TechSpot

Seeing *32 in my task manager?

Solved
By GambitX
Sep 8, 2010
Topic Status:
Not open for further replies.
  1. Hi guys,

    Last night I clicked a link by accident from ESPN which led to another site. I was trying to close that ad but clicked on another link which popped up a fake virus scan saying I had malware. I opened the task manager and ended explorer and didn't click anything but immediately after my task manager was showing programs running in *32.

    For instance, when I opened internet explorer, it showed iexplore.exe *32. There were 6-8 programs running in *32 so I immediately went to safe mode to investigate.

    Is this something to be concerned about? I ran MalwareBytes and Windows Defender in safe mode last night and everything came up clean. I am using Window's 7 if that helps at all.

    Right now I am not in front of my comptuer but can access it tonight to update the post with whatever else is needed. Thanks so much in advance for your help.
     
  2. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    I'm new so I am sorry if I am forgetting to post anything to help you guys assist me.. please let me know what this *32 means or if you need me to run anything to show a log. I can do all of this tonight as soon as I'm home from work. Thank you so much.

    EDIT: Whoops didn't edit the first post I hit reply by accident. Off to a bad start , sorry guys.
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Do mean the process for Internet Explorer displayed like this> iexplore.exe*32> exactly like that?
    Because * usually stands for a Wild Card and I want to clarify if you see that or added it.

    It is common to have multiple iexplore.ese processes running with IE8, so you need to explain the *32.
     
  4. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Thank you so much for your reply. I appreciate the help.

    I will have the exact wording once I get home so I can provide all the file names from the task manager but yes it was iexplore.exe*32

    It had the * and 32 following it, which I have never seen before. I ran Windows Defender and MalwareBytes in Safe mode and it didn't find anything but I'm pretty sure something is wrong.

    Don't know if this helps at all but the site that popped up said "Malware detected" and then a fake virus scan immediately begun to activate through internet explorer. I cntrl alt deleted internet explorer then the *32 showed up. I doubt it is a coincidence.
     
  5. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Yes, I just got home and checked. The process is called iexplore.exe *32 There are two of them running on my processes (I am in safe mode with networking) - one is at 31,136k and the other is at 5,000k. I only have this webpage open.

    What should I do next ? Thanks a lot for your help
     
  6. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Further, is this Advanced Registry Optimizer 2010 app any good ?
     
  7. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    I just ran Malwarebyes again. Going to run search and destroy and AVG too.
    This is what my Malwarebytes scan finds, but the iexplorer.exe *32 is still showing:

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4567

    Windows 6.1.7600 (Safe Mode)
    Internet Explorer 8.0.7600.16385

    9/8/2010 6:33:43 PM
    mbam-log-2010-09-08 (18-33-43).txt

    Scan type: Full scan (C:\|E:\|F:\|G:\|)
    Objects scanned: 235446
    Time elapsed: 41 minute(s), 10 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

    I do not recommend a Registry Cleaner to anyone. Most of us don't.
     
  9. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Thanks a lot for the response. I will go follow the steps right now and paste the results.

    I had that registry cleaner and it picked up 939 registry errors, some were actually true, others I had no idea so I just x'ed out.
     
  10. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    For some reason when I tried to reply before it said I needed admin approval, lol. Before I post, I want to thank you for taking the time to help me.

    I followed the 8 step instructions. Here are the results for MalwareByte's quick scan:

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4576

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    9/8/2010 7:47:22 PM
    mbam-log-2010-09-08 (19-47-22).txt

    Scan type: Quick scan
    Objects scanned: 134833
    Time elapsed: 4 minute(s), 34 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
  11. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Here is the results for DDS Scan:

    DDS (Ver_10-03-17.01) - NTFSX64
    Run by mlee at 19:49:28.22 on Wed 09/08/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3935.2301 [GMT -4:00]

    SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
    C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
    C:\Windows\SysWOW64\UStorSrv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files (x86)\AVG\AVG9\avgemc.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
    C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Users\mleedom\Downloads\moo\scan\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Users\mleedom\Downloads\moo\scan\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files\Apoint\ApMsgFwd.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Apoint\Apvfb.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Sony\VAIO Care\VCsystray.exe
    C:\Windows\system32\taskmgr.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\mleedom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFZZ8402\dds[1].scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mLocal Page = c:\windows\syswow64\blank.htm
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
    mWinlogon: Userinit=userinit.exe
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\users\mleedom\downloads\moo\scan\spybot - search & destroy\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files (x86)\norton internet security\engine\16.8.0.41\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files (x86)\norton internet security\engine\16.8.0.41\IPSBHO.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files (x86)\norton internet security\engine\16.8.0.41\coIEPlg.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
    uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
    uRun: [SpybotSD TeaTimer] c:\users\mleedom\downloads\moo\scan\spybot - search & destroy\TeaTimer.exe
    mRun: [LaunchUserRequestedPrograms] "c:\program files\sony\first experience\Miniprogram.exe"
    mRun: [RegistrationReminder] "c:\program files\sony\first experience\OOBEFcdRegistration.exe"
    mRun: [SmartWiHelper] "c:\program files (x86)\sony\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
    mRun: [VAIOSurvey] "c:\program files (x86)\sony\vaio survey\VAIO Sat Survey.exe"
    mRun: [ISBMgr.exe] "c:\program files (x86)\sony\isb utility\ISBMgr.exe"
    mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
    mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot
    mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
    mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe
    mRunOnce: [Malwarebytes' Anti-Malware] c:\users\mleedom\downloads\moo\scan\malwarebytes' anti-malware\mbamgui.exe /install /silent
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\users\mleedom\downloads\moo\scan\spybot - search & destroy\SDHelper.dll
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll
    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files (x86)\norton internet security\engine\16.8.0.41\CoIEPlg.dll
    Notify: VESWinlogon - VESWinlogon.dll
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
    mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe
    mRun-x64: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
    mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
    mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
    AppInit_DLLs-X64: avgrssta.dll

    ============= SERVICES / DRIVERS ===============

    R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-9-3 55280]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nisx64\1008000.029\SymEFA64.sys [2010-2-2 402992]
    R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2010-9-8 269904]
    R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2010-9-8 35536]
    R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2010-9-8 317520]
    R1 BHDrvx64;Symantec Heuristics Driver;c:\windows\system32\drivers\nisx64\1008000.029\BHDrvx64.sys [2010-2-2 334384]
    R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nisx64\1008000.029\cchpx64.sys [2010-2-2 583296]
    R1 IDSVia64;IDSVia64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100119.001\IDSviA64.sys [2010-1-25 466992]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2010-9-8 921952]
    R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-9-8 308136]
    R2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-2-2 117640]
    R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService64.exe [2009-8-18 189984]
    R2 SBSDWSCService;SBSD Security Center Service;c:\users\mleedom\downloads\moo\scan\spybot - search & destroy\SDWinSec.exe [2010-9-8 1153368]
    R2 uCamMonitor;CamMonitor;c:\program files (x86)\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2009-9-3 104960]
    R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2009-9-3 411496]
    R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-7-22 642920]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-9-3 19968]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-12-27 132656]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-8-18 139264]
    R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-8-18 11392]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-8-18 393216]
    S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-9-3 133104]
    S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\roxio\digital home 10\RoxioUpnpService10.exe [2009-6-26 362992]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\avg\avg9\toolbar\ToolbarBroker.exe [2010-9-8 431432]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\roxio\digital home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
    S3 SampleCollector;Intel(R) Sample Collector;c:\program files\sony\vaio care\collsvc.exe [2010-2-21 167424]
    S3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\common files\sony shared\sohlib\SOHCImp.exe [2009-9-3 120104]
    S3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHDBSvr.exe [2009-9-3 70952]
    S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\common files\sony shared\sohlib\SOHDms.exe [2009-9-3 427304]
    S3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\common files\sony shared\sohlib\SOHDs.exe [2009-9-3 75048]
    S3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHPlMgr.exe [2009-9-3 91432]
    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2009-9-3 468264]
    S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\sony\vcm intelligent network service manager\VcmINSMgr.exe [2009-9-3 357672]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper64.exe [2009-9-3 110888]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-13 1255736]

    =============== Created Last 30 ================

    2010-09-08 22:56:11 13048 ----a-w- c:\windows\system32\avgrssta.dll
    2010-09-08 22:56:09 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys
    2010-09-08 22:56:09 269904 ----a-w- c:\windows\system32\drivers\avgldx64.sys
    2010-09-08 22:56:05 35536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
    2010-09-08 22:56:04 0 d-----w- c:\windows\system32\drivers\Avg
    2010-09-08 22:56:02 0 d-----w- c:\programdata\AVG Security Toolbar
    2010-09-08 22:50:48 0 d-----w- c:\program files (x86)\AVG
    2010-09-08 22:50:19 0 d-----w- c:\programdata\avg9
    2010-09-08 22:37:01 0 d-----w- c:\programdata\Spybot - Search & Destroy
    2010-09-08 06:12:27 0 d-----w- c:\users\mleedom\appdata\roaming\Malwarebytes
    2010-09-08 06:12:18 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-09-08 06:12:18 0 d-----w- c:\programdata\Malwarebytes
    2010-08-24 22:49:45 571904 ----a-w- c:\windows\syswow64\oleaut32.dll
    2010-08-24 22:49:44 861184 ----a-w- c:\windows\system32\oleaut32.dll
     
     
  12. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    ==================== Find3M ====================

    2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll
    2010-07-27 14:03:24 12867584 ----a-w- c:\windows\syswow64\shell32.dll
    2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
    2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
    2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
    2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
    2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
    2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
    2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
    2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
    2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
    2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
    2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
    2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
    2010-06-25 03:31:53 291 --sha-w- C:\vdx.sys
    2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll
    2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
    2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe
    2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll
    2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys
    2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll
    2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll
    2009-09-03 06:58:51 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2009-09-03 06:58:51 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2009-09-03 06:58:51 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2009-09-03 06:58:51 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 19:50:32.80 ===============

    Seond DDS Log:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/25/2009 11:16:55 PM
    System Uptime: 9/8/2010 7:35:23 PM (0 hours ago)

    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 290 GiB total, 224.387 GiB free.
    E: is Removable
    F: is Removable
    G: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP96: 8/3/2010 1:32:31 AM - Windows Update
    RP97: 8/5/2010 6:08:35 PM - Windows Update
    RP98: 8/9/2010 6:08:44 PM - Windows Update
    RP99: 8/12/2010 1:19:01 AM - Windows Update
    RP100: 8/12/2010 6:18:28 PM - Windows Update
    RP101: 8/14/2010 12:24:54 AM - Windows Update
    RP102: 8/16/2010 6:49:39 PM - Windows Update
    RP103: 8/19/2010 8:09:52 PM - Windows Update
    RP104: 8/23/2010 5:51:35 PM - Windows Update
    RP105: 8/24/2010 6:49:48 PM - Windows Update
    RP106: 8/24/2010 11:31:31 PM - Windows Update
    RP107: 8/28/2010 12:21:21 AM - Windows Update
    RP108: 9/5/2010 1:58:58 PM - Windows Update
    RP109: 9/7/2010 6:57:39 PM - Windows Update

    ==== Installed Programs ======================


    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Apple Application Support
    Apple Software Update
    Application Manager for VAIO
    ArcSoft Magic-i Visual Effects 2
    ArcSoft WebCam Companion 3
    AVG Free 9.0
    Click to Disc
    Click to Disc Editor
    Compatibility Pack for the 2007 Office system
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Java Auto Updater
    Java(TM) 6 Update 20
    Junk Mail filter update
    Malwarebytes' Anti-Malware
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Music Transfer
    Norton Internet Security
    Primo
    QuickBooks Financial Center
    QuickTime
    Realms of Kaos
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Easy Media Creator 10 LJ
    Roxio Easy Media Creator Home
    Runtime
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Setting Utility Series
    SmartWi Connection Utility
    Sony Home Network Library
    Sony Picture Utility
    Spybot - Search & Destroy
    U-Storage Service
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VAIO Care
    VAIO Content Metadata Intelligent Analyzing Manager
    VAIO Content Metadata Intelligent Network Service Manager
    VAIO Content Metadata Manager Settings
    VAIO Content Metadata XML Interface Library
    VAIO Content Monitoring Settings
    VAIO Control Center
    VAIO Data Restore Tool
    VAIO DVD Menu Data Basic
    VAIO Entertainment Platform
    VAIO Event Service
    VAIO Help and Support
    VAIO Media plus
    VAIO Media plus Opening Movie
    VAIO Movie Story
    VAIO Movie Story Template Data
    VAIO OOBE and Startup Assistant
    VAIO Original Function Settings
    VAIO Power Management
    VAIO Presentation Support
    VAIO Quick Web Access
    VAIO Survey
    VAIO Update 4
    VAIO Wallpaper Contents
    Visual C++ 8.0 Runtime Setup Package (x64)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    9/8/2010 7:35:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
    9/8/2010 7:35:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.
    9/8/2010 7:35:48 PM, Error: Service Control Manager [7000] - The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/8/2010 7:33:57 PM, Error: Service Control Manager [7031] - The AVG Free WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    9/8/2010 7:27:48 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    9/8/2010 7:27:36 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    9/8/2010 7:27:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    9/8/2010 7:27:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    9/8/2010 7:27:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    9/8/2010 7:27:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    9/8/2010 7:27:16 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx64 AvgMfx64 BHDrvx64 ccHP discache eeCtrl IDSVia64 spldr SRTSPX SYMTDI Wanarpv6
    9/8/2010 5:47:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccHP discache eeCtrl IDSVia64 spldr SRTSPX SYMTDI Wanarpv6

    ==== End Of File ===========================
     
  13. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    I have Windows 7 64-bit (I think I do anyway) so I didn't d/l GMER as instructed. Please let me know if I am missing anything or if you require any additional information. Once again, thank you so much for taking your time to do this.

    Also, if there are programs I could delete which would make my computer run faster, please let me know.. I didn't realize I had so many. Thanks so much!
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Glad to help. As for 'downsizing' the Start menu, that will come later. I have help for the many preloaded VAIO processes that I will share with you to determine if you need them running.. This system comes heavily preloaded and it has been my experience that most don't use the processes and aren't even aware of them running!

    PleaseRun Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
     
  15. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Great, that sounds awesome, thank you very much.

    I have turned off Defender and followed the steps. It also said Norton was activated but the subscription has expired as I don't like Norton (Should I uninstall this possibly later?).

    I'm trying to locate the results for the ESET scan, for some reason I found another log.. called lv.log. I'm not sure what that scan is from.. any idea? Will post once I find, any other folder that it would be in?
     
  16. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    This is the only log I find in the ESET folder..

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK

    The scan finished and said clean though but for some reason the log.txt isn't here.. I'm looking here: C:\Program Files (x86)\ESET\EsetOnlineScanner\log.txt

    Even searched all my folders with no luck.. any idea?
     
  17. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    I searched again this morning for the log.txt, I searched all folders and only found the log that I posted above. No idea where it could of went. Any idea Bobbye? Thanks.
     
  18. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Please run the Eset scan again and be sure to save the log at the end.

    You should also uninstall Norton now. There are processes loading and running from it. This tool should help: Norton Removal Tool
     
  19. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Nothing prompts me to save the log file at the end, it says scan complete and then asks me if I want to purchase ESET. Am I missing a step at the end? Please let me know. I will run the scan again as soon as I am home.

    I will remove Norton tonight, thank you very much for the link.
     
  20. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Bobbye,

    I ran the scan again and it still didn't give me a log. Any idea what is wrong?
     
  21. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    BTW- I also have uninstalled Norton, thanks. Should I keep AVG, Spybot Search and Destroy and that Malwarebytes Anti-Malware program? Thanks in advance.. still unable to find that log though from ESET tho..
     
  22. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Found it!!!

    I searched everything ... or so I thought. I did a search in the entire C drive for "ESET" and it finally found the log.

    Here are the results:

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6211
    # api_version=3.0.2
    # EOSSerial=ed9e4eb645369544a084d9d8d3fb10d5
    # end=finished
    # remove_checked=false
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2010-09-10 11:31:31
    # local_time=2010-09-10 07:31:31 (-0500, Eastern Daylight Time)
    # country="United States"
    # lang=1033
    # osver=6.1.7600 NT
    # compatibility_mode=1024 16777215 100 0 86852 86852 0 0
    # compatibility_mode=3588 16777213 100 91 11665193 32311986 0 0
    # compatibility_mode=5893 16776573 100 94 172821 35702950 0 0
    # compatibility_mode=8192 67108863 100 0 3294 3294 0 0
    # scanned=107053
    # found=0
    # cleaned=0
    # scan_time=1991

    Is this the only log or should there be something else too? Please let me know :) Thanks!!
     
  23. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Is this the log Bobbye? Do you see anything wrong? I have not run any of my other virus scans as instructed and have been disconnecting from the internet when I don't need it as much as possible just as a precaution.
     
  24. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    That's the log and it's clean. I had script for removals for you but forgot you had a 64 bit system. Please run this:
    • Download OTL
    • Double click the OTL icon to run it.[​IMG]
    • Set Output at the top to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Copy the entries in the Code box below> Paste in the Custom Scan box.
      Code:
      netsvcs
      %SYSTEMDRIVE%\*.exe
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      symmpi.sys
      adp3132.sys
      mv61xx.sys
      /md5stop
      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\System32\config\*.sav
      CREATERESTOREPOINT
      
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      Make sure all other windows are closed and to let it run uninterrupted.
    • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
     
  25. GambitX

    GambitX TS Rookie Topic Starter Posts: 79

    Thanks for the reply. That is good news. Any idea why my computer is running those programs as *32 though? I don't know if it is just me or what but I feel like after I downloaded Spybot Search and Destroy my computer runs slower, lol. Should I uninstall the programs I downloaded like TFC, ESET, (or the virus scans AVG, Spybot, etc that I have?) etc? Thanks in advance.

    Here are the log results:

    OTL logfile created on: 9/12/2010 12:10:14 AM - Run 1
    OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\mlee\Downloads\moo\Net ones
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 51.00% Memory free
    8.00 Gb Paging File | 5.00 Gb Available in Paging File | 71.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 290.37 Gb Total Space | 239.19 Gb Free Space | 82.37% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MLEE-VAIO
    Current User Name: mlee
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Minimal
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - C:\Users\mleedom\Downloads\moo\Net ones\OTL.exe File not found
    PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
    PRC - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe ()
    PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe ()
    PRC - C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe ()
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
    PRC - C:\Users\mleedom\Downloads\moo\scan\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    PRC - C:\Users\mleedom\Downloads\moo\scan\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
    PRC - C:\Windows\SysWOW64\UStorSrv.exe (OTi)

    ========== Modules (SafeList) ==========

    MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Intel Corporation)
    SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
    SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
    SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
    SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
    SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe ()
    SRV - (HsfXAudioService) -- C:\Windows\SysWOW64\XAudio64.dll (Conexant Systems, Inc.)
    SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
    SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
    SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
    SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
    SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
    SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
    SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
    SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
    SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
    SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
    SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (SBSDWSCService) -- C:\Users\mlee\Downloads\moo\scan\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
    SRV - (UStorage Server Service) -- C:\Windows\SysWOW64\UStorSrv.exe (OTi)
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.