As part of my periodical meintenance I've just updated MBAM and ran a scan. It reported the following item:
Files Infected:
c:\Users\Bartybum\downloads\lockerz_money_generator.exe (Trojan.Agent) -> No action taken.
Before I allow MBAM to remove this file I'd like to make sure it hasn't done any more damage. The name in brackets sounds scary. That file has been living on the system for about half a year now. As far as I know it was only run a few times just after being foolishly donloaded, and not touched since then. All previous MBAM scans haven't indicated any problems. One of the recent updates must have triggered the alarm.
Please kindly help to clean this PC. Below are obligatory DDS logs.
Kind Regards
wojmur
.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by admin at 19:28:08.15 on Mon 28/03/2011
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4087.2797 [GMT 11:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Rebit 5\Rebit-5-Svc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Rebit 5\DashUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Palm\Hotsync.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\admin\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:
\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files
(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - C:\Program Files
(x86)\LastPass\LPBar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:
\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files
(x86)\Java\jre6\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass
\LPBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver
\Application\nusb3mon.exe"
mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program
Files (x86)\Palm\Hotsync.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: LastPass - file://C:\Program Files (x86)\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://C:\Program Files (x86)\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program
Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program
Files (x86)\LastPass\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program
Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24
-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} -
hxxp://www.worldwinner.com/games/launch ... wwload.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24
-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24
-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vralisausydhb11.connectge.com/dana-
cached/sc/JuniperSetupClient.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files
\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:
\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:
\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program
Files (x86)\LastPass\LPBar64.dll
BHO-X64: LastPass Browser Helper Object - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:
\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
TB-X64: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files
(x86)\LastPass\LPBar64.dll
mRun-x64: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [Rebit 5 Dashboard] "C:\Program Files\Rebit 5\DashUI.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:
\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2281q640.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2009-12-4 93808]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-6
-18 188928]
R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2010-2-21 306648]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
[2009-12-4 3505264]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus
\FWService.exe [2010-2-21 818432]
R2 Rebit-5-Svc;Rebit 5 Svc;C:\Program Files\Rebit 5\Rebit-5-Svc.exe [2011-3-15 4902648]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-1-
11 399416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA
Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys
[2009-6-18 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10
-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware
\NisSrv.exe [2010-11-11 282616]
R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.;C:\Windows
\System32\drivers\OEM03Afx.sys [2007-6-8 212864]
R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver;C:\Windows\System32\drivers\OEM03Vfx.sys
[2007-3-5 12288]
R3 OEM03Vid;Creative Camera OEM003 Driver;C:\Windows\System32\drivers\OEM03Vid.sys [2007-4-25
266944]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;C:\Windows\System32\drivers
\pctNdis-PacketFilter64.sys [2010-2-21 95504]
R3 pctNDIS;PC Tools Driver;C:\Windows\System32\drivers\pctNdis64.sys [2010-2-21 81584]
R3 pctplfw;pctplfw;C:\Windows\System32\drivers\pctplfw64.sys [2010-2-21 164496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-20 347680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows
\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows
\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[2010-9-26 136176]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid
Storage Technology\IAStorDataMgrSvc.exe [2010-11-6 13336]
S2 RebitSysMonSvc;Rebit System Monitor;C:\Program Files (x86)\Rebit\bin\RebitSysMon.exe --> C:
\Program Files (x86)\Rebit\bin\RebitSysMon.exe [?]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2010-1-5 12744]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2010-2-9 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2010-2-9 30528]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:
\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2009-11
-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers
\nusb3xhc.sys [2009-11-20 177152]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared
\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-1-11
993848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-15 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe
[2010-4-14 1255736]
.
=============== Created Last 30 ================
.
2011-03-28 08:17:43 8424784 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware
\Definition Updates\{EC5B5FB6-03BB-446F-9411-AA17B1CD906C}\mpengine.dll
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iTunes
2011-03-28 08:05:18 -------- d-----w- C:\Program Files\iPod
2011-03-28 08:05:18 -------- d-----w- C:\Program Files (x86)\iTunes
2011-03-28 08:04:04 -------- d-----w- C:\Program Files\Bonjour
2011-03-28 08:04:04 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-03-28 07:54:21 -------- d-----w- C:\Users\admin\AppData\Local\Secunia PSI
2011-03-25 20:50:32 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware
\Definition Updates\NISBackup\gapaengine.dll
2011-03-25 20:50:29 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware
\Definition Updates\{7F8A2624-FE42-4754-AB36-ECE99E1CA7BA}\gapaengine.dll
2011-03-15 13:02:09 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-03-15 13:02:09 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-03-15 12:42:49 -------- d-----w- C:\Windows\System32\SPReview
2011-03-15 12:42:39 -------- d-----w- C:\Windows\System32\EventProviders
2011-03-15 12:40:59 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-03-15 12:39:59 90112 ----a-w- C:\Windows\SysWow64\olepro32.dll
2011-03-15 12:37:53 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-03-15 12:37:53 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-03-15 12:37:53 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-03-15 12:37:45 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-03-15 12:37:42 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-03-15 12:37:09 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-03-15 12:37:09 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-03-13 10:19:57 12067528 ----a-w- C:\Program Files (x86)\Common Files
\lpuninstall.exe
2011-03-13 10:19:53 -------- d-----w- C:\Program Files (x86)\LastPass
2011-03-13 10:11:59 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\components\browsercomps.dll
2011-03-13 10:11:58 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\mozsqlite3.dll
2011-03-13 10:11:58 728024 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\libGLESv2.dll
2011-03-13 10:11:58 1975768 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\D3DCompiler_42.dll
2011-03-13 10:11:58 1893336 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\d3dx9_42.dll
2011-03-13 10:11:58 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-13 10:11:58 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox
\mozalloc.dll
2011-03-13 10:11:58 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-03-10 12:14:07 -------- d-----w- C:\Program Files\Rebit 5
2011-03-10 12:13:48 -------- d-----w- C:\PROGRA~3\Rebit 5
2011-02-27 12:33:50 -------- d-----w- C:\Windows\System32\.working
.
==================== Find3M ====================
.
2011-03-15 12:47:56 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-03-15 12:47:56 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-02-26 09:10:47 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-02 10:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-07 12:17:52 475648 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 12:17:52 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-01-07 12:14:11 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 09:51:01 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-01-07 09:49:34 795752 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll
2011-01-07 09:49:28 6143080 ----a-w- C:\Windows\System32\nvcpl.dll
2011-01-07 09:49:10 3156072 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-01-07 09:48:58 61032 ----a-w- C:\Windows\System32\nvshext.dll
2011-01-07 09:48:58 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-01-07 09:48:58 1005160 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-01-07 09:20:44 366592 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 07:46:34 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-01-07 07:46:34 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-01-07 07:45:57 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 06:01:22 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-01-07 05:43:36 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 10:34:00 612864 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 06:56:24 3129344 ----a-w- C:\Windows\System32\win32k.sys
2011-01-05 05:55:55 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
.
============= FINISH: 19:30:10.62 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 31/12/2009 12:22:18 AM
System Uptime: 28/03/2011 7:26:23 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P55A-UD4P
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | Socket 1156 | 2661/148mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 701.807 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Description: ATITool Driver
Device ID: ROOT\*ATITOOLDEVICE\0000
Manufacturer: W1zzard
Name: ATITool Driver
PNP Device ID: ROOT\*ATITOOLDEVICE\0000
Service: ATITool
.
Class GUID:
Description: Marvell 91xx Config ATA Device
Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Manufacturer:
Name: Marvell 91xx Config ATA Device
PNP Device ID: IDE\PROCESSORMARVELL_91XX_CONFIG_____________________1.01____\6&2194DD24&0&1.1.0
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
@BIOS
Addit! Pro For Flight Simulator X
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Alien Swarm
Alphasim Westland Lynx Modified for FSX
Apple Application Support
Apple Software Update
Assassin's Creed
Assassin's Creed II
Auslogics Disk Defrag
Boeing 797 Build 1.0
CDBurnerXP
Cities XL
Cities XL 2011
City Life 2008 Demo
Combat Arms
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
DiRT 2
Easy Tune 6 B10.0130.1
FlatOut Demo
Flight Control HD
Foxit Reader
FSX Project Rhino 58
Garry's Mod
GIMP 2.6.11
Google Earth Plug-in
Google SketchUp 7
Google Update Helper
Half-Life
Half-Life 2: Episode One
Half-Life 2: Episode Two
Halo 2 for Windows Vista
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 24
Juniper Networks Host Checker
Juniper Networks Network Connect 6.3.0
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Just Cause 2
LastPass (uninstall only)
Lead and Gold - Gangs of the Wild West
LEGO Digital Designer
Mafia II - Demo
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 4.0 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NEC Electronics USB 3.0 Host Controller Driver
Need for Speed™ Carbon
Need for Speed™ ProStreet
Need For Speed™ World
neroxml
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Palm Desktop by ACCESS
Pando Media Booster
PC Tools Firewall Plus 6.0
Portal: First Slice
Prototype(TM)
QuickTime
Rail Simulator
Rapture3D 2.3.26 Game
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
RollerCoaster Tycoon 3 Platinum
Secunia PSI (2.0.0.3001)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Shattered Horizon
Ship Simulator Extremes Demo
SimCity 3000
Skype web features
Skype™ 4.2
SpeedFan (remove only)
Star Wars Battlefront
Steam
System Requirements Lab
System Requirements Lab for Intel
Tilt Rotor (FSX)
Trainz Paint Shed
TrainzObjectz 6.0 Build 544
TRS2004
Ubisoft Game Launcher
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2289116)
Wilson River Scenery FSX 1.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Wings of Prey - Demo
.
==== Event Viewer Messages From Past Week ========
.
28/03/2011 7:27:02 PM, Error: Service Control Manager [7000] - The Rebit System Monitor service
failed to start due to the following error: The system cannot find the file specified.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000
milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
28/03/2011 7:22:14 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in
Assistant service failed to start due to the following error: The service did not respond to the
start or control request in a timely fashion.
28/03/2011 7:05:20 PM, Error: Service Control Manager [7032] - The Service Control Manager tried
to take a corrective action (Restart the service) after the unexpected termination of the Apple
Mobile Device service, but this action failed with the following error: An instance of the
service is already running.
28/03/2011 7:04:20 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service
terminated unexpectedly. It has done this 2 time(s). The following corrective action will be
taken in 60000 milliseconds: Restart the service.
28/03/2011 7:04:11 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service
terminated unexpectedly. It has done this 1 time(s). The following corrective action will be
taken in 60000 milliseconds: Restart the service.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000
milliseconds) while waiting for the NVIDIA Stereoscopic 3D Driver Service service to connect.
28/03/2011 6:39:37 PM, Error: Service Control Manager [7000] - The NVIDIA Stereoscopic 3D Driver
Service service failed to start due to the following error: The service did not respond to the
start or control request in a timely fashion.
24/03/2011 6:12:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000
milliseconds) while waiting for the Blue Coat K9 Web Protection service to connect.
24/03/2011 6:09:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000
milliseconds) while waiting for the Steam Client Service service to connect.
24/03/2011 6:09:53 PM, Error: Service Control Manager [7000] - The Steam Client Service service
failed to start due to the following error: The service did not respond to the start or control
request in a timely fashion.
23/03/2011 8:35:38 PM, Error: bowser [8003] - The master browser has received a server
announcement from the computer YOSHISLAPTOP that believes that it is the master browser for the
domain on transport NetBT_Tcpip_{15A908CA-E9FB-4F86-8125-CF9E50434470}. The master browser is
stopping or an election is being forced.
22/03/2011 9:33:48 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while
attempting to read the local hosts file.
21/03/2011 7:13:27 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds)
was reached while waiting for a transaction response from the ShellHWDetection service.
.
==== End Of File ===========================