Jump to content

ninewirez

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by ninewirez

  1. I've downloaded it again and ran uninstall. That seemed to have worked, thank you. The only thing I noticed during this clean-up is some of my system files such as explorer and various dlls were patched back to the original state, my theme was consequently modified to a basic early XP one, which was a bit of a nuisance since I like my desktop simple, elegant, but highly customized. I patched some files, took ownership of others and got everything back into place. I ran more tests and reinstalled ESET Smart Security 5 and MBAM. My system seems to be clean and running factory-smooth. Thank you for everything!
  2. Apologies for the delay I had a busy day. ComboFix cannot be uninstalled, apparently my system cannot find it. Thank you for your assistance with everything. Kind regards, Chris.
  3. Done. This is what the scan produced. Let me know if there's anything else I need to take care of. C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Users\NINE\AppData\Local\dplayx.dll.vir a variant of Win32/Kryptik.ABDQ trojan cleaned by deleting - quarantined C:\Users\NINE\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\795aee91-1ba0006f a variant of Java/Agent.DN trojan deleted - quarantined C:\Users\NINE\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\38e6a667-3180f22e a variant of Java/TrojanDownloader.Agent.AD trojan deleted - quarantined N:\Current\Windows Tweaks\Icon Packager\Patch\startdock.iconpackager-patch ~TheOrb666~.exe Win32/HackTool.Patcher.A application cleaned by deleting - quarantined N:\Downloads\mini-KMS_Activator_v1.3_Office2010_VL_ENG.exe a variant of Win32/HackKMS.A application deleted - quarantined
  4. The full scan doesn't seem to have picked up anything. Let me know if there's anything more I need to do on my part. Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.06.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 NINE :: NINE-VAIO [administrator] Protection: Enabled 06.03.2012 19:23:55 mbam-log-2012-03-06 (19-23-55).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 616322 Time elapsed: 1 hour(s), 16 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  5. When prompted with the virus detection, MBAM can only ignore or quarantine. I always chose the latter, last time included, but prior to running ComboFix, MBAM displayed that message around 20 times / day so I didn't really think much was done against in until I ran ComboFix. I've also updated Java [thanks for the tip] and restarted. It does seem to boot up and get all systems running in less time and I only have 75 processes running for all users. I've updated MBAM and will post the resulting full scan log here when it's done. As a personal advice, would a rootkit of this sort damage my security in an unrecoverable way? Would backdoor access to my system be possible / detected by software such as MBAM? Other than changing all my passwords, what other steps can I take to ensure better protection? Note that this is a personal laptops and is not used in the course of business or trade. Many thanks for all your assistance so far.
  6. In addition to the information in my first post, before I ran TDSSKiller I had around 100 active processes running for all users. Among them, around 15 svchosts, one of which used up to 500k of my memory and under description just had "winrscmde". Sometimes it would play a random sound until I would manually kill the process. After the TDSSKiller reboot and just before I ran ComboFix, MBAM detected a trojan in svchost. Should that be of concern? The ComboFix report log was too long to C/P, I've attached it instead. ComboFix.txt
  7. Hello Elise and thank you for your assistance. The required log contents are below. 17:22:02.0568 4828 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39 17:22:02.0660 4828 ============================================================ 17:22:02.0660 4828 Current date / time: 2012/03/06 17:22:02.0660 17:22:02.0660 4828 SystemInfo: 17:22:02.0660 4828 17:22:02.0660 4828 OS Version: 6.1.7601 ServicePack: 1.0 17:22:02.0660 4828 Product type: Workstation 17:22:02.0660 4828 ComputerName: NINE-VAIO 17:22:02.0660 4828 UserName: NINE 17:22:02.0660 4828 Windows directory: C:\Windows 17:22:02.0660 4828 System windows directory: C:\Windows 17:22:02.0660 4828 Running under WOW64 17:22:02.0660 4828 Processor architecture: Intel x64 17:22:02.0660 4828 Number of processors: 8 17:22:02.0660 4828 Page size: 0x1000 17:22:02.0660 4828 Boot type: Normal boot 17:22:02.0660 4828 ============================================================ 17:22:02.0954 4828 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:22:02.0958 4828 \Device\Harddisk0\DR0: 17:22:02.0958 4828 MBR used 17:22:02.0958 4828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x24B8800, BlocksNum 0x32000 17:22:02.0958 4828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24EA800, BlocksNum 0x242CFAB0 17:22:02.0977 4828 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x267BB000, BlocksNum 0x2409C800 17:22:03.0040 4828 Initialize success 17:22:03.0040 4828 ============================================================ 17:22:14.0208 4952 ============================================================ 17:22:14.0208 4952 Scan started 17:22:14.0208 4952 Mode: Manual; 17:22:14.0208 4952 ============================================================ 17:22:14.0581 4952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 17:22:14.0629 4952 1394ohci - ok 17:22:14.0671 4952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 17:22:14.0716 4952 ACPI - ok 17:22:14.0734 4952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 17:22:14.0767 4952 AcpiPmi - ok 17:22:14.0818 4952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 17:22:14.0881 4952 adp94xx - ok 17:22:14.0982 4952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 17:22:15.0027 4952 adpahci - ok 17:22:15.0055 4952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 17:22:15.0061 4952 adpu320 - ok 17:22:15.0132 4952 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 17:22:15.0189 4952 AFD - ok 17:22:15.0248 4952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 17:22:15.0281 4952 agp440 - ok 17:22:15.0373 4952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 17:22:15.0403 4952 aliide - ok 17:22:15.0439 4952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 17:22:15.0459 4952 amdide - ok 17:22:15.0516 4952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 17:22:15.0548 4952 AmdK8 - ok 17:22:15.0569 4952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 17:22:15.0611 4952 AmdPPM - ok 17:22:15.0668 4952 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 17:22:15.0709 4952 amdsata - ok 17:22:15.0793 4952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 17:22:15.0834 4952 amdsbs - ok 17:22:15.0860 4952 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 17:22:15.0881 4952 amdxata - ok 17:22:15.0926 4952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 17:22:15.0950 4952 AppID - ok 17:22:15.0995 4952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 17:22:16.0029 4952 arc - ok 17:22:16.0104 4952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 17:22:16.0162 4952 arcsas - ok 17:22:16.0213 4952 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 17:22:16.0217 4952 ArcSoftKsUFilter - ok 17:22:16.0286 4952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 17:22:16.0309 4952 AsyncMac - ok 17:22:16.0388 4952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 17:22:16.0419 4952 atapi - ok 17:22:16.0473 4952 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys 17:22:16.0477 4952 AthBTPort - ok 17:22:16.0553 4952 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys 17:22:16.0585 4952 ATHDFU - ok 17:22:16.0760 4952 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys 17:22:16.0786 4952 athr - ok 17:22:16.0902 4952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 17:22:16.0916 4952 b06bdrv - ok 17:22:16.0990 4952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 17:22:17.0024 4952 b57nd60a - ok 17:22:17.0161 4952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 17:22:17.0164 4952 Beep - ok 17:22:17.0260 4952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 17:22:17.0290 4952 blbdrive - ok 17:22:17.0330 4952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 17:22:17.0381 4952 bowser - ok 17:22:17.0412 4952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 17:22:17.0415 4952 BrFiltLo - ok 17:22:17.0435 4952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 17:22:17.0438 4952 BrFiltUp - ok 17:22:17.0512 4952 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 17:22:17.0542 4952 BridgeMP - ok 17:22:17.0576 4952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 17:22:17.0595 4952 Brserid - ok 17:22:17.0629 4952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 17:22:17.0663 4952 BrSerWdm - ok 17:22:17.0689 4952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 17:22:17.0703 4952 BrUsbMdm - ok 17:22:17.0765 4952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 17:22:17.0767 4952 BrUsbSer - ok 17:22:17.0795 4952 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys 17:22:17.0830 4952 BTATH_A2DP - ok 17:22:17.0849 4952 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys 17:22:17.0852 4952 btath_avdt - ok 17:22:17.0901 4952 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys 17:22:17.0925 4952 BTATH_BUS - ok 17:22:18.0003 4952 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys 17:22:18.0035 4952 BTATH_HCRP - ok 17:22:18.0057 4952 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys 17:22:18.0059 4952 BTATH_LWFLT - ok 17:22:18.0090 4952 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys 17:22:18.0116 4952 BTATH_RCP - ok 17:22:18.0228 4952 BtFilter (d87aba7079a975eb0a8afdd4ec54f5f8) C:\Windows\system32\DRIVERS\btfilter.sys 17:22:18.0270 4952 BtFilter - ok 17:22:18.0316 4952 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 17:22:18.0343 4952 BthEnum - ok 17:22:18.0381 4952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 17:22:18.0399 4952 BTHMODEM - ok 17:22:18.0474 4952 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 17:22:18.0480 4952 BthPan - ok 17:22:18.0508 4952 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 17:22:18.0552 4952 BTHPORT - ok 17:22:18.0592 4952 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 17:22:18.0603 4952 BTHUSB - ok 17:22:18.0622 4952 catchme - ok 17:22:18.0709 4952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 17:22:18.0715 4952 cdfs - ok 17:22:18.0754 4952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 17:22:18.0789 4952 cdrom - ok 17:22:18.0820 4952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 17:22:18.0825 4952 circlass - ok 17:22:18.0859 4952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 17:22:18.0911 4952 CLFS - ok 17:22:19.0016 4952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 17:22:19.0037 4952 CmBatt - ok 17:22:19.0068 4952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 17:22:19.0087 4952 cmdide - ok 17:22:19.0133 4952 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 17:22:19.0183 4952 CNG - ok 17:22:19.0275 4952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 17:22:19.0277 4952 Compbatt - ok 17:22:19.0316 4952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 17:22:19.0319 4952 CompositeBus - ok 17:22:19.0405 4952 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys 17:22:19.0422 4952 cpuz135 - ok 17:22:19.0474 4952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 17:22:19.0489 4952 crcdisk - ok 17:22:19.0568 4952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 17:22:19.0575 4952 DfsC - ok 17:22:19.0601 4952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 17:22:19.0643 4952 discache - ok 17:22:19.0697 4952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 17:22:19.0725 4952 Disk - ok 17:22:19.0745 4952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 17:22:19.0765 4952 drmkaud - ok 17:22:19.0791 4952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 17:22:19.0797 4952 DXGKrnl - ok 17:22:19.0841 4952 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys 17:22:19.0851 4952 e1yexpress - ok 17:22:19.0920 4952 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys 17:22:19.0943 4952 eamonm - ok 17:22:20.0051 4952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 17:22:20.0099 4952 ebdrv - ok 17:22:20.0205 4952 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys 17:22:20.0238 4952 ehdrv - ok 17:22:20.0334 4952 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys 17:22:20.0381 4952 ElbyCDIO - ok 17:22:20.0477 4952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 17:22:20.0493 4952 elxstor - ok 17:22:20.0564 4952 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys 17:22:20.0583 4952 epfw - ok 17:22:20.0674 4952 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys 17:22:20.0719 4952 EpfwLWF - ok 17:22:20.0779 4952 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys 17:22:20.0814 4952 epfwwfp - ok 17:22:20.0849 4952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 17:22:20.0871 4952 ErrDev - ok 17:22:20.0964 4952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 17:22:21.0018 4952 exfat - ok 17:22:21.0034 4952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 17:22:21.0062 4952 fastfat - ok 17:22:21.0104 4952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 17:22:21.0139 4952 fdc - ok 17:22:21.0161 4952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 17:22:21.0171 4952 FileInfo - ok 17:22:21.0186 4952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 17:22:21.0199 4952 Filetrace - ok 17:22:21.0267 4952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 17:22:21.0272 4952 flpydisk - ok 17:22:21.0297 4952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 17:22:21.0326 4952 FltMgr - ok 17:22:21.0362 4952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 17:22:21.0389 4952 FsDepends - ok 17:22:21.0410 4952 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 17:22:21.0425 4952 Fs_Rec - ok 17:22:21.0506 4952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 17:22:21.0556 4952 fvevol - ok 17:22:21.0598 4952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 17:22:21.0629 4952 gagp30kx - ok 17:22:21.0666 4952 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys 17:22:21.0720 4952 hcmon - ok 17:22:21.0789 4952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 17:22:21.0794 4952 hcw85cir - ok 17:22:21.0829 4952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 17:22:21.0853 4952 HdAudAddService - ok 17:22:21.0885 4952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 17:22:21.0890 4952 HDAudBus - ok 17:22:21.0908 4952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 17:22:21.0953 4952 HidBatt - ok 17:22:22.0016 4952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 17:22:22.0050 4952 HidBth - ok 17:22:22.0100 4952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 17:22:22.0160 4952 HidIr - ok 17:22:22.0199 4952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 17:22:22.0215 4952 HidUsb - ok 17:22:22.0294 4952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 17:22:22.0300 4952 HpSAMD - ok 17:22:22.0349 4952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 17:22:22.0376 4952 HTTP - ok 17:22:22.0395 4952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 17:22:22.0416 4952 hwpolicy - ok 17:22:22.0460 4952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 17:22:22.0494 4952 i8042prt - ok 17:22:22.0552 4952 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys 17:22:22.0559 4952 iaStor - ok 17:22:22.0638 4952 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 17:22:22.0679 4952 iaStorV - ok 17:22:22.0716 4952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 17:22:22.0721 4952 iirsp - ok 17:22:22.0949 4952 IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys 17:22:23.0006 4952 IntcAzAudAddService - ok 17:22:23.0163 4952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 17:22:23.0167 4952 intelide - ok 17:22:23.0208 4952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 17:22:23.0234 4952 intelppm - ok 17:22:23.0293 4952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:22:23.0300 4952 IpFilterDriver - ok 17:22:23.0492 4952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 17:22:23.0495 4952 IPMIDRV - ok 17:22:23.0537 4952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 17:22:23.0567 4952 IPNAT - ok 17:22:23.0595 4952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 17:22:23.0597 4952 IRENUM - ok 17:22:23.0641 4952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 17:22:23.0686 4952 isapnp - ok 17:22:23.0873 4952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 17:22:23.0942 4952 iScsiPrt - ok 17:22:24.0218 4952 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys 17:22:24.0257 4952 ivusb - ok 17:22:24.0368 4952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 17:22:24.0373 4952 kbdclass - ok 17:22:24.0740 4952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 17:22:24.0745 4952 kbdhid - ok 17:22:24.0831 4952 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 17:22:24.0852 4952 KSecDD - ok 17:22:24.0890 4952 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 17:22:24.0921 4952 KSecPkg - ok 17:22:25.0012 4952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 17:22:25.0044 4952 ksthunk - ok 17:22:25.0106 4952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 17:22:25.0125 4952 lltdio - ok 17:22:25.0257 4952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 17:22:25.0281 4952 LSI_FC - ok 17:22:25.0301 4952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 17:22:25.0322 4952 LSI_SAS - ok 17:22:25.0339 4952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 17:22:25.0350 4952 LSI_SAS2 - ok 17:22:25.0372 4952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 17:22:25.0384 4952 LSI_SCSI - ok 17:22:25.0401 4952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 17:22:25.0403 4952 luafv - ok 17:22:25.0503 4952 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 17:22:25.0524 4952 MBAMProtector - ok 17:22:25.0575 4952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 17:22:25.0632 4952 megasas - ok 17:22:25.0669 4952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 17:22:25.0684 4952 MegaSR - ok 17:22:25.0817 4952 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys 17:22:25.0821 4952 MEIx64 - ok 17:22:25.0867 4952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 17:22:25.0871 4952 Modem - ok 17:22:25.0915 4952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 17:22:25.0916 4952 monitor - ok 17:22:26.0022 4952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 17:22:26.0027 4952 mouclass - ok 17:22:26.0058 4952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 17:22:26.0062 4952 mouhid - ok 17:22:26.0102 4952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 17:22:26.0137 4952 mountmgr - ok 17:22:26.0231 4952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 17:22:26.0256 4952 mpio - ok 17:22:26.0274 4952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 17:22:26.0302 4952 mpsdrv - ok 17:22:26.0324 4952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 17:22:26.0329 4952 MRxDAV - ok 17:22:26.0371 4952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 17:22:26.0376 4952 mrxsmb - ok 17:22:26.0445 4952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:22:26.0501 4952 mrxsmb10 - ok 17:22:26.0574 4952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:22:26.0612 4952 mrxsmb20 - ok 17:22:26.0701 4952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 17:22:26.0733 4952 msahci - ok 17:22:26.0868 4952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 17:22:26.0893 4952 msdsm - ok 17:22:27.0001 4952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 17:22:27.0005 4952 Msfs - ok 17:22:27.0047 4952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 17:22:27.0050 4952 mshidkmdf - ok 17:22:27.0072 4952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 17:22:27.0098 4952 msisadrv - ok 17:22:27.0133 4952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 17:22:27.0134 4952 MSKSSRV - ok 17:22:27.0253 4952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 17:22:27.0272 4952 MSPCLOCK - ok 17:22:27.0282 4952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 17:22:27.0310 4952 MSPQM - ok 17:22:27.0331 4952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 17:22:27.0337 4952 MsRPC - ok 17:22:27.0516 4952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 17:22:27.0540 4952 mssmbios - ok 17:22:27.0635 4952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 17:22:27.0640 4952 MSTEE - ok 17:22:27.0793 4952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 17:22:27.0797 4952 MTConfig - ok 17:22:27.0818 4952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 17:22:27.0848 4952 Mup - ok 17:22:27.0963 4952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 17:22:28.0008 4952 NativeWifiP - ok 17:22:28.0132 4952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 17:22:28.0140 4952 NDIS - ok 17:22:28.0287 4952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 17:22:28.0310 4952 NdisCap - ok 17:22:28.0359 4952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 17:22:28.0363 4952 NdisTapi - ok 17:22:28.0388 4952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 17:22:28.0391 4952 Ndisuio - ok 17:22:28.0413 4952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 17:22:28.0468 4952 NdisWan - ok 17:22:28.0599 4952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 17:22:28.0677 4952 NDProxy - ok 17:22:28.0868 4952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 17:22:28.0899 4952 NetBIOS - ok 17:22:28.0918 4952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 17:22:28.0934 4952 NetBT - ok 17:22:29.0188 4952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 17:22:29.0209 4952 nfrd960 - ok 17:22:29.0318 4952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 17:22:29.0335 4952 Npfs - ok 17:22:29.0366 4952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 17:22:29.0397 4952 nsiproxy - ok 17:22:29.0685 4952 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 17:22:29.0736 4952 Ntfs - ok 17:22:30.0243 4952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 17:22:30.0259 4952 Null - ok 17:22:30.0357 4952 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys 17:22:30.0387 4952 nusb3hub - ok 17:22:30.0413 4952 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys 17:22:30.0417 4952 nusb3xhc - ok 17:22:30.0439 4952 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys 17:22:30.0489 4952 NVHDA - ok 17:22:30.0993 4952 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys 17:22:31.0114 4952 nvlddmkm - ok 17:22:31.0565 4952 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 17:22:31.0622 4952 nvraid - ok 17:22:31.0850 4952 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 17:22:31.0879 4952 nvstor - ok 17:22:31.0946 4952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 17:22:31.0971 4952 nv_agp - ok 17:22:32.0419 4952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 17:22:32.0472 4952 ohci1394 - ok 17:22:32.0701 4952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 17:22:32.0735 4952 Parport - ok 17:22:32.0883 4952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 17:22:32.0912 4952 partmgr - ok 17:22:33.0044 4952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 17:22:33.0093 4952 pci - ok 17:22:33.0234 4952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 17:22:33.0245 4952 pciide - ok 17:22:33.0279 4952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 17:22:33.0293 4952 pcmcia - ok 17:22:33.0309 4952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 17:22:33.0320 4952 pcw - ok 17:22:33.0340 4952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 17:22:33.0357 4952 PEAUTH - ok 17:22:33.0487 4952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 17:22:33.0518 4952 PptpMiniport - ok 17:22:33.0554 4952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 17:22:33.0566 4952 Processor - ok 17:22:33.0623 4952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 17:22:33.0637 4952 Psched - ok 17:22:33.0827 4952 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 17:22:33.0874 4952 PxHlpa64 - ok 17:22:33.0985 4952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 17:22:34.0001 4952 ql2300 - ok 17:22:34.0197 4952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 17:22:34.0213 4952 ql40xx - ok 17:22:34.0284 4952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 17:22:34.0296 4952 QWAVEdrv - ok 17:22:34.0380 4952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 17:22:34.0405 4952 RasAcd - ok 17:22:34.0450 4952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 17:22:34.0452 4952 RasAgileVpn - ok 17:22:34.0480 4952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 17:22:34.0501 4952 Rasl2tp - ok 17:22:34.0511 4952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 17:22:34.0513 4952 RasPppoe - ok 17:22:34.0539 4952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 17:22:34.0569 4952 RasSstp - ok 17:22:34.0591 4952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 17:22:34.0596 4952 rdbss - ok 17:22:34.0631 4952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 17:22:34.0672 4952 rdpbus - ok 17:22:34.0814 4952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 17:22:34.0817 4952 RDPCDD - ok 17:22:34.0833 4952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 17:22:34.0837 4952 RDPENCDD - ok 17:22:34.0851 4952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 17:22:34.0855 4952 RDPREFMP - ok 17:22:34.0888 4952 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 17:22:34.0912 4952 RDPWD - ok 17:22:34.0939 4952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 17:22:34.0992 4952 rdyboost - ok 17:22:35.0027 4952 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 17:22:35.0109 4952 regi - ok 17:22:35.0286 4952 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 17:22:35.0318 4952 RFCOMM - ok 17:22:35.0377 4952 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys 17:22:35.0409 4952 rimspci - ok 17:22:35.0451 4952 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys 17:22:35.0512 4952 risdsnpe - ok 17:22:35.0636 4952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 17:22:35.0687 4952 rspndr - ok 17:22:35.0747 4952 RTL8167 (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys 17:22:35.0775 4952 RTL8167 - ok 17:22:35.0868 4952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 17:22:35.0903 4952 sbp2port - ok 17:22:36.0029 4952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 17:22:36.0061 4952 scfilter - ok 17:22:36.0123 4952 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys 17:22:36.0129 4952 sdbus - ok 17:22:36.0210 4952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 17:22:36.0256 4952 secdrv - ok 17:22:36.0352 4952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 17:22:36.0383 4952 Serenum - ok 17:22:36.0470 4952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 17:22:36.0537 4952 Serial - ok 17:22:36.0568 4952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 17:22:36.0579 4952 sermouse - ok 17:22:36.0631 4952 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 17:22:36.0674 4952 SFEP - ok 17:22:36.0698 4952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 17:22:36.0769 4952 sffdisk - ok 17:22:36.0837 4952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 17:22:36.0865 4952 sffp_mmc - ok 17:22:36.0912 4952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 17:22:36.0916 4952 sffp_sd - ok 17:22:36.0974 4952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 17:22:36.0985 4952 sfloppy - ok 17:22:37.0060 4952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 17:22:37.0151 4952 SiSRaid2 - ok 17:22:37.0221 4952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 17:22:37.0243 4952 SiSRaid4 - ok 17:22:37.0372 4952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 17:22:37.0379 4952 Smb - ok 17:22:37.0479 4952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 17:22:37.0510 4952 spldr - ok 17:22:37.0590 4952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 17:22:37.0593 4952 srv - ok 17:22:37.0615 4952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 17:22:37.0629 4952 srv2 - ok 17:22:37.0693 4952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 17:22:37.0697 4952 srvnet - ok 17:22:37.0933 4952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 17:22:37.0935 4952 stexstor - ok 17:22:38.0198 4952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 17:22:38.0228 4952 swenum - ok 17:22:38.0491 4952 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys 17:22:38.0516 4952 SynTP - ok 17:22:38.0757 4952 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 17:22:38.0815 4952 Tcpip - ok 17:22:39.0042 4952 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 17:22:39.0060 4952 TCPIP6 - ok 17:22:39.0151 4952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 17:22:39.0172 4952 tcpipreg - ok 17:22:39.0283 4952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 17:22:39.0302 4952 TDPIPE - ok 17:22:39.0311 4952 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 17:22:39.0325 4952 TDTCP - ok 17:22:39.0357 4952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 17:22:39.0378 4952 tdx - ok 17:22:39.0524 4952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 17:22:39.0536 4952 TermDD - ok 17:22:39.0592 4952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 17:22:39.0594 4952 tssecsrv - ok 17:22:39.0655 4952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 17:22:39.0703 4952 TsUsbFlt - ok 17:22:39.0801 4952 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 17:22:39.0805 4952 TsUsbGD - ok 17:22:40.0008 4952 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys 17:22:40.0010 4952 TuneUpUtilitiesDrv - ok 17:22:40.0186 4952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 17:22:40.0189 4952 tunnel - ok 17:22:40.0238 4952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 17:22:40.0282 4952 uagp35 - ok 17:22:40.0313 4952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 17:22:40.0322 4952 udfs - ok 17:22:40.0483 4952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 17:22:40.0512 4952 uliagpkx - ok 17:22:40.0561 4952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 17:22:40.0578 4952 umbus - ok 17:22:40.0698 4952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 17:22:40.0719 4952 UmPass - ok 17:22:40.0814 4952 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 17:22:40.0834 4952 usbccgp - ok 17:22:40.0980 4952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 17:22:40.0986 4952 usbcir - ok 17:22:41.0034 4952 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 17:22:41.0081 4952 usbehci - ok 17:22:41.0126 4952 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 17:22:41.0173 4952 usbhub - ok 17:22:41.0264 4952 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 17:22:41.0290 4952 usbohci - ok 17:22:41.0378 4952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 17:22:41.0389 4952 usbprint - ok 17:22:41.0410 4952 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:22:41.0430 4952 USBSTOR - ok 17:22:41.0452 4952 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 17:22:41.0454 4952 usbuhci - ok 17:22:41.0526 4952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 17:22:41.0539 4952 usbvideo - ok 17:22:41.0655 4952 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys 17:22:41.0680 4952 VClone - ok 17:22:41.0765 4952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 17:22:41.0785 4952 vdrvroot - ok 17:22:41.0832 4952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 17:22:41.0834 4952 vga - ok 17:22:41.0879 4952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 17:22:41.0890 4952 VgaSave - ok 17:22:41.0923 4952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 17:22:41.0937 4952 vhdmp - ok 17:22:42.0012 4952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 17:22:42.0068 4952 viaide - ok 17:22:42.0117 4952 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys 17:22:42.0161 4952 vmci - ok 17:22:42.0229 4952 vmkbd (ed82d26b5e26542615483b8bed77d826) C:\Windows\system32\drivers\VMkbd.sys 17:22:42.0234 4952 vmkbd - ok 17:22:42.0307 4952 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys 17:22:42.0325 4952 VMnetAdapter - ok 17:22:42.0343 4952 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys 17:22:42.0348 4952 VMnetBridge - ok 17:22:42.0385 4952 VMnetuserif (1e74142ded099de7ada258042f891a8d) C:\Windows\system32\drivers\vmnetuserif.sys 17:22:42.0409 4952 VMnetuserif - ok 17:22:42.0510 4952 vmx86 (18a28eda522b6c0560e59d5be638d076) C:\Windows\system32\drivers\vmx86.sys 17:22:42.0530 4952 vmx86 - ok 17:22:42.0623 4952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 17:22:42.0647 4952 volmgr - ok 17:22:42.0667 4952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 17:22:42.0672 4952 volmgrx - ok 17:22:42.0697 4952 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 17:22:42.0715 4952 volsnap - ok 17:22:42.0782 4952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 17:22:42.0805 4952 vsmraid - ok 17:22:42.0831 4952 vstor2-mntapi10-shared - ok 17:22:42.0891 4952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 17:22:42.0917 4952 vwifibus - ok 17:22:42.0940 4952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 17:22:42.0943 4952 vwififlt - ok 17:22:42.0998 4952 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 17:22:43.0028 4952 vwifimp - ok 17:22:43.0071 4952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 17:22:43.0075 4952 WacomPen - ok 17:22:43.0111 4952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:22:43.0134 4952 WANARP - ok 17:22:43.0138 4952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 17:22:43.0139 4952 Wanarpv6 - ok 17:22:43.0175 4952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 17:22:43.0178 4952 Wd - ok 17:22:43.0261 4952 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys 17:22:43.0265 4952 WDC_SAM - ok 17:22:43.0321 4952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 17:22:43.0332 4952 Wdf01000 - ok 17:22:43.0480 4952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 17:22:43.0503 4952 WfpLwf - ok 17:22:43.0533 4952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 17:22:43.0543 4952 WIMMount - ok 17:22:43.0718 4952 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 17:22:43.0868 4952 WinUsb - ok 17:22:44.0014 4952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 17:22:44.0032 4952 WmiAcpi - ok 17:22:44.0189 4952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 17:22:44.0207 4952 ws2ifsl - ok 17:22:44.0479 4952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 17:22:44.0511 4952 WudfPf - ok 17:22:44.0587 4952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 17:22:44.0618 4952 WUDFRd - ok 17:22:44.0924 4952 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0 17:22:44.0990 4952 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected 17:22:44.0990 4952 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0) 17:22:45.0026 4952 Boot (0x1200) (a6ea5341dd708ac919dd18d4e6e12b95) \Device\Harddisk0\DR0\Partition0 17:22:45.0028 4952 \Device\Harddisk0\DR0\Partition0 - ok 17:22:45.0038 4952 Boot (0x1200) (b788456dbe420cf5996b02509b9fea6b) \Device\Harddisk0\DR0\Partition1 17:22:45.0040 4952 \Device\Harddisk0\DR0\Partition1 - ok 17:22:45.0071 4952 Boot (0x1200) (96a3b3e496da08c1cb234b3c544a61c3) \Device\Harddisk0\DR0\Partition2 17:22:45.0072 4952 \Device\Harddisk0\DR0\Partition2 - ok 17:22:45.0073 4952 ============================================================ 17:22:45.0073 4952 Scan finished 17:22:45.0073 4952 ============================================================ 17:22:45.0084 2788 Detected object count: 1 17:22:45.0084 2788 Actual detected object count: 1 17:24:24.0858 2788 \Device\Harddisk0\DR0\# - copied to quarantine 17:24:24.0891 2788 \Device\Harddisk0\DR0 - copied to quarantine 17:24:24.0967 2788 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine 17:24:34.0540 2788 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine 17:24:34.0824 2788 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine 17:24:35.0086 2788 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine 17:24:35.0386 2788 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine 17:24:35.0389 2788 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine 17:24:35.0435 2788 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine 17:24:35.0463 2788 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine 17:24:35.0939 2788 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine 17:24:36.0195 2788 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine 17:24:36.0267 2788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot 17:24:36.0267 2788 \Device\Harddisk0\DR0 - ok 17:24:36.0671 2788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure 17:24:44.0113 0160 Deinitialize success
  8. Hello. My name is Chris and I'm having a bit of trouble with a nasty infection. On the 23rd of February I seem to have "acquired" a trojan that has henceforth spread and infected other system files. I ran ESET Smart Security 5 and MBAM and yet they can't seem to help much in the matter. I performed registry cleaning tasks on a semi-daily basis with as much help as Tune-Up Utilities can provide. The infection has surprised me and I am yet to find a resolution. A possible cause would be that I've had 2 other people not so tech-savvy use my laptop for personal "business" for about 2 days. My system restore only has 1 file recognized from November last year, but I would rather have my system cleaned rather than replaced. I'm looking for any other alternatives than a drive C format and reinstalling OS as I quite like the way my system ran prior to this infection, and have worked a lot on customizing it with various programs. I've attached the logs requested below. I'll kindly await your reply. DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 01.09.2011 10:56:52 System Uptime: 04.03.2012 17:52:16 (1 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | N/A | 2001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 132,931 GiB free. D: is CDROM () G: is CDROM () N: is FIXED (NTFS) - 288 GiB total, 128,894 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . . ????? Windows Live ?????? Windows Live ??????? ??????????? ??? Windows Live ???????? ?????????? Windows Live ?????????? Windows Live ??????????? ?? Windows Live ???????????? Windows Live AC3Filter 1.63b Adobe AIR Adobe Community Help Adobe Creative Suite 5 Master Collection Adobe Flash Player 10 ActiveX Adobe Media Player Adobe Photoshop Elements 9 Adobe Premiere Elements 9 Adobe Reader X (10.1.2) MUI Adobe Shockwave Player 11.6 ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 4 Ask Toolbar Updater Assassin's Creed Brotherhood Assassin's Creed II Assassin's Creed Revelations Atheros WiFi Driver Installation µTorrent Bing Bar Corel WinDVD D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Disciples II Rise of the Elves Disciples III: Resurrection DivX Setup Elements 9 Organizer Elements STI Installer FotoSketcher 2.20 Galeria de Fotografias do Windows Live Galeria fotografii usługi Windows Live Galerie de photos Windows Live Galerie foto Windows Live GOM Player Google Chrome High-Definition Video Playback 10 IconPackager Intel® Management Engine Components Intel® Rapid Storage Technology IrfanView (remove only) Java Auto Updater Java™ 6 Update 22 Junk Mail filter update Malwarebytes Anti-Malware version 1.60.1.1000 Mass Effect Mass Effect 2 Mass Effect™ 3 Demo Matroska Pack Mesh Runtime Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 10.0.2 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NVIDIA 3D Vision Video Player NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Origin PDF Settings CS5 PMB VAIO Edition Guide PMB VAIO Edition Plug-in Poczta usługi Windows Live Podstawowe programy Windows Live PxMergeModule Qualcomm Atheros Direct Connect Quick Web Access QuickTime Raccolta foto di Windows Live Rainmeter Realtek High Definition Audio Driver Remote Keyboard Remote Play with PlayStation 3 Renesas Electronics USB 3.0 Host Controller Driver Security Update for ?????? ??????? ??? ?? ???????? ??? Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for ?????? ??????? ??? ?? ???????? ??? Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2478663) Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2518870) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Istemci Profili TRK Dil Paketi (KB2478663) Security Update for Microsoft .NET Framework 4 Istemci Profili TRK Dil Paketi (KB2518870) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870) Sid Meier's Civilization 4 Sid Meier's Civilization 4 - Beyond the Sword Sid Meier's Civilization 4 - Warlords Sid Meier's Civilization IV: Realism:Invictus Skype™ 5.5 SmartSound Quicktracks for Premiere Elements 9.0 SSLx86 Star Wars: The Old Republic StarCraft II swMSM tools-freebsd tools-linux tools-netware tools-solaris tools-windows tools-winPre2k TuneUp Utilities 2011 TuneUp Utilities Language Pack (en-US) Ubisoft Game Launcher Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi V3DPX86 VAIO - Media Gallery VAIO - PMB VAIO Edition Guide VAIO - PMB VAIO Edition Plug-in VAIO - Remote Keyboard VAIO - Remote Play with PlayStation®3 VAIO 3D Portal VAIO Care VAIO Control Center VAIO Data Restore Tool VAIO Easy Connect VAIO Event Service VAIO F Series - Summer 2011 Screensaver VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Improvement VAIO Manual VAIO Sample Contents VAIO Smart Network VAIO Transfer Support VAIO Update VC80CRTRedist - 8.0.50727.6195 VCCx86 VESx86 VirtualCloneDrive VIx86 VLC media player 1.1.11 VMware Workstation VSNx86 VWSTx86 WebCam Recorder Winamp Winamp Detector Plug-in Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima Windows Media Player Firefox Plugin XSplit Xvid Plus Codec Pack Yahoo! Messenger . ==== Event Viewer Messages From Past Week ======== . 27.02.2012 22:19:37, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started. 27.02.2012 22:19:36, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress. 27.02.2012 22:19:28, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 27.02.2012 22:19:28, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure. 26.02.2012 17:35:18, Error: Service Control Manager [7034] - The VAIO Power Management service terminated unexpectedly. It has done this 1 time(s). 26.02.2012 17:35:04, Error: Service Control Manager [7034] - The IviRegMgr service terminated unexpectedly. It has done this 1 time(s). 26.02.2012 12:54:22, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s). 26.02.2012 12:54:16, Error: Service Control Manager [7034] - The Nero Update service terminated unexpectedly. It has done this 1 time(s). 26.02.2012 12:54:10, Error: Service Control Manager [7034] - The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). 26.02.2012 12:54:00, Error: Service Control Manager [7034] - The Bing Bar Update Service service terminated unexpectedly. It has done this 1 time(s). 04.03.2012 17:58:47, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 04.03.2012 17:58:46, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.03.2012 17:55:02, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 04.03.2012 17:52:40, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed. 04.03.2012 17:52:40, Error: Service Control Manager [7003] - The McAfee Anti-Spam Service service depends the following service: MfeFire. This service might not be installed. 04.03.2012 17:52:40, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 04.03.2012 17:49:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C} 04.03.2012 17:48:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 04.03.2012 17:48:41, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 04.03.2012 17:48:25, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll Error Code: 21 04.03.2012 17:48:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 04.03.2012 17:48:09, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ehdrv ElbyCDIO spldr Wanarpv6 04.03.2012 17:47:01, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 04.03.2012 16:07:15, Error: Service Control Manager [7034] - The VUAgent service terminated unexpectedly. It has done this 1 time(s). 04.03.2012 13:06:07, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). 04.03.2012 13:06:05, Error: Service Control Manager [7034] - The AtherosSvc service terminated unexpectedly. It has done this 1 time(s). 04.03.2012 01:18:37, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 03.03.2012 22:37:46, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 03.03.2012 22:36:49, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 01.03.2012 18:12:55, Error: Service Control Manager [7034] - The WD File Management Engine service terminated unexpectedly. It has done this 1 time(s). 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. . ==== End Of File =========================== . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by NINE at 18:00:07 on 2012-03-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.40.1033.18.6125.3763 [GMT 0:00] . AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\SysWOW64\vmnat.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe C:\Windows\Explorer.EXE C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe C:\Windows\SysWOW64\vmnetdhcp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Rainmeter\Rainmeter.exe N:\Downloads\Taskbar Eliminator\Taskbar Eliminator.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k bthsvcs -netsvcs C:\Windows\system32\conhost.exe C:\Windows\system32\msiexec.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Sony\VAIO Update Common\VUAgent.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\wbengine.exe C:\Windows\System32\vds.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Sony\VAIO Care\listener.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\splwow64.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sony.eu/vaioportal uInternet Settings,ProxyOverride = <local> BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\Users\NINE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe StartupFolder: C:\Users\NINE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TASKBA~1.LNK - N:\Downloads\Taskbar Eliminator\Taskbar Eliminator.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: %SystemRoot%\system32\vsocklib.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{32877206-6FCB-4797-BF56-EE38C5FF321B} : DhcpNameServer = 138.37.6.1 138.37.7.1 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B} : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\05576696 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\149657270275966496 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\25332305F6775627 : DhcpNameServer = 213.154.124.1 193.231.252.1 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\37075636472757D6 : DhcpNameServer = 172.16.66.1 TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\75962756A7 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO-X64: IESpeakDoc - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray SSODL-X64: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\NINE\AppData\Roaming\Mozilla\Firefox\Profiles\p78u4anx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.co.uk FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\NINE\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: extentions.y2layers.installId - c3a6b478-ff98-4305-948d-6ca708dc3437 FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader, FF - user.js: extensions.autoDisableScopes - 14 . ============= SERVICES / DRIVERS =============== . R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-8 138400] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-8 73376] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?] R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-10 13336] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-24 652360] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-29 2253120] R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsnxc64.sys --> C:\Windows\system32\drivers\risdsnxc64.sys [?] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-9-1 259192] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-9-27 2027840] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-5-10 105024] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-10 2656280] R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-5-10 550080] R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-9-15 971704] R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-9 288768] R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-3-9 1066896] R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-3-9 491920] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys --> C:\Windows\system32\drivers\btath_bus.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-7-8 11856] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-9-1 44736] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-9-23 1429608] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-9-2 8192] S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\drivers\btath_hcrp.sys --> C:\Windows\system32\drivers\btath_hcrp.sys [?] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\drivers\btath_rcp.sys --> C:\Windows\system32\drivers\btath_rcp.sys [?] S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-9-15 104096] S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?] S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880] S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824] S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232] S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104] S3 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-1-18 11839488] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-03-03 13:32:39 -------- d-----w- C:\Users\NINE\AppData\Local\DDMSettings 2012-03-03 13:21:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E888B89F-AB71-4949-9AC7-F0A3F306F4C8}\offreg.dll 2012-03-02 11:09:34 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E888B89F-AB71-4949-9AC7-F0A3F306F4C8}\mpengine.dll 2012-02-27 20:04:14 20480 ----a-w- C:\Windows\svchost.exe 2012-02-26 11:40:39 -------- d-----w- C:\Users\NINE\AppData\Roaming\AusLogics 2012-02-24 10:26:48 -------- d-sh--w- C:\$RECYCLE.BIN 2012-02-24 09:57:45 98816 ----a-w- C:\Windows\sed.exe 2012-02-24 09:57:45 518144 ----a-w- C:\Windows\SWREG.exe 2012-02-24 09:57:45 256000 ----a-w- C:\Windows\PEV.exe 2012-02-24 09:57:45 208896 ----a-w- C:\Windows\MBR.exe 2012-02-24 09:44:02 -------- d-----w- C:\Users\NINE\AppData\Roaming\Malwarebytes 2012-02-24 09:43:56 -------- d-----w- C:\ProgramData\Malwarebytes 2012-02-24 09:43:55 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-02-24 09:43:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-02-24 09:38:36 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-23 20:06:46 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2012-02-23 20:06:46 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2012-02-23 20:06:45 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2012-02-15 14:51:17 -------- d-----w- C:\ProgramData\EA Logs 2012-02-15 13:51:27 -------- d-----w- C:\Program Files (x86)\Origin Games 2012-02-15 13:51:25 -------- d-----w- C:\Users\NINE\AppData\Roaming\Origin 2012-02-15 13:51:25 -------- d-----w- C:\Users\NINE\AppData\Local\Origin 2012-02-15 13:51:19 -------- d-----w- C:\ProgramData\Origin 2012-02-15 13:51:19 -------- d-----w- C:\ProgramData\Electronic Arts 2012-02-15 13:51:04 -------- d-----w- C:\Program Files (x86)\Origin 2012-02-14 21:57:29 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-14 21:57:29 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-14 21:57:28 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-14 21:57:28 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-14 21:57:27 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-14 21:57:27 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-14 21:57:22 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-14 21:57:21 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-10 16:07:13 -------- d-----w- C:\Users\NINE\AppData\Local\VMware 2012-02-10 15:52:58 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys 2012-02-10 15:52:35 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe 2012-02-10 15:52:31 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe 2012-02-10 15:52:31 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys 2012-02-10 15:52:28 942192 ----a-w- C:\Windows\System32\vnetlib64.dll 2012-02-10 15:51:39 32880 ----a-w- C:\Windows\System32\drivers\VMkbd.sys 2012-02-10 15:51:38 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys 2012-02-10 15:50:53 -------- d-----w- C:\Program Files (x86)\VMware 2012-02-10 15:50:53 -------- d-----w- C:\Program Files (x86)\Common Files\VMware 2012-02-10 15:50:20 -------- d-----w- C:\Program Files\Common Files\VMware 2012-02-08 19:28:11 -------- d-----w- C:\Windows\System32\embrace . ==================== Find3M ==================== . 2012-02-29 14:09:23 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-29 05:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-01-28 09:12:50 28056 ----a-w- C:\Windows\System32\xfcodec64.dll 2012-01-18 13:41:32 252016 ----a-w- C:\Windows\SysWow64\vmnc.dll 2012-01-18 13:06:00 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll 2012-01-18 13:06:00 48752 ----a-w- C:\Windows\System32\vnetinst.dll 2012-01-18 13:06:00 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys 2012-01-18 13:06:00 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys 2012-01-18 13:06:00 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 18:01:04,89 =============== DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.