|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
|||
|
|||
Computer shut down by itself - moved by Jintan
For some reason while I was away from my laptop it shut down on its own and according to event viewwer it happened at 1:18 pm today. I came back to my computer a little after 5:30 and saw that it was off. I left no programs running and now windows open, so it wasn't overheating and even when I'm on my computer it doesn't overheat.
Yesterday I did have an issue where the computer didn't go into hypernation, but was stuck in the process of going into hypernation. The only error I could find that happened a little before the comptuer said it shut down is this Name resolution for the name isatap.hsd1.in.comcast.net timed out after none of the configured DNS servers responded. Anyone have any ideas? Thanks |
#2
|
||||
|
||||
That event is related to your network connection. Rebooting your modem should fix it.
Without an error recorded (it's highly unlikely the above event is the cause of your shutdown) one isolated shutdown is almost impossible to diagnose. If you have further problems with hibernation and a crash, you could check out the hotfix here and see if it applies. |
#3
|
|||
|
|||
Thanks. One thing I did try was plugging my computer into a different outlet to see if that was the problem. I read somewhere online that a bad outlet can cause the computer to shut off on its own. So I'll keep my finger crossed if not I'mm be back, since I have installed all the important windows updates.
|
#4
|
||||
|
||||
Ok, see how it goes and we can look at it again if it happens again.
|
#5
|
|||
|
|||
The computer shut down on it's own again. This time I was using it when it happened. I was on the internet, using IE 9 browser and was on the Bestbuy website viewing their weekly ad, I went to switch to the next page and it stalled. The screen fadded out to a black screen with a blue box in the center, it had a count down of I believe 60 seconds when it would shut down, what I could read quickly I think I saw something about a disk error before the laptop shut down. Also laptop was not hot.
Any ideas? Thanks |
#6
|
|||
|
|||
Quote:
|
#7
|
||||
|
||||
wolflmg, Because of the tie-in with Internet use, I kinda do sense malware involvement. Let's take a look, and see if we need to move this to the Malware Removal Forum.
The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool. And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed. ------- Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please. |
#8
|
|||
|
|||
Seems to be having some issues. I downloads fine, I go into my downloads folder, right click and run as admin., check scan all users and then run scan, it's fine for like a minute, but then stops responding when it scans for firefox settings, which is weird since firefox is no longer on my laptop. Uninstalled it a few weeks ago.
|
#9
|
||||
|
||||
Not quite the same detail level, but instead Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.
If RSIT downloads/installs HijackThis be sure to agree to the install of that. Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt. RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt). |
#10
|
|||
|
|||
Okay, I may have fixed it. Went back and downloaded it and change the download path, IE had it set to my download folder.
Nope, was doing the same thing. I'll try the other one. |
#11
|
|||
|
|||
Logfile of random's system information tool 1.09 (written by random/random)
Run by owner at 2012-11-12 19:14:14 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 272 GB (58%) free of 469 GB Total RAM: 4063 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:14:18 PM, on 11/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16450) Boot mode: Normal Running processes: C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe C:\Program Files (x86)\real\realplayer\Update\realsched.exe C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\ytbb.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\owner\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\owner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie9 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\yt.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.130.270\AsusWSPanel.exe /S O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy. exe" /hide O4 - HKCU\..\Run: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\Google Update.exe" /c O4 - Global Startup: Bluetooth.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe O23 - Service: Amazon Unbox Video Service (ADVService) - Amazon.com - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 15840 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3652804788-2259126965-387798729-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3652804788-2259126965-387798729-1001UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\yt.dll [2012-06-11 1524056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll [2012-05-26 425680] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn14\yt.dll [2012-06-11 1524056] {71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files (x86)\WOT\WOT.dll [2010-03-03 1301664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "SmartWiHelper"=C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [2009-09-02 80384] "ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-05-26 317288] "SHTtray.exe"=C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2009-07-27 99624] "YMailAdvisor"=C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [2009-05-08 174424] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008] "TkBellExe"=C:\Program Files (x86)\real\realplayer\update\realsched.exe [2012-05-26 296056] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888] "ASUS Sync Loader"=C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe [2011-05-11 638976] "ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.130.270\AsusWSPanel.exe [2012-01-17 740192] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "Search Protection"=C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [2009-02-03 111856] "YSearchProtection"=C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [2009-02-03 111856] "ComcastAntispyClient"=C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy. exe /hide [] "Google Update"=C:\Users\owner\AppData\Local\Google\Update \GoogleUpdate.exe [2010-02-26 135664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon] C:\Windows\system32\VESWinlogon.dll [2009-07-01 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2012-05-06 203776] [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDesktopCleanupWizard"=1 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "msacm.siren"=sirenacm.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "vidc.VP60"=C:\Windows\system32\vp6vfw.dll "vidc.VP61"=C:\Windows\system32\vp6vfw.dll "vidc.DIVX"=DivX.dll "vidc.yv12"=DivX.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2012-11-12 19:14:15 ----D---- C:\Program Files (x86)\trend micro 2012-11-12 19:14:14 ----D---- C:\rsit 2012-11-09 10:42:10 ----D---- C:\Users\owner\AppData\Roaming\playpicklePackages 2012-11-09 10:42:07 ----D---- C:\Program Files (x86)\playpickle 2012-11-05 19:22:44 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll 2012-11-05 19:22:44 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll 2012-11-05 19:22:39 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll 2012-11-05 19:22:39 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-11-05 19:22:37 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll 2012-11-05 19:22:37 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-11-05 19:22:32 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll 2012-11-05 19:22:25 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll 2012-11-05 19:22:24 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll 2012-11-05 19:22:20 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll 2012-11-05 19:22:15 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll 2012-11-05 19:22:11 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll 2012-11-05 19:22:06 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll 2012-11-05 19:22:01 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll 2012-11-05 19:21:55 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll 2012-11-05 19:21:51 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll 2012-11-05 19:21:50 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll 2012-11-05 19:21:47 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll 2012-11-05 19:21:47 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll 2012-11-05 19:21:45 ----A---- C:\Windows\SysWOW64\xinput1_2.dll 2012-11-05 19:21:45 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll 2012-11-05 19:21:44 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll 2012-11-05 19:21:43 ----A---- C:\Windows\SysWOW64\xinput1_1.dll 2012-11-05 19:21:42 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll 2012-11-05 19:21:31 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll 2012-11-05 19:21:31 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll 2012-10-31 12:56:54 ----D---- C:\Users\owner\AppData\Roaming\RealNetworks ======List of files/folders modified in the last 1 month====== 2012-11-12 19:14:18 ----D---- C:\Windows\Prefetch 2012-11-12 19:14:15 ----RD---- C:\Program Files (x86) 2012-11-12 18:58:01 ----D---- C:\Windows\temp 2012-11-12 14:55:03 ----D---- C:\Windows\System32 2012-11-12 14:55:03 ----D---- C:\Windows\inf 2012-11-11 23:02:38 ----D---- C:\Users\owner\AppData\Roaming\Skype 2012-11-11 09:17:48 ----SHD---- C:\System Volume Information 2012-11-10 08:33:48 ----D---- C:\Windows\Minidump 2012-11-09 13:38:55 ----D---- C:\Windows 2012-11-09 10:45:31 ----D---- C:\Windows\SysWOW64 2012-11-09 10:45:08 ----D---- C:\ProgramData 2012-11-08 08:23:23 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-11-08 08:22:51 ----D---- C:\ProgramData\Adobe 2012-11-06 21:59:46 ----SHD---- C:\Windows\Installer 2012-11-06 21:59:46 ----D---- C:\Config.Msi 2012-11-05 19:23:19 ----D---- C:\Program Files (x86)\Steam 2012-11-05 19:22:31 ----D---- C:\Windows\Logs 2012-11-05 19:21:42 ----RSD---- C:\Windows\assembly 2012-11-04 20:31:23 ----D---- C:\Program Files (x86)\Common Files\Steam 2012-10-30 15:16:50 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2012-10-20 17:06:20 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-10-19 16:55:12 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-18 10:53:29 ----D---- C:\Data ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimssn64.sys [] R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [] S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [] S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [] S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032] R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-07-10 76888] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-21 831760] R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-23 189984] R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] R2 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952] R2 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432] R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-06-15 548264] R2 SSUService;Splashtop Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-03-15 370504] R2 Stuffit Archive Name Service;Stuffit Archive Name Service; C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe [2009-10-30 1916248] R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2009-07-01 204648] R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848] R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe [2010-03-18 138576] S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-21 1420560] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-08 133104] S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2012-11-08 250808] S3 ADVService;Amazon Unbox Video Service; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [2011-11-23 25704] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\as pnet_state.exe [2010-03-18 44376] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-08 133104] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-10 182768] S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Partner Service;Partner Service; C:\ProgramData\Partner\Partner.exe [] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-04 529744] S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe [2009-07-23 69632] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840] S3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-07-23 313264] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framewo rk64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framewo rk64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framewor k64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe [2010-03-18 124240] S4 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104] S4 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304] S4 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048] S4 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920] S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264] S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888] S4 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-07-23 206336] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- |
#12
|
|||
|
|||
info.txt logfile of random's system information tool 1.09 2012-11-12 19:14:20
======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\Program Files (x86)\InstallShield Installation Information\{70991E0A-1108-437E-BA7D-085702C670C0}\setup.exe" -runfromtemp -l0x0009 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}\setup.exe" -runfromtemp -l0x0009 -removeonly -->"C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe" -->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files (x86)\InstallShield Installation Information\{00721C5E-5B17-494C-95E5-208415864F62}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files (x86)\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files (x86)\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files (x86)\InstallShield Installation Information\{B2C4A8C4-AA20-425D-9FEE-C78039238C81}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Program Files (x86)\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly -->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6} Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11 _5_502_110_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11 _4_402_287_Plugin.exe -maintain plugin Adobe Reader X (10.1.4)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Amazon Add to Wish List IE Extension 1.1-->C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\Uninstall.exe Amazon MP3 Downloader 1.0.17-->C:\Program Files (x86)\Amazon\MP3 Downloader\Uninstall.exe Amazon MP3 Uploader-->msiexec /qb /x {2680A0EA-84CA-DB0B-1C81-86F83C12BBF2} Amazon MP3 Uploader-->MsiExec.exe /I{2680A0EA-84CA-DB0B-1C81-86F83C12BBF2} Amazon Unbox Video-->C:\Program Files (x86)\InstallShield Installation Information\{54A4839E-87F8-4BD1-9682-A349E9943F0A}\setup.exe -runfromtemp -l0x0409 Apple Application Support-->MsiExec.exe /I{63EC2120-1742-4625-AA47-C6A8AEC9C64C} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Application Manager for VAIO-->C:\Program Files (x86)\Sony\VAIO Uninstaller\vaiouninstaller.exe ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7BB90344-0647-468E-925A-7F69F7983421}\Setup.exe" -l0x9 ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}\Setup.exe" -l0x9 ASUS Sync-->MsiExec.exe /I{6C2CB5E8-B928-4954-BEBB-A7C973ACC73C} ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe Bubbletown-->"C:\Program Files (x86)\Best Buy Games\Bubbletown\Uninstall.exe" "C:\Program Files (x86)\Best Buy Games\Bubbletown\install.log" Catalyst Control Center - Branding-->MsiExec.exe /I{9EAC0E21-510E-4259-A9C6-F5D5B8969036} Cities XL 2012-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/201760 Click to Disc Editor-->C:\Program Files (x86)\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x0409 Click to Disc-->C:\Program Files (x86)\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0009 -removeonly Comix Zone-->"C:\Program Files (x86)\Comix Zone\unins000.exe" Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com Free Audio CD Burner version 1.4.7-->"C:\Program Files (x86)\DVDVideoSoft\Free Audio CD Burner\unins000.exe" Free YouTube to MP3 Converter version 3.10.11.923-->C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe Game Room-->MsiExec.exe /I{4D530901-0614-4537-B4CE-EA1000018301} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Internet TV for Windows Media Center-->MsiExec.exe /X{9D318C86-AF4C-409F-A6AC-7183FF4CF424} Java(TM) 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF} JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} LG Smart Scan-->MsiExec.exe /I{1D172E43-85FF-4970-A7E8-05ED3E0FEB43} LibreOffice 3.5-->MsiExec.exe /I{B1F9C834-0594-4563-B344-4ED9599A5945} Malwarebytes Anti-Malware version 1.65.1.1000-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Messenger Companion-->MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF} Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\msTTS.inf, Uninstall Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218-->MsiExec.exe /X{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Works-->MsiExec.exe /I{67E03279-F703-408F-B4BF-46B5FC8D70CD} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20} Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} Movie Magic Screenwriter 6-->MsiExec.exe /I{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7} MovieStar-->C:\Windows\IsUninst.exe -f"C:\Program Files (x86)\MovieStar\MovieStar.isu" MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP3 Parser (KB2721691)-->MsiExec.exe /I{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44} MSXML 4.0 SP3 Parser-->MsiExec.exe /I{196467F1-C11F-4F76-858B-5812ADC83B94} Music Transfer-->C:\Program Files (x86)\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x0009 -removeonly Need for Speed: Undercover-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/17430 Need For Speed™ World-->"C:\Program Files (x86)\Electronic Arts\Need For Speed World\unins000.exe" NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" PunkBuster Services-->C:\Windows\system32\pbsvc_blr.exe -u QuickBooks Financial Center-->MsiExec.exe /I{0F962B79-D0DC-40D9-96BA-ED1355120CBA} QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0 Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe -k -m -nrg2709 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB} Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693} Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} Roxio Easy Media Creator 10 LJ-->C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe /x {537BF16E-7412-448C-95D8-846E85A1D817} Roxio Easy Media Creator Home-->MsiExec.exe /I{FE51662F-D8F6-43B5-99D9-D4894AF00F83} Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF} Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4} Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB} Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly Sid Meier's Civilization V-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/8930 Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} SmartWi Connection Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}\setup.exe" -l0x9 -removeonly Sony Home Network Library-->"C:\Program Files (x86)\InstallShield Installation Information\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}\setup.exe" -runfromtemp -l0x0009 -removeonly Sony Picture Utility-->C:\Program Files (x86)\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly Splashtop Streamer-->"C:\Program Files (x86)\InstallShield Installation Information\{2EFEAD58-3311-4B2B-9D8A-8D663581D109}\setup.exe" -runfromtemp -l0x0409 -removeonly Splashtop Streamer-->MsiExec.exe /X{2EFEAD58-3311-4B2B-9D8A-8D663581D109} SPORE™-->"C:\Program Files (x86)\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPORESetup.exe" -runfromtemp -l0x0009 -removeonly Star Wars: The Old Republic-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Team Fortress 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440 The Sims™ 3 Generations-->"C:\Program Files (x86)\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe" -runfromtemp -l0x0009 -removeonly The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0009 -removeonly Tinker-->MsiExec.exe /I{584109EB-4A5E-4467-B3C4-5C1000008300} Tinker-->MsiExec.exe /I{584109EB-CEA0-4954-804B-211000018301} Tinker-->MsiExec.exe /X{584109EB-4A5E-4467-B3C4-5C1000008300} Torchlight II Demo-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/219850 Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\S etupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF} Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42} VAIO Care-->"C:\Program Files (x86)\InstallShield Installation Information\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files (x86)\InstallShield Installation Information\{0A5F02E5-1A52-4F85-892C-A35227641C75}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Content Metadata Intelligent Network Service Manager-->C:\Program Files (x86)\InstallShield Installation Information\{4427F384-B5BE-4769-B7D0-C784FC321EB1}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Content Metadata Manager Settings-->C:\Program Files (x86)\InstallShield Installation Information\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Content Metadata XML Interface Library-->C:\Program Files (x86)\InstallShield Installation Information\{949419DF-F4AF-4693-B60A-522B24F233C6}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Content Monitoring Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Data Restore Tool-->C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO DVD Menu Data Basic-->C:\Program Files (x86)\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Help and Support-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D47FE987-EA3D-424B-9886-B752501D7CE7}\setup.exe" -l0x9 -removeonly VAIO Media plus Opening Movie-->"C:\Program Files (x86)\InstallShield Installation Information\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Media plus-->"C:\Program Files (x86)\InstallShield Installation Information\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Movie Story Template Data-->C:\Program Files (x86)\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Movie Story-->C:\Program Files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO OOBE and Startup Assistant-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1B500D37-E7CF-480B-8054-8A563594EC4E}\setup.exe" -l0x9 -removeonly VAIO Original Function Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{5F5867F0-2D23-4338-A206-01A76C823924}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Presentation Support-->"C:\Program Files (x86)\InstallShield Installation Information\{2018C019-30D9-4240-8C01-0865C10DCF5A}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Survey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{34B37A74-125E-4406-87BA-E4BD3D097AE5}\setup.exe" -l0x9 -removeonly VAIO Update-->"C:\Program Files (x86)\InstallShield Installation Information\{5BEE8F1F-BD32-4553-8107-500439E43BD7}\setup.exe" -runfromtemp -l0x0409 -removeonly VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D} Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} VU5x86-->MsiExec.exe /X{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441} Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1} Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} Windows Media Center Add-in for Flash-->MsiExec.exe /X{E2D09AC2-4153-4817-AAEB-24F92A8BCE88} WOT for Internet Explorer-->MsiExec.exe /X{DB0BB9FA-1B60-4036-8E29-3D56D8085256} Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~2\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\Windows\system32\regsvr32 /u /s C:\PROGRA~2\Yahoo!\Common\YMMAPI.dll Yahoo! Mail Advisor-->C:\PROGRA~2\Yahoo!\Common\UNINST~1.EXE Yahoo! Search Protection-->C:\PROGRA~2\Yahoo!\SEARCH~1\UNINST~1.EXE Yahoo! Software Update-->C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE ======System event log====== Computer Name: Lindsay Event Code: 43029 Message: Display is not active Record Number: 357720 Source Name: atikmdag Time Written: 20120704222017.837872-000 Event Type: Error User: Computer Name: Lindsay Event Code: 43029 Message: Display is not active Record Number: 357667 Source Name: atikmdag Time Written: 20120704182502.155201-000 Event Type: Error User: Computer Name: Lindsay Event Code: 43029 Message: Display is not active Record Number: 357626 Source Name: atikmdag Time Written: 20120704160621.077201-000 Event Type: Error User: Computer Name: Lindsay Event Code: 1116 Message: Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?link...tid=2147657869 Name: Exploit:Java/CVE-2012-0507.BZ ID: 2147657869 Severity: Severe Category: Exploit Path: file:_C:\Users\owner\AppData\LocalLow\Sun\Java\Dep loyment\cache\6.0\9\53082cc9-4b33f753->Atomic.class Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection User: LINDSAY\owner Process Name: C:\Program Files (x86)\Java\jre7\bin\java.exe Signature Version: AV: 1.129.932.0, AS: 1.129.932.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8502.0, NIS: 2.0.8001.0 Record Number: 357589 Source Name: Microsoft Antimalware Time Written: 20120704140223.000000-000 Event Type: Warning User: Computer Name: Lindsay Event Code: 43029 Message: Display is not active Record Number: 357570 Source Name: atikmdag Time Written: 20120704134914.576401-000 Event Type: Error User: =====Application event log===== Computer Name: Lindsay Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 160398 Source Name: Bonjour Service Time Written: 20120203223742.000000-000 Event Type: Error User: Computer Name: Lindsay Event Code: 33 Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32", version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 160377 Source Name: SideBySide Time Written: 20120203135938.000000-000 Event Type: Error User: Computer Name: Lindsay Event Code: 33 Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32", version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 160376 Source Name: SideBySide Time Written: 20120203135938.000000-000 Event Type: Error User: Computer Name: Lindsay Event Code: 33 Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32", version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 160375 Source Name: SideBySide Time Written: 20120203135938.000000-000 Event Type: Error User: Computer Name: Lindsay Event Code: 33 Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32", version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 160374 Source Name: SideBySide Time Written: 20120203135938.000000-000 Event Type: Error User: =====Security event log===== Computer Name: Lindsay Event Code: 5058 Message: Key file operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: Not Available. Key Name: 64a9f4cf-064b-48b1-b6a1-9e4d79d3ee19 Key Type: Machine key. Key File Operation Information: File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f ca7742ba591c9b239e03be8f619cdb_06e4ec52-a9b1-4c2c-a68d-33bc090c698e Operation: Read persisted key from file. Return Code: 0x0 Record Number: 90811 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120308152441.191555-000 Event Type: Audit Success User: Computer Name: Lindsay Event Code: 5061 Message: Cryptographic operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: RSA Key Name: 64a9f4cf-064b-48b1-b6a1-9e4d79d3ee19 Key Type: Machine key. Cryptographic Operation: Operation: Open Key. Return Code: 0x0 Record Number: 90810 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120308152341.188844-000 Event Type: Audit Success User: Computer Name: Lindsay Event Code: 5058 Message: Key file operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: Not Available. Key Name: 64a9f4cf-064b-48b1-b6a1-9e4d79d3ee19 Key Type: Machine key. Key File Operation Information: File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f ca7742ba591c9b239e03be8f619cdb_06e4ec52-a9b1-4c2c-a68d-33bc090c698e Operation: Read persisted key from file. Return Code: 0x0 Record Number: 90809 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120308152341.188844-000 Event Type: Audit Success User: Computer Name: Lindsay Event Code: 5061 Message: Cryptographic operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: RSA Key Name: 64a9f4cf-064b-48b1-b6a1-9e4d79d3ee19 Key Type: Machine key. Cryptographic Operation: Operation: Open Key. Return Code: 0x0 Record Number: 90808 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120308151747.234230-000 Event Type: Audit Success User: Computer Name: Lindsay Event Code: 5058 Message: Key file operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: Not Available. Key Name: 64a9f4cf-064b-48b1-b6a1-9e4d79d3ee19 Key Type: Machine key. Key File Operation Information: File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3f ca7742ba591c9b239e03be8f619cdb_06e4ec52-a9b1-4c2c-a68d-33bc090c698e Operation: Read persisted key from file. Return Code: 0x0 Record Number: 90807 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120308151747.234230-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%Sy stemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0; C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerS hell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "configsetroot"=%SystemRoot%\ConfigSetRoot "RoxioCentral"=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\ "EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\ "asl.log"=Destination=file;OnFirstLog=command,envi ronment "QTJAVA"=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip "CLASSPATH"=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- |
#13
|
||||
|
||||
An adware service and some so-far remnant folders of other adware. I will move this to the Malware Removal Forum, and then we can check in more detail.
|
#14
|
||||
|
||||
Be sure to continue to temporarily disable any protective software when running the scan tools we use here.
Click here and download the installer for Gmer to your desktop, then click that file to run Gmer. Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. ----------- Download aswMBR ( 511KB ) to your desktop.
--------- Click here and download Kaspersky's TDSSKiller to your desktop, but as you download it, rename it to larry.com then click that file to run TDSSKiller. In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested. When the scan completes it will create a log file on your C drive. Similar in name to this: C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt Your copy will be different - some of those numbers will reflect the date/time it was just run by you there. Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot. ----------- Open TDSSkiller again. This time, when the display shows, select Change parameters. Place a check next to Detect TDLFS file system, then click OK, and Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot (Reboot Now) if requested. When the scan completes it will create a log file on your C drive. Similar in name to this: C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt Your copy will be different - some of those numbers will reflect the date/time it was just run by you there. Copy/paste those contents back here please. If it does locate malware, but does not prompt for a reboot, go ahead and do reboot. |
#15
|
|||
|
|||
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-11-12 22:09:32 Windows 6.1.7601 Service Pack 1 Running: whic9eyb.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\00243372ae81 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Par ameters\Keys\0026433e62de Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\00243372ae81 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Paramet ers\Keys\0026433e62de (not active ControlSet) ---- EOF - GMER 1.0.15 ---- |
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
My computer has a virus!! - moved by Jintan | anayeknamwen | Malware Removal | 90 | February 14th, 2013 12:33 AM |
Cleaning out Computer help!! - moved by Jintan | goonproductions | Malware Removal | 24 | January 17th, 2013 12:26 AM |
Computer may be infected - Moved by Jintan | Jerry56 | Windows XP | 97 | October 4th, 2012 12:35 AM |
Computer sounds like its about to take off- Moved by Jintan | Joyce Reid | Hardware | 75 | June 1st, 2012 01:43 AM |
computer freezing, WON'T defrag - moved by Jintan | donnar | Windows Vista | 20 | September 19th, 2009 01:39 AM |
All times are GMT +1. The time now is 01:02 AM.