ep0cs

Your assistance is requested to deal with an infection on my Sony VAIO laptop. On booting the machine on 3 Jan, a SysTray pop-up asked whether I wanted to 'backup my key for encrypted files', and a Windows Account Control window asked whether to allow cmd.exe to run C:\ProgramData\{$5096-7835-3933-7043-2539$}\4813394.exe - I declined both. My McAfee Internet Security flagged up a GTI detection of Artemis!<fingerprint> on that same file; it has since flagged up further Artemis alerts with varying fingerprints. The infection seems to be preventing any web access (although other protocols such as ping, ftp, smtp, still work), and IE10 will not run (or if I touch an email with web content, Outlook hangs), so I am having to download tools on to my home desktop machine and transfer them to the laptop by USB stick. I have run MBAM, although it spends several minutes before giving up on web access trying to check for updates, so I have only been able to run with the reference rules from 275 days ago. MBAM scanner reports detecting PUM.UserWLoad and Trojan.Ransom registry values in HKCU\SOFTWARE\Windows NT\Windows|Load, but these don't seem to get deleted upon reboot. MBAM also reported Trojan.Agents on a files C:\ProgramData\12746386487231648723648726384.exe, 2345234523452345.exe and 857499941.exe, which it says were quarantined and deleted successfully. Although those files appear to have been removed from the \ProgramData\ folder, similarly named files (without the .exe extension) still exist in the following subfolders, all of which seem to be associated (similar datetime stamps):- C:\ProgramData\REGVIEW\ contains 12746386487231648723648726384 as well as a copy of the 4813394.exe previous mentioned at the top and identically sized files regview.exe and file1314.exe (which is hidden); C:\ProgramData\{$5096-7835-3933-7043-2539$}\ contains 857499941 as well regview.exe (slightly bigger) and file1314.exe (which is hidden); C:\ProgramData\GraphicsDriver\ contains 2345234523452345 I have run MBAM again (after a similar delay), and MBAM scanner still reports detecting PUM.UserWLoad and Trojan.Ransom registry values in HKCU\SOFTWARE\Windows NT\Windows|Load. I have downloaded and run DDS.com, then transferred the logs back to my desktop and pasted them below. Your help would be greatly appreciated. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16750 Run by User at 12:16:59 on 2014-01-06 Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.3995.2335 [GMT 0:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\AuthenTec TrueSuite\TouchControl.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe C:\Windows\Explorer.EXE C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\WLANExt.exe C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\McAfee\MSC\McAPExe.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\rundll32.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intuit\QuickBooks 2012\QBHelp.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Care\VCSystemTray.exe C:\Program Files\Sony\VAIO Update\VUAgent.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files\Sony\VAIO Care\VCAdmin.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uSearch Bar = Preserve uProxyOverride = <local> uWindows: Load = C:\Users\User\LOCALS~1\Temp\msauyri.scr mWinlogon: Userinit = userinit.exe, BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" mRun: [intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SONYMS~1.LNK - C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\341637161467961647F62756 : DHCPNameServer = 80.93.143.42 80.93.143.44 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\3427F677E656D205C616A716D264275656D294E6475627E65647 : DHCPNameServer = 10.0.0.1 10.0.0.1 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\3514C4140234F4E4655474E4940234143514021465941445F42554 : DHCPNameServer = 80.93.143.42 80.93.143.44 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\6594547505F494E44523 : DHCPNameServer = 194.168.8.123 194.168.4.123 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\8686F6E6F62737 : DHCPNameServer = 172.16.2.5 8.8.8.8 TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\8686F6E6F62737D2075726C69636 : DHCPNameServer = 172.16.2.5 8.8.8.8 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [McAfeeWrapperApplication] "C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe" x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned> x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-12 16152] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-8-15 782360] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-8-15 343696] R1 MOBK649Filter;MOBK649Filter;C:\Windows\System32\drivers\MOBK649.sys [2012-4-26 66040] R2 ActiveDelayDeviceService;ActiveDelayDeviceService;C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [2012-4-26 78472] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-11 135952] R2 FPLService;TrueSuiteService;C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2012-2-20 300360] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-26 13592] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-26 2429544] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448] R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-4-26 127320] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-4-26 162648] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-4-16 201304] R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-10-17 178048] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-10-17 1025232] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe [2012-4-26 219272] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-26 182752] R2 MOBK649backup;McAfee Online Backup Service;C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [2011-4-18 223544] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-26 362840] R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-4-26 535688] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-4-26 967256] R2 WDBtnMgrSvc.exe;WD Drive Manager Service;C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-7-24 118272] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584] R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2011-8-19 1050016] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-8-15 70112] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-5 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-12 356120] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-12 788760] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-2-28 25496] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-8-15 311120] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-8-15 519576] R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-26 676968] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-16 14336] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-4-16 1368624] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696] S2 CLKMSVC10_9EC60124;CyberLink Product - 2013/09/22 18:57:32;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2013-4-26 247768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720] S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-10-17 197704] S3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-2-28 34232] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-1-4 36680] S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-26 225216] S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-3-30 237328] S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-26 19456] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-26 340072] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-26 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-26 30208] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-17 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam.sys [2008-7-10 14464] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-4-16 201304] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2014-01-04 15:46:24 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-01-04 12:23:56 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes 2014-01-04 12:23:46 -------- d-----w- C:\ProgramData\Malwarebytes 2014-01-04 12:23:45 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-04 12:23:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-04 12:18:14 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics 2014-01-04 12:10:08 -------- d-----w- C:\Utilities 2014-01-04 12:09:19 -------- d-----w- C:\Program Files (x86)\stinger 2014-01-03 21:31:02 -------- d--h--w- C:\ProgramData\REGVIEW 2014-01-03 10:11:30 -------- d--h--w- C:\ProgramData\{$5096-7835-3933-7043-2539$} 2014-01-03 09:39:09 -------- d--h--w- C:\ProgramData\GraphicsDriver 2014-01-02 17:29:03 -------- d-----w- C:\Users\User\AppData\Roaming\Xuim 2014-01-02 17:29:03 -------- d-----w- C:\Users\User\AppData\Roaming\Xorita 2014-01-02 17:29:03 -------- d-----w- C:\Users\User\AppData\Roaming\Utsera 2013-12-31 17:50:36 -------- d-----w- C:\Users\User\AppData\Roaming\Xewaug 2013-12-31 17:50:36 -------- d-----w- C:\Users\User\AppData\Roaming\Muufs 2013-12-31 17:50:36 -------- d-----w- C:\Users\User\AppData\Roaming\Dauv 2013-12-31 17:49:44 -------- d-----w- C:\Users\User\AppData\Local\{2E8208B2-08DE-5661-09CA-8B33E8667ADA} 2013-12-31 17:49:43 -------- d-----w- C:\Users\User\AppData\Local\{34B98603-871F-A8C8-4C4C-8B2A2B10BD7E} 2013-12-26 09:53:44 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-26 09:53:44 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-26 09:53:44 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2013-12-26 09:53:43 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2013-12-26 09:45:49 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-12-26 09:45:49 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-12-26 09:45:48 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-12-26 09:45:46 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-12-26 09:45:45 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll 2013-12-26 09:45:27 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-12-26 09:45:27 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-12-26 09:44:51 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-12-26 09:44:51 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-12-26 09:44:47 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-26 09:44:47 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys 2013-12-26 09:43:05 202752 ----a-w- C:\Windows\System32\scrrun.dll 2013-12-26 09:43:05 156160 ----a-w- C:\Windows\System32\cscript.exe 2013-12-26 09:43:05 150016 ----a-w- C:\Windows\System32\wshom.ocx 2013-12-26 09:43:05 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx 2013-12-26 09:43:04 168960 ----a-w- C:\Windows\System32\wscript.exe 2013-12-26 09:43:04 141824 ----a-w- C:\Windows\SysWow64\wscript.exe 2013-12-26 09:43:03 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll 2013-12-26 09:43:03 126976 ----a-w- C:\Windows\SysWow64\cscript.exe . ==================== Find3M ==================== . 2013-12-11 19:37:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-11 19:37:27 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-26 22:07:44 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys 2013-11-26 22:07:22 96112 ----a-w- C:\Windows\System32\drivers\mfencrk.sys 2013-11-26 22:07:02 411944 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys 2013-11-16 19:54:41 20992 ----a-w- C:\Windows\jestertb.dll 2013-11-04 16:51:44 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2013-11-04 16:46:34 343696 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2013-11-04 16:46:16 182752 ----a-w- C:\Windows\System32\mfevtps.exe 2013-11-04 16:43:04 782360 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2013-11-04 16:41:22 519576 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2013-11-04 16:40:00 311120 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2013-11-04 16:39:20 179792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys 2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll 2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll 2013-10-25 06:17:52 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-10-25 06:17:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-10-25 04:43:38 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-10-25 04:43:38 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-10-25 04:07:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-10-25 03:41:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-10-25 03:17:49 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-10-25 02:49:34 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL . ============= FINISH: 12:17:39.70 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume3 Install Date: 03/04/2013 10:55:54 System Uptime: 06/01/2014 10:43:40 (2 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 299 GiB total, 235.815 GiB free. D: is CDROM () E: is FIXED (NTFS) - 278 GiB total, 254.944 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP54: 06/12/2013 22:35:57 - Scheduled Checkpoint RP55: 15/12/2013 14:04:38 - Scheduled Checkpoint RP56: 23/12/2013 10:13:56 - Scheduled Checkpoint RP57: 26/12/2013 09:46:00 - Windows Update RP58: 02/01/2014 13:41:32 - Scheduled Checkpoint . ==== Installed Programs ====================== . ????? Windows Live ?????? Windows Live ??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ?????????? ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? ???????? ?????????? Windows Live ?????????? Windows Live ??????????? ?? Windows Live ???????????? Windows Live ACID Music Studio 8.0 ActiveX-kontroll för fjärranslutningar för Windows Live Mesh ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? Adobe Acrobat X Standard - English, Français, Deutsch Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.8) MUI Aloha TriPeaks Altova XMLSpy® 2013 rel. 2 sp2 Professional Edition ArcSoft WebCam Companion 4 AuthenTec TrueSuite AuthenTec WinBio FingerPrint Software Basic PAYE Tools - Real Time Information BBC iPlayer Desktop Bejeweled 3 Bing Bar Build-a-lot 2 Chuzzle Deluxe Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX Windows Live Mesh pentru conexiuni la distan?a Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink PowerDVD D3DX10 Data Lifeguard Diagnostic for Windows Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dolby Home Theater v4 DVD Architect Studio 5.0 Evernote v. 4.5.2 FDUx86 FileZilla Client 3.7.3 Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live HP FWUpdateEDO2 HP Officejet Pro 8100 Basic Device Software HP Officejet Pro 8100 Help HP Update HPDiagnosticAlert Intel PROSet Wireless Intel® Management Engine Components Intel® OpenCL CPU Runtime Intel® Processor Graphics Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® WiDi Intel® Wireless Display Intel® AT Service signup Intel® PROSet/Wireless WiFi Software Intel® Trusted Connect Service Client Java Auto Updater Java 7 Update 1 Java 7 Update 1 (64-bit) Jewel Match 3 Jewel Quest II Junk Mail filter update Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave KUx86 Mahjongg Artifacts Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Internet Security McAfee Online Backup Media Go Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT MSVCRT Redists MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Mystery P.I. - The London Caper Notepad++ Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia PlayStation®Network Downloader PlayStation®Store Poczta uslugi Windows Live Podstawowe programy Windows Live Pošta Windows Live PYV_x86 QuickBooks QuickBooks Pro 2012 Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek PCIE Card Reader S?????? f?t???af??? t?? Windows Live Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared C Run-time for x64 Skype™ 5.10 Sound Forge Audio Studio 10.0 SSLx64 SSLx86 St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Synaptics Pointing Device Driver TriDef 3D (Sony) 2.0.5 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Update Installer for WildTangent Games App Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi V3DPx86 VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 VAIO 3D Portal VAIO Care VAIO Control Center VAIO CPU Fan Diagnostic VAIO Data Restore Tool VAIO Easy Connect VAIO Gate VAIO Gate Default VAIO Gesture Control VAIO Improvement VAIO Improvement Validation VAIO Manual VAIO Smart Network VAIO Transfer Support VAIO Update VBMx86 VCCx64 VCCx86 Vegas Movie Studio HD Platinum 11.0 VGClientX64 VGClientX86 VHD VIx64 VIx86 VMLx86 VPMx64 VSNx64 VSNx86 VSSTx64 VSSTx86 VU5x64 VU5x86 VWSTx86 WD Drive Manager (x64) WildTangent Games WildTangent Games App Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotogaléria Windows Live Fotograf Galerisi Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz Windows Live Mesh ActiveX Control for Remote Connections Windows Live Meshin etäyhteyksien ActiveX-komponentti Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennustyökalu Windows Liven sähköposti Windows Liven valokuvavalikoima XAMPP 1.8.1-0 . ==== Event Viewer Messages From Past Week ======== . 04/01/2014 19:27:18, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 04/01/2014 15:44:51, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:21:05, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 04/01/2014 15:21:05, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51} 04/01/2014 15:19:02, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 04/01/2014 15:17:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 04/01/2014 15:17:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 04/01/2014 15:17:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 04/01/2014 15:17:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 04/01/2014 15:17:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 04/01/2014 15:17:02, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk MOBK649Filter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 04/01/2014 15:17:02, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:02, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:02, Error: Service Control Manager [7001] - The McAfee Anti-Malware Core service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 15:17:01, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04/01/2014 14:03:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06} 04/01/2014 12:18:47, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 04/01/2014 12:17:20, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MOBK649Filter spldr Wanarpv6 04/01/2014 00:26:17, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service. 03/01/2014 13:36:33, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 03/01/2014 09:57:52, Error: Service Control Manager [7023] - The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error: %%-2147196306 01/01/2014 16:03:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 01/01/2014 11:46:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect. 01/01/2014 11:40:06, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ActiveDelayDeviceService service. 01/01/2014 11:39:35, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 01/01/2014 11:33:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 01/01/2014 11:33:03, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================