Minitoolbox and MBAM logs,you said TDSS found nothing.
The log is automatically saved and can be viewed by clicking the Logs tab.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.


Then run ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#42 girl.anachronism

girl.anachronism

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 11 December 2012 - 11:59 PM

Hi boopme :)

I left the house and upon my return, it appears as if the problem has been resolved - at least superficially speaking. My laptop was on the entire time I was gone, and the problem still existed when it was initially rebooted, but somehow now the 'wonkiness' has ceased. No more fake Adobe updates, and I can fully access the websites that wouldn't load earlier.

I couldn't access the the first Minitoolbox log, but here is a log of a the most current execution.



========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lunchbox-II
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-1E-64-57-F3-DA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::95de:3945:c8a2:52d7%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.36(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : December-11-12 11:39:50 PM
Lease Expires . . . . . . . . . . : December-12-12 11:39:49 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318774884
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-66-7B-53-00-26-22-A3-8F-56
DNS Servers . . . . . . . . . . . : 206.190.130.196
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-22-A3-8F-56
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{99724314-487B-45B0-871E-EA1A2E647A3E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:38ec:2819:3f57:fedb(Preferred)
Link-local IPv6 Address . . . . . : fe80::38ec:2819:3f57:fedb%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{AC37DA3A-26F4-46FF-922D-7F6824F0114C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 206.190.130.196

Name: google.com
Addresses: 2001:4860:4001:801::1006
74.125.224.70
74.125.224.71
74.125.224.72
74.125.224.73
74.125.224.78
74.125.224.64
74.125.224.65
74.125.224.66
74.125.224.67
74.125.224.68
74.125.224.69


Pinging google.com [74.125.224.69] with 32 bytes of data:
Reply from 74.125.224.69: bytes=32 time=258ms TTL=48
Reply from 74.125.224.69: bytes=32 time=161ms TTL=48

Ping statistics for 74.125.224.69:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 161ms, Maximum = 258ms, Average = 209ms
Server: UnKnown
Address: 206.190.130.196

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=258ms TTL=50
Reply from 98.138.253.109: bytes=32 time=522ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 258ms, Maximum = 522ms, Average = 390ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 1e 64 57 f3 da ......Intel® WiFi Link 1000 BGN
10...00 26 22 a3 8f 56 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.36 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.36 286
192.168.1.36 255.255.255.255 On-link 192.168.1.36 286
192.168.1.255 255.255.255.255 On-link 192.168.1.36 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.36 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.36 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:9d38:953c:38ec:2819:3f57:fedb/128
On-link
11 286 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::38ec:2819:3f57:fedb/128
On-link
11 286 fe80::95de:3945:c8a2:52d7/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/11/2012 08:15:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/11/2012 07:22:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: googledrivesync.exe, version: 1.6.3837.2778, time stamp: 0x509418e4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002dfe4
Faulting process id: 0x135c
Faulting application start time: 0xgoogledrivesync.exe0
Faulting application path: googledrivesync.exe1
Faulting module path: googledrivesync.exe2
Report Id: googledrivesync.exe3

Error: (12/11/2012 00:13:49 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Unavailable by: Manual scan. Action: Quarantine failed : Leave Alone failed. Action Description: The file was deleted successfully.

Error: (12/11/2012 11:58:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7425882

Error: (12/11/2012 11:58:46 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7425882

Error: (12/11/2012 11:58:44 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/08/2012 01:34:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/08/2012 11:51:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12355513

Error: (12/08/2012 11:51:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12355513

Error: (12/08/2012 11:51:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/11/2012 11:32:22 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 11:08:21 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 10:52:54 PM) (Source: Service Control Manager) (User: )
Description: The COH_Mon service failed to start due to the following error:
%%1275

Error: (12/11/2012 10:32:21 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 10:08:21 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 09:53:38 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 09:52:54 PM) (Source: Service Control Manager) (User: )
Description: The COH_Mon service failed to start due to the following error:
%%1275

Error: (12/11/2012 09:23:25 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 08:59:23 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LUISSANTOS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AC37DA3A-26F4-46FF-922D-7F6824F0114C}.
The master browser is stopping or an election is being forced.

Error: (12/11/2012 08:52:52 PM) (Source: Service Control Manager) (User: )
Description: The COH_Mon service failed to start due to the following error:
%%1275


Microsoft Office Sessions:
=========================
Error: (02/08/2012 05:48:01 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 129941 seconds with 120 seconds of active time. This session ended with a crash.

Error: (09/29/2010 07:50:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 6405 seconds with 2760 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Add or Remove Adobe Premiere Pro CS5 (Version: 5.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
Adobe Media Player (Version: 1.8)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Alps Touch Pad Driver
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 2.0.0)
Beyond Good & Evil (Version: 1.01.0000)
Big Fish Games: Game Manager (Version: 1.5.1.0)
Bing Bar (Version: 7.0.822.0)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.32)
Bonjour (Version: 3.0.0.10)
Brother HL-2170W (Version: 1.00)
ComicRack v0.9.130 (Version: v0.9.130)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 6.0.3101)
D3DX10 (Version: 15.4.2368.0902)
DivX Converter (Version: 7.1.0)
DivX Player (Version: 7.2.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.5.0.11)
DivX Version Checker (Version: 7.1.0.9)
DivX Web Player (Version: 1.5.0)
Dropbox (Version: 1.4.7)
ENE CIR Receiver Driver (Version: 2.7.3.519)
eReg (Version: 1.20.138.34)
Everest Dictionary (Version: 2.11.0000)
Foxit Creator (Version: 3,0,2,0506)
Foxit PDF Editor (Version: 2.2.0.0205)
Foxit Reader (Version: 4.1.1.805)
Google Drive (Version: 1.6.3837.2778)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.9652.3188)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.17.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.001.000.014)
HP User Guides 0146 (Version: 1.02.0002)
HP Wireless Assistant (Version: 3.50.12.1)
IDT Audio (Version: 1.0.6225.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1883)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 19 (Version: 6.0.190)
JMicron Flash Media Controller Driver (Version: 1.0.32.1)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.1913)
LightScribe System Software (Version: 1.18.16.1)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.78)
Logitech SetPoint 6.15 (Version: 6.15.25)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 3.0.285.6)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
MINITAB 14 Student (Version: 14)
Mozilla Firefox 17.0.1 (x86 en-GB) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Security Scan (Version: 2.7.3.34)
OverDrive Media Console (Version: 3.2.5)
Power Tab Editor 1.7 (Version: 1.7.0)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerISO (Version: 4.7)
PowerRecover (Version: 5.5.1923)
PxMergeModule (Version: 1.00.0000)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
RealUpgrade 1.1 (Version: 1.1.0)
Rosetta Stone Version 3 (Version: 3.3.5.2)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.0 (Version: 6.0.126)
SmartWebPrinting (Version: 140.0.186.000)
Symantec Endpoint Protection (Version: 11.0.4010.19)
The Sims™ 3 (Version: 1.17.60)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Late Night (Version: 6.0.81)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Virtual Villagers 4 - The Tree of Life (Version: 1.0)
VLC media player 1.1.8 (Version: 1.1.8)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3998.96 MB
Available physical RAM: 2376.49 MB
Total Pagefile: 7996.11 MB
Available Pagefile: 6248.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.99 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.27 GB) (Free:25.5 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16.3 GB) (Free:2.66 GB) NTFS

========================= Users: ========================================

User accounts for \\LUNCHBOX-II

Administrator Amy Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****








This was my MBAM log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.11.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Amy :: LUNCHBOX-II [administrator]

11/12/2012 4:47:21 PM
mbam-log-2012-12-11 (16-47-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252132
Time elapsed: 11 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-511477340-227303313-2571166547-1001\$RGPPFJE.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

(end)




And this is my AdwCleaner log:


# AdwCleaner v2.100 - Logfile created 12/11/2012 at 23:37:37
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Amy - LUNCHBOX-II
# Boot Mode : Normal
# Running from : C:\Users\Amy\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Amy\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Amy\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Amy\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Amy\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\akkulga1.default\extensions\[email protected]
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-GB)

Profile name : default
File : C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\akkulga1.default\prefs.js

Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "F3");
Deleted : user_pref("extensions.asktb.config-updated", false);
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYCA");
Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.guid", "D36B2EC3-8FF5-4E75-A75C-722BAE8241CF");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "su");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1320535783638");
Deleted : user_pref("extensions.asktb.last-v", "3.12.2.100006");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.o", "101703");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "2");
Deleted : user_pref("extensions.asktb.sa", "NO");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "5000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.volume", "");

*************************

AdwCleaner[S1].txt - [7764 octets] - [11/12/2012 23:37:37]

########## EOF - C:\AdwCleaner[S1].txt - [7824 octets] ##########




Thank you again!

#43 girl.anachronism

girl.anachronism

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 12 December 2012 - 12:26 PM

Oh no! Nevermind about the problem being resolved. Although the fake Adobe updates have indeed stopped, this afternoon I am once again unable to access the aforementioned 'popular' websites. Other websites work fine.... what a strange virus...

#44 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:55 AM

Posted 12 December 2012 - 12:29 PM

OK, looks good and you are welcome.. You need to Update Adobe reader and Java ..

Adobe Reader XI .
UNCHECK the box in front of...
Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u9-windows-i586.exe (or jre-7u9-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


EDIT
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by boopme, 12 December 2012 - 12:33 PM.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#45 girl.anachronism

girl.anachronism

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 12 December 2012 - 01:54 PM

Hmmmm.... I spoke too soon. The fake Adobe updates came back before I started to update my Adobe Reader and Java. Peculiar. They haven't come up in a while though. Anyways, Adobe Reader and Java are both up-to-date now and my laptop is currently undergoing the ESET scan. Commence thumb-twiddling :)




2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users