Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes finds Trojan.Agent Virus but can't remove


  • Please log in to reply
3 replies to this topic

#1 JoeKol

JoeKol

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 10 March 2012 - 12:22 PM

Hi,

Was experiencing google redirection and downloaded and ran malwarebytes. It initially found 2 viruses, PUM.Hijack.StartMenu along with Trojan.Agent threat. After trying to remove and rerunning a scan, the Trojan.Agent threat remain and google continues to get redirected. The item listed for this threat is c:\windows\svchost.exe. I am running windows 7 Home premium OS.

I would appreciate any help resolving this.

Thanks.

Joe.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 10 March 2012 - 10:02 PM

Hello and welcome JoeKol
Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, [color="#8B0000"]Post new scan log
and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 JoeKol

JoeKol
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 11 March 2012 - 08:36 PM

Hi, Boopme - thanks for helping out.

I am using Internet Explorer 9, not firefox. I am on our household wireless router, but none of the other computers on the network are having the issue.

Here is the log from MiniToolBox:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 11-03-2012 at 11:29:47
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-64-82-94-D7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-1E-64-82-94-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9da9:b7cc:d834:2796%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, March 11, 2012 11:25:14 AM
Lease Expires . . . . . . . . . . : Monday, March 12, 2012 11:25:20 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318774884
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-25-58-35-00-26-9E-99-89-29
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.il.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.il.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2538A8B8-B32E-46AE-B6C0-F25F167BC32D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:3c72:1b85:3f57:fe9a(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c72:1b85:3f57:fe9a%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.225.133
74.125.225.134
74.125.225.137
74.125.225.132
74.125.225.142
74.125.225.130
74.125.225.135
74.125.225.136
74.125.225.131
74.125.225.129
74.125.225.128


Pinging google.com [74.125.225.68] with 32 bytes of data:
Reply from 74.125.225.68: bytes=32 time=12ms TTL=55
Reply from 74.125.225.68: bytes=32 time=15ms TTL=55

Ping statistics for 74.125.225.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 15ms, Average = 13ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
98.139.127.62


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=877ms TTL=49
Reply from 98.139.127.62: bytes=32 time=340ms TTL=49

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 340ms, Maximum = 877ms, Average = 608ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 1e 64 82 94 d7 ......Microsoft Virtual WiFi Miniport Adapter
13...00 1e 64 82 94 d6 ......Intel® WiFi Link 1000 BGN
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 281
192.168.1.101 255.255.255.255 On-link 192.168.1.101 281
192.168.1.255 255.255.255.255 On-link 192.168.1.101 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:5ef5:79fb:3c72:1b85:3f57:fe9a/128
On-link
13 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3c72:1b85:3f57:fe9a/128
On-link
13 281 fe80::9da9:b7cc:d834:2796/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/10/2012 00:27:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: Flash10b.ocx, version: 10.0.22.87, time stamp: 0x4987a6c3
Exception code: 0xc0000005
Fault offset: 0x0022484e
Faulting process id: 0x1018
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (03/10/2012 11:35:33 AM) (Source: Bonjour Service) (User: )
Description: 468: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/10/2012 11:35:33 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/10/2012 11:33:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37948024

Error: (03/10/2012 11:33:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37948024

Error: (03/10/2012 11:33:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/10/2012 11:33:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37932424

Error: (03/10/2012 11:33:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37932424

Error: (03/10/2012 11:33:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/10/2012 11:33:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37916823


System errors:
=============
Error: (03/11/2012 11:27:01 AM) (Source: Service Control Manager) (User: )
Description: The HP Software Framework Service service failed to start due to the following error:
%%1053

Error: (03/11/2012 11:27:01 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.

Error: (03/11/2012 11:27:01 AM) (Source: DCOM) (User: )
Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E}

Error: (03/11/2012 11:26:31 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (03/11/2012 11:25:50 AM) (Source: Service Control Manager) (User: )
Description: The Norton Security Suite service failed to start due to the following error:
%%1053

Error: (03/11/2012 11:25:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Norton Security Suite service to connect.

Error: (03/11/2012 11:25:20 AM) (Source: Service Control Manager) (User: )
Description: The lxdwCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (03/11/2012 11:25:20 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxdwCATSCustConnectService service to connect.

Error: (03/11/2012 11:25:11 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:46:57 AM on ?3/?10/?2012 was unexpected.

Error: (03/10/2012 00:46:57 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Activate Norton Online Backup (Version: 1.1.20.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Amazon MP3 Downloader 1.0.9
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 3.0.0.10)
Choice Guard (Version: 1.2.87.0)
Command & Conquer Tiberian Sun
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 6.0.3101)
ENE CIR Receiver Driver (Version: 2.7.4.0)
GameMaker 8.1
Geek Squad 24 Hour Computer Support (Version: 3.0.330)
Google Talk Plugin (Version: 2.6.1.5251)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HL-2270DW (Version: 1.0.6.0)
Homepage Protection (Version: )
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.8946.3086)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SlingPlayer (Version: 2.1.1.60)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.12.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.001.000.014)
HP User Guides 0154 (Version: 1.01.0001)
HP Wireless Assistant (Version: 3.50.9.1)
IDT Audio (Version: 1.0.6230.0)
Indeo® software
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8064.206)
LabelPrint (Version: 2.5.1913)
LEGO MINDSTORMS NXT Driver for x64 (Version: 1.16.769)
LEGO MINDSTORMS NXT Dynamic Block Update (Version: 1.0.145.0)
LEGO® MINDSTORMS® NXT - English Language Pack (Version: 1.0.305.0)
LEGO® MINDSTORMS® NXT Driver (Version: 1.0.769)
LEGO® MINDSTORMS® NXT Software v1.0 (Version: 1.0.0)
Lemmings Revolution
Lexmark 7600 Series
Lexmark Printable Web (Version: 1.0.0.0)
LightScribe System Software (Version: 1.18.6.1)
LSI HDA Modem (Version: 2.1.94)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nancy Drew: Danger by Design
Nancy Drew: Ghost Dogs of Moon Lake
Nancy Drew: Ransom of the Seven Ships (Version: 1.0.0)
Nancy Drew: Shadow at the Water's Edge (Version: 1.0.0)
Nancy Drew: The Haunting of Castle Malloy (Version: 1.0.0)
Nancy Drew: Trail of the Twister (Version: 1.0.0)
Nancy Drew: Warnings at Waverly Academy (Version: 1.0.0)
Norton Security Suite (Version: 4.4.0.12)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.71.80.42)
Rails (Version: 1.0.0)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30094)
Secret Agent™ Barbie™
SimCity 4 Deluxe
Skype™ 4.0 (Version: 4.0.224)
SlingBoxWatchYourTVAnyWhere (Version: 2.1.1.58)
StarCraft
Stronghold (Version: 1.20.0000)
Stronghold 2 (Version: 1.40.1000)
Stronghold Crusader Extreme (Version: 1.20.0000)
Stronghold Legends (Version: 1.20.0000)
Synaptics Pointing Device Driver (Version: 14.0.0.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Westwood Shared Internet Components
WildTangent Games App (HP Games) (Version: 4.0.5.31)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3999.19 MB
Available physical RAM: 1878.79 MB
Total Pagefile: 7996.52 MB
Available Pagefile: 5668.33 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.84 GB) (Free:381.88 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.72 GB) (Free:2.13 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator Guest Owner


**** End of log ****


Here is the log from TDSSKiller:

11:34:52.0448 6056 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
11:34:52.0557 6056 ============================================================
11:34:52.0557 6056 Current date / time: 2012/03/11 11:34:52.0557
11:34:52.0557 6056 SystemInfo:
11:34:52.0557 6056
11:34:52.0557 6056 OS Version: 6.1.7600 ServicePack: 0.0
11:34:52.0557 6056 Product type: Workstation
11:34:52.0557 6056 ComputerName: OWNER-PC
11:34:52.0557 6056 UserName: Owner
11:34:52.0557 6056 Windows directory: C:\Windows
11:34:52.0557 6056 System windows directory: C:\Windows
11:34:52.0557 6056 Running under WOW64
11:34:52.0557 6056 Processor architecture: Intel x64
11:34:52.0557 6056 Number of processors: 2
11:34:52.0557 6056 Page size: 0x1000
11:34:52.0557 6056 Boot type: Normal boot
11:34:52.0557 6056 ============================================================
11:34:53.0853 6056 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:53.0853 6056 \Device\Harddisk0\DR0:
11:34:53.0853 6056 MBR used
11:34:53.0853 6056 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:34:53.0853 6056 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x389B0000
11:34:53.0853 6056 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38A14000, BlocksNum 0x1971800
11:34:53.0946 6056 Initialize success
11:34:53.0946 6056 ============================================================
11:34:57.0129 6084 ============================================================
11:34:57.0129 6084 Scan started
11:34:57.0129 6084 Mode: Manual;
11:34:57.0129 6084 ============================================================
11:34:59.0375 6084 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:34:59.0375 6084 1394ohci - ok
11:34:59.0578 6084 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
11:34:59.0578 6084 Accelerometer - ok
11:34:59.0734 6084 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:34:59.0750 6084 ACPI - ok
11:34:59.0906 6084 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:34:59.0906 6084 AcpiPmi - ok
11:35:00.0108 6084 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:35:00.0108 6084 adp94xx - ok
11:35:00.0264 6084 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:35:00.0280 6084 adpahci - ok
11:35:00.0467 6084 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:35:00.0467 6084 adpu320 - ok
11:35:00.0670 6084 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:35:00.0670 6084 AFD - ok
11:35:00.0888 6084 AgereSoftModem (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
11:35:00.0904 6084 AgereSoftModem - ok
11:35:01.0060 6084 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:35:01.0076 6084 agp440 - ok
11:35:01.0247 6084 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:35:01.0247 6084 aliide - ok
11:35:01.0434 6084 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:35:01.0434 6084 amdide - ok
11:35:01.0600 6084 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:35:01.0600 6084 AmdK8 - ok
11:35:01.0740 6084 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:35:01.0740 6084 AmdPPM - ok
11:35:01.0990 6084 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:35:01.0990 6084 amdsata - ok
11:35:02.0146 6084 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:35:02.0146 6084 amdsbs - ok
11:35:02.0317 6084 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:35:02.0317 6084 amdxata - ok
11:35:02.0458 6084 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:35:02.0458 6084 AppID - ok
11:35:02.0645 6084 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:35:02.0645 6084 arc - ok
11:35:02.0801 6084 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:35:02.0801 6084 arcsas - ok
11:35:02.0941 6084 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:02.0941 6084 AsyncMac - ok
11:35:03.0097 6084 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:35:03.0097 6084 atapi - ok
11:35:03.0363 6084 atikmdag (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\DRIVERS\atikmdag.sys
11:35:03.0503 6084 atikmdag - ok
11:35:03.0721 6084 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:35:03.0721 6084 b06bdrv - ok
11:35:03.0893 6084 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:03.0893 6084 b57nd60a - ok
11:35:04.0080 6084 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:35:04.0080 6084 Beep - ok
11:35:04.0392 6084 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
11:35:04.0408 6084 BHDrvx64 - ok
11:35:04.0564 6084 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:35:04.0564 6084 blbdrive - ok
11:35:04.0752 6084 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:35:04.0752 6084 bowser - ok
11:35:04.0877 6084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:35:04.0877 6084 BrFiltLo - ok
11:35:05.0002 6084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:35:05.0002 6084 BrFiltUp - ok
11:35:05.0158 6084 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:35:05.0173 6084 Brserid - ok
11:35:05.0314 6084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:05.0314 6084 BrSerWdm - ok
11:35:05.0501 6084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:05.0501 6084 BrUsbMdm - ok
11:35:05.0688 6084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:05.0704 6084 BrUsbSer - ok
11:35:05.0875 6084 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:35:05.0875 6084 BTHMODEM - ok
11:35:06.0109 6084 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys
11:35:06.0109 6084 ccHP - ok
11:35:06.0265 6084 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:35:06.0265 6084 cdfs - ok
11:35:06.0452 6084 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:35:06.0452 6084 cdrom - ok
11:35:06.0641 6084 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:35:06.0641 6084 circlass - ok
11:35:06.0797 6084 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:35:06.0797 6084 CLFS - ok
11:35:07.0155 6084 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:35:07.0155 6084 CmBatt - ok
11:35:07.0577 6084 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:35:07.0577 6084 cmdide - ok
11:35:07.0670 6084 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:35:07.0670 6084 CNG - ok
11:35:07.0857 6084 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:35:07.0857 6084 Compbatt - ok
11:35:08.0045 6084 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:35:08.0045 6084 CompositeBus - ok
11:35:08.0216 6084 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:35:08.0216 6084 crcdisk - ok
11:35:08.0481 6084 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys
11:35:08.0481 6084 dc3d - ok
11:35:08.0637 6084 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:35:08.0637 6084 DfsC - ok
11:35:08.0778 6084 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:35:08.0778 6084 discache - ok
11:35:08.0934 6084 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:35:08.0934 6084 Disk - ok
11:35:09.0137 6084 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:35:09.0137 6084 drmkaud - ok
11:35:09.0293 6084 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:35:09.0293 6084 DXGKrnl - ok
11:35:09.0573 6084 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:35:09.0636 6084 ebdrv - ok
11:35:09.0714 6084 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:35:09.0714 6084 eeCtrl - ok
11:35:09.0932 6084 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:35:09.0948 6084 elxstor - ok
11:35:10.0104 6084 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
11:35:10.0104 6084 enecir - ok
11:35:10.0213 6084 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:35:10.0213 6084 EraserUtilRebootDrv - ok
11:35:10.0369 6084 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:35:10.0369 6084 ErrDev - ok
11:35:10.0556 6084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:35:10.0556 6084 exfat - ok
11:35:10.0697 6084 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:35:10.0712 6084 fastfat - ok
11:35:10.0868 6084 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:35:10.0868 6084 fdc - ok
11:35:11.0196 6084 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:35:11.0196 6084 FileInfo - ok
11:35:11.0321 6084 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:35:11.0321 6084 Filetrace - ok
11:35:11.0477 6084 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:35:11.0477 6084 flpydisk - ok
11:35:11.0648 6084 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:35:11.0664 6084 FltMgr - ok
11:35:11.0789 6084 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:35:11.0789 6084 FsDepends - ok
11:35:11.0945 6084 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:35:11.0945 6084 Fs_Rec - ok
11:35:12.0116 6084 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:35:12.0116 6084 fvevol - ok
11:35:12.0241 6084 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:35:12.0241 6084 gagp30kx - ok
11:35:12.0428 6084 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:35:12.0428 6084 GEARAspiWDM - ok
11:35:12.0600 6084 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:35:12.0600 6084 hcw85cir - ok
11:35:12.0771 6084 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:35:12.0787 6084 HdAudAddService - ok
11:35:12.0927 6084 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:35:12.0927 6084 HDAudBus - ok
11:35:13.0130 6084 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:35:13.0130 6084 HidBatt - ok
11:35:13.0239 6084 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:35:13.0239 6084 HidBth - ok
11:35:13.0395 6084 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:35:13.0395 6084 HidIr - ok
11:35:13.0583 6084 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:35:13.0583 6084 HidUsb - ok
11:35:13.0833 6084 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
11:35:13.0833 6084 hpdskflt - ok
11:35:14.0020 6084 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:35:14.0020 6084 HpqKbFiltr - ok
11:35:14.0192 6084 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:35:14.0192 6084 HpSAMD - ok
11:35:14.0504 6084 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:35:14.0520 6084 HTTP - ok
11:35:14.0676 6084 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:35:14.0676 6084 hwpolicy - ok
11:35:14.0832 6084 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:35:14.0832 6084 i8042prt - ok
11:35:15.0066 6084 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
11:35:15.0066 6084 iaStor - ok
11:35:15.0393 6084 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:35:15.0393 6084 iaStorV - ok
11:35:15.0612 6084 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120309.002\IDSvia64.sys
11:35:15.0627 6084 IDSVia64 - ok
11:35:16.0081 6084 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:35:16.0330 6084 igfx - ok
11:35:16.0455 6084 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:35:16.0455 6084 iirsp - ok
11:35:16.0642 6084 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
11:35:16.0642 6084 IntcHdmiAddService - ok
11:35:16.0768 6084 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:35:16.0768 6084 intelide - ok
11:35:16.0940 6084 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:35:16.0940 6084 intelppm - ok
11:35:17.0096 6084 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:17.0096 6084 IpFilterDriver - ok
11:35:17.0142 6084 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:35:17.0158 6084 IPMIDRV - ok
11:35:17.0283 6084 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:35:17.0283 6084 IPNAT - ok
11:35:17.0470 6084 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:35:17.0470 6084 IRENUM - ok
11:35:17.0610 6084 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:35:17.0610 6084 isapnp - ok
11:35:17.0954 6084 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:35:17.0954 6084 iScsiPrt - ok
11:35:18.0188 6084 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:35:18.0188 6084 kbdclass - ok
11:35:18.0344 6084 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:35:18.0344 6084 kbdhid - ok
11:35:18.0468 6084 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:35:18.0468 6084 KSecDD - ok
11:35:18.0609 6084 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:35:18.0609 6084 KSecPkg - ok
11:35:18.0749 6084 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:35:18.0749 6084 ksthunk - ok
11:35:19.0031 6084 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:35:19.0047 6084 lltdio - ok
11:35:19.0203 6084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:35:19.0203 6084 LSI_FC - ok
11:35:19.0374 6084 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:35:19.0374 6084 LSI_SAS - ok
11:35:19.0655 6084 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:35:19.0655 6084 LSI_SAS2 - ok
11:35:19.0812 6084 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:35:19.0828 6084 LSI_SCSI - ok
11:35:19.0968 6084 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:35:19.0968 6084 luafv - ok
11:35:20.0218 6084 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:35:20.0218 6084 megasas - ok
11:35:20.0342 6084 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:35:20.0342 6084 MegaSR - ok
11:35:20.0498 6084 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:35:20.0514 6084 Modem - ok
11:35:20.0717 6084 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:35:20.0717 6084 monitor - ok
11:35:20.0873 6084 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:35:20.0873 6084 mouclass - ok
11:35:21.0076 6084 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:35:21.0076 6084 mouhid - ok
11:35:21.0325 6084 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:35:21.0325 6084 mountmgr - ok
11:35:21.0434 6084 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:35:21.0434 6084 mpio - ok
11:35:21.0559 6084 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:35:21.0559 6084 mpsdrv - ok
11:35:21.0622 6084 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:35:21.0622 6084 MRxDAV - ok
11:35:21.0902 6084 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:21.0902 6084 mrxsmb - ok
11:35:22.0199 6084 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:22.0214 6084 mrxsmb10 - ok
11:35:23.0775 6084 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:23.0775 6084 mrxsmb20 - ok
11:35:24.0884 6084 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
11:35:24.0884 6084 msahci - ok
11:35:25.0555 6084 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:35:25.0555 6084 msdsm - ok
11:35:25.0789 6084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:35:25.0804 6084 Msfs - ok
11:35:25.0960 6084 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:35:25.0960 6084 mshidkmdf - ok
11:35:26.0116 6084 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:35:26.0116 6084 msisadrv - ok
11:35:26.0288 6084 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:35:26.0288 6084 MSKSSRV - ok
11:35:26.0600 6084 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:26.0616 6084 MSPCLOCK - ok
11:35:26.0772 6084 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:35:26.0772 6084 MSPQM - ok
11:35:26.0943 6084 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:35:26.0974 6084 MsRPC - ok
11:35:27.0240 6084 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:35:27.0240 6084 mssmbios - ok
11:35:27.0520 6084 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:35:27.0520 6084 MSTEE - ok
11:35:27.0739 6084 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:35:27.0739 6084 MTConfig - ok
11:35:27.0957 6084 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:35:27.0957 6084 Mup - ok
11:35:28.0176 6084 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:35:28.0176 6084 NativeWifiP - ok
11:35:28.0456 6084 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120309.034\ENG64.SYS
11:35:28.0472 6084 NAVENG - ok
11:35:28.0706 6084 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120309.034\EX64.SYS
11:35:28.0722 6084 NAVEX15 - ok
11:35:29.0112 6084 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:35:29.0112 6084 NDIS - ok
11:35:29.0736 6084 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:29.0751 6084 NdisCap - ok
11:35:30.0360 6084 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:30.0360 6084 NdisTapi - ok
11:35:30.0625 6084 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:30.0625 6084 Ndisuio - ok
11:35:30.0859 6084 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:30.0859 6084 NdisWan - ok
11:35:31.0124 6084 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:35:31.0124 6084 NDProxy - ok
11:35:31.0374 6084 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:35:31.0374 6084 NetBIOS - ok
11:35:31.0857 6084 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:35:31.0857 6084 NetBT - ok
11:35:32.0700 6084 NETw1v64 (e72f4522801ffb8f0456924fb0017bff) C:\Windows\system32\DRIVERS\NETw1v64.sys
11:35:32.0887 6084 NETw1v64 - ok
11:35:34.0010 6084 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
11:35:34.0213 6084 NETw5s64 - ok
11:35:36.0056 6084 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
11:35:36.0197 6084 netw5v64 - ok
11:35:36.0509 6084 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:35:36.0509 6084 nfrd960 - ok
11:35:36.0743 6084 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:35:36.0743 6084 Npfs - ok
11:35:36.0774 6084 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:35:36.0774 6084 nsiproxy - ok
11:35:36.0914 6084 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:35:36.0945 6084 Ntfs - ok
11:35:37.0460 6084 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:35:37.0460 6084 Null - ok
11:35:37.0601 6084 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:35:37.0601 6084 nvraid - ok
11:35:37.0725 6084 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:35:37.0725 6084 nvstor - ok
11:35:37.0881 6084 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:35:37.0881 6084 nv_agp - ok
11:35:38.0053 6084 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:35:38.0053 6084 ohci1394 - ok
11:35:38.0225 6084 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:35:38.0225 6084 Parport - ok
11:35:38.0349 6084 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:35:38.0349 6084 partmgr - ok
11:35:38.0396 6084 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:35:38.0396 6084 pci - ok
11:35:38.0521 6084 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:35:38.0521 6084 pciide - ok
11:35:38.0694 6084 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:35:38.0694 6084 pcmcia - ok
11:35:38.0834 6084 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:35:38.0834 6084 pcw - ok
11:35:39.0302 6084 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:35:39.0318 6084 PEAUTH - ok
11:35:39.0598 6084 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\Windows\system32\DRIVERS\point64.sys
11:35:39.0598 6084 Point64 - ok
11:35:39.0832 6084 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:35:39.0832 6084 PptpMiniport - ok
11:35:40.0004 6084 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:35:40.0004 6084 Processor - ok
11:35:40.0269 6084 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:35:40.0269 6084 Psched - ok
11:35:40.0456 6084 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:35:40.0472 6084 ql2300 - ok
11:35:40.0910 6084 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:40.0910 6084 ql40xx - ok
11:35:41.0674 6084 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:35:41.0674 6084 QWAVEdrv - ok
11:35:41.0830 6084 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:35:41.0830 6084 RasAcd - ok
11:35:42.0033 6084 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:42.0033 6084 RasAgileVpn - ok
11:35:42.0251 6084 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:42.0251 6084 Rasl2tp - ok
11:35:42.0657 6084 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:42.0657 6084 RasPppoe - ok
11:35:42.0845 6084 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:35:42.0845 6084 RasSstp - ok
11:35:43.0188 6084 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:35:43.0235 6084 rdbss - ok
11:35:43.0594 6084 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:43.0594 6084 rdpbus - ok
11:35:43.0743 6084 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:43.0743 6084 RDPCDD - ok
11:35:43.0915 6084 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:35:43.0915 6084 RDPENCDD - ok
11:35:44.0040 6084 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:35:44.0040 6084 RDPREFMP - ok
11:35:44.0180 6084 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
11:35:44.0196 6084 RDPWD - ok
11:35:44.0352 6084 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:35:44.0352 6084 rdyboost - ok
11:35:44.0539 6084 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:35:44.0539 6084 rspndr - ok
11:35:44.0695 6084 RSUSBSTOR (a5df2f732a6c95554e548fcb6932bd31) C:\Windows\system32\Drivers\RtsUStor.sys
11:35:44.0695 6084 RSUSBSTOR - ok
11:35:44.0945 6084 RTL8167 (91296f0b2653281b2f11e0fce56aa427) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:35:44.0945 6084 RTL8167 - ok
11:35:45.0522 6084 RtsUIR - ok
11:35:45.0709 6084 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:35:45.0709 6084 sbp2port - ok
11:35:45.0834 6084 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:35:45.0834 6084 scfilter - ok
11:35:46.0021 6084 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
11:35:46.0021 6084 sdbus - ok
11:35:46.0255 6084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:35:46.0255 6084 secdrv - ok
11:35:46.0395 6084 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:35:46.0395 6084 Serenum - ok
11:35:46.0551 6084 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:35:46.0567 6084 Serial - ok
11:35:46.0707 6084 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:35:46.0707 6084 sermouse - ok
11:35:46.0910 6084 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:35:46.0910 6084 sffdisk - ok
11:35:47.0331 6084 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:35:47.0347 6084 sffp_mmc - ok
11:35:47.0472 6084 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:35:47.0487 6084 sffp_sd - ok
11:35:47.0628 6084 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:47.0628 6084 sfloppy - ok
11:35:47.0768 6084 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:47.0768 6084 SiSRaid2 - ok
11:35:47.0941 6084 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:47.0941 6084 SiSRaid4 - ok
11:35:48.0081 6084 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:35:48.0097 6084 Smb - ok
11:35:48.0300 6084 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:35:48.0300 6084 spldr - ok
11:35:48.0549 6084 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\N360x64\0404000.00C\SRTSP64.SYS
11:35:48.0549 6084 SRTSP - ok
11:35:48.0736 6084 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\N360x64\0404000.00C\SRTSPX64.SYS
11:35:48.0736 6084 SRTSPX - ok
11:35:48.0893 6084 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:35:48.0893 6084 srv - ok
11:35:49.0611 6084 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:35:49.0627 6084 srv2 - ok
11:35:49.0783 6084 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:35:49.0798 6084 SrvHsfHDA - ok
11:35:49.0955 6084 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:35:49.0986 6084 SrvHsfV92 - ok
11:35:50.0142 6084 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:35:50.0158 6084 SrvHsfWinac - ok
11:35:50.0361 6084 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:35:50.0361 6084 srvnet - ok
11:35:50.0610 6084 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:35:50.0610 6084 stexstor - ok
11:35:50.0892 6084 STHDA (8d1ce4322a35f840711b87927cb57c05) C:\Windows\system32\DRIVERS\stwrt64.sys
11:35:50.0908 6084 STHDA - ok
11:35:51.0235 6084 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:35:51.0235 6084 swenum - ok
11:35:51.0501 6084 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS
11:35:51.0501 6084 SymDS - ok
11:35:51.0719 6084 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS
11:35:51.0719 6084 SymEFA - ok
11:35:52.0063 6084 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:35:52.0063 6084 SymEvent - ok
11:35:52.0609 6084 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS
11:35:52.0609 6084 SymIRON - ok
11:35:52.0859 6084 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS
11:35:52.0859 6084 SYMTDIv - ok
11:35:53.0717 6084 SynTP (924d711941956f7420a4925592be8253) C:\Windows\system32\DRIVERS\SynTP.sys
11:35:53.0717 6084 SynTP - ok
11:35:54.0044 6084 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:35:54.0060 6084 Tcpip - ok
11:35:54.0403 6084 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:35:54.0419 6084 TCPIP6 - ok
11:35:54.0544 6084 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:35:54.0544 6084 tcpipreg - ok
11:35:54.0824 6084 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:35:54.0840 6084 TDPIPE - ok
11:35:55.0183 6084 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:35:55.0183 6084 TDTCP - ok
11:35:55.0339 6084 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:35:55.0339 6084 tdx - ok
11:35:55.0464 6084 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:35:55.0464 6084 TermDD - ok
11:35:55.0745 6084 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:55.0745 6084 tssecsrv - ok
11:35:55.0994 6084 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:35:55.0994 6084 tunnel - ok
11:35:57.0227 6084 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:35:57.0383 6084 uagp35 - ok
11:35:57.0648 6084 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:35:57.0664 6084 udfs - ok
11:35:57.0898 6084 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:35:57.0898 6084 uliagpkx - ok
11:35:58.0116 6084 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:35:58.0116 6084 umbus - ok
11:35:58.0272 6084 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:35:58.0272 6084 UmPass - ok
11:35:58.0506 6084 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
11:35:58.0506 6084 USBAAPL64 - ok
11:35:58.0865 6084 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
11:35:58.0865 6084 usbaudio - ok
11:35:59.0114 6084 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:59.0114 6084 usbccgp - ok
11:35:59.0286 6084 USBCCID - ok
11:35:59.0364 6084 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:35:59.0364 6084 usbcir - ok
11:35:59.0582 6084 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:35:59.0582 6084 usbehci - ok
11:36:00.0019 6084 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:36:00.0019 6084 usbhub - ok
11:36:00.0316 6084 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
11:36:00.0316 6084 usbohci - ok
11:36:00.0487 6084 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:36:00.0487 6084 usbprint - ok
11:36:00.0799 6084 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:36:00.0799 6084 usbscan - ok
11:36:01.0018 6084 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:36:01.0018 6084 USBSTOR - ok
11:36:01.0579 6084 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:36:01.0579 6084 usbuhci - ok
11:36:01.0782 6084 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
11:36:01.0782 6084 usbvideo - ok
11:36:02.0000 6084 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:36:02.0016 6084 vdrvroot - ok
11:36:02.0219 6084 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:36:02.0219 6084 vga - ok
11:36:02.0328 6084 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:36:02.0328 6084 VgaSave - ok
11:36:02.0546 6084 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:36:02.0546 6084 vhdmp - ok
11:36:02.0780 6084 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:36:02.0780 6084 viaide - ok
11:36:02.0905 6084 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:36:02.0905 6084 volmgr - ok
11:36:03.0248 6084 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:36:03.0248 6084 volmgrx - ok
11:36:03.0529 6084 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:36:03.0529 6084 volsnap - ok
11:36:03.0779 6084 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:36:03.0779 6084 vsmraid - ok
11:36:03.0935 6084 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:36:03.0935 6084 vwifibus - ok
11:36:04.0153 6084 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:36:04.0153 6084 vwififlt - ok
11:36:04.0418 6084 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:36:04.0418 6084 vwifimp - ok
11:36:04.0590 6084 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:36:04.0590 6084 WacomPen - ok
11:36:04.0824 6084 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:36:04.0824 6084 WANARP - ok
11:36:04.0855 6084 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:36:04.0855 6084 Wanarpv6 - ok
11:36:05.0292 6084 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:36:05.0292 6084 Wd - ok
11:36:05.0510 6084 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:36:05.0526 6084 Wdf01000 - ok
11:36:05.0729 6084 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:36:05.0729 6084 WfpLwf - ok
11:36:05.0885 6084 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:36:05.0885 6084 WIMMount - ok
11:36:06.0197 6084 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
11:36:06.0197 6084 WinUsb - ok
11:36:06.0384 6084 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:36:06.0384 6084 WmiAcpi - ok
11:36:06.0509 6084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:36:06.0509 6084 ws2ifsl - ok
11:36:06.0836 6084 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:36:06.0836 6084 WSDPrintDevice - ok
11:36:06.0977 6084 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:36:06.0977 6084 WudfPf - ok
11:36:07.0180 6084 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:36:07.0195 6084 WUDFRd - ok
11:36:07.0382 6084 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
11:36:07.0398 6084 yukonw7 - ok
11:36:07.0507 6084 MBR (0x1B8) (e3e91e98346c8b0475259c238728e9e3) \Device\Harddisk0\DR0
11:36:07.0523 6084 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:36:07.0523 6084 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:36:07.0585 6084 Boot (0x1200) (d0529d6dc12cf5d38f739c4d926f7a9b) \Device\Harddisk0\DR0\Partition0
11:36:07.0585 6084 \Device\Harddisk0\DR0\Partition0 - ok
11:36:07.0601 6084 Boot (0x1200) (cd68b896137127ab8e51a1728abb6f43) \Device\Harddisk0\DR0\Partition1
11:36:07.0601 6084 \Device\Harddisk0\DR0\Partition1 - ok
11:36:07.0648 6084 Boot (0x1200) (051260acea95350c7d21bd4bd4bf5117) \Device\Harddisk0\DR0\Partition2
11:36:07.0648 6084 \Device\Harddisk0\DR0\Partition2 - ok
11:36:07.0648 6084 ============================================================
11:36:07.0648 6084 Scan finished
11:36:07.0648 6084 ============================================================
11:36:07.0663 4652 Detected object count: 1
11:36:07.0663 4652 Actual detected object count: 1
11:36:25.0355 4652 \Device\Harddisk0\DR0\# - copied to quarantine
11:36:25.0371 4652 \Device\Harddisk0\DR0 - copied to quarantine
11:36:25.0870 4652 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:36:25.0885 4652 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:36:25.0917 4652 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:36:25.0932 4652 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:36:25.0979 4652 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:36:26.0026 4652 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:36:26.0026 4652 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:36:26.0026 4652 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:36:26.0041 4652 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:36:26.0057 4652 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:36:26.0073 4652 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:36:26.0088 4652 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:36:26.0119 4652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:36:26.0119 4652 \Device\Harddisk0\DR0 - ok
11:36:26.0572 4652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:36:36.0736 5972 Deinitialize success


Here is the first Malwarebytes scan:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.08

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

3/11/2012 11:41:23 AM
mbam-log-2012-03-11 (11-41-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 187909
Time elapsed: 6 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)


Here is the second Malwarebytes log after the reboot:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.11.08

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

3/11/2012 11:53:36 AM
mbam-log-2012-03-11 (11-53-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 187856
Time elapsed: 5 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


As you can see, second scan did not show any issues. Google searching seems to be working without trouble now.

Thank you!!!

Joe.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,914 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 11 March 2012 - 09:41 PM

You're welcome. You had a serious Tdss infection and it caused the redirects. You should chsnge any financial passwords on here if that applies.


Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users