Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox is acting weird


  • Please log in to reply
17 replies to this topic

#1 yass

yass

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 09 August 2012 - 03:04 AM

Hi all,
I just got my old computer up and running and installed Firefox 14. When I click on links (on google, bing, various popular news sites like cnn) rather than taking me to that link it takes me to things like:
http://traffic.outbrain.com/network/redir?key=8b3cf7acc05a97faf0a5c365c83357a5&rdid=360170822&type=SYLD_d/t2_ch&in-site=false&req_id=7127c4c525a46690939f21106b1204d7&agent=blog_JS_rec&recMode=7&reqType=1&wid=103&imgType=0&refPub=149&prs=true&scp=false

Also in Google Chrome the autoupdate feature is not working. It keeps saying "Update Server Not Available (error: 3)" so it's stuck at version 11.0.696.71

Please help

Edited by yass, 09 August 2012 - 03:06 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 09 August 2012 - 03:45 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 10 August 2012 - 01:05 PM

Hi narenxp thanks so much for reply. Please allow me 48 hours. I work 12 hour shift I have two more days. I will get this for you! THanks!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 10 August 2012 - 01:59 PM

:thumbup2:

#5 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 12 August 2012 - 09:57 AM

Hey narenxp! Just finished with work going to start these scans before sleeping. Thanks so much for waiting!

TDSS report:
07:57:16.0921 2940	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:57:17.0390 2940	============================================================
07:57:17.0390 2940	Current date / time: 2012/08/12 07:57:17.0390
07:57:17.0390 2940	SystemInfo:
07:57:17.0390 2940	
07:57:17.0390 2940	OS Version: 5.1.2600 ServicePack: 2.0
07:57:17.0390 2940	Product type: Workstation
07:57:17.0390 2940	ComputerName: E58AEB3F9A6342E
07:57:17.0390 2940	UserName: SONY VAIO
07:57:17.0390 2940	Windows directory: C:\WINDOWS
07:57:17.0390 2940	System windows directory: C:\WINDOWS
07:57:17.0390 2940	Processor architecture: Intel x86
07:57:17.0390 2940	Number of processors: 2
07:57:17.0390 2940	Page size: 0x1000
07:57:17.0390 2940	Boot type: Normal boot
07:57:17.0390 2940	============================================================
07:57:20.0218 2940	Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:57:20.0265 2940	Drive \Device\Harddisk5\DR7 - Size: 0x4A85D55E00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:57:22.0484 2940	============================================================
07:57:22.0484 2940	\Device\Harddisk0\DR0:
07:57:22.0484 2940	MBR partitions:
07:57:22.0484 2940	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xA0510E, BlocksNum 0x16A98CB3
07:57:22.0484 2940	\Device\Harddisk5\DR7:
07:57:22.0562 2940	MBR partitions:
07:57:22.0562 2940	\Device\Harddisk5\DR7\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D6C1
07:57:22.0562 2940	============================================================
07:57:22.0593 2940	C: <-> \Device\Harddisk0\DR0\Partition0
07:57:22.0640 2940	L: <-> \Device\Harddisk5\DR7\Partition0
07:57:22.0640 2940	============================================================
07:57:22.0640 2940	Initialize success
07:57:22.0640 2940	============================================================
07:57:29.0421 3548	============================================================
07:57:29.0421 3548	Scan started
07:57:29.0421 3548	Mode: Manual; 
07:57:29.0421 3548	============================================================
07:57:29.0890 3548	Abiosdsk - ok
07:57:29.0906 3548	abp480n5 - ok
07:57:29.0968 3548	ACPI            (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:57:29.0968 3548	ACPI - ok
07:57:30.0000 3548	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:57:30.0000 3548	ACPIEC - ok
07:57:30.0015 3548	adpu160m - ok
07:57:30.0062 3548	aec             (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
07:57:30.0078 3548	aec - ok
07:57:30.0140 3548	AFD             (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
07:57:30.0140 3548	AFD - ok
07:57:30.0296 3548	AgereSoftModem  (593aefc67283d409f34cc1245d00a509) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
07:57:30.0375 3548	AgereSoftModem - ok
07:57:30.0375 3548	Aha154x - ok
07:57:30.0390 3548	aic78u2 - ok
07:57:30.0390 3548	aic78xx - ok
07:57:30.0437 3548	Alerter         (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
07:57:30.0437 3548	Alerter - ok
07:57:30.0468 3548	ALG             (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
07:57:30.0468 3548	ALG - ok
07:57:30.0468 3548	AliIde - ok
07:57:30.0484 3548	amsint - ok
07:57:30.0484 3548	AppMgmt - ok
07:57:30.0500 3548	Arp1394         (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:57:30.0500 3548	Arp1394 - ok
07:57:30.0500 3548	asc - ok
07:57:30.0515 3548	asc3350p - ok
07:57:30.0515 3548	asc3550 - ok
07:57:30.0671 3548	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
07:57:30.0687 3548	aspnet_state - ok
07:57:30.0796 3548	AsyncMac        (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:57:30.0796 3548	AsyncMac - ok
07:57:30.0843 3548	atapi           (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:57:30.0843 3548	atapi - ok
07:57:30.0843 3548	Atdisk - ok
07:57:30.0921 3548	Ati HotKey Poller (af7f023aaf480d2ff3a824db0a1fa479) C:\WINDOWS\system32\Ati2evxx.exe
07:57:30.0937 3548	Ati HotKey Poller - ok
07:57:31.0031 3548	ati2mtag        (5658b0f5c6bd9d77723b93398e48f0f3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
07:57:31.0046 3548	ati2mtag - ok
07:57:31.0062 3548	Atmarpc         (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:57:31.0062 3548	Atmarpc - ok
07:57:31.0109 3548	AudioSrv        (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
07:57:31.0109 3548	AudioSrv - ok
07:57:31.0156 3548	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:57:31.0156 3548	audstub - ok
07:57:31.0265 3548	Automatic LiveUpdate Scheduler (7768ce75c5cbf0d8f441ce2bbd806b7f) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
07:57:31.0281 3548	Automatic LiveUpdate Scheduler - ok
07:57:31.0328 3548	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:57:31.0328 3548	Beep - ok
07:57:31.0406 3548	BITS            (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
07:57:31.0453 3548	BITS - ok
07:57:31.0468 3548	BlueletAudio - ok
07:57:31.0468 3548	BlueletSCOAudio - ok
07:57:31.0515 3548	Browser         (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
07:57:31.0531 3548	Browser - ok
07:57:31.0562 3548	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
07:57:31.0578 3548	BrScnUsb - ok
07:57:31.0593 3548	BrSerIf         (c121e10c64318182a6478acae1855ee0) C:\WINDOWS\system32\Drivers\BrSerIf.sys
07:57:31.0593 3548	BrSerIf - ok
07:57:31.0625 3548	BrUsbSer        (7ac85cdc03befd78908b3b6a73d201d0) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
07:57:31.0625 3548	BrUsbSer - ok
07:57:31.0625 3548	BT - ok
07:57:31.0625 3548	Btcsrusb - ok
07:57:31.0656 3548	BthEnum         (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
07:57:31.0656 3548	BthEnum - ok
07:57:31.0671 3548	BTHidEnum - ok
07:57:31.0671 3548	BTHidMgr - ok
07:57:31.0703 3548	BthPan          (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
07:57:31.0703 3548	BthPan - ok
07:57:31.0750 3548	BTHPORT         (95ef6f3f386d93ee1e4d9ca45a50252a) C:\WINDOWS\system32\Drivers\BTHport.sys
07:57:31.0765 3548	BTHPORT - ok
07:57:31.0796 3548	BthServ         (a18cc8c9b3890b1b68bed213716fef6b) C:\WINDOWS\System32\bthserv.dll
07:57:31.0812 3548	BthServ - ok
07:57:31.0828 3548	BTHUSB          (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
07:57:31.0828 3548	BTHUSB - ok
07:57:31.0843 3548	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:57:31.0859 3548	cbidf2k - ok
07:57:31.0890 3548	CCDECODE        (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:57:31.0890 3548	CCDECODE - ok
07:57:31.0890 3548	cd20xrnt - ok
07:57:31.0953 3548	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:57:31.0953 3548	Cdaudio - ok
07:57:31.0953 3548	Cdfs            (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
07:57:31.0968 3548	Cdfs - ok
07:57:32.0000 3548	Cdrom           (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:57:32.0000 3548	Cdrom - ok
07:57:32.0015 3548	Changer - ok
07:57:32.0078 3548	CiSvc           (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
07:57:32.0078 3548	CiSvc - ok
07:57:32.0093 3548	ClipSrv         (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
07:57:32.0093 3548	ClipSrv - ok
07:57:32.0218 3548	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:57:32.0312 3548	clr_optimization_v2.0.50727_32 - ok
07:57:32.0406 3548	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:57:32.0468 3548	clr_optimization_v4.0.30319_32 - ok
07:57:32.0484 3548	CmdIde - ok
07:57:32.0484 3548	COMSysApp - ok
07:57:32.0500 3548	Cpqarray - ok
07:57:32.0531 3548	CryptSvc        (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
07:57:32.0531 3548	CryptSvc - ok
07:57:32.0546 3548	dac2w2k - ok
07:57:32.0546 3548	dac960nt - ok
07:57:32.0625 3548	DcomLaunch      (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
07:57:32.0640 3548	DcomLaunch - ok
07:57:32.0687 3548	Dhcp            (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
07:57:32.0703 3548	Dhcp - ok
07:57:32.0750 3548	Disk            (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
07:57:32.0750 3548	Disk - ok
07:57:32.0765 3548	dmadmin - ok
07:57:32.0843 3548	dmboot          (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
07:57:32.0859 3548	dmboot - ok
07:57:32.0890 3548	DMICall         (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
07:57:32.0906 3548	DMICall - ok
07:57:32.0937 3548	dmio            (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
07:57:32.0953 3548	dmio - ok
07:57:32.0968 3548	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:57:32.0984 3548	dmload - ok
07:57:33.0000 3548	dmserver        (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
07:57:33.0000 3548	dmserver - ok
07:57:33.0031 3548	DMusic          (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
07:57:33.0046 3548	DMusic - ok
07:57:33.0093 3548	Dnscache        (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
07:57:33.0093 3548	Dnscache - ok
07:57:33.0093 3548	dpti2o - ok
07:57:33.0109 3548	drmkaud         (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
07:57:33.0109 3548	drmkaud - ok
07:57:33.0187 3548	dump_wmimmc - ok
07:57:33.0250 3548	E100B           (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
07:57:33.0265 3548	E100B - ok
07:57:33.0265 3548	EagleXNt - ok
07:57:33.0328 3548	ElbyCDIO        (178cc9403816c082d22a1d47fa1f9c85) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
07:57:33.0328 3548	ElbyCDIO - ok
07:57:33.0453 3548	ERSvc           (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
07:57:33.0453 3548	ERSvc - ok
07:57:33.0562 3548	Eventlog        (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
07:57:33.0562 3548	Eventlog - ok
07:57:33.0625 3548	EventSystem     (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\system32\es.dll
07:57:33.0640 3548	EventSystem - ok
07:57:33.0703 3548	Fastfat         (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
07:57:33.0718 3548	Fastfat - ok
07:57:33.0781 3548	FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
07:57:33.0796 3548	FastUserSwitchingCompatibility - ok
07:57:33.0843 3548	Fdc             (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
07:57:33.0843 3548	Fdc - ok
07:57:33.0890 3548	FilterService   (d59274041bbdbfbecd05b92c0c28b51f) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
07:57:33.0890 3548	FilterService - ok
07:57:33.0937 3548	Fips            (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
07:57:33.0937 3548	Fips - ok
07:57:34.0000 3548	FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
07:57:34.0031 3548	FLEXnet Licensing Service - ok
07:57:34.0046 3548	Flpydisk        (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
07:57:34.0046 3548	Flpydisk - ok
07:57:34.0140 3548	FltMgr          (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
07:57:34.0156 3548	FltMgr - ok
07:57:34.0328 3548	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:57:34.0343 3548	FontCache3.0.0.0 - ok
07:57:34.0390 3548	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:57:34.0390 3548	Fs_Rec - ok
07:57:34.0453 3548	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:57:34.0453 3548	Ftdisk - ok
07:57:34.0500 3548	Gpc             (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:57:34.0500 3548	Gpc - ok
07:57:34.0531 3548	GTNDIS5         (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
07:57:34.0531 3548	GTNDIS5 - ok
07:57:34.0625 3548	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
07:57:34.0625 3548	gupdate - ok
07:57:34.0625 3548	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
07:57:34.0625 3548	gupdatem - ok
07:57:34.0656 3548	hamachi         (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
07:57:34.0656 3548	hamachi - ok
07:57:34.0781 3548	Hamachi2Svc     (f31d7f8a7699575dbb3b3a3ab4aa6216) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
07:57:34.0781 3548	Hamachi2Svc - ok
07:57:34.0921 3548	HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
07:57:34.0937 3548	HdAudAddService - ok
07:57:34.0968 3548	HDAudBus        (4f11912e3b579013be7b1628791ebbcd) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:57:34.0968 3548	HDAudBus - ok
07:57:35.0031 3548	helpsvc         (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:57:35.0031 3548	helpsvc - ok
07:57:35.0093 3548	HidServ         (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS\System32\hidserv.dll
07:57:35.0093 3548	HidServ - ok
07:57:35.0140 3548	HidUsb          (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:57:35.0140 3548	HidUsb - ok
07:57:35.0140 3548	hpn - ok
07:57:35.0187 3548	HPZid412        (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:57:35.0203 3548	HPZid412 - ok
07:57:35.0203 3548	HPZipr12        (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:57:35.0203 3548	HPZipr12 - ok
07:57:35.0234 3548	HPZius12        (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:57:35.0234 3548	HPZius12 - ok
07:57:35.0265 3548	HTCAND32        (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
07:57:35.0265 3548	HTCAND32 - ok
07:57:35.0296 3548	htcnprot        (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
07:57:35.0312 3548	htcnprot - ok
07:57:35.0359 3548	HTTP            (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
07:57:35.0375 3548	HTTP - ok
07:57:35.0421 3548	HTTPFilter      (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
07:57:35.0421 3548	HTTPFilter - ok
07:57:35.0421 3548	i2omgmt - ok
07:57:35.0437 3548	i2omp - ok
07:57:35.0500 3548	i8042prt        (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:57:35.0515 3548	i8042prt - ok
07:57:35.0609 3548	ialm            (510a5e1cb84e82d4e89dff3d96752048) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
07:57:35.0687 3548	ialm - ok
07:57:35.0843 3548	IDriverT        (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
07:57:35.0843 3548	IDriverT - ok
07:57:36.0062 3548	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:57:36.0140 3548	idsvc - ok
07:57:36.0328 3548	Imapi           (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
07:57:36.0328 3548	Imapi - ok
07:57:36.0390 3548	ImapiService    (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
07:57:36.0406 3548	ImapiService - ok
07:57:36.0406 3548	ini910u - ok
07:57:36.0671 3548	IntcAzAudAddService (1ed9ac45c69e650d4f12d1114132622b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
07:57:36.0812 3548	IntcAzAudAddService - ok
07:57:36.0921 3548	IntelIde        (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
07:57:36.0921 3548	IntelIde - ok
07:57:36.0984 3548	intelppm        (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:57:36.0984 3548	intelppm - ok
07:57:37.0015 3548	Ip6Fw           (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
07:57:37.0015 3548	Ip6Fw - ok
07:57:37.0031 3548	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:57:37.0031 3548	IpFilterDriver - ok
07:57:37.0031 3548	IpInIp          (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:57:37.0031 3548	IpInIp - ok
07:57:37.0093 3548	IpNat           (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:57:37.0093 3548	IpNat - ok
07:57:37.0156 3548	iPod Service - ok
07:57:37.0218 3548	IPSec           (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:57:37.0218 3548	IPSec - ok
07:57:37.0250 3548	IRENUM          (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:57:37.0250 3548	IRENUM - ok
07:57:37.0328 3548	isapnp          (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:57:37.0328 3548	isapnp - ok
07:57:37.0484 3548	JavaQuickStarterService (a1509ba3a5fdc5366146e92b3d130eb5) C:\Program Files\Java\jre7\bin\jqs.exe
07:57:37.0484 3548	JavaQuickStarterService - ok
07:57:37.0531 3548	Kbdclass        (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:57:37.0531 3548	Kbdclass - ok
07:57:37.0578 3548	kbdhid          (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:57:37.0578 3548	kbdhid - ok
07:57:37.0640 3548	kmixer          (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
07:57:37.0656 3548	kmixer - ok
07:57:37.0703 3548	KSecDD          (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
07:57:37.0703 3548	KSecDD - ok
07:57:37.0718 3548	L8042Kbd        (ac728768de636093b4d5ae6361cfadae) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
07:57:37.0718 3548	L8042Kbd - ok
07:57:37.0781 3548	lanmanserver    (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
07:57:37.0796 3548	lanmanserver - ok
07:57:37.0843 3548	lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
07:57:37.0859 3548	lanmanworkstation - ok
07:57:37.0859 3548	lbrtfdc - ok
07:57:37.0890 3548	LHidFilt        (75415a95c589a07d6c97baa2d4143916) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
07:57:37.0890 3548	LHidFilt - ok
07:57:38.0140 3548	LiveUpdate      (fb466faa799eace5075fc1de269f0066) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
07:57:38.0265 3548	LiveUpdate - ok
07:57:38.0468 3548	LmHosts         (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
07:57:38.0468 3548	LmHosts - ok
07:57:38.0578 3548	LMIGuardianSvc  (63daf163d1617dd611bd0ab8e41a43e8) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
07:57:38.0578 3548	LMIGuardianSvc - ok
07:57:38.0656 3548	LMIInfo         (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
07:57:38.0656 3548	LMIInfo - ok
07:57:38.0687 3548	LMIMaint        (175f50f37eeaa1d4d744bcccbb7cf68c) C:\Program Files\LogMeIn\x86\RaMaint.exe
07:57:38.0687 3548	LMIMaint - ok
07:57:38.0734 3548	lmimirr         (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys
07:57:38.0734 3548	lmimirr - ok
07:57:38.0734 3548	LMIRfsClientNP - ok
07:57:38.0750 3548	LMIRfsDriver    (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
07:57:38.0750 3548	LMIRfsDriver - ok
07:57:38.0796 3548	LMouFilt        (fcb3f81ac07b8608f921134237823b88) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
07:57:38.0812 3548	LMouFilt - ok
07:57:38.0875 3548	LogMeIn         (432618fa75b61059d2c57d6a7e55147a) C:\Program Files\LogMeIn\x86\LogMeIn.exe
07:57:38.0875 3548	LogMeIn - ok
07:57:38.0906 3548	LUsbFilt        (ff1c2f90d40a2e52649937854e175987) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
07:57:38.0906 3548	LUsbFilt - ok
07:57:38.0953 3548	lvpopflt        (cbf0bf6af73a704211bbb52efacaa8a0) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
07:57:38.0968 3548	lvpopflt - ok
07:57:39.0031 3548	LVPr2Mon        (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
07:57:39.0031 3548	LVPr2Mon - ok
07:57:39.0156 3548	LVPrcSrv        (2333057542c91ae8228bdccc2e5f2632) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
07:57:39.0156 3548	LVPrcSrv - ok
07:57:39.0234 3548	LVRS            (6917b407dbec11b3a078abfc2ec2ac7c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
07:57:39.0234 3548	LVRS - ok
07:57:39.0734 3548	LVUVC           (44876e70e07e9a653bbe423dbfa35a1a) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
07:57:39.0796 3548	LVUVC - ok
07:57:39.0953 3548	LxrSII1d        (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
07:57:39.0953 3548	LxrSII1d - ok
07:57:39.0968 3548	LxrSII1s - ok
07:57:40.0000 3548	Messenger       (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
07:57:40.0000 3548	Messenger - ok
07:57:40.0031 3548	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:57:40.0031 3548	mnmdd - ok
07:57:40.0078 3548	mnmsrvc         (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\system32\mnmsrvc.exe
07:57:40.0093 3548	mnmsrvc - ok
07:57:40.0125 3548	Modem           (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
07:57:40.0125 3548	Modem - ok
07:57:40.0156 3548	MODEMCSA        (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
07:57:40.0156 3548	MODEMCSA - ok
07:57:40.0187 3548	Mouclass        (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:57:40.0187 3548	Mouclass - ok
07:57:40.0218 3548	mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:57:40.0218 3548	mouhid - ok
07:57:40.0234 3548	MountMgr        (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
07:57:40.0234 3548	MountMgr - ok
07:57:40.0375 3548	MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:57:40.0375 3548	MozillaMaintenance - ok
07:57:40.0390 3548	mraid35x - ok
07:57:40.0437 3548	MRxDAV          (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:57:40.0437 3548	MRxDAV - ok
07:57:40.0500 3548	MRxSmb          (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:57:40.0515 3548	MRxSmb - ok
07:57:40.0562 3548	MSDTC           (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\system32\msdtc.exe
07:57:40.0562 3548	MSDTC - ok
07:57:40.0609 3548	Msfs            (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
07:57:40.0609 3548	Msfs - ok
07:57:40.0609 3548	MSIServer - ok
07:57:40.0656 3548	MSKSSRV         (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:57:40.0656 3548	MSKSSRV - ok
07:57:40.0671 3548	MSPCLOCK        (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:57:40.0671 3548	MSPCLOCK - ok
07:57:40.0718 3548	MSPQM           (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
07:57:40.0718 3548	MSPQM - ok
07:57:40.0781 3548	mssmbios        (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:57:40.0781 3548	mssmbios - ok
07:57:40.0812 3548	MSTEE           (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
07:57:40.0812 3548	MSTEE - ok
07:57:40.0890 3548	Mup             (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
07:57:40.0890 3548	Mup - ok
07:57:40.0906 3548	NABTSFEC        (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:57:40.0921 3548	NABTSFEC - ok
07:57:40.0984 3548	NDIS            (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
07:57:41.0000 3548	NDIS - ok
07:57:41.0031 3548	NdisIP          (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:57:41.0031 3548	NdisIP - ok
07:57:41.0078 3548	NdisTapi        (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:57:41.0078 3548	NdisTapi - ok
07:57:41.0125 3548	Ndisuio         (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:57:41.0125 3548	Ndisuio - ok
07:57:41.0187 3548	NdisWan         (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:57:41.0203 3548	NdisWan - ok
07:57:41.0203 3548	NDProxy         (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
07:57:41.0203 3548	NDProxy - ok
07:57:41.0218 3548	NetBIOS         (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:57:41.0218 3548	NetBIOS - ok
07:57:41.0250 3548	NetBT           (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:57:41.0265 3548	NetBT - ok
07:57:41.0296 3548	NetDDE          (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
07:57:41.0312 3548	NetDDE - ok
07:57:41.0312 3548	NetDDEdsdm      (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
07:57:41.0312 3548	NetDDEdsdm - ok
07:57:41.0375 3548	Netlogon        (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
07:57:41.0375 3548	Netlogon - ok
07:57:41.0500 3548	Netman          (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
07:57:41.0515 3548	Netman - ok
07:57:41.0671 3548	NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
07:57:41.0703 3548	NetTcpPortSharing - ok
07:57:41.0734 3548	NIC1394         (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:57:41.0750 3548	NIC1394 - ok
07:57:41.0796 3548	Nla             (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
07:57:41.0828 3548	Nla - ok
07:57:41.0828 3548	Npfs            (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
07:57:41.0828 3548	Npfs - ok
07:57:41.0843 3548	npggsvc - ok
07:57:41.0875 3548	NPPTNT2         (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
07:57:41.0875 3548	NPPTNT2 - ok
07:57:41.0937 3548	Ntfs            (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
07:57:41.0953 3548	Ntfs - ok
07:57:41.0984 3548	NtLmSsp         (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
07:57:41.0984 3548	NtLmSsp - ok
07:57:42.0046 3548	NtmsSvc         (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
07:57:42.0062 3548	NtmsSvc - ok
07:57:42.0109 3548	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:57:42.0109 3548	Null - ok
07:57:42.0968 3548	nv              (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
07:57:43.0062 3548	nv - ok
07:57:43.0250 3548	NVSvc           (2e6ed9fe65a9b3ec606603ed0f33dd7d) C:\WINDOWS\system32\nvsvc32.exe
07:57:43.0265 3548	NVSvc - ok
07:57:43.0296 3548	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:57:43.0296 3548	NwlnkFlt - ok
07:57:43.0296 3548	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:57:43.0296 3548	NwlnkFwd - ok
07:57:43.0359 3548	ohci1394        (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:57:43.0359 3548	ohci1394 - ok
07:57:43.0375 3548	Parport         (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
07:57:43.0375 3548	Parport - ok
07:57:43.0390 3548	PartMgr         (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
07:57:43.0390 3548	PartMgr - ok
07:57:43.0421 3548	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:57:43.0421 3548	ParVdm - ok
07:57:43.0750 3548	PassThru Service (5fbcc9eeefaca3019d5bd5979618f298) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
07:57:43.0750 3548	PassThru Service - ok
07:57:43.0781 3548	PCI             (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
07:57:43.0781 3548	PCI - ok
07:57:43.0781 3548	PCIDump - ok
07:57:43.0796 3548	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
07:57:43.0796 3548	PCIIde - ok
07:57:43.0828 3548	Pcmcia          (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
07:57:43.0843 3548	Pcmcia - ok
07:57:43.0843 3548	PDCOMP - ok
07:57:43.0859 3548	PDFRAME - ok
07:57:43.0859 3548	PDRELI - ok
07:57:43.0875 3548	PDRFRAME - ok
07:57:43.0875 3548	perc2 - ok
07:57:43.0890 3548	perc2hib - ok
07:57:43.0984 3548	PlugPlay        (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
07:57:43.0984 3548	PlugPlay - ok
07:57:44.0031 3548	Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
07:57:44.0031 3548	Pml Driver HPZ12 - ok
07:57:44.0078 3548	PolicyAgent     (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
07:57:44.0078 3548	PolicyAgent - ok
07:57:44.0093 3548	PptpMiniport    (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:57:44.0093 3548	PptpMiniport - ok
07:57:44.0109 3548	ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
07:57:44.0109 3548	ProtectedStorage - ok
07:57:44.0125 3548	PSched          (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
07:57:44.0125 3548	PSched - ok
07:57:44.0171 3548	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:57:44.0171 3548	Ptilink - ok
07:57:44.0218 3548	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
07:57:44.0218 3548	PxHelp20 - ok
07:57:44.0234 3548	ql1080 - ok
07:57:44.0234 3548	Ql10wnt - ok
07:57:44.0250 3548	ql12160 - ok
07:57:44.0250 3548	ql1240 - ok
07:57:44.0265 3548	ql1280 - ok
07:57:44.0312 3548	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:57:44.0312 3548	RasAcd - ok
07:57:44.0343 3548	RasAuto         (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
07:57:44.0375 3548	RasAuto - ok
07:57:44.0390 3548	Rasl2tp         (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:57:44.0406 3548	Rasl2tp - ok
07:57:44.0453 3548	RasMan          (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
07:57:44.0468 3548	RasMan - ok
07:57:44.0484 3548	RasPppoe        (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:57:44.0484 3548	RasPppoe - ok
07:57:44.0484 3548	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:57:44.0484 3548	Raspti - ok
07:57:44.0562 3548	Rdbss           (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:57:44.0578 3548	Rdbss - ok
07:57:44.0625 3548	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:57:44.0625 3548	RDPCDD - ok
07:57:44.0703 3548	RDPWD           (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
07:57:44.0718 3548	RDPWD - ok
07:57:44.0765 3548	RDSessMgr       (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
07:57:44.0781 3548	RDSessMgr - ok
07:57:44.0812 3548	redbook         (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:57:44.0828 3548	redbook - ok
07:57:44.0859 3548	RemoteAccess    (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
07:57:44.0859 3548	RemoteAccess - ok
07:57:44.0890 3548	RFCOMM          (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
07:57:44.0906 3548	RFCOMM - ok
07:57:44.0937 3548	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
07:57:44.0937 3548	ROOTMODEM - ok
07:57:44.0984 3548	RpcLocator      (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\system32\locator.exe
07:57:45.0000 3548	RpcLocator - ok
07:57:45.0078 3548	RpcSs           (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\System32\rpcss.dll
07:57:45.0078 3548	RpcSs - ok
07:57:45.0140 3548	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
07:57:45.0156 3548	RSVP - ok
07:57:45.0203 3548	SamSs           (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
07:57:45.0203 3548	SamSs - ok
07:57:45.0343 3548	SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
07:57:45.0343 3548	SASDIFSV - ok
07:57:45.0390 3548	SASENUM         (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
07:57:45.0390 3548	SASENUM - ok
07:57:45.0453 3548	SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
07:57:45.0453 3548	SASKUTIL - ok
07:57:45.0468 3548	SCardSvr        (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
07:57:45.0484 3548	SCardSvr - ok
07:57:45.0562 3548	Schedule        (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
07:57:45.0578 3548	Schedule - ok
07:57:45.0625 3548	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:57:45.0625 3548	Secdrv - ok
07:57:45.0703 3548	seclogon        (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
07:57:45.0703 3548	seclogon - ok
07:57:45.0750 3548	SENS            (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
07:57:45.0765 3548	SENS - ok
07:57:45.0812 3548	Serenum         (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
07:57:45.0812 3548	Serenum - ok
07:57:45.0843 3548	Serial          (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
07:57:45.0843 3548	Serial - ok
07:57:45.0890 3548	Sfloppy         (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
07:57:45.0890 3548	Sfloppy - ok
07:57:45.0953 3548	SharedAccess    (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
07:57:45.0968 3548	SharedAccess - ok
07:57:46.0031 3548	ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
07:57:46.0031 3548	ShellHWDetection - ok
07:57:46.0031 3548	Simbad - ok
07:57:46.0093 3548	SkypeUpdate     (f07af60b152221472fbdb2fecec4896d) C:\Program Files\Skype\Updater\Updater.exe
07:57:46.0109 3548	SkypeUpdate - ok
07:57:46.0171 3548	SLIP            (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:57:46.0171 3548	SLIP - ok
07:57:46.0312 3548	SNDSrvc         (5815052b868b96cae6ce3d4c53e971eb) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
07:57:46.0328 3548	SNDSrvc - ok
07:57:46.0328 3548	Sparrow - ok
07:57:46.0390 3548	splitter        (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
07:57:46.0390 3548	splitter - ok
07:57:46.0453 3548	Spooler         (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
07:57:46.0453 3548	Spooler - ok
07:57:46.0562 3548	sptd            (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
07:57:46.0562 3548	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
07:57:46.0562 3548	sptd ( LockedFile.Multi.Generic ) - warning
07:57:46.0562 3548	sptd - detected LockedFile.Multi.Generic (1)
07:57:46.0609 3548	sr              (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
07:57:46.0609 3548	sr - ok
07:57:46.0703 3548	srservice       (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
07:57:46.0703 3548	srservice - ok
07:57:46.0781 3548	Srv             (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
07:57:46.0781 3548	Srv - ok
07:57:46.0828 3548	SSDPSRV         (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
07:57:46.0828 3548	SSDPSRV - ok
07:57:46.0890 3548	stisvc          (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
07:57:46.0953 3548	stisvc - ok
07:57:47.0015 3548	streamip        (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:57:47.0015 3548	streamip - ok
07:57:47.0062 3548	swenum          (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:57:47.0062 3548	swenum - ok
07:57:47.0125 3548	swmidi          (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
07:57:47.0125 3548	swmidi - ok
07:57:47.0140 3548	SwPrv - ok
07:57:47.0140 3548	symc810 - ok
07:57:47.0156 3548	symc8xx - ok
07:57:47.0203 3548	SYMDNS          (ee912e097aeece377574a6237aee8bf0) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
07:57:47.0203 3548	SYMDNS - ok
07:57:47.0296 3548	SymEvent        (c9b8f325b2a22cda1bda7b25181b1389) C:\Program Files\Symantec\SYMEVENT.SYS
07:57:47.0296 3548	SymEvent - ok
07:57:47.0343 3548	SYMFW           (c8054d5c05251b0878817e72e0a410f9) C:\WINDOWS\System32\Drivers\SYMFW.SYS
07:57:47.0343 3548	SYMFW - ok
07:57:47.0359 3548	SYMIDS          (e6104e41ea83bae13f305441b171162d) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
07:57:47.0359 3548	SYMIDS - ok
07:57:47.0359 3548	SYMNDIS         (9e46285fdfa4cf9c2db45da570796b55) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
07:57:47.0375 3548	SYMNDIS - ok
07:57:47.0390 3548	SYMREDRV        (ed5f0c723c496d7fe3a5008377be41a9) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
07:57:47.0406 3548	SYMREDRV - ok
07:57:47.0437 3548	SYMTDI          (6557f9879548f1d7a9a059e037820408) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
07:57:47.0437 3548	SYMTDI - ok
07:57:47.0453 3548	sym_hi - ok
07:57:47.0453 3548	sym_u3 - ok
07:57:47.0500 3548	sysaudio        (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
07:57:47.0500 3548	sysaudio - ok
07:57:47.0562 3548	SysmonLog       (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
07:57:47.0578 3548	SysmonLog - ok
07:57:47.0640 3548	TapiSrv         (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
07:57:47.0703 3548	TapiSrv - ok
07:57:47.0750 3548	Tcpip           (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:57:47.0765 3548	Tcpip - ok
07:57:47.0796 3548	TDPIPE          (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:57:47.0796 3548	TDPIPE - ok
07:57:47.0843 3548	TDTCP           (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
07:57:47.0843 3548	TDTCP - ok
07:57:47.0890 3548	TermDD          (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:57:47.0890 3548	TermDD - ok
07:57:47.0921 3548	TermService     (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
07:57:47.0937 3548	TermService - ok
07:57:48.0000 3548	Themes          (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
07:57:48.0000 3548	Themes - ok
07:57:48.0000 3548	TosIde - ok
07:57:48.0093 3548	TrkWks          (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
07:57:48.0093 3548	TrkWks - ok
07:57:48.0343 3548	tvnserver       (711561440fdc396cb6e4c69c13375a38) C:\Program Files\TightVNC\tvnserver.exe
07:57:48.0421 3548	tvnserver - ok
07:57:48.0468 3548	Udfs            (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
07:57:48.0484 3548	Udfs - ok
07:57:48.0484 3548	ultra - ok
07:57:48.0562 3548	UMWdf           (c81b8635dee0d3ef5f64b3dd643023a5) C:\WINDOWS\system32\wdfmgr.exe
07:57:48.0562 3548	UMWdf - ok
07:57:48.0640 3548	Update          (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
07:57:48.0656 3548	Update - ok
07:57:48.0734 3548	upnphost        (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
07:57:48.0750 3548	upnphost - ok
07:57:48.0765 3548	UPS             (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
07:57:48.0765 3548	UPS - ok
07:57:48.0828 3548	usbaudio        (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
07:57:48.0828 3548	usbaudio - ok
07:57:48.0906 3548	usbccgp         (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:57:48.0906 3548	usbccgp - ok
07:57:48.0968 3548	usbehci         (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:57:48.0968 3548	usbehci - ok
07:57:49.0000 3548	USBFVNETR       (32f9208f10c8ad51ca266405c0ac30d4) C:\WINDOWS\system32\DRIVERS\ma101rndxp.sys
07:57:49.0000 3548	USBFVNETR - ok
07:57:49.0031 3548	usbhub          (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:57:49.0031 3548	usbhub - ok
07:57:49.0093 3548	usbprint        (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:57:49.0093 3548	usbprint - ok
07:57:49.0109 3548	usbstor         (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:57:49.0125 3548	usbstor - ok
07:57:49.0218 3548	usbuhci         (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:57:49.0218 3548	usbuhci - ok
07:57:49.0250 3548	usbvideo        (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
07:57:49.0265 3548	usbvideo - ok
07:57:49.0281 3548	USB_RNDIS       (af090265ec388bab320f1ff7e7a7d5ea) C:\WINDOWS\system32\DRIVERS\usb8023.sys
07:57:49.0281 3548	USB_RNDIS - ok
07:57:49.0453 3548	VAIO Entertainment TV Device Arbitration Service (047eb1a2f1e591e8892dce24e9392a90) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
07:57:49.0453 3548	VAIO Entertainment TV Device Arbitration Service - ok
07:57:49.0703 3548	VAIOMediaPlatform-IntegratedServer-AppServer (9ba7faedc9d45e0d6641b87406e8ba1b) C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
07:57:49.0812 3548	VAIOMediaPlatform-IntegratedServer-AppServer - ok
07:57:49.0890 3548	VAIOMediaPlatform-IntegratedServer-HTTP (f557abec44df2969fdf9d651c4b484b4) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
07:57:49.0890 3548	VAIOMediaPlatform-IntegratedServer-HTTP - ok
07:57:49.0968 3548	VAIOMediaPlatform-IntegratedServer-UPnP (15b2da6e153cc25d1555723894af7c45) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
07:57:50.0000 3548	VAIOMediaPlatform-IntegratedServer-UPnP - ok
07:57:50.0203 3548	VAIOMediaPlatform-VideoServer-AppServer (e676a2c17581d84cf739e2785e5e760b) C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
07:57:50.0265 3548	VAIOMediaPlatform-VideoServer-AppServer - ok
07:57:50.0375 3548	VAIOMediaPlatform-VideoServer-UPnP (15b2da6e153cc25d1555723894af7c45) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
07:57:50.0375 3548	VAIOMediaPlatform-VideoServer-UPnP - ok
07:57:50.0562 3548	VClone          (1cdaa48cb2f7744b8d25650e050766a5) C:\WINDOWS\system32\DRIVERS\VClone.sys
07:57:50.0562 3548	VClone - ok
07:57:50.0578 3548	VComm - ok
07:57:50.0578 3548	VcommMgr - ok
07:57:50.0687 3548	Vcsw - ok
07:57:50.0718 3548	VgaSave         (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
07:57:50.0718 3548	VgaSave - ok
07:57:50.0718 3548	ViaIde - ok
07:57:50.0812 3548	VolSnap         (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
07:57:50.0812 3548	VolSnap - ok
07:57:50.0890 3548	VSS             (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
07:57:50.0890 3548	VSS - ok
07:57:50.0921 3548	VzCdbSvc        (15dda77e434484e6b5b4d0b60efe76ed) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
07:57:50.0937 3548	VzCdbSvc - ok
07:57:50.0953 3548	VzFw            (0e362e517afeb0669bd473315be3cde5) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
07:57:50.0968 3548	VzFw - ok
07:57:50.0984 3548	W32Time         (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
07:57:51.0000 3548	W32Time - ok
07:57:51.0187 3548	wampapache      (375640f39f2d613b6fdcf8c2f956205a) c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
07:57:51.0187 3548	wampapache - ok
07:57:51.0234 3548	wampmysqld - ok
07:57:51.0265 3548	Wanarp          (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:57:51.0265 3548	Wanarp - ok
07:57:51.0359 3548	Wdf01000        (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
07:57:51.0390 3548	Wdf01000 - ok
07:57:51.0390 3548	WDICA - ok
07:57:51.0453 3548	wdmaud          (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
07:57:51.0453 3548	wdmaud - ok
07:57:51.0515 3548	WebClient       (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
07:57:51.0515 3548	WebClient - ok
07:57:51.0625 3548	WinDefend       (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
07:57:51.0625 3548	WinDefend - ok
07:57:51.0734 3548	winmgmt         (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
07:57:51.0750 3548	winmgmt - ok
07:57:51.0843 3548	WmdmPmSN        (a477391b7a8b0a0daabadb17cf533a4b) C:\WINDOWS\system32\MsPMSNSv.dll
07:57:51.0843 3548	WmdmPmSN - ok
07:57:51.0906 3548	WmiApSrv        (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:57:51.0921 3548	WmiApSrv - ok
07:57:52.0203 3548	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:57:52.0234 3548	WPFFontCache_v0400 - ok
07:57:52.0406 3548	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:57:52.0406 3548	WS2IFSL - ok
07:57:52.0437 3548	wscsvc          (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
07:57:52.0437 3548	wscsvc - ok
07:57:52.0500 3548	WSTCODEC        (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:57:52.0500 3548	WSTCODEC - ok
07:57:52.0546 3548	wuauserv        (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
07:57:52.0562 3548	wuauserv - ok
07:57:52.0640 3548	WZCSVC          (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
07:57:52.0703 3548	WZCSVC - ok
07:57:52.0703 3548	XDva387 - ok
07:57:52.0750 3548	xmlprov         (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
07:57:52.0750 3548	xmlprov - ok
07:57:52.0828 3548	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
07:57:53.0343 3548	\Device\Harddisk0\DR0 - ok
07:57:53.0343 3548	MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR7
07:57:53.0359 3548	\Device\Harddisk5\DR7 - ok
07:57:53.0359 3548	Boot (0x1200)   (94a9dece290720ca649251d9890eaae2) \Device\Harddisk0\DR0\Partition0
07:57:53.0359 3548	\Device\Harddisk0\DR0\Partition0 - ok
07:57:53.0375 3548	Boot (0x1200)   (c46c94ffdffb1cd60435ea53e18b769a) \Device\Harddisk5\DR7\Partition0
07:57:53.0375 3548	\Device\Harddisk5\DR7\Partition0 - ok
07:57:53.0375 3548	============================================================
07:57:53.0375 3548	Scan finished
07:57:53.0375 3548	============================================================
07:57:53.0390 2464	Detected object count: 1
07:57:53.0390 2464	Actual detected object count: 1
07:58:10.0281 2464	sptd ( LockedFile.Multi.Generic ) - skipped by user
07:58:10.0281 2464	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-12 08:00:26
-----------------------------
08:00:26.390    OS Version: Windows 5.1.2600 Service Pack 2
08:00:26.390    Number of processors: 2 586 0x403
08:00:26.390    ComputerName: E58AEB3F9A6342E  UserName: SONY VAIO
08:00:27.375    Initialize success
08:04:23.937    AVAST engine defs: 12081200
08:15:35.640    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-19
08:15:35.640    Disk 0 Vendor: ST3200822AS 3.02 Size: 190782MB BusType: 3
08:15:35.656    Disk 0 MBR read successfully
08:15:35.656    Disk 0 MBR scan
08:15:35.703    Disk 0 Windows XP default MBR code
08:15:35.703    Disk 0 Partition 1 00     12  Compaq diag NTFS         5130 MB offset 63
08:15:35.734    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       185649 MB offset 10506510
08:15:35.750    Disk 0 scanning sectors +390716865
08:15:35.828    Disk 0 scanning C:\WINDOWS\system32\drivers
08:15:49.781    Service scanning
08:16:11.828    Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
08:16:19.906    Modules scanning
08:16:29.171    Disk 0 trace - called modules:
08:16:29.187    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8ab041f8]<<
08:16:29.187    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aaf9ab8]
08:16:29.187    3 CLASSPNP.SYS[b810905b] -> nt!IofCallDriver -> \Device\0000007e[0x8aa02f18]
08:16:29.187    5 ACPI.sys[b7e74620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-19[0x8a9eed98]
08:16:29.187    \Driver\atapi[0x8aa00168] -> IRP_MJ_CREATE -> 0x8ab041f8
08:16:30.093    AVAST engine scan C:\WINDOWS
08:16:54.859    AVAST engine scan C:\WINDOWS\system32
08:20:56.093    AVAST engine scan C:\WINDOWS\system32\drivers
08:21:19.296    AVAST engine scan C:\Documents and Settings\SONY VAIO
10:29:24.109    AVAST engine scan C:\Documents and Settings\All Users
10:40:27.625    Scan finished successfully
10:41:48.515    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\SONY VAIO\Desktop\MBR.dat"
10:41:48.531    The log file has been saved successfully to "C:\Documents and Settings\SONY VAIO\Desktop\aswMBR 08 12 12.txt"

eset scan results:
C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache\f_004952	a variant of Win32/InstallCore.D application	cleaned by deleting - quarantined
C:\Documents and Settings\SONY VAIO\Local Settings\temp\ICReinstall\cnet_windows_password_unlocker_standard_trial_exe.exe	a variant of Win32/InstallCore.D application	cleaned by deleting - quarantined
C:\Documents and Settings\SONY VAIO\My Documents\Downloads\cnet_windows_password_unlocker_standard_trial_exe.exe	a variant of Win32/InstallCore.D application	cleaned by deleting - quarantined
L:\ali57233_Backup\Memeo\ali57233_Backup\C_\Qoobox\Quarantine\C\WINDOWS\system32\4KxqB1Gdi.com_.vir	a variant of Win32/Kryptik.VRX trojan	cleaned by deleting - quarantined

Edited by yass, 13 August 2012 - 12:12 AM.


#6 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 16 August 2012 - 06:50 PM

Hi narexp, very sorry I know you are busy I just wanted to give a small bump. :)

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 16 August 2012 - 07:33 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#8 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 16 August 2012 - 07:34 PM

Thanks! I'll start that right away and report the results after work. :)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 16 August 2012 - 07:34 PM

:thumbup2:

#10 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 17 August 2012 - 09:25 AM

All done :)

MiniToolBox:
MiniToolBox by Farbar  Version: 23-07-2012
Ran by SONY VAIO (administrator) on 17-08-2012 at 07:11:02
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net

There are 12230 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel(R) PRO/100 VE Network Connection = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
1394 Net Adapter = 1394 Connection 2 (Connected)


# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip


# Interface IP Configuration for "Hamachi"

set address name="Hamachi" source=dhcp 
set address name="Hamachi" gateway=??z?Ÿ|?? gwmetric=
set dns name="Hamachi" source=dhcp register=NONE
set wins name="Hamachi" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : E58AEB3F9A6342E

        Primary Dns Suffix  . . . . . . . : 

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : Belkin



Ethernet adapter Hamachi:



        Connection-specific DNS Suffix  . : 

        Description . . . . . . . . . . . : Hamachi Network Interface

        Physical Address. . . . . . . . . : 7A-79-05-EE-A0-0F

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : No

        IP Address. . . . . . . . . . . . : 5.238.160.15

        Subnet Mask . . . . . . . . . . . : 255.0.0.0

        Default Gateway . . . . . . . . . : 

        DHCP Server . . . . . . . . . . . : 5.0.0.1

        Lease Obtained. . . . . . . . . . : Tuesday, August 14, 2012 6:10:14 AM

        Lease Expires . . . . . . . . . . : Wednesday, August 14, 2013 6:10:14 AM



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : Belkin

        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-20-C0-CB-69

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.2.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.2.1

        DHCP Server . . . . . . . . . . . : 192.168.2.1

        DNS Servers . . . . . . . . . . . : 192.168.2.1

        Lease Obtained. . . . . . . . . . : Tuesday, August 14, 2012 6:11:02 AM

        Lease Expires . . . . . . . . . . : Monday, January 18, 2038 8:14:07 PM

Server:  UnKnown
Address:  192.168.2.1

Name:    google.com
Addresses:  74.125.224.32, 74.125.224.35, 74.125.224.33, 74.125.224.40
	  74.125.224.37, 74.125.224.34, 74.125.224.38, 74.125.224.36, 74.125.224.39
	  74.125.224.41, 74.125.224.46



Pinging google.com [173.194.33.0] with 32 bytes of data:



Reply from 173.194.33.0: bytes=32 time=31ms TTL=54

Reply from 173.194.33.0: bytes=32 time=32ms TTL=54



Ping statistics for 173.194.33.0:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 31ms, Maximum = 32ms, Average = 31ms

Server:  UnKnown
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=31ms TTL=53

Reply from 72.30.38.140: bytes=32 time=26ms TTL=53



Ping statistics for 72.30.38.140:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 26ms, Maximum = 31ms, Average = 28ms

Server:  UnKnown
Address:  192.168.2.1

Name:    bleepingcomputer.com
Address:  208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...7a 79 05 ee a0 0f ...... Hamachi Network Interface
0x3 ...00 13 20 c0 cb 69 ...... Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.2	  20
          5.0.0.0        255.0.0.0     5.238.160.15    5.238.160.15	  20
     5.238.160.15  255.255.255.255        127.0.0.1       127.0.0.1	  20
    5.255.255.255  255.255.255.255     5.238.160.15    5.238.160.15	  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
      192.168.2.0    255.255.255.0      192.168.2.2     192.168.2.2	  20
      192.168.2.2  255.255.255.255        127.0.0.1       127.0.0.1	  20
    192.168.2.255  255.255.255.255      192.168.2.2     192.168.2.2	  20
        224.0.0.0        240.0.0.0     5.238.160.15    5.238.160.15	  20
        224.0.0.0        240.0.0.0      192.168.2.2     192.168.2.2	  20
  255.255.255.255  255.255.255.255     5.238.160.15    5.238.160.15	  1
  255.255.255.255  255.255.255.255      192.168.2.2     192.168.2.2	  1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\wshbth.dll [108032] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2012 09:54:28 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> Unable to open logs     .

Error: (08/14/2012 09:54:28 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> no listening sockets available, shutting down     .

Error: (08/14/2012 09:54:28 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80     .

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> Unable to open logs     .

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> no listening sockets available, shutting down     .

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80     .

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> Unable to open logs     .

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> no listening sockets available, shutting down     .

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> (OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80     .

Error: (08/14/2012 09:41:49 AM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> Unable to open logs     .


System errors:
=============
Error: (08/16/2012 07:24:30 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (08/14/2012 07:24:28 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (08/14/2012 09:54:28 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 09:54:14 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 09:44:03 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 09:41:49 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 09:41:41 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 09:41:12 AM) (Source: Service Control Manager) (User: )
Description: The wampapache service terminated with service-specific error 1 (0x1).

Error: (08/14/2012 06:10:52 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 001320C0CB69 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (08/14/2012 06:01:15 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 001320C0CB69 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (08/14/2012 09:54:28 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>Unable to open logs

Error: (08/14/2012 09:54:28 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>no listening sockets available, shutting down

Error: (08/14/2012 09:54:28 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>(OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>Unable to open logs

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>no listening sockets available, shutting down

Error: (08/14/2012 09:54:14 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>(OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>Unable to open logs

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>no listening sockets available, shutting down

Error: (08/14/2012 09:44:03 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>(OS 10048)Only one usage of each socket address (protocol/network address/port) is normally permitted.  : make_sock: could not bind to address 0.0.0.0:80

Error: (08/14/2012 09:41:49 AM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>Unable to open logs


=========================== Installed Programs ============================

Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (Version: 9.0.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Flash Player ActiveX (Version: 9.0.45.0)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Agere Systems PCI Soft Modem
Android SDK Tools (Version: 0.7)
Apple Application Support (Version: 1.1.0)
Apple Software Update (Version: 2.1.1.116)
Art Explosion Publisher Pro 2.0 (Version: 2.0.0.13)
ATI - Software Uninstall Utility (Version: 6.14.10.1010)
ATI Control Panel (Version: 6.14.10.5125)
ATI Display Driver (Version: 8.06-040909a-018341C-Sony)
CameraHelperMsi (Version: 13.00.1774.0)
Camtasia Studio 6 (Version: 6.0.2)
Cheat Engine 5.6.1
Click to DVD 2.0.02 Menu Data (Version: 2.0.02)
Click to DVD 2.2.10 (Version: 2.2.10)
Cobian Backup 9
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.9)
DVgate Plus
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 11.0.696.71)
Google Chrome Frame (Version: 21.0.1180.79)
Google Talk Plugin (Version: 2.0.7.0)
Google Update Helper (Version: 1.3.21.115)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HostsMan 3.2.73 (Version: 3.2.73)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.005)
HTC Sync (Version: 3.0.5511)
Inno Setup version 5.4.0 (Version: 5.4.0)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Adapters and Drivers
InterVideo WinDVD 5 for VAIO (Version: 5.0-B11.270)
InterVideo WinDVDX
ISScript (Version: 3.00.185)
Java Auto Updater (Version: 2.1.5.1)
Java(TM) 6 Update 21 (Version: 6.0.210)
Java(TM) 7 (Version: 7.0.0)
Java(TM) SE Development Kit 7 (Version: 1.7.0.0)
LiveUpdate 3.0 (Symantec Corporation) (Version: 3.0.0.171)
Lizardtech DjVu Control
Logitech Webcam Software (Version: 2.0)
LogMeIn Hamachi (Version: 2.1.0.210)
LWS Facebook (Version: 13.01.1018.0)
LWS Gallery (Version: 13.01.1018.0)
LWS Help_main (Version: 13.01.1025.0)
LWS Launcher (Version: 13.01.1024.0)
LWS Motion Detection (Version: 13.01.1018.0)
LWS Pictures And Video (Version: 13.01.1018.0)
LWS Video Mask Maker (Version: 13.00.1774.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.00.1774.0)
LWS YouTube Plugin (Version: 13.01.1022.0)
MA101 USB Adapter Configuration Utility
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MapleStory
Memory Stick Formatter
Metal Fatigue Uninstall
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage (Version: 10.0.2627.01)
Microsoft Script Debugger
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft Web Publishing Wizard 1.53
mIRC (Version: 7.15)
MoodLogic
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Nero - Burning Rom (Version: 5.5.9)
Nero 8 Lite (Version: 8.3.13.0)
Nexon Game Manager
Notepad++ (Version: 5.8.2)
NVIDIA Control Panel 280.26 (Version: 280.26)
NVIDIA Graphics Driver 280.26 (Version: 280.26)
NVIDIA Install Application (Version: 2.1000.25.170)
NVIDIA nView 135.94 (Version: 135.94)
NVIDIA nView Desktop Manager (Version: 6.14.10.13594)
ooVoo (Version: 3.0.4039)
OpenMG Limited Patch 4.0-04-08-02-01
OpenMG Secure Module 4.0.00 (Version: 4.0.00.06170)
Pando Media Booster (Version: 2.3.6.0)
PictureGear Studio 2.0
Plants vs. Zombies
ProjectSixPap
PyRuntimeUninstall
Python 2.5 PIL-1.1.7
Python 2.5 py2exe-0.6.9
Python 2.5 pywin32-214
Python 2.5 setuptools-0.6c9
Python 2.5.4 (Version: 2.5.4150)
QuickTime (Version: 7.65.17.80)
Realtek High Definition Audio Driver
Revo Uninstaller 1.88 (Version: 1.88)
SequoiaView
Sideload Wonder Machine (Version: 1.2)
Skype™ 5.10 (Version: 5.10.116)
Sonic RecordNow! (Version: 7.3)
SonicStage 2.1.02
SonicStage Mastering Studio Audio Filter Custom Preset
Sony Certificate PCH
Sony Video Shared Library (Version: 2.0)
Sothink SWF Decompiler (Version: 4.5)
Spotify (Version: 0.6.2)
SpywareBlaster 4.3 (Version: 4.3.0)
StrokeIt
SUPERAntiSpyware Free Edition (Version: 4.32.0.1000)
SupportSoft Assisted Service (Version: 15)
Symantec Network Drivers Update (Version: 5.5.6.604)
TightVNC 2.0.2 (Version: 2.0.2)
TortoiseSVN 1.6.2.16344 (32 bit) (Version: 1.6.16344)
Uninstall Gormball
Uninstall Neocodex AutoAdopter
Uninstall Shape Shifter
Uninstall SnowWars
Uninstall Tarla
Unity Web Player (Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB894391) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB929338) (Version: 1)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VAIO Control Center
VAIO Entertainment Platform (Version: 1.2.01.10250)
VAIO Help and Support (Version: 11.00)
VAIO Media 3.1
VAIO Media Integrated Server 3.1
VAIO Media Redistribution 3.1
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Structure Wallpaper
VAIO Survey Standalone (Version: 3.02)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VirtualCloneDrive
VLC media player 2.0.3 (Version: 2.0.3)
VuePrint
WampServer 2.2
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.0)
Windows Driver Package - eMPIA Technology (DCamUSBET) Image  (09/11/2007 2.7.0911.0) (Version: 09/11/2007 2.7.0911.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA  (04/27/2007 5.7.0427.0) (Version: 04/27/2007 5.7.0427.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707 (Version: 20040929.110854)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB884018 (Version: 20040812.132033)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885884 (Version: 20040924.025457)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
WinRAR archiver
WinSCP 4.2.7 (Version: 4.2.7)
wxDesigner version 2.20a
wxPython 2.9.1.1 for Python 2.5 (Version: 2.9.1.1)
Xvid 1.2.2 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 2038.73 MB
Available physical RAM: 1474.26 MB
Total Pagefile: 3409.39 MB
Available Pagefile: 2732.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.71 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:181.3 GB) (Free:58.87 GB) NTFS
10 Drive l: (FreeAgent GoFlex Drive) (Fixed) (Total:298.09 GB) (Free:94.41 GB) NTFS

========================= Users: ========================================

User accounts for \\E58AEB3F9A6342E

Administrator            ASPNET                   Guest                    
HelpAssistant            LogMeInRemoteUser        SONY VAIO                
SUPPORT_388945a0         


**** End of log ****



FSS:
Farbar Service Scanner Version: 06-08-2012
Ran by SONY VAIO (administrator) on 17-08-2012 at 07:16:58
Running from "C:\Documents and Settings\SONY VAIO\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2004-11-15 13:29] - [2006-05-19 05:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2004-11-15 13:29] - [2008-08-14 02:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-11-15 13:30] - [2004-08-04 05:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-11-15 13:30] - [2008-06-20 03:45] - 0360320 ____N (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-11-15 13:29] - [2004-08-04 05:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-11-15 13:29] - [2008-02-19 22:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\svchost.exe
[2004-11-15 13:30] - [2004-08-04 05:00] - 0014336 ____N (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-11-15 13:30] - [2009-02-09 03:20] - 0399360 ____N (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2004-11-15 13:30] - [2009-02-06 10:14] - 0110592 ____N (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) RFCOMM(9) SYMTDI(8) Tcpip(3) 
0x0A0000000400000001000000020000000300000008000000050000000600000007000000090000000A000000
IpSec Tag value is correct.

**** End of log ****

MBAM found this stuff but its all no infected im sure so i didnt remove the stuff:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.17.01

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 7.0.5730.11
SONY VAIO :: E58AEB3F9A6342E [administrator]

8/16/2012 5:35:29 PM
mbam-log-2012-08-17 (07-09-08).txt

Scan type: Full scan (C:\|L:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 637329
Time elapsed: 5 hour(s), 34 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Documents and Settings\SONY VAIO\Desktop\VBJSON\VBJSON.exe (Spyware.Passwords) -> No action taken.
L:\ali57233_Backup\Memeo\ali57233_Backup\C_\Documents and Settings\ali57233\Desktop\JDSU Resource Updater\VBJSON\VBJSON.exe (Spyware.Passwords) -> No action taken.
L:\ali57233_Backup\Memeo\ali57233_Backup\C_\Documents and Settings\ali57233\My Documents\JSON VB6\VBJSON.exe (Spyware.Passwords) -> No action taken.
L:\Downloads\Adobe CS6 All Products Activator (x32 & x64)\Adobe CS6 All Products Activator (x32 & x64)\adobe.cs6.all.products.activator.(x32.y.x64)_up01-MPT.exe (PUP.Hacktool.Patcher) -> No action taken.
L:\Replay Media Catcher\keygen\kg.exe (Packer.ModifiedUPX) -> No action taken.

(end)

AdWare cleaner: (it also said i should install the anti pup stuff by clicking on the '?' should i do that?)
# AdwCleaner v1.801 - Logfile created 08/17/2012 at 07:17:22
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : SONY VAIO - E58AEB3F9A6342E
# Boot Mode : Normal
# Running from : C:\Documents and Settings\SONY VAIO\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\SONYVA~1\LOCALS~1\Temp\boost_interprocess

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.5730.11

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default 
File : C:\Documents and Settings\SONY VAIO\Application Data\Mozilla\Firefox\Profiles\vr10qb8s.default\prefs.js

[OK] File is clean.

Profile name : default 
File : C:\Documents and Settings\Jehan\Application Data\Mozilla\Firefox\Profiles\nvzz09yc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v11.0.696.71

File : C:\Documents and Settings\SONY VAIO\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted :          "path": "C:\\Documents and Settings\\SONY VAIO\\Local Settings\\Application Data\\Unity\\We[...]

*************************

AdwCleaner[S1].txt - [1298 octets] - [17/08/2012 07:17:22]

########## EOF - C:\AdwCleaner[S1].txt - [1426 octets] ##########


#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 17 August 2012 - 09:28 AM

Do you still have redirects?

#12 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 17 August 2012 - 09:31 AM

Wow sooo fast reply! Thanks!
Uhm i dont know let me test! :)

Yes defeinitely still there. If you search bing for "banna republic heathered" and click on the first image of that guy in blue shirt for 29$ it takes me to:
http://clickserve.dartsearch.net/link/click?lid=43700003333775605&ds_s_kwgid=58700000025965959&ds_url_v=2
I get a problem loading page though.

Chrome auto update is still showing same error. So i think thats still a problem is still there. :(

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 17 August 2012 - 09:34 AM

Uninstall firefox

Makesure to Remove my personal data option

Reinstall firefox

Reinstall google chrome and see if auto update feature works

#14 yass

yass
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 17 August 2012 - 09:35 AM

Aw dang are you sure I have to do that? :(
I can try for chrome but on firefox i have a looooot of personal data i dont want to lose :(

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 PM

Posted 17 August 2012 - 09:37 AM

Ok fine,we need a deeper look then

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users