Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus?


  • Please log in to reply
7 replies to this topic

#1 Herriot123

Herriot123

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 07 August 2012 - 02:05 AM

Hello,

I believe I have a Google Redirect Virus. When I search on Google and click on links, sometimes it will redirect to Ask.com or other ads (no porn or other nasty sites, just ads). I immediately close the redirected tab and click once again on the intented search link in Google and it takes me to my requested site. Sometimes when I click on a link in Google it doesn't redirect me, but sometimes it does - I think maybe 40 to 50% of the time.

I have Windows Vista and I use IE 9.

My Norton Antivirus didn't detect anything. I researched this issue on other sites and tried a few anti-malware programs. I installed HitmanPro 3, which didn't detect anything. I then ran TDSS Killer, which did detect a threat. I attempted to delete that threat, but this virus is still there (still redirects some Google searches). Honestly, the instructions I was reading on how to run TDSS Killer weren't lining up with what I was actually seeing on the screen, so I'm not sure if I really deleted the threat that appeared. You may want to advise me to run TDSS Killer again.

Finally, I am pasting the info from my hosts file. This info may or may not be useful to you, but some other websites seem to talk about this. I really have no idea what the hosts file does, except I do know where to find it, and it seems to be useful to people who know how to detect and delete malware. Here is the info from my hosts file:

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

I understand that that second line at the bottom (::1) shouldn't be there, but I wanted some advise on whether I should delete that line, as some other websites recommended. To me, deleting that line seems too simple and not thorough enough.

Please advise.

Thank you!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:09 AM

Posted 07 August 2012 - 02:13 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Herriot123

Herriot123
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 08 August 2012 - 10:02 PM

I ran TDSS Killer, then ran aswMBR. While aswMBR was scanning, my computer crashed (blue screen). After rebooting, I started over and ran TDSS Killer again and aswMBR again. This time, aswMBR scanned successfully, and then I moved on to running ESET online scanner. Here are the results:

TDSS Killer Log Report:

23:06:46.0693 3688 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
23:06:47.0251 3688 ============================================================
23:06:47.0251 3688 Current date / time: 2012/08/07 23:06:47.0251
23:06:47.0251 3688 SystemInfo:
23:06:47.0251 3688
23:06:47.0251 3688 OS Version: 6.0.6002 ServicePack: 2.0
23:06:47.0251 3688 Product type: Workstation
23:06:47.0251 3688 ComputerName: OWNER-PC
23:06:47.0251 3688 UserName: owner
23:06:47.0251 3688 Windows directory: C:\Windows
23:06:47.0251 3688 System windows directory: C:\Windows
23:06:47.0251 3688 Processor architecture: Intel x86
23:06:47.0251 3688 Number of processors: 2
23:06:47.0251 3688 Page size: 0x1000
23:06:47.0251 3688 Boot type: Normal boot
23:06:47.0251 3688 ============================================================
23:06:50.0165 3688 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:06:50.0169 3688 ============================================================
23:06:50.0169 3688 \Device\Harddisk0\DR0:
23:06:50.0198 3688 MBR partitions:
23:06:50.0198 3688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xEF7800, BlocksNum 0x165A79B0
23:06:50.0198 3688 ============================================================
23:06:50.0402 3688 C: <-> \Device\Harddisk0\DR0\Partition0
23:06:50.0403 3688 ============================================================
23:06:50.0403 3688 Initialize success
23:06:50.0403 3688 ============================================================
23:07:00.0757 5276 ============================================================
23:07:00.0757 5276 Scan started
23:07:00.0757 5276 Mode: Manual; TDLFS;
23:07:00.0757 5276 ============================================================
23:07:01.0800 5276 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
23:07:01.0802 5276 ACPI - ok
23:07:01.0900 5276 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:01.0958 5276 AdobeFlashPlayerUpdateSvc - ok
23:07:02.0042 5276 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
23:07:02.0045 5276 adp94xx - ok
23:07:02.0080 5276 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
23:07:02.0083 5276 adpahci - ok
23:07:02.0105 5276 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
23:07:02.0106 5276 adpu160m - ok
23:07:02.0137 5276 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
23:07:02.0138 5276 adpu320 - ok
23:07:02.0197 5276 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
23:07:02.0198 5276 AeLookupSvc - ok
23:07:02.0295 5276 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
23:07:02.0297 5276 AFD - ok
23:07:02.0366 5276 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
23:07:02.0367 5276 agp440 - ok
23:07:02.0413 5276 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:07:02.0415 5276 aic78xx - ok
23:07:02.0458 5276 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
23:07:02.0461 5276 ALG - ok
23:07:02.0474 5276 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
23:07:02.0475 5276 aliide - ok
23:07:02.0501 5276 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
23:07:02.0502 5276 amdagp - ok
23:07:02.0524 5276 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
23:07:02.0525 5276 amdide - ok
23:07:02.0553 5276 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
23:07:02.0554 5276 AmdK7 - ok
23:07:02.0576 5276 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
23:07:02.0577 5276 AmdK8 - ok
23:07:02.0629 5276 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
23:07:02.0630 5276 Appinfo - ok
23:07:02.0733 5276 Apple Mobile Device (5aa788d5a2c6737bb9c45933985bc1b8) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:07:02.0735 5276 Apple Mobile Device - ok
23:07:02.0772 5276 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
23:07:02.0773 5276 arc - ok
23:07:02.0811 5276 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
23:07:02.0812 5276 arcsas - ok
23:07:02.0851 5276 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
23:07:02.0851 5276 AsyncMac - ok
23:07:02.0892 5276 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
23:07:02.0893 5276 atapi - ok
23:07:02.0983 5276 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
23:07:02.0995 5276 AudioEndpointBuilder - ok
23:07:03.0001 5276 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
23:07:03.0004 5276 Audiosrv - ok
23:07:03.0046 5276 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
23:07:03.0047 5276 Beep - ok
23:07:03.0112 5276 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
23:07:03.0119 5276 BFE - ok
23:07:03.0375 5276 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120803.001\BHDrvx86.sys
23:07:03.0381 5276 BHDrvx86 - ok
23:07:03.0485 5276 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
23:07:03.0502 5276 BITS - ok
23:07:03.0522 5276 blbdrive - ok
23:07:03.0679 5276 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
23:07:03.0687 5276 Bonjour Service - ok
23:07:03.0713 5276 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
23:07:03.0714 5276 bowser - ok
23:07:03.0755 5276 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:07:03.0756 5276 BrFiltLo - ok
23:07:03.0768 5276 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:07:03.0768 5276 BrFiltUp - ok
23:07:03.0802 5276 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
23:07:03.0805 5276 Browser - ok
23:07:03.0845 5276 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:07:03.0846 5276 Brserid - ok
23:07:03.0901 5276 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:07:03.0902 5276 BrSerWdm - ok
23:07:03.0924 5276 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:07:03.0925 5276 BrUsbMdm - ok
23:07:03.0946 5276 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:07:03.0947 5276 BrUsbSer - ok
23:07:03.0961 5276 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:07:03.0962 5276 BTHMODEM - ok
23:07:04.0036 5276 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
23:07:04.0037 5276 cdfs - ok
23:07:04.0065 5276 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\Windows\system32\drivers\Cdr4_xp.sys
23:07:04.0065 5276 Cdr4_xp - ok
23:07:04.0083 5276 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\Windows\system32\drivers\Cdralw2k.sys
23:07:04.0084 5276 Cdralw2k - ok
23:07:04.0148 5276 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
23:07:04.0149 5276 cdrom - ok
23:07:04.0231 5276 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
23:07:04.0233 5276 CertPropSvc - ok
23:07:04.0265 5276 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
23:07:04.0266 5276 circlass - ok
23:07:04.0316 5276 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
23:07:04.0323 5276 CLFS - ok
23:07:04.0435 5276 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:04.0439 5276 clr_optimization_v2.0.50727_32 - ok
23:07:04.0549 5276 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:07:04.0619 5276 clr_optimization_v4.0.30319_32 - ok
23:07:04.0657 5276 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
23:07:04.0658 5276 CmBatt - ok
23:07:04.0695 5276 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
23:07:04.0696 5276 cmdide - ok
23:07:04.0725 5276 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
23:07:04.0726 5276 Compbatt - ok
23:07:04.0730 5276 COMSysApp - ok
23:07:04.0738 5276 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
23:07:04.0739 5276 crcdisk - ok
23:07:04.0756 5276 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
23:07:04.0757 5276 Crusoe - ok
23:07:04.0820 5276 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
23:07:04.0824 5276 CryptSvc - ok
23:07:05.0090 5276 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
23:07:05.0105 5276 DcomLaunch - ok
23:07:05.0136 5276 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
23:07:05.0137 5276 DfsC - ok
23:07:05.0387 5276 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
23:07:05.0444 5276 DFSR - ok
23:07:05.0632 5276 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
23:07:05.0637 5276 Dhcp - ok
23:07:05.0724 5276 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
23:07:05.0725 5276 disk - ok
23:07:05.0754 5276 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
23:07:05.0755 5276 DMICall - ok
23:07:05.0800 5276 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
23:07:05.0802 5276 Dnscache - ok
23:07:05.0843 5276 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
23:07:05.0848 5276 dot3svc - ok
23:07:05.0885 5276 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
23:07:05.0887 5276 DPS - ok
23:07:05.0929 5276 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
23:07:05.0930 5276 drmkaud - ok
23:07:06.0015 5276 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
23:07:06.0020 5276 DXGKrnl - ok
23:07:06.0071 5276 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:07:06.0072 5276 E1G60 - ok
23:07:06.0115 5276 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
23:07:06.0117 5276 EapHost - ok
23:07:06.0181 5276 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
23:07:06.0183 5276 Ecache - ok
23:07:06.0410 5276 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:07:06.0418 5276 eeCtrl - ok
23:07:06.0491 5276 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
23:07:06.0498 5276 ehRecvr - ok
23:07:06.0546 5276 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
23:07:06.0550 5276 ehSched - ok
23:07:06.0559 5276 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
23:07:06.0560 5276 ehstart - ok
23:07:06.0633 5276 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
23:07:06.0636 5276 elxstor - ok
23:07:06.0708 5276 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
23:07:06.0721 5276 EMDMgmt - ok
23:07:06.0831 5276 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
23:07:06.0835 5276 EpsonBidirectionalService - ok
23:07:06.0931 5276 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:07:06.0934 5276 EraserUtilRebootDrv - ok
23:07:07.0019 5276 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
23:07:07.0027 5276 EventSystem - ok
23:07:07.0106 5276 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
23:07:07.0107 5276 exfat - ok
23:07:07.0157 5276 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
23:07:07.0158 5276 fastfat - ok
23:07:07.0200 5276 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
23:07:07.0201 5276 fdc - ok
23:07:07.0289 5276 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
23:07:07.0291 5276 fdPHost - ok
23:07:07.0322 5276 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
23:07:07.0324 5276 FDResPub - ok
23:07:07.0366 5276 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
23:07:07.0367 5276 FileInfo - ok
23:07:07.0391 5276 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
23:07:07.0391 5276 Filetrace - ok
23:07:07.0461 5276 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:07:07.0470 5276 FLEXnet Licensing Service - ok
23:07:07.0486 5276 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
23:07:07.0486 5276 flpydisk - ok
23:07:07.0534 5276 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
23:07:07.0536 5276 FltMgr - ok
23:07:07.0631 5276 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
23:07:07.0648 5276 FontCache - ok
23:07:07.0728 5276 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:07:07.0732 5276 FontCache3.0.0.0 - ok
23:07:07.0760 5276 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
23:07:07.0761 5276 Fs_Rec - ok
23:07:07.0801 5276 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
23:07:07.0802 5276 gagp30kx - ok
23:07:07.0858 5276 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\Drivers\GEARAspiWDM.sys
23:07:07.0858 5276 GEARAspiWDM - ok
23:07:07.0945 5276 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
23:07:07.0958 5276 gpsvc - ok
23:07:08.0029 5276 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
23:07:08.0031 5276 HdAudAddService - ok
23:07:08.0123 5276 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:07:08.0128 5276 HDAudBus - ok
23:07:08.0150 5276 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:07:08.0151 5276 HidBth - ok
23:07:08.0270 5276 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:07:08.0271 5276 HidIr - ok
23:07:08.0309 5276 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
23:07:08.0311 5276 hidserv - ok
23:07:08.0346 5276 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
23:07:08.0347 5276 HidUsb - ok
23:07:08.0462 5276 HitmanProScheduler (54d9e71dd3f6df476b99543f88650edf) C:\Program Files\HitmanPro\hmpsched.exe
23:07:08.0493 5276 HitmanProScheduler - ok
23:07:08.0520 5276 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
23:07:08.0523 5276 hkmsvc - ok
23:07:08.0554 5276 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
23:07:08.0556 5276 HpCISSs - ok
23:07:08.0689 5276 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:07:08.0694 5276 HSFHWAZL - ok
23:07:08.0814 5276 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
23:07:08.0822 5276 HSF_DPV - ok
23:07:08.0890 5276 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
23:07:08.0893 5276 HSXHWAZL - ok
23:07:09.0000 5276 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
23:07:09.0003 5276 HTTP - ok
23:07:09.0121 5276 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
23:07:09.0122 5276 i2omp - ok
23:07:09.0187 5276 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
23:07:09.0187 5276 i8042prt - ok
23:07:10.0752 5276 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
23:07:10.0754 5276 iaStorV - ok
23:07:10.0854 5276 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
23:07:10.0860 5276 IDriverT - ok
23:07:11.0131 5276 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:07:11.0203 5276 idsvc - ok
23:07:11.0463 5276 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120807.001\IDSvix86.sys
23:07:11.0472 5276 IDSVix86 - ok
23:07:12.0059 5276 igfx (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:07:12.0074 5276 igfx - ok
23:07:12.0361 5276 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:07:12.0363 5276 iirsp - ok
23:07:12.0480 5276 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
23:07:12.0491 5276 IKEEXT - ok
23:07:12.0841 5276 IntcAzAudAddService (2bd6633db50a98534aa3262e0f9f5a14) C:\Windows\system32\drivers\RTKVHDA.sys
23:07:12.0901 5276 IntcAzAudAddService - ok
23:07:13.0281 5276 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
23:07:13.0282 5276 intelide - ok
23:07:13.0315 5276 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
23:07:13.0316 5276 intelppm - ok
23:07:13.0393 5276 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
23:07:13.0400 5276 IPBusEnum - ok
23:07:13.0471 5276 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:07:13.0472 5276 IpFilterDriver - ok
23:07:13.0553 5276 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
23:07:13.0559 5276 iphlpsvc - ok
23:07:13.0566 5276 IpInIp - ok
23:07:13.0604 5276 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
23:07:13.0605 5276 IPMIDRV - ok
23:07:13.0651 5276 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
23:07:13.0652 5276 IPNAT - ok
23:07:13.0899 5276 iPod Service (8e5e5a8cc84da3f683e3bbc045138d52) C:\Program Files\iPod\bin\iPodService.exe
23:07:13.0912 5276 iPod Service - ok
23:07:13.0949 5276 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
23:07:13.0950 5276 IRENUM - ok
23:07:13.0986 5276 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
23:07:13.0987 5276 isapnp - ok
23:07:14.0049 5276 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
23:07:14.0050 5276 iScsiPrt - ok
23:07:14.0089 5276 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:07:14.0090 5276 iteatapi - ok
23:07:14.0141 5276 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:07:14.0142 5276 iteraid - ok
23:07:14.0228 5276 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
23:07:14.0232 5276 IviRegMgr - ok
23:07:14.0269 5276 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:07:14.0270 5276 kbdclass - ok
23:07:14.0284 5276 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
23:07:14.0284 5276 kbdhid - ok
23:07:14.0314 5276 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
23:07:14.0317 5276 KeyIso - ok
23:07:14.0457 5276 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
23:07:14.0461 5276 KSecDD - ok
23:07:14.0592 5276 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
23:07:14.0602 5276 KtmRm - ok
23:07:14.0657 5276 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
23:07:14.0661 5276 LanmanServer - ok
23:07:14.0756 5276 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
23:07:14.0761 5276 LanmanWorkstation - ok
23:07:14.0815 5276 LKNUCMP (3551e061112d88caa52f7e90330a772e) C:\Windows\system32\DRIVERS\lknucmp.sys
23:07:14.0816 5276 LKNUCMP - ok
23:07:14.0856 5276 lknuhst (056837b70e190f3dcce1be3bb2901eb3) C:\Windows\system32\DRIVERS\lknuhst.sys
23:07:14.0856 5276 lknuhst - ok
23:07:14.0897 5276 LKNUHUB (5b800defebf61bf8b8eee2918143b654) C:\Windows\system32\DRIVERS\lknuhub.sys
23:07:14.0897 5276 LKNUHUB - ok
23:07:14.0934 5276 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
23:07:14.0935 5276 lltdio - ok
23:07:14.0993 5276 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
23:07:14.0999 5276 lltdsvc - ok
23:07:15.0077 5276 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
23:07:15.0079 5276 lmhosts - ok
23:07:15.0130 5276 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
23:07:15.0131 5276 LSI_FC - ok
23:07:15.0151 5276 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
23:07:15.0152 5276 LSI_SAS - ok
23:07:15.0178 5276 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
23:07:15.0180 5276 LSI_SCSI - ok
23:07:15.0236 5276 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
23:07:15.0237 5276 luafv - ok
23:07:15.0289 5276 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
23:07:15.0292 5276 Mcx2Svc - ok
23:07:15.0367 5276 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:07:15.0368 5276 mdmxsdk - ok
23:07:15.0387 5276 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
23:07:15.0388 5276 megasas - ok
23:07:15.0412 5276 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
23:07:15.0415 5276 MMCSS - ok
23:07:15.0475 5276 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
23:07:15.0475 5276 Modem - ok
23:07:15.0517 5276 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
23:07:15.0519 5276 monitor - ok
23:07:15.0544 5276 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
23:07:15.0545 5276 mouclass - ok
23:07:15.0586 5276 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
23:07:15.0587 5276 mouhid - ok
23:07:15.0627 5276 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
23:07:15.0628 5276 MountMgr - ok
23:07:15.0689 5276 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
23:07:15.0690 5276 mpio - ok
23:07:15.0722 5276 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
23:07:15.0723 5276 mpsdrv - ok
23:07:16.0114 5276 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
23:07:16.0124 5276 MpsSvc - ok
23:07:16.0170 5276 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:07:16.0171 5276 Mraid35x - ok
23:07:16.0291 5276 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
23:07:16.0292 5276 MRxDAV - ok
23:07:16.0339 5276 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:07:16.0341 5276 mrxsmb - ok
23:07:16.0406 5276 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:07:16.0408 5276 mrxsmb10 - ok
23:07:16.0445 5276 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:07:16.0446 5276 mrxsmb20 - ok
23:07:16.0522 5276 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
23:07:16.0523 5276 msahci - ok
23:07:16.0658 5276 MSCSPTISRV (8e46a7bac823dd82d4fb2a34c3df4c1d) C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
23:07:16.0663 5276 MSCSPTISRV - ok
23:07:16.0691 5276 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
23:07:16.0692 5276 msdsm - ok
23:07:16.0738 5276 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
23:07:16.0743 5276 MSDTC - ok
23:07:16.0804 5276 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
23:07:16.0805 5276 Msfs - ok
23:07:16.0840 5276 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
23:07:16.0841 5276 msisadrv - ok
23:07:16.0879 5276 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
23:07:16.0884 5276 MSiSCSI - ok
23:07:16.0899 5276 msiserver - ok
23:07:16.0940 5276 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
23:07:16.0941 5276 MSKSSRV - ok
23:07:16.0972 5276 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
23:07:16.0973 5276 MSPCLOCK - ok
23:07:16.0991 5276 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
23:07:16.0992 5276 MSPQM - ok
23:07:17.0057 5276 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
23:07:17.0060 5276 MsRPC - ok
23:07:17.0111 5276 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
23:07:17.0112 5276 mssmbios - ok
23:07:17.0136 5276 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
23:07:17.0137 5276 MSTEE - ok
23:07:17.0161 5276 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
23:07:17.0163 5276 Mup - ok
23:07:17.0290 5276 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
23:07:17.0294 5276 N360 - ok
23:07:17.0352 5276 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
23:07:17.0358 5276 napagent - ok
23:07:17.0427 5276 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
23:07:17.0431 5276 NativeWifiP - ok
23:07:17.0636 5276 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120807.018\NAVENG.SYS
23:07:17.0639 5276 NAVENG - ok
23:07:17.0962 5276 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120807.018\NAVEX15.SYS
23:07:18.0024 5276 NAVEX15 - ok
23:07:18.0458 5276 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
23:07:18.0464 5276 NDIS - ok
23:07:18.0533 5276 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
23:07:18.0533 5276 NdisTapi - ok
23:07:18.0563 5276 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
23:07:18.0564 5276 Ndisuio - ok
23:07:18.0595 5276 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:07:18.0596 5276 NdisWan - ok
23:07:18.0628 5276 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
23:07:18.0630 5276 NDProxy - ok
23:07:18.0683 5276 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
23:07:18.0684 5276 NetBIOS - ok
23:07:18.0746 5276 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
23:07:18.0747 5276 netbt - ok
23:07:18.0771 5276 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
23:07:18.0773 5276 Netlogon - ok
23:07:18.0836 5276 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
23:07:18.0842 5276 Netman - ok
23:07:18.0908 5276 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
23:07:18.0913 5276 netprofm - ok
23:07:19.0009 5276 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:19.0014 5276 NetTcpPortSharing - ok
23:07:19.0625 5276 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
23:07:19.0643 5276 NETw4v32 - ok
23:07:19.0964 5276 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:07:19.0965 5276 nfrd960 - ok
23:07:20.0023 5276 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
23:07:20.0028 5276 NlaSvc - ok
23:07:20.0093 5276 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
23:07:20.0094 5276 Npfs - ok
23:07:20.0153 5276 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
23:07:20.0156 5276 nsi - ok
23:07:20.0180 5276 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
23:07:20.0181 5276 nsiproxy - ok
23:07:20.0542 5276 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
23:07:20.0551 5276 Ntfs - ok
23:07:20.0615 5276 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:07:20.0616 5276 ntrigdigi - ok
23:07:20.0676 5276 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
23:07:20.0677 5276 NuidFltr - ok
23:07:20.0711 5276 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
23:07:20.0712 5276 Null - ok
23:07:20.0776 5276 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
23:07:20.0779 5276 nvraid - ok
23:07:20.0816 5276 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
23:07:20.0817 5276 nvstor - ok
23:07:20.0850 5276 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
23:07:20.0853 5276 nv_agp - ok
23:07:20.0857 5276 NwlnkFlt - ok
23:07:20.0865 5276 NwlnkFwd - ok
23:07:21.0014 5276 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:07:21.0026 5276 odserv - ok
23:07:21.0111 5276 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
23:07:21.0112 5276 ohci1394 - ok
23:07:21.0188 5276 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:21.0194 5276 ose - ok
23:07:21.0376 5276 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
23:07:21.0392 5276 p2pimsvc - ok
23:07:21.0403 5276 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
23:07:21.0410 5276 p2psvc - ok
23:07:21.0507 5276 PACSPTISVR (753a8f339f231d2b857e2ccd51a6e6ca) C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
23:07:21.0511 5276 PACSPTISVR - ok
23:07:21.0593 5276 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:07:21.0596 5276 Parport - ok
23:07:21.0661 5276 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
23:07:21.0720 5276 partmgr - ok
23:07:21.0776 5276 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:07:21.0777 5276 Parvdm - ok
23:07:21.0925 5276 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
23:07:21.0929 5276 PcaSvc - ok
23:07:21.0966 5276 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
23:07:21.0970 5276 pci - ok
23:07:21.0993 5276 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
23:07:21.0994 5276 pciide - ok
23:07:22.0042 5276 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
23:07:22.0046 5276 pcmcia - ok
23:07:22.0233 5276 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:07:22.0291 5276 PEAUTH - ok
23:07:22.0534 5276 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
23:07:22.0570 5276 pla - ok
23:07:22.0879 5276 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
23:07:22.0887 5276 PlugPlay - ok
23:07:23.0053 5276 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
23:07:23.0059 5276 PNRPAutoReg - ok
23:07:23.0069 5276 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
23:07:23.0076 5276 PNRPsvc - ok
23:07:23.0170 5276 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
23:07:23.0179 5276 PolicyAgent - ok
23:07:23.0264 5276 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
23:07:23.0266 5276 PptpMiniport - ok
23:07:23.0318 5276 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
23:07:23.0320 5276 Processor - ok
23:07:23.0364 5276 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
23:07:23.0368 5276 ProfSvc - ok
23:07:23.0429 5276 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
23:07:23.0430 5276 ProtectedStorage - ok
23:07:23.0459 5276 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
23:07:23.0460 5276 PSched - ok
23:07:23.0584 5276 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
23:07:23.0586 5276 PxHelp20 - ok
23:07:23.0712 5276 QBCFMonitorService (79135c8ddc09088b92fe312330d57e2f) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
23:07:23.0714 5276 QBCFMonitorService - ok
23:07:23.0764 5276 QBFCService (92aa40e2b692e8637d45fb2d01137d17) C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
23:07:23.0768 5276 QBFCService - ok
23:07:23.0997 5276 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
23:07:24.0054 5276 ql2300 - ok
23:07:24.0107 5276 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:07:24.0111 5276 ql40xx - ok
23:07:24.0174 5276 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
23:07:24.0182 5276 QWAVE - ok
23:07:24.0227 5276 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
23:07:24.0229 5276 QWAVEdrv - ok
23:07:24.0269 5276 R5U870FLx86 (9c9d24115f13af3aea05e1343a032bb1) C:\Windows\system32\Drivers\R5U870FLx86.sys
23:07:24.0271 5276 R5U870FLx86 - ok
23:07:24.0296 5276 R5U870FUx86 (18b4c879647661de37b49c2e48d65820) C:\Windows\system32\Drivers\R5U870FUx86.sys
23:07:24.0298 5276 R5U870FUx86 - ok
23:07:24.0343 5276 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
23:07:24.0344 5276 RasAcd - ok
23:07:24.0386 5276 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
23:07:24.0391 5276 RasAuto - ok
23:07:24.0458 5276 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:07:24.0460 5276 Rasl2tp - ok
23:07:24.0568 5276 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
23:07:24.0575 5276 RasMan - ok
23:07:24.0632 5276 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
23:07:24.0634 5276 RasPppoe - ok
23:07:24.0674 5276 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
23:07:24.0677 5276 RasSstp - ok
23:07:24.0745 5276 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
23:07:24.0751 5276 rdbss - ok
23:07:24.0804 5276 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:07:24.0805 5276 RDPCDD - ok
23:07:24.0857 5276 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
23:07:24.0863 5276 rdpdr - ok
23:07:24.0869 5276 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
23:07:24.0870 5276 RDPENCDD - ok
23:07:25.0209 5276 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
23:07:25.0215 5276 RDPWD - ok
23:07:25.0244 5276 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
23:07:25.0245 5276 regi - ok
23:07:25.0282 5276 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
23:07:25.0286 5276 RemoteAccess - ok
23:07:25.0368 5276 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
23:07:25.0373 5276 RemoteRegistry - ok
23:07:25.0457 5276 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
23:07:25.0458 5276 RimUsb - ok
23:07:25.0482 5276 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
23:07:25.0485 5276 RpcLocator - ok
23:07:25.0603 5276 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
23:07:25.0609 5276 RpcSs - ok
23:07:25.0672 5276 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
23:07:25.0674 5276 rspndr - ok
23:07:25.0737 5276 RTL8169 (13e97cf38286b8a1d7605d3175db28ee) C:\Windows\system32\DRIVERS\Rtlh86.sys
23:07:25.0742 5276 RTL8169 - ok
23:07:25.0772 5276 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
23:07:25.0774 5276 SamSs - ok
23:07:25.0811 5276 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:07:25.0814 5276 sbp2port - ok
23:07:25.0872 5276 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
23:07:25.0877 5276 SCardSvr - ok
23:07:26.0028 5276 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
23:07:26.0045 5276 Schedule - ok
23:07:26.0103 5276 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
23:07:26.0104 5276 SCPolicySvc - ok
23:07:26.0155 5276 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
23:07:26.0161 5276 SDRSVC - ok
23:07:26.0207 5276 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:07:26.0208 5276 secdrv - ok
23:07:26.0242 5276 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
23:07:26.0246 5276 seclogon - ok
23:07:26.0307 5276 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
23:07:26.0311 5276 SENS - ok
23:07:26.0333 5276 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:07:26.0335 5276 Serenum - ok
23:07:26.0384 5276 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:07:26.0387 5276 Serial - ok
23:07:26.0423 5276 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
23:07:26.0425 5276 sermouse - ok
23:07:26.0492 5276 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
23:07:26.0497 5276 SessionEnv - ok
23:07:26.0545 5276 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
23:07:26.0547 5276 sffdisk - ok
23:07:26.0562 5276 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
23:07:26.0564 5276 sffp_mmc - ok
23:07:26.0586 5276 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
23:07:26.0588 5276 sffp_sd - ok
23:07:26.0636 5276 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
23:07:26.0637 5276 sfloppy - ok
23:07:26.0680 5276 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
23:07:26.0687 5276 SharedAccess - ok
23:07:26.0736 5276 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
23:07:26.0742 5276 ShellHWDetection - ok
23:07:26.0782 5276 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
23:07:26.0784 5276 sisagp - ok
23:07:26.0806 5276 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
23:07:26.0808 5276 SiSRaid2 - ok
23:07:26.0837 5276 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
23:07:26.0839 5276 SiSRaid4 - ok
23:07:27.0496 5276 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
23:07:27.0660 5276 slsvc - ok
23:07:27.0914 5276 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
23:07:27.0919 5276 SLUINotify - ok
23:07:27.0981 5276 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
23:07:27.0984 5276 Smb - ok
23:07:28.0050 5276 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
23:07:28.0051 5276 SNC - ok
23:07:28.0066 5276 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
23:07:28.0070 5276 SNMPTRAP - ok
23:07:28.0102 5276 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
23:07:28.0103 5276 spldr - ok
23:07:28.0173 5276 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
23:07:28.0177 5276 Spooler - ok
23:07:28.0304 5276 SPTISRV (e3e6c96b0ef4492c3c8fd0deef4e35a1) C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
23:07:28.0308 5276 SPTISRV - ok
23:07:28.0499 5276 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502020.003\SRTSP.SYS
23:07:28.0512 5276 SRTSP - ok
23:07:28.0535 5276 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502020.003\SRTSPX.SYS
23:07:28.0555 5276 SRTSPX - ok
23:07:28.0609 5276 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
23:07:28.0616 5276 srv - ok
23:07:28.0684 5276 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
23:07:28.0688 5276 srv2 - ok
23:07:28.0731 5276 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
23:07:28.0735 5276 srvnet - ok
23:07:28.0771 5276 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
23:07:28.0777 5276 SSDPSRV - ok
23:07:28.0861 5276 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\Windows\system32\Drivers\sskbfd.sys
23:07:28.0862 5276 SSKBFD - ok
23:07:28.0916 5276 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
23:07:28.0919 5276 SstpSvc - ok
23:07:29.0030 5276 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
23:07:29.0043 5276 stisvc - ok
23:07:29.0097 5276 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
23:07:29.0099 5276 swenum - ok
23:07:29.0231 5276 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
23:07:29.0240 5276 swprv - ok
23:07:29.0359 5276 Symantec Core LC - ok
23:07:29.0410 5276 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:07:29.0412 5276 Symc8xx - ok
23:07:29.0601 5276 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502020.003\SYMDS.SYS
23:07:29.0610 5276 SymDS - ok
23:07:30.0342 5276 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502020.003\SYMEFA.SYS
23:07:30.0516 5276 SymEFA - ok
23:07:30.0617 5276 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
23:07:30.0621 5276 SymEvent - ok
23:07:30.0654 5276 SYMFW - ok
23:07:30.0723 5276 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502020.003\Ironx86.SYS
23:07:30.0727 5276 SymIRON - ok
23:07:30.0737 5276 SYMNDISV - ok
23:07:30.0808 5276 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502020.003\SYMTDIV.SYS
23:07:30.0817 5276 SYMTDIv - ok
23:07:30.0885 5276 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:07:30.0887 5276 Sym_hi - ok
23:07:30.0922 5276 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:07:30.0923 5276 Sym_u3 - ok
23:07:31.0027 5276 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
23:07:31.0032 5276 SynTP - ok
23:07:31.0169 5276 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
23:07:31.0183 5276 SysMain - ok
23:07:31.0224 5276 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
23:07:31.0228 5276 TabletInputService - ok
23:07:31.0300 5276 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
23:07:31.0306 5276 TapiSrv - ok
23:07:31.0353 5276 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
23:07:31.0355 5276 TBS - ok
23:07:31.0888 5276 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
23:07:31.0938 5276 Tcpip - ok
23:07:31.0953 5276 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
23:07:31.0959 5276 Tcpip6 - ok
23:07:31.0988 5276 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
23:07:31.0990 5276 tcpipreg - ok
23:07:32.0026 5276 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
23:07:32.0028 5276 TcUsb - ok
23:07:32.0062 5276 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
23:07:32.0063 5276 TDPIPE - ok
23:07:32.0078 5276 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
23:07:32.0080 5276 TDTCP - ok
23:07:32.0116 5276 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
23:07:32.0119 5276 tdx - ok
23:07:32.0151 5276 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
23:07:32.0153 5276 TermDD - ok
23:07:32.0272 5276 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
23:07:32.0282 5276 TermService - ok
23:07:32.0336 5276 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
23:07:32.0344 5276 Themes - ok
23:07:32.0384 5276 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
23:07:32.0386 5276 THREADORDER - ok
23:07:32.0582 5276 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
23:07:32.0600 5276 ti21sony - ok
23:07:32.0634 5276 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
23:07:32.0638 5276 TrkWks - ok
23:07:32.0741 5276 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
23:07:32.0742 5276 TrustedInstaller - ok
23:07:32.0806 5276 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:07:32.0808 5276 tssecsrv - ok
23:07:32.0871 5276 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
23:07:32.0873 5276 tunmp - ok
23:07:32.0914 5276 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
23:07:32.0915 5276 tunnel - ok
23:07:32.0962 5276 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
23:07:32.0965 5276 uagp35 - ok
23:07:33.0046 5276 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
23:07:33.0052 5276 udfs - ok
23:07:33.0114 5276 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
23:07:33.0120 5276 UI0Detect - ok
23:07:33.0142 5276 UIUSys - ok
23:07:33.0168 5276 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
23:07:33.0171 5276 uliagpkx - ok
23:07:33.0229 5276 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
23:07:33.0236 5276 uliahci - ok
23:07:33.0284 5276 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:07:33.0288 5276 UlSata - ok
23:07:33.0318 5276 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:07:33.0321 5276 ulsata2 - ok
23:07:33.0358 5276 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
23:07:33.0360 5276 umbus - ok
23:07:33.0420 5276 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
23:07:33.0425 5276 upnphost - ok
23:07:33.0463 5276 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
23:07:33.0464 5276 USBAAPL - ok
23:07:33.0518 5276 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
23:07:33.0521 5276 usbccgp - ok
23:07:33.0598 5276 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:07:33.0600 5276 usbcir - ok
23:07:33.0675 5276 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
23:07:33.0677 5276 usbehci - ok
23:07:33.0752 5276 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
23:07:33.0757 5276 usbhub - ok
23:07:33.0787 5276 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
23:07:33.0788 5276 usbohci - ok
23:07:33.0826 5276 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
23:07:33.0827 5276 usbprint - ok
23:07:33.0867 5276 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
23:07:33.0869 5276 usbscan - ok
23:07:33.0925 5276 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:07:33.0927 5276 USBSTOR - ok
23:07:33.0973 5276 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
23:07:33.0974 5276 usbuhci - ok
23:07:34.0027 5276 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
23:07:34.0031 5276 usbvideo - ok
23:07:34.0122 5276 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
23:07:34.0125 5276 UxSms - ok
23:07:34.0308 5276 VAIO Entertainment TV Device Arbitration Service (afbcd738df9de3b6d71afc704e7f27fb) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
23:07:34.0313 5276 VAIO Entertainment TV Device Arbitration Service - ok
23:07:34.0582 5276 VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
23:07:34.0588 5276 VAIO Event Service - ok
23:07:35.0168 5276 VAIOMediaPlatform-IntegratedServer-AppServer (0a4cd617ed1f03c8b7310fc4871173a4) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
23:07:35.0259 5276 VAIOMediaPlatform-IntegratedServer-AppServer - ok
23:07:35.0429 5276 VAIOMediaPlatform-IntegratedServer-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:07:35.0440 5276 VAIOMediaPlatform-IntegratedServer-HTTP - ok
23:07:35.0613 5276 VAIOMediaPlatform-IntegratedServer-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:07:35.0684 5276 VAIOMediaPlatform-IntegratedServer-UPnP - ok
23:07:36.0069 5276 VAIOMediaPlatform-UCLS-AppServer (52d4f568fe7d05ae5026b8717eeb59eb) C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
23:07:36.0190 5276 VAIOMediaPlatform-UCLS-AppServer - ok
23:07:36.0508 5276 VAIOMediaPlatform-UCLS-HTTP (56e33aaa46cba8431e72486196afb3a1) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:07:36.0512 5276 VAIOMediaPlatform-UCLS-HTTP - ok
23:07:36.0711 5276 VAIOMediaPlatform-UCLS-UPnP (addf0e4e19bd2ff0a0b852d324fdc281) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:07:36.0720 5276 VAIOMediaPlatform-UCLS-UPnP - ok
23:07:36.0789 5276 VcmIAlzMgr (7b0ee47104cf730abfb0344592de15f3) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
23:07:36.0798 5276 VcmIAlzMgr - ok
23:07:36.0911 5276 VcmXmlIfHelper (8fd247d84d168097d7bc3e4f21f3414d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
23:07:36.0933 5276 VcmXmlIfHelper - ok
23:07:36.0937 5276 Vcsw - ok
23:07:37.0226 5276 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
23:07:37.0237 5276 vds - ok
23:07:37.0344 5276 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
23:07:37.0346 5276 vga - ok
23:07:37.0385 5276 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
23:07:37.0386 5276 VgaSave - ok
23:07:37.0418 5276 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
23:07:37.0421 5276 viaagp - ok
23:07:37.0447 5276 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
23:07:37.0449 5276 ViaC7 - ok
23:07:37.0463 5276 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
23:07:37.0464 5276 viaide - ok
23:07:37.0509 5276 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
23:07:37.0511 5276 Viewpoint Manager Service - ok
23:07:37.0589 5276 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
23:07:37.0590 5276 volmgr - ok
23:07:38.0053 5276 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
23:07:38.0067 5276 volmgrx - ok
23:07:38.0106 5276 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
23:07:38.0111 5276 volsnap - ok
23:07:38.0142 5276 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
23:07:38.0145 5276 vsmraid - ok
23:07:38.0783 5276 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
23:07:39.0016 5276 VSS - ok
23:07:39.0577 5276 VzCdbSvc (0b3244bab1fa37cf15fa7243504391a6) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
23:07:39.0591 5276 VzCdbSvc - ok
23:07:39.0777 5276 VzFw (938fbfa83148dadd7db0b1303dccfa00) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
23:07:39.0821 5276 VzFw - ok
23:07:40.0106 5276 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
23:07:40.0118 5276 W32Time - ok
23:07:40.0254 5276 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:07:40.0309 5276 WacomPen - ok
23:07:40.0483 5276 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:07:40.0485 5276 Wanarp - ok
23:07:40.0489 5276 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:07:40.0490 5276 Wanarpv6 - ok
23:07:40.0555 5276 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
23:07:40.0565 5276 wcncsvc - ok
23:07:40.0602 5276 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
23:07:40.0606 5276 WcsPlugInService - ok
23:07:40.0645 5276 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
23:07:40.0647 5276 Wd - ok
23:07:40.0744 5276 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
23:07:40.0765 5276 Wdf01000 - ok
23:07:40.0827 5276 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
23:07:40.0830 5276 WdiServiceHost - ok
23:07:40.0834 5276 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
23:07:40.0837 5276 WdiSystemHost - ok
23:07:40.0907 5276 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
23:07:40.0913 5276 WebClient - ok
23:07:40.0973 5276 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
23:07:40.0980 5276 Wecsvc - ok
23:07:41.0057 5276 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
23:07:41.0061 5276 wercplsupport - ok
23:07:41.0093 5276 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
23:07:41.0098 5276 WerSvc - ok
23:07:41.0164 5276 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
23:07:41.0167 5276 WimFltr - ok
23:07:41.0275 5276 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
23:07:41.0281 5276 winachsf - ok
23:07:41.0446 5276 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
23:07:41.0459 5276 WinDefend - ok
23:07:41.0467 5276 WinHttpAutoProxySvc - ok
23:07:41.0576 5276 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
23:07:41.0582 5276 Winmgmt - ok
23:07:41.0801 5276 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
23:07:41.0827 5276 WinRM - ok
23:07:41.0928 5276 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
23:07:41.0941 5276 Wlansvc - ok
23:07:42.0013 5276 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
23:07:42.0014 5276 WmiAcpi - ok
23:07:42.0124 5276 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
23:07:42.0129 5276 wmiApSrv - ok
23:07:42.0466 5276 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:07:42.0494 5276 WMPNetworkSvc - ok
23:07:42.0516 5276 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
23:07:42.0523 5276 WPCSvc - ok
23:07:42.0578 5276 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
23:07:42.0582 5276 WPDBusEnum - ok
23:07:42.0891 5276 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:07:42.0910 5276 WPFFontCache_v0400 - ok
23:07:42.0968 5276 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
23:07:42.0970 5276 ws2ifsl - ok
23:07:43.0003 5276 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
23:07:43.0006 5276 wscsvc - ok
23:07:43.0011 5276 WSearch - ok
23:07:43.0913 5276 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
23:07:43.0981 5276 wuauserv - ok
23:07:44.0214 5276 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:07:44.0217 5276 WUDFRd - ok
23:07:44.0258 5276 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
23:07:44.0261 5276 wudfsvc - ok
23:07:44.0294 5276 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
23:07:44.0296 5276 XAudio - ok
23:07:44.0443 5276 XAudioService (15a317674a08df26be65164d959e9203) C:\Windows\system32\DRIVERS\xaudio.exe
23:07:44.0452 5276 XAudioService - ok
23:07:44.0585 5276 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
23:07:44.0589 5276 yukonwlh - ok
23:07:44.0636 5276 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
23:07:45.0609 5276 \Device\Harddisk0\DR0 - ok
23:07:45.0613 5276 Boot (0x1200) (c9d72d7398c30e13dd7b5414116029a6) \Device\Harddisk0\DR0\Partition0
23:07:45.0616 5276 \Device\Harddisk0\DR0\Partition0 - ok
23:07:45.0616 5276 ============================================================
23:07:45.0616 5276 Scan finished
23:07:45.0616 5276 ============================================================
23:07:45.0630 3648 Detected object count: 0
23:07:45.0630 3648 Actual detected object count: 0





aswMBR Log Report:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-07 23:10:09
-----------------------------
23:10:09.420 OS Version: Windows 6.0.6002 Service Pack 2
23:10:09.420 Number of processors: 2 586 0xF0D
23:10:09.421 ComputerName: OWNER-PC UserName: owner
23:10:40.926 Initialize success
23:11:03.866 AVAST engine defs: 12080701
23:11:10.693 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:11:10.695 Disk 0 Vendor: TOSHIBA_MK2035GSS DK022A Size: 190782MB BusType: 3
23:11:10.699 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006d
23:11:10.701 Disk 1 Vendor: ( Size: 190782MB BusType: 0
23:11:10.705 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006e
23:11:10.709 Disk 2 Vendor: ( Size: 190782MB BusType: 0
23:11:10.730 Disk 0 MBR read successfully
23:11:10.733 Disk 0 MBR scan
23:11:10.739 Disk 0 Windows VISTA default MBR code
23:11:10.754 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7661 MB offset 2048
23:11:10.773 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 183119 MB offset 15693824
23:11:10.786 Disk 0 scanning sectors +390721968
23:11:10.976 Disk 0 scanning C:\Windows\system32\drivers
23:11:34.849 Service scanning
23:12:21.333 Modules scanning
23:12:53.630 Disk 0 trace - called modules:
23:12:53.654 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
23:12:53.660 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b9aac8]
23:12:53.665 3 CLASSPNP.SYS[881ac8b3] -> nt!IofCallDriver -> [0x84a09538]
23:12:53.673 5 acpi.sys[87a966bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84067030]
23:12:54.807 AVAST engine scan C:\Windows
23:13:00.378 AVAST engine scan C:\Windows\system32
23:17:25.999 AVAST engine scan C:\Windows\system32\drivers
23:17:44.641 AVAST engine scan C:\Users\owner
23:17:53.876 File: C:\Users\owner\AppData\Local\ComcastAccess\Apps\waonp.dll **INFECTED** Win32:Trojan-gen
23:25:46.413 AVAST engine scan C:\ProgramData
23:30:26.043 Scan finished successfully
23:30:59.365 Disk 0 MBR has been saved successfully to "C:\Users\owner\Documents\MBR.dat"
23:30:59.370 The log file has been saved successfully to "C:\Users\owner\Documents\aswMBR.txt"


ESET online scanner list of threats found:

C:\Users\owner\AppData\Local\ComcastAccess\Apps\waonp.dll a variant of Win32/Kryptik.AJOD trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\owner\AppData\Local\Temp\NODE78C.tmp a variant of Win32/Kryptik.AJOD trojan cleaned by deleting (after the next restart) - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:09 AM

Posted 09 August 2012 - 12:25 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Herriot123

Herriot123
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 10 August 2012 - 02:35 AM

MalwareBytes Anti-Malware Log (1st time – Full Scan):

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-PC [administrator]

Protection: Enabled

8/8/2012 11:04:44 PM
mbam-log-2012-08-08 (23-04-44).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 341283
Time elapsed: 1 day(s), 30 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Apps (Trojan.RedirRdll3.Gen) -> Data: rundll32.exe "C:\Users\owner\AppData\Local\ComcastAccess\Apps\waonp.dll",CreateInstance -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\owner\AppData\Local\Temp\NOD47ED.tmp (Trojan.Agent) -> Delete on reboot.

(end)




MalwareBytes Anti-Malware Log (2nd time – Quick Scan):

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
owner :: OWNER-PC [administrator]

Protection: Enabled

8/9/2012 11:59:41 PM
mbam-log-2012-08-09 (23-59-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193482
Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




Mini Toolbox Result:

MiniToolBox by Farbar Version: 23-07-2012
Ran by owner (administrator) on 10-08-2012 at 00:15:35
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : owner-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.wa.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-13-E8-CF-E6-EB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5988:467:bdf7:3d9a%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 09, 2012 11:45:11 PM
Lease Expires . . . . . . . . . . : Friday, August 10, 2012 11:45:16 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234886120
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-EC-A3-79-00-1A-80-3E-79-3A
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1A-80-3E-79-3A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 35:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #26
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #27
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 38:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #29
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 41:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E0955D78-6212-4AB0-A778-407AAAF58D27}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400a:801::1001
173.194.33.41
173.194.33.38
173.194.33.33
173.194.33.34
173.194.33.35
173.194.33.39
173.194.33.36
173.194.33.37
173.194.33.40
173.194.33.32
173.194.33.46


Pinging google.com [173.194.33.39] with 32 bytes of data:
Reply from 173.194.33.39: bytes=32 time=15ms TTL=55
Reply from 173.194.33.39: bytes=32 time=14ms TTL=55

Ping statistics for 173.194.33.39:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 15ms, Average = 14ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=68ms TTL=52
Reply from 209.191.122.70: bytes=32 time=68ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 68ms, Maximum = 68ms, Average = 68ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 7ms, Average = 4ms
===========================================================================
Interface List
10 ...00 13 e8 cf e6 eb ...... Intel® Wireless WiFi Link 4965AGN
9 ...00 1a 80 3e 79 3a ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
45 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
37 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #26
38 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #27
39 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #29
44 ...00 00 00 00 00 00 00 e0 isatap.{E0955D78-6212-4AB0-A778-407AAAF58D27}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.105 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.105 281
192.168.1.105 255.255.255.255 On-link 192.168.1.105 281
192.168.1.255 255.255.255.255 On-link 192.168.1.105 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.105 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.105 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::5988:467:bdf7:3d9a/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/09/2012 11:45:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:45:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/09/2012 11:44:53 PM) (Source: Application Error) (User: )
Description: Faulting application AppleSyncNotifier.exe, version 1.5.0.0, time stamp 0x4a5d2cf8, faulting module CoreFoundation.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0x27c, application start time 0xAppleSyncNotifier.exe0.

Error: (08/09/2012 11:44:03 PM) (Source: VzCdbSvc) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (08/09/2012 10:42:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 80745837


System errors:
=============
Error: (08/09/2012 11:45:23 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/09/2012 11:41:09 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/08/2012 05:46:33 PM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (08/08/2012 05:46:04 PM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (08/07/2012 11:01:54 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/07/2012 11:00:46 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:58:44 PM on 8/7/2012 was unexpected.

Error: (08/06/2012 00:12:55 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/06/2012 00:08:20 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/04/2012 01:07:20 AM) (Source: DCOM) (User: owner-PC)
Description: application-specificLocalActivation{A47979D2-C419-11D9-A5B4-001185AD2B89}owner-PCownerS-1-5-21-136375783-1063950908-3052334449-1002LocalHost (Using LRPC)

Error: (08/04/2012 01:06:59 AM) (Source: DCOM) (User: owner-PC)
Description: application-specificLocalActivation{A47979D2-C419-11D9-A5B4-001185AD2B89}owner-PCownerS-1-5-21-136375783-1063950908-3052334449-1002LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Acrobat 8 Professional - English, Français, Deutsch (Version: 8.1.5)
Adobe Acrobat 8.1.5 - CPSID_49013
Adobe Acrobat 8.1.5 Professional (Version: 8.1.5)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Reader 8.3.1 (Version: 8.3.1)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects Installer
BlackBerry App World Browser Plugin (Version: 2.0.0)
Bonjour (Version: 2.0.4.0)
Click to DVD 2.0.05 Menu Data (Version: 2.0.05)
Click to DVD 2.6.00 (Version: 2.6.00)
Comcast Access (Version: 1.48)
Comcast Access (Version: ComcastAccess-1.48)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro Photo XI (Version: 11.10.0000)
Corel Snapfire (Version: 1.10.0000)
Epson Event Manager (Version: 2.30.01)
EPSON NX510 Series Printer Uninstall
EPSON Scan
EpsonNet Print (Version: 2.4i)
EpsonNet Setup (Version: 3.1c)
ESET Online Scanner v3
Expert PDF 7 Reader (Version: 7.0.1370.0)
Facebook Plug-In
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 2.0.2 (Version: 2.0.2)
HitmanPro 3.6 (Version: 3.6.1.163)
Instant Mode (Version: 1.0.2)
iTunes (Version: 10.1.2.17)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Kamien ChartPlayer
LocationFree Player (Version: 3.02.0000)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 2.6.0.29)
Move Media Player
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Napster (Version: 3.8.0.9)
Napster Burn Engine (Version: 3.5.0000)
Norton Security Suite (Version: 5.2.2.3)
NoteWorthy Composer (Version: Demo Version 1.75c)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
QuickBooks Product Listing Service (Version: 2.0.148)
QuickBooks Simple Start Free Starter Edition (Version: )
QuickTime (Version: 7.69.80.9)
Rand McNally SGDE Search Databases (Version: 1.0.4)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5391)
Roxio Easy Media Creator Home (Version: 9.0.178)
Safari (Version: 3.525.26.13)
Setting Utility Series (Version: 3.0.00.07240)
SonicStage Mastering Studio (Version: 2.3.01)
SonicStage Mastering Studio Audio Filter (Version: 2.3.01)
SonicStage Mastering Studio Plugins (Version: 2.4)
Sony Video Shared Library (Version: 3.2.00)
SupportSoft Assisted Service (Version: 15)
Synaptics Pointing Device Driver (Version: 9.1.13.0)
Thomas Guide King, Pierce & Snohomish 2006 (Version: 6.1.36)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Azure Float Wallpaper (Version: 1.0.00.10100)
VAIO Camera Capture Utility (Version: 2.7.00.07050)
VAIO Center Access Bar (Version: 1.00.0622)
VAIO Content Folder Setting (Version: 1.0.00.07170)
VAIO Content Importer VAIO Content Exporter (Version: 1.2.00.06270)
VAIO Content Importer / VAIO Content Exporter (Version: 1.2.00.06270)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.0.02.07130)
VAIO Content Metadata Manager Setting (Version: 2.0.01.07041)
VAIO Content Metadata XML Interface Library (Version: 2.0.01.07050)
VAIO Control Center (Version: 2.1.00.07110)
VAIO Entertainment Center (Version: 2.00.0711)
VAIO Entertainment Platform (Version: 3.0.00.06280)
VAIO Event Service (Version: 3.2.00.07240)
VAIO Floral Dusk Wallpaper (Version: 1.0.00.10100)
VAIO Help And Support (Version: 3.10.0814.CRVP)
VAIO Launcher (Version: 1.0.00.07090)
VAIO Media (Version: 6.0.10)
VAIO Media 6.0 (Version: 6.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.1
VAIO Media Redistribution 6.0 (Version: 6.0.10)
VAIO Media Registration Tool (Version: 6.0.10)
VAIO Media Registration Tool 6.0 (Version: 6.0.10)
VAIO Movie Story (Version: 1.0.00.18280)
VAIO Movie Story Template Data (Version: 1.0.00.18280)
VAIO MusicBox (Version: 1.0.00.07090)
VAIO MusicBox Sample Music (Version: 1.0.00.07030)
VAIO OOBE (Version: 3.00.0730)
VAIO Original Function Setting (Version: 1.1.00.07130)
VAIO PC Wireless LAN Wizard (Version: 1.00.0716)
VAIO Power Management (Version: 2.2.00.06130)
VAIO Productivity Center (Version: 2.00.0702)
VAIO Security Center (Version: 5.00.0716)
VAIO Service Utility (Version: 1.1.1.3)
VAIO Survey (Version: 5.00.7207)
VAIO Teal Whisper Wallpaper (Version: 1.0.00.10100)
VAIO Update 3 (Version: 3.0.02.05090)
Viewpoint Media Player
WinDVD for VAIO (Version: 8.0-B8.384)
Wireless Switch Setting Utility (Version: 3.6.00.18210)

========================= Memory info: ===================================

Percentage of memory in use: 76%
Total physical RAM: 2037.69 MB
Available physical RAM: 486.54 MB
Total Pagefile: 4310.65 MB
Available Pagefile: 2661.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.46 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:178.83 GB) (Free:111.51 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator ASPNET Guest
owner


**** End of log ****




FSS Log:

Farbar Service Scanner Version: 06-08-2012
Ran by owner (administrator) on 10-08-2012 at 00:20:55
Running from "C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HZONL8S1"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-06-25 03:32] - [2008-01-19 00:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



AdwCleaner Log:

# AdwCleaner v1.800 - Logfile created 08/10/2012 at 00:23:55
# Updated 01/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : owner - OWNER-PC
# Running from : C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04VNT94W\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [2363 octets] - [10/08/2012 00:23:55]

########## EOF - C:\AdwCleaner[S1].txt - [2491 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:09 AM

Posted 10 August 2012 - 03:55 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 10 August 2012 - 03:55 AM.


#7 Herriot123

Herriot123
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:09 AM

Posted 11 August 2012 - 02:15 AM

OK, I followed your instructions above. Thank you so much for your help! You are very smart and very helpful! :)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:09 AM

Posted 11 August 2012 - 08:43 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users