Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Time Warner Cable - Norton ... scam, virus or real problem?


  • Please log in to reply
56 replies to this topic

#1 FluffyPup

FluffyPup

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 04:29 PM

One of my computers locked up with a message beeping and flashing at me.

 

The back ground was Norton Security.  The front popup window said something like:

 

"Time warner Cable blocked my internet connection.  They received a report of unwanted Internet activity being transmitted from a machine connected to my cable modem ...... blah, blah

Immediately call .... some 800 number."

 

This sounds a lot like the "Hello this is Microsoft support calling to help you" type of phone call scam.

 

Currently, I am using my Windows 7 computer, connected to the same router and internet connection as the problem machine.  It seems to be fine.  Of course, the problem computer seems okay also.

 

Has anyone seen this?

Is it real?

So what do I do now?

 

Thanks for your help!

FP



BC AdBot (Login to Remove)

 


m

#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,463 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:32 AM

Posted 22 April 2015 - 06:25 PM

Can you post a copy of that message?

What's the full 800 number?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 08:53 PM

Hi Broni,

 

The computer was beeping and screeching loudly.  The computer would not respond to anything.

 

The only thing I could get to respond was launching Task Manager and shutting it down.

 

I didn't think to write the number down. 

 

From your response, I am guessing no one has seen this before?


Edited by FluffyPup, 22 April 2015 - 08:54 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,463 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:32 AM

Posted 22 April 2015 - 08:57 PM

Is the computer back to normal now?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 09:05 PM

After I stopped whatever it was with Task Manager, it seems fine.  It seemed fine before the incident.

 

I really expected to get an immediate response warning that this is a similar scam to the people who call

claiming to be from Microsoft support who get you to log into a website that downloads malware to your machine.

 

I updated Malwarebytes and ran it.  It found nothing.

I am running Avast, it hasn't stopped anything.

 

Any ideas?


Edited by FluffyPup, 22 April 2015 - 09:10 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,463 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:32 AM

Posted 22 April 2015 - 09:13 PM

It's hard to say if it was real since we don't have any details.

I found similar message here: http://forums.anandtech.com/showthread.php?t=2318231

 

Let's run some checks...

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 09:24 PM

I will follow your instructions.

 

FYI I am on chat with Time Warner Cable Security guy.  Not from them.  This is malware.

It was very sophisticated message. 



#8 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 10:18 PM

I was able to access this thread from the problem computer.  I was able to download and run Security Check and Farbar.

When I tried to post the logs, it did nothing.

I then tried to download minitoolbox and Avast blocked it saying it was Win32:Evo-gen.

Then this website went to

"Sorry, you don't have permission for that!"

The secure key, used to verify you are posting the topic, did not match the one submitted.  Please go back, reload the form and try again."

 

I can not log into BleepingComputer from that computer now.

 

So, now what?

Security check Log:

 

 Results of screen317's Security Check version 1.00 
 Windows Vista Service Pack 2 x86 (UAC is disabled!) 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 2.0.3.1025 
 CCleaner    
 Java 8 Update 45 
 Java version 32-bit out of Date!
 Adobe Reader XI 
 Mozilla Firefox (37.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````

 

FarBar:

 

Farbar Service Scanner Version: 17-01-2015
Ran by FluffyPup (administrator) on 22-04-2015 at 19:48:33
Running from "C:\Users\FluffyPup\Desktop"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

 



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,463 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:32 AM

Posted 22 April 2015 - 10:21 PM

Disable Avast momntarily and try again.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 10:51 PM

Still would not download, just a spinning circle.

Tried to download on my other computer, wouldn't download there either.

I do have a old version from some previous issue.

That runs, will this work.

 

This is the third time I have tried to post this.  Will not post, locks up, get error message and I am on my other computer.  This is very odd.

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by FluffyPup (administrator) on 22-04-2015 at 20:34:47
Running from "C:\Users\FluffyPup\Desktop"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

 

127.0.0.1       localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller = NightHawk HardLine (Connected)
Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Media disconnected)
Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ActiveTrader
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
   Physical Address. . . . . . . . . : 00-13-E8-8D-2F-C1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-1A-80-D4-4E-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter NightHawk HardLine:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-13-A9-6F-98-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8827:aa11:f6a7:ceeb%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, April 22, 2015 1:26:14 PM
   Lease Expires . . . . . . . . . . : Thursday, April 23, 2015 1:26:13 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 251663273
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-18-93-5B-00-13-A9-6F-98-32
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{55F20DBC-FF91-43B1-A4F3-CD7EF9AF9F9F}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:cdd:3be8:3f57:fefc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cdd:3be8:3f57:fefc%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0E22A71E-2C31-48E7-9177-A219205FAB6B}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0832E78F-3868-491C-8FDE-84AAD380D6E8}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4007:808::200e
   216.58.217.206

 

Pinging google.com [216.58.217.206] with 32 bytes of data:

Reply from 216.58.217.206: bytes=32 time=12ms TTL=51

Reply from 216.58.217.206: bytes=32 time=13ms TTL=51

 

Ping statistics for 216.58.217.206:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 12ms, Maximum = 13ms, Average = 12ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=51ms TTL=47

Reply from 206.190.36.45: bytes=32 time=41ms TTL=47

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 41ms, Maximum = 51ms, Average = 46ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 13 e8 8d 2f c1 ...... Intel® Wireless WiFi Link 4965AGN
 11 ...00 1a 80 d4 4e 60 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
 10 ...00 13 a9 6f 98 32 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
  1 ........................... Software Loopback Interface 1
 16 ...00 00 00 00 00 00 00 e0  isatap.{55F20DBC-FF91-43B1-A4F3-CD7EF9AF9F9F}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 14 ...00 00 00 00 00 00 00 e0  isatap.{0E22A71E-2C31-48E7-9177-A219205FAB6B}
 17 ...00 00 00 00 00 00 00 e0  isatap.{0832E78F-3868-491C-8FDE-84AAD380D6E8}
 15 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    266
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    266
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:90d7:cdd:3be8:3f57:fefc/128
                                    On-link
 10    266 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::cdd:3be8:3f57:fefc/128
                                    On-link
 10    266 fe80::8827:aa11:f6a7:ceeb/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

=========================== Installed Programs ============================

Adobe Reader XI (11.0.08) (Version: 11.0.08)
Adobe Shockwave Player 12.1 (Version: 12.1.3.153)
Alps Pointing-device for VAIO
Apple Application Support (32-bit) (Version: 3.1.2)
Apple Mobile Device Support (Version: 8.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Avast Free Antivirus (Version: 10.2.2215)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.19)
Click to DVD 2.0.05 Menu Data (Version: 2.0.05)
Click to DVD 2.6.00 (Version: 2.6.00)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.18)
ESET Online Scanner v3
f.lux
Glary Utilities 5.23 (Version: 5.23.0.42)
Grouper Screen Saver 1.0 (Version: 1.0)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Intel Processor Diagnostic Tool (Version: 2.8.0.0)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® Processor ID Utility (Version: 4.75.0000)
Intel® PROSet/Wireless WiFi Software (Version: 14.03.0000)
Intel® TV Wizard
Intel® Driver Update Utility (Version: 2.0.0.29)
iTunes (Version: 12.1.1.4)
Java 8 Update 45 (Version: 8.0.450)
K-Lite Codec Pack 10.4.6 Full (Version: 10.4.6)
LAN Setting Utility (Version: 1.1.00.11010)
Malwarebytes Anti-Malware version 2.0.3.1025 (Version: 2.0.3.1025)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.30514.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 37.0.1 (x86 en-US) (Version: 37.0.1)
Mozilla Maintenance Service (Version: 35.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Drivers
Recuva (Version: 1.50)
Revo Uninstaller 1.95 (Version: 1.95)
Segoe UI (Version: 15.4.2271.0615)
Setting Utility Series (Version: 2.1.00.16040)
SigmaTel Audio (Version: 5.10.5102.0)
SmartWi Connection Utility (Version: 4.1.0)
Sony Utilities DLL (Version: 7.1.00.16050)
Speccy (Version: 1.25)
System Requirements Lab for Intel (Version: 4.5.15.0)
Trade Floor Chat Application - 1  (Version: 1.0.1.60)
Tweaking.com - Windows Repair (All in One) (Version: 2.10.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VAIO Camera Capture Utility (Version: 2.3.00.15160)
VAIO Camera Utility (Version: 2.0.01.02070)
VAIO Care (Version: 6.3.0.09020)
VAIO Event Service (Version: 3.1.00.16230)
VAIO HDD Protection (Version: 2.1.00.15140)
VAIO Power Management (Version: 2.1.00.18080)
VAIO Update (Version: 7.0.1.02280)
VU5x86 (Version: 1.1.0)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® 82915G/GV/910GL Express Chipset Family (Microsoft Corporation - XDDM)
Description: Intel® 82915G/GV/910GL Express Chipset Family (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82865G Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82865G Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82945G Express Chipset Family
Description: Intel® 82945G Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Adaptec AIC-7870 PCI SCSI Controller (Emulated)
Description: Adaptec AIC-7870 PCI SCSI Controller (Emulated)
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Adaptec
Service: aic78xx
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: AMD-8151 HyperTransport™ AGP3.0 Graphics Tunnel
Description: AMD-8151 HyperTransport™ AGP3.0 Graphics Tunnel
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: pci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

========================= Memory info: ===================================

Percentage of memory in use: 54%
Total physical RAM: 3069.38 MB
Available physical RAM: 1388.61 MB
Total Pagefile: 6355.74 MB
Available Pagefile: 4873.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.13 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:186.31 GB) (Free:25.76 GB) NTFS
4 Drive f: () (Removable) (Total:0.47 GB) (Free:0.32 GB) FAT

========================= Users: ========================================

User accounts for \\ACTIVETRADER

Administrator            FluffyPup                Guest                   

========================= Restore Points ==================================

19-04-2015 20:11:48 Windows Update
19-04-2015 20:12:21 Windows Update
19-04-2015 20:25:04 Restore Point before Corrupt Patch Registry keys
19-04-2015 20:25:24 Restore Point before Microsoft Visual C++ 2005 Redistributable was removed using Program Install and Uninstall troubleshooter
19-04-2015 20:25:45  Microsoft Visual C++ 2005 Redistributable
19-04-2015 20:58:37 Windows Update
19-04-2015 20:59:19 Windows Update
19-04-2015 21:04:00  Microsoft .NET Framework 3.5 SP1
19-04-2015 21:06:09 Windows Update
20-04-2015 00:07:20 Windows Update
20-04-2015 00:17:02 Windows Update
20-04-2015 02:26:05 Windows Update
20-04-2015 02:26:44 Windows Update
20-04-2015 02:43:12 Restore Point before Microsoft Silverlight was removed using Program Install and Uninstall troubleshooter
20-04-2015 02:43:24  Microsoft Silverlight
20-04-2015 02:53:25 Windows Update
20-04-2015 03:10:09 Windows Update
20-04-2015 18:57:07 Scheduled Checkpoint
20-04-2015 20:33:03 Windows Update
21-04-2015 16:12:59 Scheduled Checkpoint
22-04-2015 03:29:25 Windows Update
22-04-2015 04:24:05 Windows Update
22-04-2015 04:25:07 Windows Update
22-04-2015 17:26:06 Restore Point before Windows Live Family Safety was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:36:14 Restore Point before Windows Live Mesh was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:39:48 Restore Point before Windows Live Writer was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:41:00 Restore Point before Windows Live Writer was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:42:51 Restore Point before Windows Live Movie Maker was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:44:31 Restore Point before Windows Live Photo Common was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:45:48 Restore Point before Windows Live Photo Gallery was removed using Program Install and Uninstall troubleshooter
22-04-2015 19:50:13 Windows Update

**** End of log ****



#11 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 22 April 2015 - 11:01 PM

Feels like the third Friday this week.  I'm running Malwardbytes now.  I will post the results in the morning.

 

Thanks for all your help!

FP



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,463 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:32 AM

Posted 22 April 2015 - 11:16 PM

FSS log is incomplete.

You need to re-run it.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 23 April 2015 - 11:55 AM

New FSS log:

Farbar Service Scanner Version: 17-01-2015
Ran by FluffyPup (administrator) on 23-04-2015 at 09:49:41
Running from "C:\Users\FluffyPup\Desktop"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****

 

 

 

 

MiniToolBox downloaded this morning.  Here is the log:

 

MiniToolBox by Farbar  Version: 14-04-2015
Ran by FluffyPup (administrator) on 23-04-2015 at 09:52:14
Running from "C:\Users\FluffyPup\Downloads"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Model: VGN-SZ691N Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================




127.0.0.1       localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller = NightHawk HardLine (Connected)
Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Media disconnected)
Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : ActiveTrader
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
   Physical Address. . . . . . . . . : 00-13-E8-8D-2F-C1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-1A-80-D4-4E-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter NightHawk HardLine:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-13-A9-6F-98-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8827:aa11:f6a7:ceeb%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, April 23, 2015 7:46:56 AM
   Lease Expires . . . . . . . . . . : Friday, April 24, 2015 7:46:56 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 251663273
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-18-93-5B-00-13-A9-6F-98-32
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{55F20DBC-FF91-43B1-A4F3-CD7EF9AF9F9F}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3439:2ff8:3f57:fefc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3439:2ff8:3f57:fefc%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0E22A71E-2C31-48E7-9177-A219205FAB6B}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0832E78F-3868-491C-8FDE-84AAD380D6E8}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4005:803::200e
      216.58.217.206



Pinging google.com [216.58.217.206] with 32 bytes of data:

Reply from 216.58.217.206: bytes=32 time=12ms TTL=51

Reply from 216.58.217.206: bytes=32 time=12ms TTL=51



Ping statistics for 216.58.217.206:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 12ms, Maximum = 12ms, Average = 12ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=41ms TTL=47

Reply from 206.190.36.45: bytes=32 time=42ms TTL=47



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 41ms, Maximum = 42ms, Average = 41ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 13 e8 8d 2f c1 ...... Intel® Wireless WiFi Link 4965AGN
 11 ...00 1a 80 d4 4e 60 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller
 10 ...00 13 a9 6f 98 32 ...... Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
  1 ........................... Software Loopback Interface 1
 16 ...00 00 00 00 00 00 00 e0  isatap.{55F20DBC-FF91-43B1-A4F3-CD7EF9AF9F9F}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 14 ...00 00 00 00 00 00 00 e0  isatap.{0E22A71E-2C31-48E7-9177-A219205FAB6B}
 17 ...00 00 00 00 00 00 00 e0  isatap.{0832E78F-3868-491C-8FDE-84AAD380D6E8}
 15 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    266
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    266
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:90d7:3439:2ff8:3f57:fefc/128
                                    On-link
 10    266 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::3439:2ff8:3f57:fefc/128
                                    On-link
 10    266 fe80::8827:aa11:f6a7:ceeb/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/22/2015 01:12:21 PM) (Source: Application Error) (User: )
Description: Faulting application helppane.exe, version 6.0.6001.18000, time stamp 0x4791945e, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8cc5a, exception code 0x40000015, fault offset 0x00052fd3,
process id 0x7b8, application start time 0xhelppane.exe0.

Error: (04/22/2015 01:12:10 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 01:00:21 PM) (Source: Application Error) (User: )
Description: Faulting application helppane.exe, version 6.0.6001.18000, time stamp 0x4791945e, faulting module msvcrt.dll, version 7.0.6002.18551, time stamp 0x4ee8cc5a, exception code 0x40000015, fault offset 0x00052fd3,
process id 0x5cc, application start time 0xhelppane.exe0.

Error: (04/22/2015 00:59:53 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 00:55:05 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 00:11:47 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Descripton = Revo Uninstaller's restore point - Intel® Graphics Media Accelerator Driver; Hr = 0x8007043c).

Error: (04/22/2015 00:09:15 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe"  /uninstall; Descripton = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501; Hr = 0x8007043c).

Error: (04/22/2015 00:09:05 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Descripton = Revo Uninstaller's restore point - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501; Hr = 0x8007043c).

Error: (04/22/2015 00:07:34 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Descripton = Revo Uninstaller's restore point - Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005; Hr = 0x8007043c).

Error: (04/22/2015 00:06:14 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Descripton = Revo Uninstaller's restore point - Microsoft Visual C++ 2005 Redistributable; Hr = 0x8007043c).


System errors:
=============
Error: (04/23/2015 07:47:22 AM) (Source: Service Control Manager) (User: )
Description: aic78xx
bjduovuc

Error: (04/23/2015 07:47:22 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/23/2015 07:46:57 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402

Error: (04/22/2015 09:58:34 PM) (Source: Service Control Manager) (User: )
Description: aic78xx
bjduovuc

Error: (04/22/2015 09:58:34 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/22/2015 09:57:59 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402

Error: (04/22/2015 01:26:25 PM) (Source: Service Control Manager) (User: )
Description: aic78xx
bjduovuc

Error: (04/22/2015 01:26:25 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/22/2015 01:26:16 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402

Error: (04/22/2015 01:23:30 PM) (Source: DCOM) (User: )
Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}


Microsoft Office Sessions:
=========================
Error: (04/22/2015 01:12:21 PM) (Source: Application Error)(User: )
Description: helppane.exe6.0.6001.180004791945emsvcrt.dll7.0.6002.185514ee8cc5a4000001500052fd37b801d07d389dfdffda

Error: (04/22/2015 01:12:10 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 01:00:21 PM) (Source: Application Error)(User: )
Description: helppane.exe6.0.6001.180004791945emsvcrt.dll7.0.6002.185514ee8cc5a4000001500052fd35cc01d07d36e6d0bd0f

Error: (04/22/2015 00:59:53 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 00:55:05 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (04/22/2015 00:11:47 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Intel® Graphics Media Accelerator Driver0x8007043c

Error: (04/22/2015 00:09:15 PM) (Source: System Restore)(User: )
Description: C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe"  /uninstallMicrosoft Visual C++ 2013 Redistributable (x86) - 12.0.305010x8007043c

Error: (04/22/2015 00:09:05 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.305010x8007043c

Error: (04/22/2015 00:07:34 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.210050x8007043c

Error: (04/22/2015 00:06:14 PM) (Source: System Restore)(User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - Microsoft Visual C++ 2005 Redistributable0x8007043c


CodeIntegrity Errors:
===================================
  Date: 2015-04-23 08:02:47.017
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 08:02:46.868
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 08:02:46.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 08:02:46.623
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 08:02:46.489
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 08:02:46.318
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 07:57:43.211
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 07:57:43.059
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 07:57:42.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-23 07:57:42.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
f.lux (HKCU\...\Flux) (Version:  - )
Glary Utilities 5.23 (HKLM\...\Glary Utilities 5) (Version: 5.23.0.42 - Glarysoft Ltd)
Grouper Screen Saver 1.0 (HKLM\...\Grouper Screen Saver_is1) (Version: 1.0 - Grouper Networks)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
Intel Processor Diagnostic Tool (HKLM\...\{9957D372-DD0F-4AA5-9C97-9C1EB3EB23A4}) (Version: 2.8.0.0 - Intel Corporation)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Processor ID Utility (HKLM\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.75.0000 - Intel® Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{C8005A7B-9638-41DD-B83B-AF277754E211}) (Version: 14.03.0000 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 10.4.6 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.6 - )
LAN Setting Utility (HKLM\...\{5958CAC6-373E-402F-84FE-0A699AA920B9}) (Version: 1.1.00.11010 - Sony Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.16040 - Sony Corporation)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
SmartWi Connection Utility (HKLM\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.1.0 - Sony Corporation)
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.16050 - Sony Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Trade Floor Chat Application - 1  (HKCU\...\65514d7d820d53ba) (Version: 1.0.1.60 - Integral Consulting LLC)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VAIO Camera Capture Utility (HKLM\...\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}) (Version: 2.3.00.15160 - Sony Corporation)
VAIO Camera Utility (HKLM\...\{1417F599-1DBD-4499-9375-B2813E9F890C}) (Version: 2.0.01.02070 - Sony Corporation)
VAIO Care (HKLM\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.3.0.09020 - Sony Corporation)
VAIO Care (Version: 6.3.0.09020 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.16230 - Sony Corporation)
VAIO HDD Protection (HKLM\...\{C518C7BF-A345-4019-815B-FFDF32EBCAD9}) (Version: 2.1.00.15140 - Sony Corporation)
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.18080 - Sony Corporation)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ACPI\SNY5001\4&1F0F4B04&0
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® 82915G/GV/910GL Express Chipset Family (Microsoft Corporation - XDDM)
Description: Intel® 82915G/GV/910GL Express Chipset Family (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Device ID: ROOT\DISPLAY\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Device ID: ROOT\DISPLAY\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82865G Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82865G Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Device ID: ROOT\DISPLAY\0002
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® 82945G Express Chipset Family
Description: Intel® 82945G Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: ROOT\DISPLAY\0003
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Description: Intel® 82852/82855 GM/GME Graphics Controller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Device ID: ROOT\DISPLAY\0004
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Adaptec AIC-7870 PCI SCSI Controller (Emulated)
Description: Adaptec AIC-7870 PCI SCSI Controller (Emulated)
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Adaptec
Service: aic78xx
Device ID: ROOT\SCSIADAPTER\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: AMD-8151 HyperTransport™ AGP3.0 Graphics Tunnel
Description: AMD-8151 HyperTransport™ AGP3.0 Graphics Tunnel
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: pci
Device ID: ROOT\SYSTEM\0001
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\SYSTEM\0005
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3069.38 MB
Available physical RAM: 1607.83 MB
Total Pagefile: 6351.74 MB
Available Pagefile: 4741.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.49 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:186.31 GB) (Free:55.7 GB) NTFS

========================= Users: ========================================

User accounts for \\ACTIVETRADER

Administrator            FluffyPup                Guest                    

========================= Restore Points ==================================

20-04-2015 18:57:07 Scheduled Checkpoint
20-04-2015 20:33:03 Windows Update
21-04-2015 16:12:59 Scheduled Checkpoint
22-04-2015 03:29:25 Windows Update
22-04-2015 04:24:05 Windows Update
22-04-2015 04:25:07 Windows Update
22-04-2015 17:26:06 Restore Point before Windows Live Family Safety was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:36:14 Restore Point before Windows Live Mesh was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:39:48 Restore Point before Windows Live Writer was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:41:00 Restore Point before Windows Live Writer was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:42:51 Restore Point before Windows Live Movie Maker was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:44:31 Restore Point before Windows Live Photo Common was removed using Program Install and Uninstall troubleshooter
22-04-2015 17:45:48 Restore Point before Windows Live Photo Gallery was removed using Program Install and Uninstall troubleshooter
22-04-2015 19:50:13 Windows Update
23-04-2015 04:54:09 avast! antivirus system restore point
23-04-2015 05:10:42 Windows Update

**** End of log ****
 

 

Malwarebytes Premium did not find anything last night.

I will try updating and running it again before moving on to the next item on your list.



#14 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 23 April 2015 - 12:14 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/23/2015
Scan Time: 9:56:28 AM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.04.23.05
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: FluffyPup

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295178
Time Elapsed: 10 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#15 FluffyPup

FluffyPup
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:SoCal
  • Local time:11:32 AM

Posted 23 April 2015 - 12:31 PM

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.23.05
  rootkit: v2015.04.21.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer
FluffyPup :: ACTIVETRADER [administrator]

4/23/2015 10:16:37 AM
mbar-log-2015-04-23 (10-16-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 295379
Time elapsed: 10 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

System is currently in a safe mode

Account is Administrative

Internet Explorer version:

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 3218472960, free: 2608848896

Host not found
=======================================
Initializing...
------------ Kernel report ------------
     12/16/2014 14:21:39
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\drivers\BootDefragDriver.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\SonyPI.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\framebuf.dll
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86ee5030
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-4\
Lower Device Object: 0xffffffff86d95b98
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86ee5030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86ee5d18, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86ee5030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff86d07ae8, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86d95b98, DeviceName: \Device\Ide\IdeDeviceP2T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6E4E0FCD

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 390717440
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 200049647616 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version:

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 3218472960, free: 2290155520

Downloaded database version: v2014.12.16.05
Downloaded database version: v2014.12.14.01
Downloaded database version: v2014.12.06.01
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version:

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 3218472960, free: 1598210048

Downloaded database version: v2015.04.23.05
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
Initializing...
======================
------------ Kernel report ------------
     04/23/2015 10:16:24
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\shpf.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\DRIVERS\gagp30kx.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\drivers\BootDefragDriver.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwLv32.sys
\SystemRoot\system32\DRIVERS\yk60x86.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\drivers\ti21sony.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\SonyPI.sys
\SystemRoot\system32\DRIVERS\IFXTPM.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\ialmnt5.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\umpass.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\stwrt.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\HSXHWAZL.sys
\SystemRoot\system32\DRIVERS\HSX_DPV.sys
\SystemRoot\system32\DRIVERS\HSX_CNXT.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\System32\Drivers\tcusb.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\drivers\aswTdi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\Drivers\R5U870FLx86.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\aswRdr.sys
\SystemRoot\System32\Drivers\R5U870FUx86.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\Windows\System32\drivers\GUBootStartup.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\drivers\regi.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\xaudio.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mwac.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.04.23.05
  rootkit: v2015.04.21.01

<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6E4E0FCD

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 390717440
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 200049647616 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff893e7ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff893ab878, DeviceName: Unknown, DriverName: \Driver\shpf\
DevicePointer: 0xffffffff893de308, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff893e7ac8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff893ab280, DeviceName: \Device\00000078\, DriverName: \Driver\ti21sony\
------------ End ----------
Drive 2
Scanning MBR on drive 2...
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users