ninewirez
-
Posts
8 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ninewirez
-
-
Apologies for the delay I had a busy day. ComboFix cannot be uninstalled, apparently my system cannot find it.
Thank you for your assistance with everything.
Kind regards,
Chris.
-
Done. This is what the scan produced. Let me know if there's anything else I need to take care of.
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\NINE\AppData\Local\dplayx.dll.vir a variant of Win32/Kryptik.ABDQ trojan cleaned by deleting - quarantined
C:\Users\NINE\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\795aee91-1ba0006f a variant of Java/Agent.DN trojan deleted - quarantined
C:\Users\NINE\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\38e6a667-3180f22e a variant of Java/TrojanDownloader.Agent.AD trojan deleted - quarantined
N:\Current\Windows Tweaks\Icon Packager\Patch\startdock.iconpackager-patch ~TheOrb666~.exe Win32/HackTool.Patcher.A application cleaned by deleting - quarantined
N:\Downloads\mini-KMS_Activator_v1.3_Office2010_VL_ENG.exe a variant of Win32/HackKMS.A application deleted - quarantined
-
The full scan doesn't seem to have picked up anything. Let me know if there's anything more I need to do on my part.
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.06.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
NINE :: NINE-VAIO [administrator]
Protection: Enabled
06.03.2012 19:23:55
mbam-log-2012-03-06 (19-23-55).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 616322
Time elapsed: 1 hour(s), 16 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
When prompted with the virus detection, MBAM can only ignore or quarantine. I always chose the latter, last time included, but prior to running ComboFix, MBAM displayed that message around 20 times / day so I didn't really think much was done against in until I ran ComboFix.
I've also updated Java [thanks for the tip] and restarted. It does seem to boot up and get all systems running in less time and I only have 75 processes running for all users. I've updated MBAM and will post the resulting full scan log here when it's done.
As a personal advice, would a rootkit of this sort damage my security in an unrecoverable way? Would backdoor access to my system be possible / detected by software such as MBAM? Other than changing all my passwords, what other steps can I take to ensure better protection? Note that this is a personal laptops and is not used in the course of business or trade.
Many thanks for all your assistance so far.
-
In addition to the information in my first post, before I ran TDSSKiller I had around 100 active processes running for all users. Among them, around 15 svchosts, one of which used up to 500k of my memory and under description just had "winrscmde". Sometimes it would play a random sound until I would manually kill the process.
After the TDSSKiller reboot and just before I ran ComboFix, MBAM detected a trojan in svchost. Should that be of concern?
The ComboFix report log was too long to C/P, I've attached it instead.
-
Hello Elise and thank you for your assistance.
The required log contents are below.
17:22:02.0568 4828 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
17:22:02.0660 4828 ============================================================
17:22:02.0660 4828 Current date / time: 2012/03/06 17:22:02.0660
17:22:02.0660 4828 SystemInfo:
17:22:02.0660 4828
17:22:02.0660 4828 OS Version: 6.1.7601 ServicePack: 1.0
17:22:02.0660 4828 Product type: Workstation
17:22:02.0660 4828 ComputerName: NINE-VAIO
17:22:02.0660 4828 UserName: NINE
17:22:02.0660 4828 Windows directory: C:\Windows
17:22:02.0660 4828 System windows directory: C:\Windows
17:22:02.0660 4828 Running under WOW64
17:22:02.0660 4828 Processor architecture: Intel x64
17:22:02.0660 4828 Number of processors: 8
17:22:02.0660 4828 Page size: 0x1000
17:22:02.0660 4828 Boot type: Normal boot
17:22:02.0660 4828 ============================================================
17:22:02.0954 4828 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:22:02.0958 4828 \Device\Harddisk0\DR0:
17:22:02.0958 4828 MBR used
17:22:02.0958 4828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x24B8800, BlocksNum 0x32000
17:22:02.0958 4828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24EA800, BlocksNum 0x242CFAB0
17:22:02.0977 4828 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x267BB000, BlocksNum 0x2409C800
17:22:03.0040 4828 Initialize success
17:22:03.0040 4828 ============================================================
17:22:14.0208 4952 ============================================================
17:22:14.0208 4952 Scan started
17:22:14.0208 4952 Mode: Manual;
17:22:14.0208 4952 ============================================================
17:22:14.0581 4952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:22:14.0629 4952 1394ohci - ok
17:22:14.0671 4952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:22:14.0716 4952 ACPI - ok
17:22:14.0734 4952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:22:14.0767 4952 AcpiPmi - ok
17:22:14.0818 4952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:22:14.0881 4952 adp94xx - ok
17:22:14.0982 4952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:22:15.0027 4952 adpahci - ok
17:22:15.0055 4952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:22:15.0061 4952 adpu320 - ok
17:22:15.0132 4952 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:22:15.0189 4952 AFD - ok
17:22:15.0248 4952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:22:15.0281 4952 agp440 - ok
17:22:15.0373 4952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:22:15.0403 4952 aliide - ok
17:22:15.0439 4952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:22:15.0459 4952 amdide - ok
17:22:15.0516 4952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:22:15.0548 4952 AmdK8 - ok
17:22:15.0569 4952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:22:15.0611 4952 AmdPPM - ok
17:22:15.0668 4952 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:22:15.0709 4952 amdsata - ok
17:22:15.0793 4952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:22:15.0834 4952 amdsbs - ok
17:22:15.0860 4952 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:22:15.0881 4952 amdxata - ok
17:22:15.0926 4952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:22:15.0950 4952 AppID - ok
17:22:15.0995 4952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:22:16.0029 4952 arc - ok
17:22:16.0104 4952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:22:16.0162 4952 arcsas - ok
17:22:16.0213 4952 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
17:22:16.0217 4952 ArcSoftKsUFilter - ok
17:22:16.0286 4952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:22:16.0309 4952 AsyncMac - ok
17:22:16.0388 4952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:22:16.0419 4952 atapi - ok
17:22:16.0473 4952 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
17:22:16.0477 4952 AthBTPort - ok
17:22:16.0553 4952 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
17:22:16.0585 4952 ATHDFU - ok
17:22:16.0760 4952 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
17:22:16.0786 4952 athr - ok
17:22:16.0902 4952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:22:16.0916 4952 b06bdrv - ok
17:22:16.0990 4952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:22:17.0024 4952 b57nd60a - ok
17:22:17.0161 4952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:22:17.0164 4952 Beep - ok
17:22:17.0260 4952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:22:17.0290 4952 blbdrive - ok
17:22:17.0330 4952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:22:17.0381 4952 bowser - ok
17:22:17.0412 4952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:22:17.0415 4952 BrFiltLo - ok
17:22:17.0435 4952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:22:17.0438 4952 BrFiltUp - ok
17:22:17.0512 4952 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:22:17.0542 4952 BridgeMP - ok
17:22:17.0576 4952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:22:17.0595 4952 Brserid - ok
17:22:17.0629 4952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:22:17.0663 4952 BrSerWdm - ok
17:22:17.0689 4952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:22:17.0703 4952 BrUsbMdm - ok
17:22:17.0765 4952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:22:17.0767 4952 BrUsbSer - ok
17:22:17.0795 4952 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
17:22:17.0830 4952 BTATH_A2DP - ok
17:22:17.0849 4952 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
17:22:17.0852 4952 btath_avdt - ok
17:22:17.0901 4952 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
17:22:17.0925 4952 BTATH_BUS - ok
17:22:18.0003 4952 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
17:22:18.0035 4952 BTATH_HCRP - ok
17:22:18.0057 4952 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
17:22:18.0059 4952 BTATH_LWFLT - ok
17:22:18.0090 4952 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
17:22:18.0116 4952 BTATH_RCP - ok
17:22:18.0228 4952 BtFilter (d87aba7079a975eb0a8afdd4ec54f5f8) C:\Windows\system32\DRIVERS\btfilter.sys
17:22:18.0270 4952 BtFilter - ok
17:22:18.0316 4952 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:22:18.0343 4952 BthEnum - ok
17:22:18.0381 4952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:22:18.0399 4952 BTHMODEM - ok
17:22:18.0474 4952 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:22:18.0480 4952 BthPan - ok
17:22:18.0508 4952 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:22:18.0552 4952 BTHPORT - ok
17:22:18.0592 4952 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:22:18.0603 4952 BTHUSB - ok
17:22:18.0622 4952 catchme - ok
17:22:18.0709 4952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:22:18.0715 4952 cdfs - ok
17:22:18.0754 4952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:22:18.0789 4952 cdrom - ok
17:22:18.0820 4952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:22:18.0825 4952 circlass - ok
17:22:18.0859 4952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:22:18.0911 4952 CLFS - ok
17:22:19.0016 4952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:22:19.0037 4952 CmBatt - ok
17:22:19.0068 4952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:22:19.0087 4952 cmdide - ok
17:22:19.0133 4952 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:22:19.0183 4952 CNG - ok
17:22:19.0275 4952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:22:19.0277 4952 Compbatt - ok
17:22:19.0316 4952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:22:19.0319 4952 CompositeBus - ok
17:22:19.0405 4952 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
17:22:19.0422 4952 cpuz135 - ok
17:22:19.0474 4952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:22:19.0489 4952 crcdisk - ok
17:22:19.0568 4952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:22:19.0575 4952 DfsC - ok
17:22:19.0601 4952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:22:19.0643 4952 discache - ok
17:22:19.0697 4952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:22:19.0725 4952 Disk - ok
17:22:19.0745 4952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:22:19.0765 4952 drmkaud - ok
17:22:19.0791 4952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:22:19.0797 4952 DXGKrnl - ok
17:22:19.0841 4952 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
17:22:19.0851 4952 e1yexpress - ok
17:22:19.0920 4952 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
17:22:19.0943 4952 eamonm - ok
17:22:20.0051 4952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:22:20.0099 4952 ebdrv - ok
17:22:20.0205 4952 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
17:22:20.0238 4952 ehdrv - ok
17:22:20.0334 4952 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:22:20.0381 4952 ElbyCDIO - ok
17:22:20.0477 4952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:22:20.0493 4952 elxstor - ok
17:22:20.0564 4952 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
17:22:20.0583 4952 epfw - ok
17:22:20.0674 4952 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
17:22:20.0719 4952 EpfwLWF - ok
17:22:20.0779 4952 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
17:22:20.0814 4952 epfwwfp - ok
17:22:20.0849 4952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:22:20.0871 4952 ErrDev - ok
17:22:20.0964 4952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:22:21.0018 4952 exfat - ok
17:22:21.0034 4952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:22:21.0062 4952 fastfat - ok
17:22:21.0104 4952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:22:21.0139 4952 fdc - ok
17:22:21.0161 4952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:22:21.0171 4952 FileInfo - ok
17:22:21.0186 4952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:22:21.0199 4952 Filetrace - ok
17:22:21.0267 4952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:22:21.0272 4952 flpydisk - ok
17:22:21.0297 4952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:22:21.0326 4952 FltMgr - ok
17:22:21.0362 4952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:22:21.0389 4952 FsDepends - ok
17:22:21.0410 4952 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:22:21.0425 4952 Fs_Rec - ok
17:22:21.0506 4952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:22:21.0556 4952 fvevol - ok
17:22:21.0598 4952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:22:21.0629 4952 gagp30kx - ok
17:22:21.0666 4952 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
17:22:21.0720 4952 hcmon - ok
17:22:21.0789 4952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:22:21.0794 4952 hcw85cir - ok
17:22:21.0829 4952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:22:21.0853 4952 HdAudAddService - ok
17:22:21.0885 4952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:22:21.0890 4952 HDAudBus - ok
17:22:21.0908 4952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:22:21.0953 4952 HidBatt - ok
17:22:22.0016 4952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:22:22.0050 4952 HidBth - ok
17:22:22.0100 4952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:22:22.0160 4952 HidIr - ok
17:22:22.0199 4952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:22:22.0215 4952 HidUsb - ok
17:22:22.0294 4952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:22:22.0300 4952 HpSAMD - ok
17:22:22.0349 4952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:22:22.0376 4952 HTTP - ok
17:22:22.0395 4952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:22:22.0416 4952 hwpolicy - ok
17:22:22.0460 4952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:22:22.0494 4952 i8042prt - ok
17:22:22.0552 4952 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
17:22:22.0559 4952 iaStor - ok
17:22:22.0638 4952 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:22:22.0679 4952 iaStorV - ok
17:22:22.0716 4952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:22:22.0721 4952 iirsp - ok
17:22:22.0949 4952 IntcAzAudAddService (2cc2f7c5990bb76767038f4b16d17a56) C:\Windows\system32\drivers\RTKVHD64.sys
17:22:23.0006 4952 IntcAzAudAddService - ok
17:22:23.0163 4952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:22:23.0167 4952 intelide - ok
17:22:23.0208 4952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:22:23.0234 4952 intelppm - ok
17:22:23.0293 4952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:22:23.0300 4952 IpFilterDriver - ok
17:22:23.0492 4952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:22:23.0495 4952 IPMIDRV - ok
17:22:23.0537 4952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:22:23.0567 4952 IPNAT - ok
17:22:23.0595 4952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:22:23.0597 4952 IRENUM - ok
17:22:23.0641 4952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:22:23.0686 4952 isapnp - ok
17:22:23.0873 4952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:22:23.0942 4952 iScsiPrt - ok
17:22:24.0218 4952 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
17:22:24.0257 4952 ivusb - ok
17:22:24.0368 4952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:22:24.0373 4952 kbdclass - ok
17:22:24.0740 4952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:22:24.0745 4952 kbdhid - ok
17:22:24.0831 4952 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:22:24.0852 4952 KSecDD - ok
17:22:24.0890 4952 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:22:24.0921 4952 KSecPkg - ok
17:22:25.0012 4952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:22:25.0044 4952 ksthunk - ok
17:22:25.0106 4952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:22:25.0125 4952 lltdio - ok
17:22:25.0257 4952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:22:25.0281 4952 LSI_FC - ok
17:22:25.0301 4952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:22:25.0322 4952 LSI_SAS - ok
17:22:25.0339 4952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:22:25.0350 4952 LSI_SAS2 - ok
17:22:25.0372 4952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:22:25.0384 4952 LSI_SCSI - ok
17:22:25.0401 4952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:22:25.0403 4952 luafv - ok
17:22:25.0503 4952 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
17:22:25.0524 4952 MBAMProtector - ok
17:22:25.0575 4952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:22:25.0632 4952 megasas - ok
17:22:25.0669 4952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:22:25.0684 4952 MegaSR - ok
17:22:25.0817 4952 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
17:22:25.0821 4952 MEIx64 - ok
17:22:25.0867 4952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:22:25.0871 4952 Modem - ok
17:22:25.0915 4952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:22:25.0916 4952 monitor - ok
17:22:26.0022 4952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:22:26.0027 4952 mouclass - ok
17:22:26.0058 4952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:22:26.0062 4952 mouhid - ok
17:22:26.0102 4952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:22:26.0137 4952 mountmgr - ok
17:22:26.0231 4952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:22:26.0256 4952 mpio - ok
17:22:26.0274 4952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:22:26.0302 4952 mpsdrv - ok
17:22:26.0324 4952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:22:26.0329 4952 MRxDAV - ok
17:22:26.0371 4952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:22:26.0376 4952 mrxsmb - ok
17:22:26.0445 4952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:22:26.0501 4952 mrxsmb10 - ok
17:22:26.0574 4952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:22:26.0612 4952 mrxsmb20 - ok
17:22:26.0701 4952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:22:26.0733 4952 msahci - ok
17:22:26.0868 4952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:22:26.0893 4952 msdsm - ok
17:22:27.0001 4952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:22:27.0005 4952 Msfs - ok
17:22:27.0047 4952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:22:27.0050 4952 mshidkmdf - ok
17:22:27.0072 4952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:22:27.0098 4952 msisadrv - ok
17:22:27.0133 4952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:22:27.0134 4952 MSKSSRV - ok
17:22:27.0253 4952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:22:27.0272 4952 MSPCLOCK - ok
17:22:27.0282 4952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:22:27.0310 4952 MSPQM - ok
17:22:27.0331 4952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:22:27.0337 4952 MsRPC - ok
17:22:27.0516 4952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:22:27.0540 4952 mssmbios - ok
17:22:27.0635 4952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:22:27.0640 4952 MSTEE - ok
17:22:27.0793 4952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:22:27.0797 4952 MTConfig - ok
17:22:27.0818 4952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:22:27.0848 4952 Mup - ok
17:22:27.0963 4952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:22:28.0008 4952 NativeWifiP - ok
17:22:28.0132 4952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:22:28.0140 4952 NDIS - ok
17:22:28.0287 4952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:22:28.0310 4952 NdisCap - ok
17:22:28.0359 4952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:22:28.0363 4952 NdisTapi - ok
17:22:28.0388 4952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:22:28.0391 4952 Ndisuio - ok
17:22:28.0413 4952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:22:28.0468 4952 NdisWan - ok
17:22:28.0599 4952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:22:28.0677 4952 NDProxy - ok
17:22:28.0868 4952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:22:28.0899 4952 NetBIOS - ok
17:22:28.0918 4952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:22:28.0934 4952 NetBT - ok
17:22:29.0188 4952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:22:29.0209 4952 nfrd960 - ok
17:22:29.0318 4952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:22:29.0335 4952 Npfs - ok
17:22:29.0366 4952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:22:29.0397 4952 nsiproxy - ok
17:22:29.0685 4952 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:22:29.0736 4952 Ntfs - ok
17:22:30.0243 4952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:22:30.0259 4952 Null - ok
17:22:30.0357 4952 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys
17:22:30.0387 4952 nusb3hub - ok
17:22:30.0413 4952 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys
17:22:30.0417 4952 nusb3xhc - ok
17:22:30.0439 4952 NVHDA (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers\nvhda64v.sys
17:22:30.0489 4952 NVHDA - ok
17:22:30.0993 4952 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:22:31.0114 4952 nvlddmkm - ok
17:22:31.0565 4952 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:22:31.0622 4952 nvraid - ok
17:22:31.0850 4952 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:22:31.0879 4952 nvstor - ok
17:22:31.0946 4952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:22:31.0971 4952 nv_agp - ok
17:22:32.0419 4952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:22:32.0472 4952 ohci1394 - ok
17:22:32.0701 4952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:22:32.0735 4952 Parport - ok
17:22:32.0883 4952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:22:32.0912 4952 partmgr - ok
17:22:33.0044 4952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:22:33.0093 4952 pci - ok
17:22:33.0234 4952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:22:33.0245 4952 pciide - ok
17:22:33.0279 4952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:22:33.0293 4952 pcmcia - ok
17:22:33.0309 4952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:22:33.0320 4952 pcw - ok
17:22:33.0340 4952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:22:33.0357 4952 PEAUTH - ok
17:22:33.0487 4952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:22:33.0518 4952 PptpMiniport - ok
17:22:33.0554 4952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:22:33.0566 4952 Processor - ok
17:22:33.0623 4952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:22:33.0637 4952 Psched - ok
17:22:33.0827 4952 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:22:33.0874 4952 PxHlpa64 - ok
17:22:33.0985 4952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:22:34.0001 4952 ql2300 - ok
17:22:34.0197 4952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:22:34.0213 4952 ql40xx - ok
17:22:34.0284 4952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:22:34.0296 4952 QWAVEdrv - ok
17:22:34.0380 4952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:22:34.0405 4952 RasAcd - ok
17:22:34.0450 4952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:22:34.0452 4952 RasAgileVpn - ok
17:22:34.0480 4952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:22:34.0501 4952 Rasl2tp - ok
17:22:34.0511 4952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:22:34.0513 4952 RasPppoe - ok
17:22:34.0539 4952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:22:34.0569 4952 RasSstp - ok
17:22:34.0591 4952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:22:34.0596 4952 rdbss - ok
17:22:34.0631 4952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:22:34.0672 4952 rdpbus - ok
17:22:34.0814 4952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:22:34.0817 4952 RDPCDD - ok
17:22:34.0833 4952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:22:34.0837 4952 RDPENCDD - ok
17:22:34.0851 4952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:22:34.0855 4952 RDPREFMP - ok
17:22:34.0888 4952 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:22:34.0912 4952 RDPWD - ok
17:22:34.0939 4952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:22:34.0992 4952 rdyboost - ok
17:22:35.0027 4952 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
17:22:35.0109 4952 regi - ok
17:22:35.0286 4952 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:22:35.0318 4952 RFCOMM - ok
17:22:35.0377 4952 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys
17:22:35.0409 4952 rimspci - ok
17:22:35.0451 4952 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys
17:22:35.0512 4952 risdsnpe - ok
17:22:35.0636 4952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:22:35.0687 4952 rspndr - ok
17:22:35.0747 4952 RTL8167 (4fe1cef69d36e913738234303986fbb3) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:22:35.0775 4952 RTL8167 - ok
17:22:35.0868 4952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:22:35.0903 4952 sbp2port - ok
17:22:36.0029 4952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:22:36.0061 4952 scfilter - ok
17:22:36.0123 4952 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
17:22:36.0129 4952 sdbus - ok
17:22:36.0210 4952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:22:36.0256 4952 secdrv - ok
17:22:36.0352 4952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:22:36.0383 4952 Serenum - ok
17:22:36.0470 4952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:22:36.0537 4952 Serial - ok
17:22:36.0568 4952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:22:36.0579 4952 sermouse - ok
17:22:36.0631 4952 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
17:22:36.0674 4952 SFEP - ok
17:22:36.0698 4952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:22:36.0769 4952 sffdisk - ok
17:22:36.0837 4952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:22:36.0865 4952 sffp_mmc - ok
17:22:36.0912 4952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:22:36.0916 4952 sffp_sd - ok
17:22:36.0974 4952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:22:36.0985 4952 sfloppy - ok
17:22:37.0060 4952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:22:37.0151 4952 SiSRaid2 - ok
17:22:37.0221 4952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:22:37.0243 4952 SiSRaid4 - ok
17:22:37.0372 4952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:22:37.0379 4952 Smb - ok
17:22:37.0479 4952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:22:37.0510 4952 spldr - ok
17:22:37.0590 4952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:22:37.0593 4952 srv - ok
17:22:37.0615 4952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:22:37.0629 4952 srv2 - ok
17:22:37.0693 4952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:22:37.0697 4952 srvnet - ok
17:22:37.0933 4952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:22:37.0935 4952 stexstor - ok
17:22:38.0198 4952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:22:38.0228 4952 swenum - ok
17:22:38.0491 4952 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys
17:22:38.0516 4952 SynTP - ok
17:22:38.0757 4952 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:22:38.0815 4952 Tcpip - ok
17:22:39.0042 4952 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:22:39.0060 4952 TCPIP6 - ok
17:22:39.0151 4952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:22:39.0172 4952 tcpipreg - ok
17:22:39.0283 4952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:22:39.0302 4952 TDPIPE - ok
17:22:39.0311 4952 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:22:39.0325 4952 TDTCP - ok
17:22:39.0357 4952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:22:39.0378 4952 tdx - ok
17:22:39.0524 4952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:22:39.0536 4952 TermDD - ok
17:22:39.0592 4952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:22:39.0594 4952 tssecsrv - ok
17:22:39.0655 4952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:22:39.0703 4952 TsUsbFlt - ok
17:22:39.0801 4952 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:22:39.0805 4952 TsUsbGD - ok
17:22:40.0008 4952 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
17:22:40.0010 4952 TuneUpUtilitiesDrv - ok
17:22:40.0186 4952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:22:40.0189 4952 tunnel - ok
17:22:40.0238 4952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:22:40.0282 4952 uagp35 - ok
17:22:40.0313 4952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:22:40.0322 4952 udfs - ok
17:22:40.0483 4952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:22:40.0512 4952 uliagpkx - ok
17:22:40.0561 4952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:22:40.0578 4952 umbus - ok
17:22:40.0698 4952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:22:40.0719 4952 UmPass - ok
17:22:40.0814 4952 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:22:40.0834 4952 usbccgp - ok
17:22:40.0980 4952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:22:40.0986 4952 usbcir - ok
17:22:41.0034 4952 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:22:41.0081 4952 usbehci - ok
17:22:41.0126 4952 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:22:41.0173 4952 usbhub - ok
17:22:41.0264 4952 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:22:41.0290 4952 usbohci - ok
17:22:41.0378 4952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:22:41.0389 4952 usbprint - ok
17:22:41.0410 4952 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:22:41.0430 4952 USBSTOR - ok
17:22:41.0452 4952 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:22:41.0454 4952 usbuhci - ok
17:22:41.0526 4952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:22:41.0539 4952 usbvideo - ok
17:22:41.0655 4952 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
17:22:41.0680 4952 VClone - ok
17:22:41.0765 4952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:22:41.0785 4952 vdrvroot - ok
17:22:41.0832 4952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:22:41.0834 4952 vga - ok
17:22:41.0879 4952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:22:41.0890 4952 VgaSave - ok
17:22:41.0923 4952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:22:41.0937 4952 vhdmp - ok
17:22:42.0012 4952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:22:42.0068 4952 viaide - ok
17:22:42.0117 4952 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
17:22:42.0161 4952 vmci - ok
17:22:42.0229 4952 vmkbd (ed82d26b5e26542615483b8bed77d826) C:\Windows\system32\drivers\VMkbd.sys
17:22:42.0234 4952 vmkbd - ok
17:22:42.0307 4952 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:22:42.0325 4952 VMnetAdapter - ok
17:22:42.0343 4952 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:22:42.0348 4952 VMnetBridge - ok
17:22:42.0385 4952 VMnetuserif (1e74142ded099de7ada258042f891a8d) C:\Windows\system32\drivers\vmnetuserif.sys
17:22:42.0409 4952 VMnetuserif - ok
17:22:42.0510 4952 vmx86 (18a28eda522b6c0560e59d5be638d076) C:\Windows\system32\drivers\vmx86.sys
17:22:42.0530 4952 vmx86 - ok
17:22:42.0623 4952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:22:42.0647 4952 volmgr - ok
17:22:42.0667 4952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:22:42.0672 4952 volmgrx - ok
17:22:42.0697 4952 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:22:42.0715 4952 volsnap - ok
17:22:42.0782 4952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:22:42.0805 4952 vsmraid - ok
17:22:42.0831 4952 vstor2-mntapi10-shared - ok
17:22:42.0891 4952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:22:42.0917 4952 vwifibus - ok
17:22:42.0940 4952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:22:42.0943 4952 vwififlt - ok
17:22:42.0998 4952 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:22:43.0028 4952 vwifimp - ok
17:22:43.0071 4952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:22:43.0075 4952 WacomPen - ok
17:22:43.0111 4952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:22:43.0134 4952 WANARP - ok
17:22:43.0138 4952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:22:43.0139 4952 Wanarpv6 - ok
17:22:43.0175 4952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:22:43.0178 4952 Wd - ok
17:22:43.0261 4952 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
17:22:43.0265 4952 WDC_SAM - ok
17:22:43.0321 4952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:22:43.0332 4952 Wdf01000 - ok
17:22:43.0480 4952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:22:43.0503 4952 WfpLwf - ok
17:22:43.0533 4952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:22:43.0543 4952 WIMMount - ok
17:22:43.0718 4952 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
17:22:43.0868 4952 WinUsb - ok
17:22:44.0014 4952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:22:44.0032 4952 WmiAcpi - ok
17:22:44.0189 4952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:22:44.0207 4952 ws2ifsl - ok
17:22:44.0479 4952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:22:44.0511 4952 WudfPf - ok
17:22:44.0587 4952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:22:44.0618 4952 WUDFRd - ok
17:22:44.0924 4952 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
17:22:44.0990 4952 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
17:22:44.0990 4952 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
17:22:45.0026 4952 Boot (0x1200) (a6ea5341dd708ac919dd18d4e6e12b95) \Device\Harddisk0\DR0\Partition0
17:22:45.0028 4952 \Device\Harddisk0\DR0\Partition0 - ok
17:22:45.0038 4952 Boot (0x1200) (b788456dbe420cf5996b02509b9fea6b) \Device\Harddisk0\DR0\Partition1
17:22:45.0040 4952 \Device\Harddisk0\DR0\Partition1 - ok
17:22:45.0071 4952 Boot (0x1200) (96a3b3e496da08c1cb234b3c544a61c3) \Device\Harddisk0\DR0\Partition2
17:22:45.0072 4952 \Device\Harddisk0\DR0\Partition2 - ok
17:22:45.0073 4952 ============================================================
17:22:45.0073 4952 Scan finished
17:22:45.0073 4952 ============================================================
17:22:45.0084 2788 Detected object count: 1
17:22:45.0084 2788 Actual detected object count: 1
17:24:24.0858 2788 \Device\Harddisk0\DR0\# - copied to quarantine
17:24:24.0891 2788 \Device\Harddisk0\DR0 - copied to quarantine
17:24:24.0967 2788 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:24:34.0540 2788 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
17:24:34.0824 2788 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
17:24:35.0086 2788 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
17:24:35.0386 2788 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
17:24:35.0389 2788 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
17:24:35.0435 2788 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
17:24:35.0463 2788 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
17:24:35.0939 2788 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
17:24:36.0195 2788 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
17:24:36.0267 2788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
17:24:36.0267 2788 \Device\Harddisk0\DR0 - ok
17:24:36.0671 2788 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
17:24:44.0113 0160 Deinitialize success
-
Hello.
My name is Chris and I'm having a bit of trouble with a nasty infection. On the 23rd of February I seem to have "acquired" a trojan that has henceforth spread and infected other system files. I ran ESET Smart Security 5 and MBAM and yet they can't seem to help much in the matter. I performed registry cleaning tasks on a semi-daily basis with as much help as Tune-Up Utilities can provide. The infection has surprised me and I am yet to find a resolution. A possible cause would be that I've had 2 other people not so tech-savvy use my laptop for personal "business" for about 2 days.
My system restore only has 1 file recognized from November last year, but I would rather have my system cleaned rather than replaced. I'm looking for any other alternatives than a drive C format and reinstalling OS as I quite like the way my system ran prior to this infection, and have worked a lot on customizing it with various programs.
I've attached the logs requested below.
I'll kindly await your reply.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 01.09.2011 10:56:52
System Uptime: 04.03.2012 17:52:16 (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | N/A | 2001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 132,931 GiB free.
D: is CDROM ()
G: is CDROM ()
N: is FIXED (NTFS) - 288 GiB total, 128,894 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
????? Windows Live
?????? Windows Live
??????? ??????????? ??? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
???????????? Windows Live
AC3Filter 1.63b
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop Elements 9
Adobe Premiere Elements 9
Adobe Reader X (10.1.2) MUI
Adobe Shockwave Player 11.6
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 4
Ask Toolbar Updater
Assassin's Creed Brotherhood
Assassin's Creed II
Assassin's Creed Revelations
Atheros WiFi Driver Installation
µTorrent
Bing Bar
Corel WinDVD
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Disciples II Rise of the Elves
Disciples III: Resurrection
DivX Setup
Elements 9 Organizer
Elements STI Installer
FotoSketcher 2.20
Galeria de Fotografias do Windows Live
Galeria fotografii usługi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
GOM Player
Google Chrome
High-Definition Video Playback 10
IconPackager
Intel® Management Engine Components
Intel® Rapid Storage Technology
IrfanView (remove only)
Java Auto Updater
Java™ 6 Update 22
Junk Mail filter update
Malwarebytes Anti-Malware version 1.60.1.1000
Mass Effect
Mass Effect 2
Mass Effect™ 3 Demo
Matroska Pack
Mesh Runtime
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 10.0.2 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Dolby Files 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10
Nero Recode 10
Nero Recode 10 Help (CHM)
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero SoundTrax 10
Nero SoundTrax 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Vision 10
Nero Vision 10 Help (CHM)
Nero WaveEditor 10
Nero WaveEditor 10 Help (CHM)
NVIDIA 3D Vision Video Player
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Origin
PDF Settings CS5
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
Poczta usługi Windows Live
Podstawowe programy Windows Live
PxMergeModule
Qualcomm Atheros Direct Connect
Quick Web Access
QuickTime
Raccolta foto di Windows Live
Rainmeter
Realtek High Definition Audio Driver
Remote Keyboard
Remote Play with PlayStation 3
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for ?????? ??????? ??? ?? ???????? ??? Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for ?????? ??????? ??? ?? ???????? ??? Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2478663)
Security Update for A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile PTG Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Istemci Profili TRK Dil Paketi (KB2478663)
Security Update for Microsoft .NET Framework 4 Istemci Profili TRK Dil Paketi (KB2518870)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Sid Meier's Civilization IV: Realism:Invictus
Skype™ 5.5
SmartSound Quicktracks for Premiere Elements 9.0
SSLx86
Star Wars: The Old Republic
StarCraft II
swMSM
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
V3DPX86
VAIO - Media Gallery
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote Keyboard
VAIO - Remote Play with PlayStation®3
VAIO 3D Portal
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Event Service
VAIO F Series - Summer 2011 Screensaver
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Improvement
VAIO Manual
VAIO Sample Contents
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VC80CRTRedist - 8.0.50727.6195
VCCx86
VESx86
VirtualCloneDrive
VIx86
VLC media player 1.1.11
VMware Workstation
VSNx86
VWSTx86
WebCam Recorder
Winamp
Winamp Detector Plug-in
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Player Firefox Plugin
XSplit
Xvid Plus Codec Pack
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
27.02.2012 22:19:37, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started.
27.02.2012 22:19:36, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress.
27.02.2012 22:19:28, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
27.02.2012 22:19:28, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.
26.02.2012 17:35:18, Error: Service Control Manager [7034] - The VAIO Power Management service terminated unexpectedly. It has done this 1 time(s).
26.02.2012 17:35:04, Error: Service Control Manager [7034] - The IviRegMgr service terminated unexpectedly. It has done this 1 time(s).
26.02.2012 12:54:22, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
26.02.2012 12:54:16, Error: Service Control Manager [7034] - The Nero Update service terminated unexpectedly. It has done this 1 time(s).
26.02.2012 12:54:10, Error: Service Control Manager [7034] - The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
26.02.2012 12:54:00, Error: Service Control Manager [7034] - The Bing Bar Update Service service terminated unexpectedly. It has done this 1 time(s).
04.03.2012 17:58:47, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
04.03.2012 17:58:46, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
04.03.2012 17:55:02, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
04.03.2012 17:52:40, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed.
04.03.2012 17:52:40, Error: Service Control Manager [7003] - The McAfee Anti-Spam Service service depends the following service: MfeFire. This service might not be installed.
04.03.2012 17:52:40, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
04.03.2012 17:49:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
04.03.2012 17:48:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
04.03.2012 17:48:41, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
04.03.2012 17:48:25, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll Error Code: 21
04.03.2012 17:48:23, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
04.03.2012 17:48:09, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ehdrv ElbyCDIO spldr Wanarpv6
04.03.2012 17:47:01, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
04.03.2012 16:07:15, Error: Service Control Manager [7034] - The VUAgent service terminated unexpectedly. It has done this 1 time(s).
04.03.2012 13:06:07, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
04.03.2012 13:06:05, Error: Service Control Manager [7034] - The AtherosSvc service terminated unexpectedly. It has done this 1 time(s).
04.03.2012 01:18:37, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
03.03.2012 22:37:46, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
03.03.2012 22:36:49, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
01.03.2012 18:12:55, Error: Service Control Manager [7034] - The WD File Management Engine service terminated unexpectedly. It has done this 1 time(s).
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
01.03.2012 18:12:47, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by NINE at 18:00:07 on 2012-03-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.40.1033.18.6125.3763 [GMT 0:00]
.
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Rainmeter\Rainmeter.exe
N:\Downloads\Taskbar Eliminator\Taskbar Eliminator.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
-netsvcs
C:\Windows\system32\conhost.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbengine.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.sony.eu/vaioportal
uInternet Settings,ProxyOverride = <local>
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\NINE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\Users\NINE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TASKBA~1.LNK - N:\Downloads\Taskbar Eliminator\Taskbar Eliminator.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: %SystemRoot%\system32\vsocklib.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{32877206-6FCB-4797-BF56-EE38C5FF321B} : DhcpNameServer = 138.37.6.1 138.37.7.1
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\05576696 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\149657270275966496 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\244564F4E4 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\25332305F6775627 : DhcpNameServer = 213.154.124.1 193.231.252.1
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\37075636472757D6 : DhcpNameServer = 172.16.66.1
TCP: Interfaces\{BC857DE5-0836-4565-955B-C758EB8D164B}\75962756A7 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SSODL-X64: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\NINE\AppData\Roaming\Mozilla\Firefox\Profiles\p78u4anx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.co.uk
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\NINE\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - c3a6b478-ff98-4305-948d-6ca708dc3437
FF - user.js: extentions.y2layers.defaultEnableAppsList - BestVideoDownloader,BestVideoDownloader,
FF - user.js: extensions.autoDisableScopes - 14
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-8 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-8 73376]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-10 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-24 652360]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-29 2253120]
R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsnxc64.sys --> C:\Windows\system32\drivers\risdsnxc64.sys [?]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-9-1 259192]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-9-27 2027840]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-5-10 105024]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-10 2656280]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-5-10 550080]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-29 846448]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-9-15 971704]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-9 288768]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-3-9 1066896]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-3-9 491920]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys --> C:\Windows\system32\drivers\btath_bus.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-7-8 11856]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-9-1 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-9-23 1429608]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-9-2 8192]
S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\drivers\btath_hcrp.sys --> C:\Windows\system32\drivers\btath_hcrp.sys [?]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\drivers\btath_rcp.sys --> C:\Windows\system32\drivers\btath_rcp.sys [?]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
S3 DCDhcpService;DCDhcpService;C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-9-15 104096]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]
S3 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-1-18 11839488]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-03-03 13:32:39 -------- d-----w- C:\Users\NINE\AppData\Local\DDMSettings
2012-03-03 13:21:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E888B89F-AB71-4949-9AC7-F0A3F306F4C8}\offreg.dll
2012-03-02 11:09:34 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E888B89F-AB71-4949-9AC7-F0A3F306F4C8}\mpengine.dll
2012-02-27 20:04:14 20480 ----a-w- C:\Windows\svchost.exe
2012-02-26 11:40:39 -------- d-----w- C:\Users\NINE\AppData\Roaming\AusLogics
2012-02-24 10:26:48 -------- d-sh--w- C:\$RECYCLE.BIN
2012-02-24 09:57:45 98816 ----a-w- C:\Windows\sed.exe
2012-02-24 09:57:45 518144 ----a-w- C:\Windows\SWREG.exe
2012-02-24 09:57:45 256000 ----a-w- C:\Windows\PEV.exe
2012-02-24 09:57:45 208896 ----a-w- C:\Windows\MBR.exe
2012-02-24 09:44:02 -------- d-----w- C:\Users\NINE\AppData\Roaming\Malwarebytes
2012-02-24 09:43:56 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-24 09:43:55 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-24 09:43:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-24 09:38:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-02-23 20:06:46 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2012-02-23 20:06:46 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2012-02-23 20:06:45 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2012-02-15 14:51:17 -------- d-----w- C:\ProgramData\EA Logs
2012-02-15 13:51:27 -------- d-----w- C:\Program Files (x86)\Origin Games
2012-02-15 13:51:25 -------- d-----w- C:\Users\NINE\AppData\Roaming\Origin
2012-02-15 13:51:25 -------- d-----w- C:\Users\NINE\AppData\Local\Origin
2012-02-15 13:51:19 -------- d-----w- C:\ProgramData\Origin
2012-02-15 13:51:19 -------- d-----w- C:\ProgramData\Electronic Arts
2012-02-15 13:51:04 -------- d-----w- C:\Program Files (x86)\Origin
2012-02-14 21:57:29 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-14 21:57:29 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-14 21:57:28 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-14 21:57:28 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-14 21:57:27 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-14 21:57:27 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-14 21:57:22 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 21:57:21 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-10 16:07:13 -------- d-----w- C:\Users\NINE\AppData\Local\VMware
2012-02-10 15:52:58 63088 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2012-02-10 15:52:35 354416 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2012-02-10 15:52:31 433264 ----a-w- C:\Windows\SysWow64\vmnat.exe
2012-02-10 15:52:31 30320 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2012-02-10 15:52:28 942192 ----a-w- C:\Windows\System32\vnetlib64.dll
2012-02-10 15:51:39 32880 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2012-02-10 15:51:38 39024 ----a-w- C:\Windows\System32\drivers\hcmon.sys
2012-02-10 15:50:53 -------- d-----w- C:\Program Files (x86)\VMware
2012-02-10 15:50:53 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2012-02-10 15:50:20 -------- d-----w- C:\Program Files\Common Files\VMware
2012-02-08 19:28:11 -------- d-----w- C:\Windows\System32\embrace
.
==================== Find3M ====================
.
2012-02-29 14:09:23 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 05:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-28 09:12:50 28056 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-01-18 13:41:32 252016 ----a-w- C:\Windows\SysWow64\vmnc.dll
2012-01-18 13:06:00 62064 ----a-w- C:\Windows\System32\vmnetbridge.dll
2012-01-18 13:06:00 48752 ----a-w- C:\Windows\System32\vnetinst.dll
2012-01-18 13:06:00 45680 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2012-01-18 13:06:00 24176 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2012-01-18 13:06:00 20080 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 18:01:04,89 ===============
Unable to remove malware
in Resolved Malware Removal Logs
Posted
I've downloaded it again and ran uninstall. That seemed to have worked, thank you. The only thing I noticed during this clean-up is some of my system files such as explorer and various dlls were patched back to the original state, my theme was consequently modified to a basic early XP one, which was a bit of a nuisance since I like my desktop simple, elegant, but highly customized. I patched some files, took ownership of others and got everything back into place. I ran more tests and reinstalled ESET Smart Security 5 and MBAM. My system seems to be clean and running factory-smooth.
Thank you for everything!