Jump to content

monyet

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

 Content Type 

Everything posted by monyet

  1. monyet
    2013-09-17 12:15:31 . 2013-09-17 12:15:31 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-73083854.sys.reg.dat 2013-09-17 12:15:31 . 2013-09-17 12:15:31 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-09564403.sys.reg.dat 2013-09-17 11:58:35 . 2013-09-17 11:58:35 10,501 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2013-09-17 11:53:16 . 2013-09-17 11:53:16 51 ----a-w- C:\Qoobox\Quarantine\catchme.log 2013-09-05 03:21:34 . 2013-09-05 03:21:34 0 ----a-w- C:\Qoobox\Quarantine\C\dfinstall.log.vir im sick being remote acces.... help please.. and here my dds... DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16688 BrowserJavaVersion: 10.25.2 Run by WW at 19:27:26 on 2013-09-17 Microsoft Windows 8 Single Language 6.2.9200.0.1252.1.1033.18.12167.10128 [GMT 7:00] . AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvservice.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files\Sony\VAIO Update\VUAgent.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\System32\vds.exe C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\dwm.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Windows\system32\taskhostex.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE C:\Windows\System32\RuntimeBroker.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Windows\ImmersiveControlPanel\SystemSettings.exe C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe C:\Windows\system32\WLANExt.exe C:\Program Files\Sony\VAIO Care\VCSystemTray.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\Taskmgr.exe C:\Windows\system32\notepad.exe C:\Windows\explorer.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Driver Repair] C:\Program Files (x86)\Driver Repair\DRLauncher.exe uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm TCP: NameServer = 192.168.1.1 TCP: Interfaces\{BB3CFF65-A943-4DF8-9E99-EA8C1CB35A2F} : DHCPNameServer = 192.168.1.1 AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-mPolicies-Explorer: NoDrives = dword:0 x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\WW\AppData\Roaming\Mozilla\Firefox\Profiles\z2jii7pd.default\ FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-09-11 14:05; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\WW\AppData\Roaming\Mozilla\Firefox\Profiles\z2jii7pd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - ExtSQL: 2013-09-11 14:11; mozilla_cc@internetdownloadmanager.com; C:\Users\WW\AppData\Roaming\IDM\idmmzcc5 FF - ExtSQL: 2013-09-12 09:22; http-nowhere@cwilper.github.com; C:\Users\WW\AppData\Roaming\Mozilla\Firefox\Profiles\z2jii7pd.default\extensions\http-nowhere@cwilper.github.com.xpi FF - ExtSQL: 2013-09-12 11:40; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-12 65336] R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-12 204880] R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\Drivers\fltsrv.sys [2013-9-10 116000] R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-9-5 645952] R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-10-8 30056] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-9-5 56336] R0 tib;Acronis TIB Manager;C:\Windows\System32\Drivers\tib.sys [2013-9-10 1120032] R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\Drivers\tib_mounter.sys [2013-9-10 183224] R1 aswFW;avast! TDI Firewall Driver;C:\Windows\System32\Drivers\aswFW.sys [2013-9-12 131232] R1 aswKbd;aswKbd;C:\Windows\System32\Drivers\aswKbd.sys [2013-9-12 22600] R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\Drivers\aswNdisFlt.sys [2013-9-12 276992] R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-12 1030952] R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-12 378944] R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00D\ccSetx64.sys [2013-9-5 168608] R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-9-5 92536] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-9-10 3873784] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-13 731688] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-9-12 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-12 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-12 46808] R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-9-12 137960] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-9-5 1091520] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-9-5 1112000] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-9-5 2445968] R2 IDMWFP;IDMWFP;C:\Windows\System32\Drivers\idmwfp.sys [2013-8-17 172920] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104] R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-9-5 128896] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-9-5 165760] R2 nvservice;NVIDIA GuardService;C:\Windows\System32\nvservice.exe [2013-9-10 192800] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-7-28 474208] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-7 156672] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-8-21 9735112] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-9-5 364416] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840] R3 afcdp;afcdp;C:\Windows\System32\Drivers\afcdp.sys [2013-9-10 367200] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344] R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-22 342528] R3 NETwNe64;@oem29.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-10-10 4309032] R3 PSI;PSI;C:\Windows\System32\Drivers\psi_mf_amd64.sys [2013-7-3 18456] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-9-5 683664] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-17 14336] R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-22 43832] R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-8-9 56000] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-9-5 1359408] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe --> c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [?] S2 EsgScanner;EsgScanner;C:\Windows\System32\Drivers\EsgScanner.sys [2013-9-11 22704] S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-8-11 3939008] S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-7-3 1228504] S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-7-3 660184] S2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-7-17 1025408] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344] S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2013-9-5 110592] S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2013-9-5 825344] S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136] S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2013-9-5 55848] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176] S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-9-5 623784] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-9-5 339600] S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-10-15 123616] S3 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-10-15 461024] S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-10-15 78560] S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952] S3 USB_BusEnum_T;EVDO Telecom USB Bus Enumerator;C:\Windows\System32\Drivers\USB_BusEnum_T.sys [2012-1-12 47808] S3 USB_ETS_T;ZTE ETS Port FFDD;C:\Windows\System32\Drivers\USB_ETS_T.sys [2012-1-12 25024] S3 USB_WinMux_T;EVDO Telecom USB MUX Serial Port;C:\Windows\System32\Drivers\USB_WinMux_T.sys [2013-9-11 37376] S3 UsbModemDriver;ZTE USB Modem FFDD;C:\Windows\System32\Drivers\USB_MODEM_T.sys [2012-1-12 31424] S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2013-9-5 476328] S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-11-7 972000] . =============== Created Last 30 ================ . 2013-09-17 12:18:49 -------- d-sh--w- C:\$RECYCLE.BIN 2013-09-17 12:18:23 -------- d-----w- C:\Users\WW\AppData\Local\temp 2013-09-17 11:53:18 98816 ----a-w- C:\Windows\sed.exe 2013-09-17 11:53:18 256000 ----a-w- C:\Windows\PEV.exe 2013-09-17 11:53:18 208896 ----a-w- C:\Windows\MBR.exe 2013-09-14 02:43:00 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-09-13 06:01:38 -------- d-----w- C:\teracord 2013-09-13 05:58:49 -------- d-----w- C:\loe 2013-09-12 04:43:25 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys 2013-09-12 04:42:59 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-09-12 04:42:30 22600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys 2013-09-12 04:42:28 204880 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-09-12 04:42:28 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-09-12 04:42:17 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-09-12 04:42:13 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-09-12 04:40:45 276992 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys 2013-09-12 04:40:20 41664 ----a-w- C:\Windows\avastSS.scr 2013-09-12 04:39:45 -------- d-----w- C:\Program Files\AVAST Software 2013-09-12 04:35:36 -------- d-----w- C:\ProgramData\AVAST Software 2013-09-12 02:37:13 -------- d-----w- C:\Users\WW\AppData\Local\Macromedia 2013-09-12 02:32:22 -------- d-----w- C:\Users\WW\AppData\Local\Adobe 2013-09-11 07:11:33 -------- d-----w- C:\Users\WW\AppData\Roaming\IDM 2013-09-11 07:11:33 -------- d-----w- C:\Users\WW\AppData\Roaming\DMCache 2013-09-11 07:11:33 -------- d-----w- C:\ProgramData\IDM 2013-09-11 07:11:17 -------- d-----w- C:\Program Files (x86)\Internet Download Manager 2013-09-11 06:55:43 -------- d-----w- C:\TDSSKiller_Quarantine 2013-09-11 06:02:17 -------- d-----w- C:\ProgramData\boost_interprocess 2013-09-11 05:58:04 -------- d-----w- C:\AdwCleaner 2013-09-11 05:01:00 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys 2013-09-11 05:00:37 110080 ----a-r- C:\Users\WW\AppData\Roaming\Microsoft\Installer\{86CA3695-A412-4BAE-92B6-49A60C2AC663}\IconF7A21AF7.exe 2013-09-11 05:00:37 110080 ----a-r- C:\Users\WW\AppData\Roaming\Microsoft\Installer\{86CA3695-A412-4BAE-92B6-49A60C2AC663}\IconD7F16134.exe 2013-09-11 05:00:37 110080 ----a-r- C:\Users\WW\AppData\Roaming\Microsoft\Installer\{86CA3695-A412-4BAE-92B6-49A60C2AC663}\Icon1226A4C5.exe 2013-09-11 05:00:36 -------- d-----w- C:\sh4ldr 2013-09-11 05:00:36 -------- d-----w- C:\Program Files\Enigma Software Group 2013-09-11 04:59:41 -------- d-----w- C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP 2013-09-11 04:59:10 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-09-11 04:45:51 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-09-11 04:42:55 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-09-11 04:26:05 -------- d-----w- C:\Users\WW\AppData\Local\Secunia PSI 2013-09-11 02:35:12 10116608 ----a-w- C:\Windows\System32\twinui.dll 2013-09-11 02:32:43 566784 ----a-w- C:\Windows\System32\wvc.dll 2013-09-11 02:32:43 462336 ----a-w- C:\Windows\System32\sysmon.ocx 2013-09-11 02:32:43 437248 ----a-w- C:\Windows\SysWow64\wvc.dll 2013-09-11 02:32:43 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx 2013-09-11 02:32:43 1374208 ----a-w- C:\Windows\System32\wdc.dll 2013-09-11 02:32:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll 2013-09-11 02:25:55 144896 ----a-w- C:\Windows\System32\tssdisai.dll 2013-09-11 00:10:32 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-11 00:10:32 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-10 23:48:56 -------- d-----w- C:\Users\WW\AppData\Roaming\iolo 2013-09-10 23:28:13 4038144 ----a-w- C:\Windows\System32\win32k.sys 2013-09-10 23:13:02 -------- d-----w- C:\Users\WW\AppData\Roaming\EVDO_ZTE 2013-09-10 23:12:52 37376 ----a-w- C:\Windows\System32\drivers\USB_WinMux_T.sys 2013-09-10 23:12:49 -------- d-----w- C:\Program Files\Smartfren Connex AC782 UI 2013-09-10 15:31:34 -------- d-----w- C:\Program Files (x86)\Cisco 2013-09-10 15:28:52 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4 2013-09-10 15:26:01 2080120 ----a-w- C:\Windows\System32\WavesGUILib64.dll 2013-09-10 15:26:00 770688 ----a-w- C:\Windows\System32\SFSS_APO.dll 2013-09-10 15:22:11 192800 ----a-w- C:\Windows\System32\nvservice.exe 2013-09-10 12:44:36 -------- d-----w- C:\Program Files (x86)\Driver Repair 2013-09-10 12:43:38 -------- d-----w- C:\Users\WW\AppData\Roaming\Driver Repair 2013-09-10 12:43:37 -------- d-----w- C:\Users\WW\AppData\Local\Programs 2013-09-10 06:51:47 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys 2013-09-10 06:51:30 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys 2013-09-10 06:51:28 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys 2013-09-10 06:51:23 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys 2013-09-10 06:51:18 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys 2013-09-10 06:42:30 -------- d-----w- C:\Users\WW\AppData\Local\Trend Micro 2013-09-10 06:32:31 29696 ----a-r- C:\Windows\System32\drivers\ewdcsc.sys 2013-09-10 06:32:31 112512 ----a-r- C:\Windows\System32\drivers\ewusbmdm.sys 2013-09-10 06:31:46 -------- d-----w- C:\Program Files (x86)\Mobile Partner 2013-09-10 06:10:01 -------- d-----w- C:\Users\WW\AppData\Local\Diagnostics 2013-09-09 17:50:13 98304 ----a-w- C:\Windows\System32\apprepsync.dll 2013-09-09 17:50:13 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll 2013-09-09 17:50:13 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll 2013-09-09 17:50:13 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-09-09 17:50:13 124416 ----a-w- C:\Windows\System32\apprepapi.dll 2013-09-09 17:50:12 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-09-09 17:50:11 68096 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-09-09 17:50:11 337408 ----a-w- C:\Windows\System32\wintrust.dll 2013-09-09 17:50:11 1889280 ----a-w- C:\Windows\System32\crypt32.dll 2013-09-09 17:48:51 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-09-09 17:47:59 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll 2013-09-09 17:46:45 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2013-09-09 17:45:45 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-09-09 17:45:45 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-09-09 17:45:10 733184 ----a-w- C:\Windows\System32\win32spl.dll 2013-09-09 17:42:57 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2013-09-09 17:42:57 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2013-09-09 17:42:56 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 2013-09-09 17:42:56 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll 2013-09-09 17:42:56 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2013-09-09 17:42:56 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-09-09 17:42:56 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll 2013-09-09 17:42:45 1838080 ----a-w- C:\Windows\System32\DWrite.dll 2013-09-09 17:42:45 1421312 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-09-09 17:42:02 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-09-09 17:40:18 148480 ----a-w- C:\Windows\System32\poqexec.exe 2013-09-09 17:40:16 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe 2013-09-09 17:40:15 135680 ----a-w- C:\Windows\System32\appserverai.dll 2013-09-09 17:40:15 126976 ----a-w- C:\Windows\System32\RDWebAI.dll 2013-09-09 17:40:15 122880 ----a-w- C:\Windows\System32\VmHostAI.dll 2013-09-09 17:38:35 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-09-09 17:38:35 25088 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-09-09 17:38:29 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-09-09 17:38:24 2382336 ----a-w- C:\Windows\SysWow64\esent.dll 2013-09-09 17:38:23 2851840 ----a-w- C:\Windows\System32\esent.dll 2013-09-09 17:36:47 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-09-09 17:36:47 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-09-09 17:36:36 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2013-09-09 17:36:36 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2013-09-09 17:36:30 443392 ----a-w- C:\Windows\System32\ReAgent.dll 2013-09-09 17:36:30 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll 2013-09-09 17:36:29 945152 ----a-w- C:\Windows\System32\resetengmig.dll 2013-09-09 17:36:29 132096 ----a-w- C:\Windows\System32\sysreset.exe 2013-09-09 17:36:29 1011200 ----a-w- C:\Windows\System32\reseteng.dll 2013-09-09 17:36:15 70144 ----a-w- C:\Windows\System32\appinfo.dll 2013-09-09 17:36:15 112872 ----a-w- C:\Windows\System32\consent.exe 2013-09-09 17:33:11 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll 2013-09-09 17:33:11 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll 2013-09-09 17:32:04 631808 ----a-w- C:\Windows\System32\UserLanguagesCpl.dll 2013-09-09 17:32:04 560128 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll 2013-09-09 17:32:00 955904 ----a-w- C:\Windows\System32\WebcamUi.dll 2013-09-09 17:32:00 798208 ----a-w- C:\Windows\SysWow64\WebcamUi.dll 2013-09-09 17:28:20 7168 ----a-w- C:\Windows\System32\KBDKURD.DLL 2013-09-09 17:28:20 6656 ----a-w- C:\Windows\SysWow64\KBDKURD.DLL 2013-09-09 17:28:20 1184256 ----a-w- C:\Windows\System32\Display.dll 2013-09-09 17:28:20 1164800 ----a-w- C:\Windows\SysWow64\Display.dll 2013-09-09 17:28:17 39936 ----a-w- C:\Windows\System32\drivers\hidi2c.sys 2013-09-09 17:28:16 27136 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-09-09 17:28:04 -------- d-----w- C:\ProgramData\Trend Micro 2013-09-09 17:27:27 1558912 ----a-w- C:\Program Files\Windows Defender\DbgHelp.dll 2013-09-09 17:27:27 149264 ----a-w- C:\Program Files\Windows Defender\SymSrv.dll 2013-09-09 17:25:13 99328 ----a-w- C:\Windows\System32\wushareduxresources.dll 2013-09-09 17:25:13 17408 ----a-w- C:\Windows\System32\wuaext.dll 2013-09-09 17:24:25 8552448 ----a-w- C:\Windows\SysWow64\glcndFilter.dll 2013-09-09 17:24:25 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll 2013-09-09 17:24:13 463768 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll 2013-09-09 17:24:12 267264 ----a-w- C:\Windows\System32\EncDump.dll 2013-09-09 17:24:11 522640 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2013-09-09 17:22:52 90624 ----a-w- C:\Windows\System32\drivers\amdk8.sys 2013-09-09 17:22:52 89088 ----a-w- C:\Windows\System32\drivers\intelppm.sys 2013-09-09 17:22:52 88064 ----a-w- C:\Windows\System32\drivers\amdppm.sys 2013-09-09 17:22:52 87552 ----a-w- C:\Windows\System32\drivers\processr.sys 2013-09-09 17:22:52 22528 ----a-w- C:\Windows\System32\drivers\fxppm.sys 2013-09-09 17:22:51 277736 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2013-09-09 17:22:51 16384 ----a-w- C:\Windows\System32\iscsilog.dll 2013-09-09 17:17:42 31232 ----a-w- C:\Windows\System32\pcadm.dll 2013-09-09 17:17:41 405504 ----a-w- C:\Windows\System32\pcasvc.dll 2013-09-09 17:17:41 13312 ----a-w- C:\Windows\System32\pcalua.exe 2013-09-09 17:17:41 11776 ----a-w- C:\Windows\System32\pcaevts.dll 2013-09-09 17:17:05 929792 ----a-w- C:\Windows\SysWow64\mfnetsrc.dll 2013-09-09 17:17:05 677888 ----a-w- C:\Windows\System32\mfnetcore.dll 2013-09-09 17:17:05 673280 ----a-w- C:\Windows\System32\mfmpeg2srcsnk.dll 2013-09-09 17:17:05 568832 ----a-w- C:\Windows\SysWow64\mfnetcore.dll 2013-09-09 17:17:05 513024 ----a-w- C:\Windows\SysWow64\mfmpeg2srcsnk.dll 2013-09-09 17:17:04 1172992 ----a-w- C:\Windows\System32\mfnetsrc.dll 2013-09-09 17:13:56 375808 ----a-w- C:\Windows\SysWow64\dpnet.dll 2013-09-09 17:12:55 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-09-09 17:12:55 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-09-09 17:11:28 26624 ----a-w- C:\Windows\System32\ReAgentc.exe 2013-09-09 17:11:28 24064 ----a-w- C:\Windows\SysWow64\ReAgentc.exe 2013-09-09 17:11:23 2893824 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-09-09 17:11:23 2400256 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-09-09 17:11:19 68608 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-09-09 17:11:09 76288 ----a-w- C:\Windows\System32\newdev.exe 2013-09-09 17:11:09 75264 ----a-w- C:\Windows\System32\ndadmin.exe 2013-09-09 17:11:09 74240 ----a-w- C:\Windows\SysWow64\newdev.exe 2013-09-09 17:11:09 73728 ----a-w- C:\Windows\SysWow64\ndadmin.exe 2013-09-09 17:11:09 301568 ----a-w- C:\Windows\System32\newdev.dll 2013-09-09 17:11:09 275968 ----a-w- C:\Windows\SysWow64\newdev.dll 2013-09-09 17:09:18 573952 ----a-w- C:\Program Files\Windows Media Player\wmpnssci.dll 2013-09-09 17:08:59 1400832 ----a-w- C:\Windows\System32\propsys.dll 2013-09-09 17:07:59 709632 ----a-w- C:\Windows\SysWow64\MsSpellCheckingFacility.dll 2013-09-09 17:03:30 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-09-09 17:03:30 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-09-09 17:03:30 3072 ----a-w- C:\Windows\SysWow64\lpk.dll 2013-09-09 17:03:30 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-09-09 17:03:30 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll 2013-09-09 17:03:29 96256 ----a-w- C:\Windows\System32\fontsub.dll 2013-09-09 17:03:29 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-09-09 17:03:29 362496 ----a-w- C:\Windows\System32\atmfd.dll 2013-09-09 17:03:29 3072 ----a-w- C:\Windows\System32\lpk.dll 2013-09-09 17:03:29 14336 ----a-w- C:\Windows\System32\dciman32.dll 2013-09-09 16:53:06 81952 ----a-w- C:\Windows\System32\drivers\tifsfilt.sys 2013-09-09 16:53:06 711712 ----a-w- C:\Windows\System32\drivers\timntr.sys 2013-09-09 16:53:02 1464096 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2013-09-09 12:56:13 -------- d-----w- C:\Windows.old 2013-09-09 06:21:55 -------- d-----w- C:\Windows\System32\MRT 2013-09-08 22:18:28 -------- d-----w- C:\Users\WW\AppData\Local\Sony Corporation 2013-09-08 22:15:06 -------- d-----r- C:\Users\WW\Searches 2013-09-08 22:14:36 -------- d-----w- C:\Windows\SysWow64\VAIO Startup Setting Tool 2013-09-08 22:14:36 -------- d-----w- C:\Users\WW\AppData\Local\Power2Go8 2013-09-08 22:14:32 -------- d-----w- C:\Windows\pss 2013-09-08 22:13:56 -------- d-----w- C:\Users\WW\AppData\Local\VirtualStore 2013-09-08 22:13:27 -------- d-----w- C:\Users\WW\AppData\Roaming\Intel 2013-09-08 22:00:51 94208 ----a-w- C:\Windows\System32\synceng.dll 2013-09-08 22:00:51 72192 ----a-w- C:\Windows\SysWow64\synceng.dll 2013-09-08 20:59:28 -------- d-----w- C:\$SysReset 2013-09-08 02:24:40 -------- d-----w- C:\My backups 2013-09-07 12:39:44 -------- d-----r- C:\Sandbox 2013-09-06 23:25:48 -------- d-----w- C:\Update 2013-09-06 18:01:58 -------- d-----w- C:\[smad-Cage] 2013-09-06 17:59:02 -------- d-----w- C:\Users\WW\New folder 2013-09-06 17:58:55 -------- d-----w- C:\Users\WW\smadav 2013-09-05 03:22:09 16336546 ------w- C:\Persi0.sys 2013-09-05 02:34:32 -------- d-----r- C:\Users\WW\Contacts 2013-09-05 02:33:56 -------- d-----w- C:\Users\WW\AppData\Local\Packages 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Videos 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Saved Games 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Pictures 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Music 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Links 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Downloads 2013-09-05 02:33:51 -------- d-----r- C:\Users\WW\Documents 2013-09-05 00:24:57 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi 2013-09-05 00:21:46 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll 2013-09-05 00:21:46 69000 ----a-w- C:\Windows\System32\offreg.dll 2013-09-05 00:21:46 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe 2013-09-05 00:21:46 -------- d-----w- C:\ProgramData\iolo 2013-09-05 00:20:07 -------- d-----w- C:\ProgramData\Sony Corporation 2013-09-05 00:20:03 -------- d-----w- C:\Program Files\Sony 2013-09-05 00:14:01 645952 ----a-w- C:\Windows\System32\drivers\iaStorA.sys 2013-09-05 00:13:02 -------- d-----w- C:\ProgramData\MS_Games 2013-09-05 00:10:18 -------- d-----w- C:\Program Files\Trend Micro 2013-09-05 00:09:39 92536 ----a-w- C:\Windows\System32\drivers\CLVirtualDrive.sys 2013-09-05 00:09:31 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink 2013-09-05 00:08:37 -------- d-----w- C:\ProgramData\install_clap 2013-09-05 00:08:06 -------- d-----w- C:\ProgramData\Symantec 2013-09-05 00:08:06 -------- d-----w- C:\Program Files (x86)\Symantec 2013-09-05 00:08:04 168608 ----a-r- C:\Windows\System32\drivers\NARAx64\0401000.00D\ccSetx64.sys 2013-09-05 00:08:03 -------- d-----w- C:\Windows\System32\drivers\NARAx64\0401000.00D 2013-09-05 00:08:03 -------- d-----w- C:\Windows\System32\drivers\NARAx64 2013-09-05 00:08:03 -------- d-----w- C:\ProgramData\Norton 2013-09-05 00:08:03 -------- d-----w- C:\Program Files (x86)\Norton Online Backup ARA 2013-09-05 00:08:01 -------- d-----w- C:\ProgramData\NortonInstaller 2013-09-05 00:08:01 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2013-09-05 00:07:06 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2013-09-04 23:59:39 56336 ----a-w- C:\Windows\System32\drivers\PxHlpa64.sys 2013-09-04 23:59:39 11376 ----a-w- C:\Windows\System32\drivers\cdralw2k.sys 2013-09-04 23:59:39 10864 ----a-w- C:\Windows\System32\drivers\cdr4_xp.sys 2013-09-04 23:58:54 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared 2013-09-04 23:58:54 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2013-09-04 23:52:55 -------- d-----w- C:\Documentation 2013-09-04 23:47:19 5073256 ----a-w- C:\Windows\System32\d3dx9_35.dll 2013-09-04 23:47:19 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll 2013-09-04 23:45:09 -------- d-----w- C:\Program Files (x86)\Sony 2013-09-04 23:44:57 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-09-04 23:44:57 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-09-04 23:44:49 972712 ----a-w- C:\Windows\System32\deployJava1.dll 2013-09-04 23:44:49 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-09-04 23:44:18 -------- d-----w- C:\Program Files\Common Files\Sony Shared 2013-09-04 23:44:18 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared 2013-09-04 23:43:06 -------- d--h--w- C:\Windows\System32\WLANProfiles 2013-09-04 23:39:14 -------- d-----w- C:\Windows\SysWow64\NV 2013-09-04 23:39:14 -------- d-----w- C:\Windows\System32\NV 2013-09-04 23:37:54 -------- d-----w- C:\Program Files\Synaptics 2013-09-04 23:37:18 -------- d-----w- C:\Windows\SysWow64\sda 2013-09-04 23:37:14 9888912 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll 2013-09-04 23:37:14 339600 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys 2013-09-04 23:36:59 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll 2013-09-04 23:36:34 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2013-09-04 23:35:47 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-09-04 23:35:47 865640 ----a-w- C:\Windows\System32\nv3dappshext.dll 2013-09-04 23:35:47 63336 ----a-w- C:\Windows\System32\nvshext.dll 2013-09-04 23:35:47 6199656 ----a-w- C:\Windows\System32\nvcpl.dll 2013-09-04 23:35:47 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2013-09-04 23:35:47 3476805 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-09-04 23:35:47 3275112 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-09-04 23:35:47 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2013-09-04 23:35:47 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2013-09-04 23:35:16 -------- d-----w- C:\temp 2013-09-04 23:35:05 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2013-09-04 23:34:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2013-09-04 23:34:33 973672 ----a-w- C:\Windows\System32\nvumdshimx.dll 2013-09-04 23:34:33 831848 ----a-w- C:\Windows\SysWow64\nvumdshim.dll 2013-09-04 23:34:33 2731880 ----a-w- C:\Windows\System32\nvapi64.dll 2013-09-04 23:34:33 247144 ----a-w- C:\Windows\System32\nvinitx.dll 2013-09-04 23:34:33 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2013-09-04 23:34:33 202600 ----a-w- C:\Windows\SysWow64\nvinit.dll 2013-09-04 23:34:33 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2013-09-04 23:34:33 1482600 ----a-w- C:\Windows\System32\nvdispgenco64.dll 2013-09-04 23:34:29 -------- d-----w- C:\Program Files\NVIDIA Corporation 2013-09-04 23:33:58 -------- d-----w- C:\Program Files\Common Files\Intel 2013-09-04 23:33:57 -------- d-----w- C:\Program Files (x86)\Common Files\Intel 2013-09-04 23:33:44 56832 ----a-w- C:\Windows\System32\OpenCL.DLL 2013-09-04 23:33:44 56320 ----a-w- C:\Windows\SysWow64\OpenCL.DLL 2013-09-04 23:32:10 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-09-04 23:32:10 683664 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys 2013-09-04 23:31:23 825344 ----a-w- C:\Windows\System32\drivers\btmhsf.sys 2013-09-04 23:31:23 55848 ----a-w- C:\Windows\System32\drivers\iBtFltCoex.sys 2013-09-04 23:31:23 110592 ----a-w- C:\Windows\System32\drivers\btmaux.sys 2013-09-04 23:27:48 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2013-09-04 23:27:42 -------- d-----w- C:\Intel . ==================== Find3M ==================== . 2013-09-05 00:07:04 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2013-09-05 00:07:04 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2013-08-21 04:12:06 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-08-21 04:11:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-08-21 04:11:59 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-08-21 04:11:07 3959296 ----a-w- C:\Windows\System32\jscript9.dll 2013-08-21 04:11:04 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-08-21 04:11:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-08-21 02:34:51 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-08-21 02:06:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-08-21 02:06:06 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-08-21 02:05:28 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-08-21 02:05:25 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-08-21 02:05:25 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-08-21 01:43:54 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-08-20 23:52:56 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll 2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys 2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll 2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe 2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe 2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe 2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll 2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll 2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll 2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll 2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll 2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll 2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll 2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll 2013-08-10 05:21:51 448512 ----a-w- C:\Windows\System32\SettingSync.dll 2013-08-10 05:21:51 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll 2013-08-10 03:58:51 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll 2013-08-02 06:26:53 2304512 ----a-w- C:\Windows\System32\authui.dll 2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-08-02 05:06:50 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-07-27 03:58:39 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll 2013-07-24 23:10:08 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll 2013-07-24 23:06:39 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll 2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys 2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe 2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe 2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll 2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll 2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll 2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll 2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll 2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll 2013-07-03 08:32:42 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys 2013-07-03 00:23:43 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll 2013-07-03 00:23:12 778752 ----a-w- C:\Windows\System32\oleaut32.dll 2013-07-03 00:22:26 1300480 ----a-w- C:\Windows\System32\gdi32.dll 2013-07-03 00:11:23 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll 2013-07-03 00:11:02 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys 2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys 2013-06-30 22:30:14 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe 2013-06-30 22:29:22 77312 ----a-w- C:\Windows\System32\openfiles.exe 2013-06-29 06:15:54 195416 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2013-06-29 06:15:47 125784 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2013-06-29 05:43:16 327512 ----a-w- C:\Windows\System32\drivers\Classpnp.sys 2013-06-29 01:12:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-06-27 09:57:42 172920 ----a-w- C:\Windows\System32\drivers\idmwfp.sys 2013-06-26 03:01:38 321536 ----a-w- C:\Windows\System32\drivers\udfs.sys 2013-06-26 02:59:34 341504 ----a-w- C:\Windows\System32\drivers\HdAudio.sys 2013-06-24 22:54:52 447488 ----a-w- C:\Windows\System32\wwansvc.dll 2013-06-24 22:54:45 74240 ----a-w- C:\Windows\System32\wcmcsp.dll 2013-06-24 22:54:45 263680 ----a-w- C:\Windows\System32\wcmsvc.dll . ============= FINISH: 19:27:39.31 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Single Language Boot Device: \Device\HarddiskVolume3 Install Date: 2013-09-09 5:00:23 AM System Uptime: 2013-09-13 2:04:08 PM (101 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 1200/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 348 GiB total, 236.968 GiB free. D: is CDROM () F: is FIXED (NTFS) - 325 GiB total, 273.958 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter Device ID: USB\VID_8087&PID_07DA\6&12054F0B&0&2 Manufacturer: Intel Corporation Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter PNP Device ID: USB\VID_8087&PID_07DA\6&12054F0B&0&2 Service: BTHUSB . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft 6to4 Adapter Device ID: ROOT\*6TO4MP\0000 Manufacturer: Microsoft Name: Microsoft 6to4 Adapter PNP Device ID: ROOT\*6TO4MP\0000 Service: tunnel . ==== System Restore Points =================== . RP5: 2013-09-12 11:36:35 AM - avast! Internet Security Setup RP6: 2013-09-13 12:50:58 PM - Removed Adobe Community Help RP7: 2013-09-17 6:53:21 PM - ComboFix created restore point . ==== Installed Programs ====================== . Acronis True Image 2014 Adobe Flash Player 11 Plugin Adobe Photoshop Elements 10 Adobe Reader X (10.1.0) - Basque avast! Internet Security CyberLink Power2Go 8 CyberLink PowerDVD Dolby Home Theater v4 Driver Repair v3.0 Elements 10 Organizer FDUx86 Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® PROSet/Wireless WiFi Software Intel® Trusted Connect Service Client Internet Download Manager Java 7 Update 25 Java 7 Update 25 (64-bit) Java Auto Updater KUx86 LOE Microsoft Office Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mobile Partner Mozilla Firefox 23.0.1 (x86 en-US) Norton Online Backup Norton Online Backup ARA NVIDIA Control Panel 305.46 NVIDIA Graphics Driver 305.46 NVIDIA Guard Service 1.3 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX NVIDIA PhysX System Software 9.12.0613 NVIDIA Update Components PlayMemories Home PSE10 STI Installer Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader Restore Secunia PSI (3.0.0.7011) Smartfren Connex AC782 UI SpyHunter SSLx64 SSLx86 Synaptics Pointing Device Driver VAIO - Xperia Link VAIO Care VAIO Control Center VAIO CPU Fan Diagnostic VAIO Data Restore Tool VAIO Easy Connect VAIO Gate VAIO Gate Default VAIO Gesture Control VAIO Image Optimizer VAIO Improvement VAIO Manual VAIO Media Server Settings VAIO Movie Creator Template Data VAIO Transfer Support VAIO Update VCCx64 VCCx86 VGClientX64 VHD VIx64 VIx86 VMLx86 VPMx64 VSSTx64 VSSTx86 VU5x64 VU5x86 VUx64 VUx86 VWSTx86 WinRAR 5.00 beta 8 (64-bit) XperiaLinkx86 . ==== Event Viewer Messages From Past Week ======== . 2013-09-17 7:04:02 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2013-09-17 7:00:28 PM, Error: Application Popup [1060] - 2013-09-17 2:57:54 PM, Error: Service Control Manager [7031] - The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 2013-09-17 2:57:37 PM, Error: Service Control Manager [7034] - The Secunia PSI Agent service terminated unexpectedly. It has done this 1 time(s). 2013-09-17 2:57:28 PM, Error: Service Control Manager [7034] - The Norton Online Backup service terminated unexpectedly. It has done this 1 time(s). 2013-09-17 10:17:23 AM, Error: Service Control Manager [7034] - The Bluetooth Device Monitor service terminated unexpectedly. It has done this 1 time(s). 2013-09-13 2:15:28 PM, Error: Service Control Manager [7019] - The EsgScanner service depends on a service in a group which starts later. Change the order in the service dependency tree to ensure that all services required to start this service are starting before this service is started. 2013-09-13 2:15:28 PM, Error: Service Control Manager [7017] - Detected circular dependencies demand starting EsgScanner. Check the service dependency tree. 2013-09-13 2:15:28 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. 2013-09-13 2:06:21 PM, Error: Service Control Manager [7018] - Detected circular dependencies auto-starting services. Check the service dependency tree. 2013-09-13 2:05:48 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''. 2013-09-13 12:28:33 PM, Error: Service Control Manager [7022] - The VAIO Care Performance Service service hung on starting. 2013-09-13 1:09:40 PM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s). 2013-09-12 10:35:17 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{135E42DC-66E4-4083-A27F-30C898CFDC7B} because another computer on the network has the same name. The server could not start. 2013-09-12 1:27:18 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service. 2013-09-11 9:12:01 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xfffffa800afbc040, 0xfffff800368ef810). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 091113-107734-01. 2013-09-11 6:15:41 AM, Error: Service Control Manager [7030] - The CDROM_Eject_Z service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 2013-09-11 5:46:50 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 2013-09-11 11:37:54 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {06622D85-6856-4460-8DE1-A81921B41C4B}. The error: "31" Happened while starting this command: C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B} 2013-09-11 1:13:11 PM, Error: Service Control Manager [7023] - The WMI Performance Adapter service terminated with the following error: Unspecified error 2013-09-10 7:55:17 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied. 2013-09-10 7:15:44 PM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The media is write protected. 2013-09-10 7:15:11 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control. 2013-09-10 12:32:17 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. The error: "31" Happened while starting this command: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} 2013-09-10 12:29:08 AM, Error: Service Control Manager [7022] - The NVIDIA Update Service Daemon service hung on starting. 2013-09-10 12:09:09 AM, Error: Service Control Manager [7022] - The Intel® Management and Security Application User Notification Service service hung on starting. . ==== End Of File ===========================
  2. monyet
    ok.. once again thank you very much..
  3. monyet
    ic.. is it okay if i connect my internet and update my windows after new window instalation and kaspersky.. and also i just contact my game provider and they said someone running my computer using remote access.. shall i do the same solution for this problem? thanks admin
  4. monyet
    i did that all .. but the problem keep coming at me everytime i start my web base gamed.. is it possible some one hack me through my game... ? they knew everything i did with my pc.. would you help me what to do .. i just give up with trial n error thing.. thanks though
  5. monyet
    please help, got a new virus evertime i formated my pc.. here are dds: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 08/09/2013 14:46:46 System Uptime: 09/09/2013 22:07:24 (8 hours ago) . Motherboard: ECS | | A780VM-M2 Processor: AMD Athlon II X2 215 Processor | CPU 1 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 233 GiB total, 205,855 GiB free. D: is FIXED (NTFS) - 232 GiB total, 218,063 GiB free. F: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81111019&REV_02\4&15D6FFBE&0&0038 Manufacturer: Realtek Name: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81111019&REV_02\4&15D6FFBE&0&0038 Service: RTL8167 . Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318} Description: Microsoft PS/2 Mouse Device ID: ACPI\PNP0F03\4&1DBC8468&0 Manufacturer: Microsoft Name: Microsoft PS/2 Mouse PNP Device ID: ACPI\PNP0F03\4&1DBC8468&0 Service: i8042prt . Class GUID: {4d36e978-e325-11ce-bfc1-08002be10318} Description: Printer Port Device ID: ACPI\PNP0400\4&1DBC8468&0 Manufacturer: (Standard port types) Name: Printer Port (LPT1) PNP Device ID: ACPI\PNP0400\4&1DBC8468&0 Service: Parport . ==== System Restore Points =================== . RP3: 08/09/2013 14:53:32 - Device Driver Package Install: TP-LINK Network adapters RP4: 08/09/2013 15:04:45 - Windows Update RP5: 08/09/2013 15:52:45 - Windows Update RP6: 08/09/2013 18:29:06 - Windows Update RP7: 09/09/2013 0:25:49 - Windows Update RP8: 09/09/2013 0:46:31 - Windows Update RP9: 09/09/2013 6:30:28 - Windows Update . ==== Installed Programs ====================== . Acronis True Image Home Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin ATI Catalyst Install Manager Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mobile Partner Mozilla Firefox 23.0.1 (x86 en-US) Norton Internet Security Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) . ==== Event Viewer Messages From Past Week ======== . 10/09/2013 6:18:01, Error: volmgr [45] - The system could not sucessfully load the crash dump driver. 09/09/2013 20:07:44, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{D7B86F3E-CFD4-4379-B7BF-B477C56DC3A1} because another computer on the network has the same name. The server could not start. 09/09/2013 20:06:42, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 Run by Cassidy at 6:40:12 on 2013-09-10 Microsoft Windows 7 Professional 6.1.7601.1.1252.62.1033.18.4094.2338 [GMT 7:00] . AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe mRun: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe StartupFolder: C:\Users\Cassidy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SALITY~1.LNK - C:\Users\Cassidy\Downloads\salitykiller.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-Explorer: NoDrives = dword:0 TCP: Interfaces\{3C0C481F-1480-437A-B1C1-D860445C53A3} : DHCPNameServer = 116.213.54.20 116.213.54.21 TCP: Interfaces\{4FEF7ECD-3D5D-40D2-A985-C7F7A99EEB41} : NameServer = 10.0.28.18 10.0.18.54 SSODL: WebCheck - <orphaned> LSA: Authentication Packages = msv1_0 relog_ap x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Notify: DfLogon - LogonDll.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Cassidy\AppData\Roaming\Mozilla\Firefox\Profiles\98slvv4m.default-1378733130443\ FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll FF - ExtSQL: 2013-09-08 15:10; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn FF - ExtSQL: 2013-09-09 00:39; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn . ============= SERVICES / DRIVERS =============== . R0 DeepFrz;DeepFrz;C:\Windows\System32\drivers\DeepFrz.sys [2010-5-20 227352] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309000.009\symds64.sys [2013-9-10 451192] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309000.009\symefa64.sys [2013-9-10 1129120] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [2013-9-4 1525336] R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309000.009\ccsetx64.sys [2013-9-10 167072] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130905.001\IDSviA64.sys [2013-9-5 520280] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309000.009\ironx64.sys [2013-9-10 190072] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-9-8 202752] R2 DFServ;DFServ;C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [2010-5-20 1073664] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-9 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-9 701512] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe [2013-9-10 138272] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-9-8 140376] R3 ip100Avista;TP-LINK 10/100Mbps PCI Network Adapter NT Driver;C:\Windows\System32\drivers\ipfnd51.sys [2010-11-23 37888] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-9 25928] R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1300000.080\symnets.sys [2013-9-8 396408] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-11 187392] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-8 1255736] . =============== Created Last 30 ================ . 2013-09-09 23:34:49 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1309000.009\symds64.sys 2013-09-09 23:34:49 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\symnets.sys 2013-09-09 23:34:49 37536 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\srtspx64.sys 2013-09-09 23:34:49 1129120 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\symefa64.sys 2013-09-09 23:34:48 737952 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\srtsp64.sys 2013-09-09 23:34:48 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\ironx64.sys 2013-09-09 23:34:48 167072 ----a-w- C:\Windows\System32\drivers\NISx64\1309000.009\ccsetx64.sys 2013-09-09 23:34:41 -------- d-----w- C:\Windows\System32\drivers\NISx64\1309000.009 2013-09-09 09:44:52 -------- d-----w- C:\AdwCleaner 2013-09-09 09:34:10 -------- d-----w- C:\Windows\ERUNT 2013-09-08 23:35:06 -------- d-----w- C:\Users\Cassidy\AppData\Local\Macromedia 2013-09-08 23:30:25 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-09-08 23:30:25 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-09-08 23:30:25 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-09-08 23:30:24 243712 ----a-w- C:\Windows\System32\wow64.dll 2013-09-08 23:30:24 1732032 ----a-w- C:\Windows\System32\ntdll.dll 2013-09-08 23:30:24 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-09-08 23:30:24 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll 2013-09-08 23:30:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-09-08 23:30:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-09-08 23:30:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-09-08 23:30:23 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-09-08 22:35:27 -------- d-----w- C:\Windows\Panther 2013-09-08 17:29:23 -------- d-----w- C:\Users\Cassidy\AppData\Local\Adobe 2013-09-08 17:29:13 -------- d-----w- C:\Users\Cassidy\AppData\Roaming\Malwarebytes 2013-09-08 17:28:59 -------- d-----w- C:\ProgramData\Malwarebytes 2013-09-08 17:28:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-09-08 17:28:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-08 17:28:51 -------- d-----w- C:\Users\Cassidy\AppData\Local\Programs 2013-09-08 17:24:07 29696 ----a-r- C:\Windows\System32\drivers\ewdcsc.sys 2013-09-08 17:24:07 112512 ----a-r- C:\Windows\System32\drivers\ewusbmdm.sys 2013-09-08 17:23:50 -------- d-----w- C:\Program Files (x86)\Mobile Partner 2013-09-08 12:04:01 16336546 ------w- C:\Persi0.sys 2013-09-08 11:50:16 -------- d-----w- C:\Program Files (x86)\Faronics 2013-09-08 11:41:23 -------- d-----w- C:\Users\Cassidy\AppData\Roaming\Smadav 2013-09-08 11:41:23 -------- d-----w- C:\Program Files (x86)\Smadav 2013-09-08 11:41:18 -------- d-sh--w- C:\[smad-Cage] 2013-09-08 11:36:25 81952 ----a-w- C:\Windows\System32\drivers\tifsfilt.sys 2013-09-08 11:36:25 711712 ----a-w- C:\Windows\System32\drivers\timntr.sys 2013-09-08 11:36:24 11264 ----a-w- C:\Windows\System32\relog_ap.dll 2013-09-08 11:36:22 229408 ----a-w- C:\Windows\System32\drivers\snapman.sys 2013-09-08 11:36:21 593440 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2013-09-08 11:32:34 -------- d-----w- C:\Users\Cassidy\AppData\Local\CrashDumps 2013-09-08 11:30:28 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2013-09-08 11:30:28 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2013-09-08 11:30:28 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2013-09-08 11:30:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2013-09-08 11:30:27 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2013-09-08 11:30:27 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2013-09-08 11:30:27 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2013-09-08 11:01:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-08 11:01:51 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-08 10:51:46 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-09-08 10:51:46 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-09-08 10:22:40 -------- d-----w- C:\Windows\SysWow64\Wat 2013-09-08 10:22:40 -------- d-----w- C:\Windows\System32\Wat 2013-09-08 09:41:39 -------- d-----w- C:\Users\Cassidy\AppData\Local\ATI 2013-09-08 09:40:10 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2013-09-08 09:40:10 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-09-08 09:40:10 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2013-09-08 09:40:10 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2013-09-08 09:31:07 1054720 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2013-09-08 09:29:45 68608 ----a-w- C:\Windows\System32\taskhost.exe 2013-09-08 09:15:54 -------- d-----w- C:\Windows\System32\MRT 2013-09-08 09:05:22 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-09-08 09:05:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-09-08 09:05:22 367616 ----a-w- C:\Windows\System32\atmfd.dll 2013-09-08 09:05:22 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-09-08 09:05:22 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-09-08 09:05:22 100864 ----a-w- C:\Windows\System32\fontsub.dll 2013-09-08 08:58:32 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-09-08 08:58:32 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2013-09-08 08:58:32 5120 ----a-w- C:\Windows\System32\wmi.dll 2013-09-08 08:58:32 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2013-09-08 08:58:32 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-09-08 08:33:37 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2013-09-08 08:28:31 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs 2013-09-08 08:27:58 395776 ----a-w- C:\Windows\System32\webio.dll 2013-09-08 08:26:51 961024 ----a-w- C:\Windows\System32\CPFilters.dll 2013-09-08 08:25:57 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-08 08:22:20 956928 ----a-w- C:\Windows\System32\localspl.dll 2013-09-08 08:19:15 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2013-09-08 08:19:15 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2013-09-08 08:19:05 503808 ----a-w- C:\Windows\System32\srcore.dll 2013-09-08 08:19:05 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2013-09-08 08:19:04 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2013-09-08 08:14:32 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-09-08 08:14:32 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-09-08 08:14:32 112640 ----a-w- C:\Windows\System32\smss.exe 2013-09-08 08:13:37 723456 ----a-w- C:\Windows\System32\EncDec.dll 2013-09-08 08:13:37 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2013-09-08 08:13:36 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-09-08 08:13:36 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-09-08 08:11:55 67072 ----a-w- C:\Windows\splwow64.exe 2013-09-08 08:11:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2013-09-08 08:11:53 77312 ----a-w- C:\Windows\System32\packager.dll 2013-09-08 08:11:53 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2013-09-08 08:10:02 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-09-08 08:10:02 -------- d-----w- C:\Program Files\Symantec 2013-09-08 08:10:02 -------- d-----w- C:\Program Files\Common Files\Symantec Shared 2013-09-08 08:08:27 -------- d-sh--w- C:\Windows\Installer 2013-09-08 08:08:20 -------- d-----w- C:\ProgramData\NortonInstaller 2013-09-08 08:08:20 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2013-09-08 08:05:04 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2013-09-08 08:05:00 99840 ----a-w- C:\Windows\System32\wudriver.dll 2013-09-08 08:04:52 36864 ----a-w- C:\Windows\System32\wuapp.exe 2013-09-08 08:04:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2013-09-08 07:37:52 0 ----a-w- C:\Windows\ativpsrm.bin . ==================== Find3M ==================== . 2013-09-08 09:24:56 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys . ============= FINISH: 6:40:36,98 ===============
  6. monyet
    i didnt delete the rogue killer scan since , was it okay ? and also i found this file under my adawre cleaner back up C:\AdwCleaner\Backup\C\Users\Cassidy\AppData\Roaming\Mozilla\Firefox\Profiles\tw7p5p1r.default thank you very much for helping me , sir
  7. monyet
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.9 (09.07.2013:1) OS: Windows 7 Professional x64 Ran by Cassidy on 09/09/2013 at 16:34:11,66 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09/09/2013 at 16:41:10,81 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.003 - Report created 09/09/2013 at 16:47:07 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Cassidy - CASSIDY-PC # Running from : D:\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Cassidy\AppData\Roaming\Mozilla\Firefox\Profiles\tw7p5p1r.default\prefs.js ] ************************* AdwCleaner[R0].txt - [759 octets] - [09/09/2013 16:44:58] AdwCleaner[s0].txt - [681 octets] - [09/09/2013 16:47:07] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [740 octets] ########## Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.08.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Cassidy :: CASSIDY-PC [administrator] Protection: Disabled 09/09/2013 16:50:35 mbam-log-2013-09-09 (16-50-35).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 212846 Time elapsed: 3 minute(s), 8 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) RogueKiller V8.6.9 _x64_ [sep 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Cassidy [Admin rights] Mode : Scan -- Date : 09/09/2013 16:56:47 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [RUN][sUSP UNIC] HKCU\[...]\Run : SMΔRT-Protection (C:\Program Files (x86)\Smadav\SMΔRTP.exe rtp [-]) -> FOUND [RUN][sUSP UNIC] HKUS\S-1-5-21-2902185589-1159910922-1940199596-1000\[...]\Run : SMΔRT-Protection (C:\Program Files (x86)\Smadav\SMΔRTP.exe rtp [-]) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++ --- User --- [MBR] e9ec73df2d2702c2aa88811b4a607d82 [bSP] 97c57077598020a750afb797d663e561 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238982 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 489641984 | Size: 237855 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_09092013_165647.txt >>
  8. monyet
    hello sir maniac.. is it possible for me running jrt and the other tools using my pc instead of my notebook since i send my notebook to sony tech to fix the problem regarding shutdown button.. my pc has the same problem with my notebook. first i run the test with my notebook because i had a proejct that need to be done in a 4 days.. do i need to post a new topic with the same problem or i just post the next test that u asked me for? anyway.. here are the test result if i still can post the problem in here.. (same problem though)
  9. monyet
    looks like my notebook wont shutdown unless i hit the power button forcely....
  10. monyet
    hello there.. thanks for you help.. yeah i should buy a pro one.. this is my first time using malware anti malware.. here are dds log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Single Language Boot Device: \Device\HarddiskVolume3 Install Date: 9/4/2013 7:33:50 PM System Uptime: 9/7/2013 9:37:38 PM (0 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 674 GiB total, 576.047 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter Device ID: USB\VID_8087&PID_07DA\6&12054F0B&0&2 Manufacturer: Intel Corporation Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter PNP Device ID: USB\VID_8087&PID_07DA\6&12054F0B&0&2 Service: BTHUSB . ==== System Restore Points =================== . RP2: 9/4/2013 8:04:43 PM - Language Pack Removal RP3: 9/4/2013 9:39:28 PM - Windows Backup RP4: 9/4/2013 9:41:51 PM - Windows Backup RP5: 9/6/2013 10:09:12 AM - Installed Acronis True Image Home RP6: 9/6/2013 10:19:24 AM - Windows Backup RP7: 9/6/2013 10:26:00 AM - Windows Backup RP8: 9/7/2013 8:55:49 AM - Windows Backup . ==== Installed Programs ====================== . Acronis True Image 2014 Adobe AIR Adobe Community Help Adobe Photoshop Elements 10 Adobe Reader X MUI CyberLink Power2Go 8 CyberLink PowerDVD Dolby Home Theater v4 Elements 10 Organizer FDUx86 Intel PROSet Wireless Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® Rapid Storage Technology Intel® SDK for OpenCL - CPU Only Runtime Package Intel® PROSet/Wireless WiFi Software Intel® Trusted Connect Service Client Internet Download Manager Java Auto Updater Java 7 Update 5 Java 7 Update 5 (64-bit) KUx86 Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Office Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mobile Partner Mozilla Firefox 23.0.1 (x86 en-US) Norton Online Backup Norton Online Backup ARA NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX NVIDIA Update 1.10.8 NVIDIA Update Components PlayMemories Home PSE10 STI Installer Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader Restore Sandboxie 4.04 (64-bit) SSLx64 SSLx86 Trend Micro Titanium Trend Micro Titanium Maximum Security VAIO - Xperia Link VAIO Care VAIO Control Center VAIO CPU Fan Diagnostic VAIO Data Restore Tool VAIO Easy Connect VAIO Gate VAIO Gate Default VAIO Gesture Control VAIO Image Optimizer VAIO Improvement VAIO Manual VAIO Media Server Settings VAIO Movie Creator Template Data VAIO Transfer Support VAIO Update VCCx64 VCCx86 VGClientX64 VHD VIx64 VIx86 VMLx86 VPMx64 VSSTx64 VSSTx86 VU5x64 VU5x86 VUx64 VUx86 VWSTx86 XperiaLinkx86 . ==== Event Viewer Messages From Past Week ======== . 9/7/2013 8:43:32 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 9/7/2013 8:01:22 PM, Error: volmgr [45] - The system could not sucessfully load the crash dump driver. 9/6/2013 7:56:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2785220). 9/6/2013 7:56:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2727528). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 8 for x64-based Systems (KB2769034). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2868623). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2845187). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2835364). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2830290). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2813430). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2789649). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2840633). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2742616). 9/6/2013 7:55:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Cumulative Security Update for ActiveX Killbits for Windows 8 for x64-based Systems (KB2820197). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 8 for x64-based Systems (KB2800033). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 8 for x64-based Systems (KB2777294). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2862966). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2839894). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2835361). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2807986). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2770660). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2737084). 9/6/2013 7:55:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2736693). 9/6/2013 7:55:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 8 for x64-based Systems (KB2805966). 9/6/2013 7:55:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2829254). 9/6/2013 7:55:44 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2753842). 9/6/2013 7:55:35 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2829361). 9/6/2013 7:55:35 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2844289). 9/6/2013 7:55:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 8 for x64-based Systems (KB2757638). 9/6/2013 7:55:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 3.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2756923). 9/6/2013 6:45:49 PM, Error: Service Control Manager [7034] - The Trend Micro Solution Platform service terminated unexpectedly. It has done this 1 time(s). 9/6/2013 6:45:16 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied. 9/6/2013 4:22:49 PM, Error: Service Control Manager [7023] - 9/4/2013 9:52:16 PM, Error: Service Control Manager [7034] - The Bluetooth Device Monitor service terminated unexpectedly. It has done this 1 time(s). 9/4/2013 8:22:09 PM, Error: Service Control Manager [7030] - The DFServ service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.5.0 Run by WW at 21:54:12 on 2013-09-07 Microsoft Windows 8 Single Language 6.2.9200.0.1252.1.1033.18.12167.10125 [GMT -7:00] . AV: Trend Micro Titanium Maximum Security *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Trend Micro Titanium Maximum Security *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\dwm.exe C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Sandboxie\SbieCtrl.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe C:\Program Files\Sony\VAIO Update\VUAgent.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Program Files\Sandboxie\SandboxieRpcSs.exe C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Sony\VAIO Care\VCSystemTray.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskhost.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" uRun: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe mPolicies-Explorer: NoDrives = dword:0 IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm TCP: NameServer = 192.168.1.1 TCP: Interfaces\{A3703045-E58E-469F-A57E-B8C4ECC7DC79} : DHCPNameServer = 192.168.1.1 Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe32.dll Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg32.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL "" x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1136\7.5.1136\TmBpIe64.dll x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1209\1.0.1209\TmopIEPlg.dll x64-Notify: DfLogon - LogonDll.dll x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\WW\AppData\Roaming\Mozilla\Firefox\Profiles\rmc0czdu.default\ FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-09-04 19:48; tmbepff-7.5@trendmicro.com; C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1136\7.5.1136\firefoxextension FF - ExtSQL: 2013-09-06 11:28; mozilla_cc@internetdownloadmanager.com; C:\Users\WW\AppData\Roaming\IDM\idmmzcc5 FF - ExtSQL: 2013-09-07 05:32; {21541D23-FDA1-4bf3-8AF2-8F623BF70B07}; C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension . ============= SERVICES / DRIVERS =============== . R0 DeepFrz;DeepFrz;C:\Windows\System32\Drivers\DeepFrz.sys [2010-5-20 227352] R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\Drivers\fltsrv.sys [2013-9-7 116000] R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-9-4 645952] R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2012-10-8 30056] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-9-4 56336] R0 tib;Acronis TIB Manager;C:\Windows\System32\Drivers\tib.sys [2013-9-7 1120032] R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\Drivers\tib_mounter.sys [2013-9-7 183224] R0 TMEBC;TMEBC;C:\Windows\System32\Drivers\TMEBC64.sys [2013-9-4 46392] R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00D\ccSetx64.sys [2013-9-4 168608] R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-9-4 92536] R1 tmevtmgr;tmevtmgr;C:\Windows\System32\Drivers\tmevtmgr.sys [2013-9-4 77184] R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624] R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-9-7 3873784] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-13 731688] R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-9-4 310952] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-9-4 1091520] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-9-4 1112000] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984] R2 DFServ;DFServ;C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [2010-5-20 1073664] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-9-4 2445968] R2 IDMWFP;IDMWFP;C:\Windows\System32\Drivers\idmwfp.sys [2013-7-26 172920] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-9-4 128896] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-9-4 165760] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-7 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-7 701512] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-8-10 3939008] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-7-27 474208] R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-8-21 9735112] R2 tmusa;Trend Micro Osprey Driver;C:\Windows\System32\Drivers\tmusa.sys [2013-9-4 92456] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-9-4 364416] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840] R3 afcdp;afcdp;C:\Windows\System32\Drivers\afcdp.sys [2013-9-7 367200] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-21 342528] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-7 25928] R3 NETwNe64;@oem29.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-10-10 4309032] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-9-4 683664] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2013-7-8 199384] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-16 14336] R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-21 43832] R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280] R3 tmeevw;tmeevw;C:\Windows\System32\Drivers\tmeevw.sys [2013-9-4 94520] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-9-4 1359408] S0 tmel;tmel;C:\Windows\System32\Drivers\tmel.sys [2013-9-4 34224] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344] S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2013-9-4 110592] S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2013-9-4 825344] S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136] S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2013-9-4 55848] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176] S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-9-4 623784] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-9-4 339600] S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-10-15 123616] S3 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-10-15 461024] S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-10-15 78560] S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952] S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2013-9-4 476328] S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-11-7 972000] S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-8-8 56000] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464] S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672] . =============== Created Last 30 ================ . 2013-09-08 03:25:07 -------- d-----w- C:\Program Files (x86)\Cisco 2013-09-08 02:24:40 -------- d-----w- C:\My backups 2013-09-08 02:20:55 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys 2013-09-08 02:20:51 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys 2013-09-08 02:20:50 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys 2013-09-08 02:20:48 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys 2013-09-08 02:20:41 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys 2013-09-07 17:48:14 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4 2013-09-07 17:45:25 -------- d-----w- C:\Windows\LastGood.Tmp 2013-09-07 15:51:25 19187712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-09-07 15:51:22 18523648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2013-09-07 15:09:46 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-09-07 15:09:46 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-09-07 14:45:16 -------- d-----w- C:\Windows\System32\MRT 2013-09-07 13:35:59 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll 2013-09-07 13:26:34 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-09-07 13:26:32 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-09-07 13:22:58 1161728 ----a-w- C:\Windows\System32\sppobjs.dll 2013-09-07 12:59:47 993512 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-09-07 12:58:58 28904 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys 2013-09-07 12:55:40 -------- d-----w- C:\Users\WW\AppData\Roaming\Malwarebytes 2013-09-07 12:55:29 -------- d-----w- C:\ProgramData\Malwarebytes 2013-09-07 12:55:27 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-09-07 12:55:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-07 12:54:38 -------- d-----w- C:\Users\WW\AppData\Local\Programs 2013-09-07 12:50:50 2893824 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-09-07 12:50:50 2400256 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-09-07 12:46:09 1558912 ----a-w- C:\Program Files\Windows Defender\DbgHelp.dll 2013-09-07 12:46:09 149264 ----a-w- C:\Program Files\Windows Defender\SymSrv.dll 2013-09-07 12:42:13 144384 ----a-w- C:\Windows\System32\tssdisai.dll 2013-09-07 12:42:13 135680 ----a-w- C:\Windows\System32\appserverai.dll 2013-09-07 12:42:13 126976 ----a-w- C:\Windows\System32\RDWebAI.dll 2013-09-07 12:42:13 122880 ----a-w- C:\Windows\System32\VmHostAI.dll 2013-09-07 12:42:12 148480 ----a-w- C:\Windows\System32\poqexec.exe 2013-09-07 12:42:12 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe 2013-09-07 12:41:55 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2013-09-07 12:41:55 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-09-07 12:41:44 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-09-07 12:41:44 25088 ----a-w- C:\Windows\SysWow64\cryptdlg.dll 2013-09-07 12:41:15 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-09-07 12:41:15 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-09-07 12:39:44 -------- d-----r- C:\Sandbox 2013-09-07 12:38:19 4036096 ----a-w- C:\Windows\System32\win32k.sys 2013-09-07 12:37:13 888320 ----a-w- C:\Windows\System32\autochk.exe 2013-09-07 12:37:13 793088 ----a-w- C:\Windows\SysWow64\autochk.exe 2013-09-07 12:37:13 542208 ----a-w- C:\Windows\System32\untfs.dll 2013-09-07 12:37:13 482816 ----a-w- C:\Windows\SysWow64\untfs.dll 2013-09-07 12:37:12 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2013-09-07 12:37:12 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2013-09-07 12:37:08 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-09-07 12:37:07 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-09-07 12:36:19 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll 2013-09-07 12:36:19 1437184 ----a-w- C:\Windows\SysWow64\GdiPlus.dll 2013-09-07 03:54:24 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-09-07 03:49:18 141312 ----a-w- C:\Windows\System32\cryptnet.dll 2013-09-07 03:49:18 1255936 ----a-w- C:\Windows\System32\certutil.exe 2013-09-07 03:49:18 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-09-07 03:49:18 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-09-07 03:47:38 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-07 03:47:37 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-09-07 03:47:02 96256 ----a-w- C:\Windows\System32\fontsub.dll 2013-09-07 03:47:02 75776 ----a-w- C:\Windows\SysWow64\fontsub.dll 2013-09-07 03:47:02 46080 ----a-w- C:\Windows\System32\atmlib.dll 2013-09-07 03:47:02 362496 ----a-w- C:\Windows\System32\atmfd.dll 2013-09-07 03:47:02 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll 2013-09-07 03:47:02 3072 ----a-w- C:\Windows\SysWow64\lpk.dll 2013-09-07 03:47:02 3072 ----a-w- C:\Windows\System32\lpk.dll 2013-09-07 03:47:02 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll 2013-09-07 03:47:02 14336 ----a-w- C:\Windows\System32\dciman32.dll 2013-09-07 03:47:02 10752 ----a-w- C:\Windows\SysWow64\dciman32.dll 2013-09-07 03:46:46 2851840 ----a-w- C:\Windows\System32\esent.dll 2013-09-07 03:46:46 2382336 ----a-w- C:\Windows\SysWow64\esent.dll 2013-09-07 03:41:50 94208 ----a-w- C:\Windows\System32\synceng.dll 2013-09-07 03:41:49 72192 ----a-w- C:\Windows\SysWow64\synceng.dll 2013-09-07 03:41:46 86016 ----a-w- C:\Windows\System32\ncryptsslp.dll 2013-09-07 03:41:45 71168 ----a-w- C:\Windows\SysWow64\ncryptsslp.dll 2013-09-07 03:41:42 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 2013-09-07 03:41:42 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2013-09-07 03:41:42 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll 2013-09-07 03:41:42 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2013-09-07 03:41:42 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2013-09-07 03:41:42 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-09-07 03:41:42 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll 2013-09-07 03:39:53 303848 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-09-07 03:39:53 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-09-07 03:33:21 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-09-07 03:33:21 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-09-07 03:33:19 26624 ----a-w- C:\Windows\System32\ReAgentc.exe 2013-09-07 03:33:19 24064 ----a-w- C:\Windows\SysWow64\ReAgentc.exe 2013-09-07 03:33:05 945152 ----a-w- C:\Windows\System32\resetengmig.dll 2013-09-07 03:33:05 443392 ----a-w- C:\Windows\System32\ReAgent.dll 2013-09-07 03:33:05 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll 2013-09-07 03:33:05 132096 ----a-w- C:\Windows\System32\sysreset.exe 2013-09-07 03:33:05 1011200 ----a-w- C:\Windows\System32\reseteng.dll 2013-09-07 03:31:48 1838080 ----a-w- C:\Windows\System32\DWrite.dll 2013-09-07 03:31:48 1421312 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-09-07 03:29:41 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-09-07 03:29:35 733184 ----a-w- C:\Windows\System32\win32spl.dll 2013-09-07 03:24:09 9216 ----a-w- C:\Windows\System32\dpnhupnp.dll 2013-09-07 03:19:39 2361344 ----a-w- C:\Windows\System32\msxml6.dll 2013-09-07 03:19:39 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll 2013-09-07 03:19:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2013-09-07 03:19:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll 2013-09-07 03:19:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-09-07 03:19:39 1836032 ----a-w- C:\Windows\System32\msxml3.dll 2013-09-07 03:19:39 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-09-07 03:19:39 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-09-06 23:30:39 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-09-06 23:25:48 -------- d-----w- C:\Update 2013-09-06 19:21:43 -------- d-----w- C:\Users\WW\AppData\Roaming\Smadav 2013-09-06 19:21:43 -------- d-----w- C:\Program Files (x86)\Smadav 2013-09-06 18:27:41 -------- d-----w- C:\ProgramData\IDM 2013-09-06 18:27:39 -------- d-----w- C:\Users\WW\AppData\Roaming\IDM 2013-09-06 18:27:39 -------- d-----w- C:\Users\WW\AppData\Roaming\DMCache 2013-09-06 18:27:05 -------- d-----w- C:\Program Files (x86)\Internet Download Manager 2013-09-06 18:02:45 -------- d-----w- C:\Program Files\Sandboxie 2013-09-06 18:01:58 -------- d-sh--w- C:\[smad-Cage] 2013-09-06 17:59:02 -------- d-----w- C:\Users\WW\New folder 2013-09-06 17:58:55 -------- d-----w- C:\Users\WW\smadav 2013-09-06 17:55:21 29696 ----a-r- C:\Windows\System32\drivers\ewdcsc.sys 2013-09-06 17:55:21 112512 ----a-r- C:\Windows\System32\drivers\ewusbmdm.sys 2013-09-06 17:54:33 -------- d-----w- C:\Program Files (x86)\Mobile Partner 2013-09-06 17:29:11 -------- d-----w- C:\Users\WW\AppData\Local\Trend Micro 2013-09-06 17:10:20 81952 ----a-w- C:\Windows\System32\drivers\tifsfilt.sys 2013-09-06 17:10:20 711712 ----a-w- C:\Windows\System32\drivers\timntr.sys 2013-09-06 17:10:09 1464096 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2013-09-05 03:22:09 16336546 ------w- C:\Persi0.sys 2013-09-05 03:22:08 -------- d-----w- C:\Program Files (x86)\Faronics 2013-09-05 02:49:13 -------- d-----w- C:\Users\WW\AppData\Roaming\iolo 2013-09-05 02:48:16 94520 ----a-w- C:\Windows\System32\drivers\tmeevw.sys 2013-09-05 02:48:14 77184 ----a-w- C:\Windows\System32\drivers\tmevtmgr.sys 2013-09-05 02:48:14 46392 ----a-w- C:\Windows\System32\drivers\TMEBC64.sys 2013-09-05 02:48:14 174016 ----a-w- C:\Windows\System32\drivers\tmcomm.sys 2013-09-05 02:48:14 108584 ----a-w- C:\Windows\System32\drivers\tmactmon.sys 2013-09-05 02:48:13 92456 ----a-w- C:\Windows\System32\drivers\tmusa.sys 2013-09-05 02:48:13 34224 ----a-w- C:\Windows\System32\drivers\tmel.sys 2013-09-05 02:47:30 59 ----a-w- C:\Windows\System32\SupportTool.exe.bat 2013-09-05 02:47:13 -------- d-----w- C:\ProgramData\Trend Micro 2013-09-05 02:38:55 -------- d-----w- C:\Users\WW\AppData\Local\Sony Corporation 2013-09-05 02:35:11 -------- d-----w- C:\Users\WW\AppData\Local\Power2Go8 2013-09-05 02:34:32 -------- d-----r- C:\Users\WW\Searches 2013-09-05 02:34:32 -------- d-----r- C:\Users\WW\Contacts 2013-09-05 02:34:12 -------- d-----w- C:\Windows\SysWow64\VAIO Startup Setting Tool 2013-09-05 02:34:12 -------- d-----w- C:\Windows\pss 2013-09-05 02:34:04 -------- d-----w- C:\Users\WW\AppData\Local\VirtualStore 2013-09-05 00:24:57 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi 2013-09-05 00:21:46 74703 ----a-w- C:\Windows\SysWow64\mfc45.dll 2013-09-05 00:21:46 69000 ----a-w- C:\Windows\System32\offreg.dll 2013-09-05 00:21:46 21176 ----a-w- C:\Windows\System32\iolorgdf64.exe 2013-09-05 00:21:46 -------- d-----w- C:\ProgramData\iolo 2013-09-05 00:20:07 -------- d-----w- C:\ProgramData\Sony Corporation 2013-09-05 00:20:03 -------- d-----w- C:\Program Files\Sony 2013-09-05 00:14:01 645952 ----a-w- C:\Windows\System32\drivers\iaStorA.sys 2013-09-05 00:13:02 -------- d-----w- C:\ProgramData\MS_Games 2013-09-05 00:10:18 -------- d-----w- C:\Program Files\Trend Micro 2013-09-05 00:09:39 92536 ----a-w- C:\Windows\System32\drivers\CLVirtualDrive.sys 2013-09-05 00:09:31 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink 2013-09-05 00:08:37 -------- d-----w- C:\ProgramData\install_clap 2013-09-05 00:08:07 -------- d-----w- C:\ProgramData\boost_interprocess 2013-09-05 00:08:06 -------- d-----w- C:\ProgramData\Symantec 2013-09-05 00:08:06 -------- d-----w- C:\Program Files (x86)\Symantec 2013-09-05 00:08:04 168608 ----a-r- C:\Windows\System32\drivers\NARAx64\0401000.00D\ccSetx64.sys 2013-09-05 00:08:03 -------- d-----w- C:\Windows\System32\drivers\NARAx64\0401000.00D 2013-09-05 00:08:03 -------- d-----w- C:\Windows\System32\drivers\NARAx64 2013-09-05 00:08:03 -------- d-----w- C:\ProgramData\Norton 2013-09-05 00:08:03 -------- d-----w- C:\Program Files (x86)\Norton Online Backup ARA 2013-09-05 00:08:01 -------- d-----w- C:\ProgramData\NortonInstaller 2013-09-05 00:08:01 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2013-09-05 00:07:06 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2013-09-04 23:59:39 56336 ------w- C:\Windows\System32\drivers\PxHlpa64.sys 2013-09-04 23:59:39 11376 ------w- C:\Windows\System32\drivers\cdralw2k.sys 2013-09-04 23:59:39 10864 ------w- C:\Windows\System32\drivers\cdr4_xp.sys 2013-09-04 23:58:54 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared 2013-09-04 23:58:54 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2013-09-04 23:52:55 -------- d-----w- C:\Documentation 2013-09-04 23:47:19 5073256 ----a-w- C:\Windows\System32\d3dx9_35.dll 2013-09-04 23:47:19 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll 2013-09-04 23:45:09 -------- d-----w- C:\Program Files (x86)\Sony 2013-09-04 23:43:06 -------- d--h--w- C:\Windows\System32\WLANProfiles 2013-09-04 23:41:00 -------- d-----w- C:\ProgramData\Roaming 2013-09-04 23:39:14 -------- d-----w- C:\Windows\SysWow64\NV 2013-09-04 23:39:14 -------- d-----w- C:\Windows\System32\NV 2013-09-04 23:37:54 -------- d-----w- C:\Program Files\Synaptics 2013-09-04 23:37:18 -------- d-----w- C:\Windows\SysWow64\sda 2013-09-04 23:37:14 9888912 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll 2013-09-04 23:37:14 339600 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys 2013-09-04 23:36:59 15168 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll 2013-09-04 23:36:34 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2013-09-04 23:35:47 891240 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-09-04 23:35:47 866664 ----a-w- C:\Windows\System32\nv3dappshext.dll 2013-09-04 23:35:47 63336 ----a-w- C:\Windows\System32\nvshext.dll 2013-09-04 23:35:47 6200680 ----a-w- C:\Windows\System32\nvcpl.dll 2013-09-04 23:35:47 55144 ----a-w- C:\Windows\System32\nv3dappshextr.dll 2013-09-04 23:35:47 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-09-04 23:35:47 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-09-04 23:35:47 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll 2013-09-04 23:35:47 118120 ----a-w- C:\Windows\System32\nvmctray.dll 2013-09-04 23:35:16 -------- d-----w- C:\temp 2013-09-04 23:35:05 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2013-09-04 23:34:56 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2013-09-04 23:34:33 973672 ----a-w- C:\Windows\System32\nvumdshimx.dll 2013-09-04 23:34:33 831848 ----a-w- C:\Windows\SysWow64\nvumdshim.dll 2013-09-04 23:34:33 2731880 ----a-w- C:\Windows\System32\nvapi64.dll 2013-09-04 23:34:33 247144 ----a-w- C:\Windows\System32\nvinitx.dll 2013-09-04 23:34:33 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll 2013-09-04 23:34:33 202600 ----a-w- C:\Windows\SysWow64\nvinit.dll 2013-09-04 23:34:33 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll 2013-09-04 23:34:33 1482600 ----a-w- C:\Windows\System32\nvdispgenco64.dll 2013-09-04 23:34:29 -------- d-----w- C:\Program Files\NVIDIA Corporation 2013-09-04 23:33:58 -------- d-----w- C:\Program Files\Common Files\Intel 2013-09-04 23:33:57 -------- d-----w- C:\Program Files (x86)\Common Files\Intel 2013-09-04 23:33:44 56832 ----a-w- C:\Windows\System32\OpenCL.DLL 2013-09-04 23:33:44 56320 ----a-w- C:\Windows\SysWow64\OpenCL.DLL 2013-09-04 23:32:10 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-09-04 23:32:10 683664 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys 2013-09-04 23:31:23 825344 ----a-w- C:\Windows\System32\drivers\btmhsf.sys 2013-09-04 23:31:23 55848 ----a-w- C:\Windows\System32\drivers\iBtFltCoex.sys 2013-09-04 23:31:23 110592 ----a-w- C:\Windows\System32\drivers\btmaux.sys 2013-09-04 23:27:48 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2013-09-04 23:27:42 -------- d-----w- C:\Intel . ==================== Find3M ==================== . 2013-09-05 00:07:04 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2013-09-05 00:07:04 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2013-09-04 23:44:51 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-09-04 23:44:51 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-09-04 23:44:37 955888 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-09-04 23:44:37 839152 ----a-w- C:\Windows\System32\deployJava1.dll 2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-07-26 05:13:28 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-07-26 05:13:28 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-07-26 03:13:15 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-07-26 00:54:34 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll 2013-07-13 06:18:21 337408 ----a-w- C:\Windows\System32\wintrust.dll 2013-07-13 06:16:06 68096 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-07-13 06:16:06 1889280 ----a-w- C:\Windows\System32\crypt32.dll 2013-07-13 06:15:53 98304 ----a-w- C:\Windows\System32\apprepsync.dll 2013-07-13 06:15:53 124416 ----a-w- C:\Windows\System32\apprepapi.dll 2013-07-13 04:24:58 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll 2013-07-13 04:23:11 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-07-13 04:23:03 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll 2013-07-13 04:23:03 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll 2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys 2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys 2013-06-27 09:57:42 172920 ----a-w- C:\Windows\System32\drivers\idmwfp.sys . ============= FINISH: 21:55:12.03 ===============
  11. monyet
    Hello guys, How to delete file name ~dfg708.tmp at temp int folder. I scan with malwarebytes and detect PUM registry and it says 3 items with disable antivirus + firewall + security update. Everytime i format my pc, these always comming back. Is it possible injected through a web based game? Since i use this computer only for play that game. Is it possible someone going to hack my pasword through thos file... And also google chrome star ackting strange with high usage mem. The last think my av didnt work like used to be. Anyone could help me pls... Thanks in advanced...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.