Hi Carolyn,
Hope I've followed your instruction correctly.
As you can see there are 2 gmer logs. After I had finished the first gmer scan Vista came up with a warning window stating that "Gmer had not loaded properly & would I like to try reinstalling the program again". I clicked yes. The 2nd gmer log is the last file on this page.
I'm off to bed as it's 22.43 in the U.K. and I've been up since 05.00 this morning!
Many thanks again for your help, hope to speak to you Friday.
Jim
DDS (Ver_09-01-07.01) - NTFSx86
Run by sony laptop at 22:26:30.88 on 08/01/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2046.1159 [GMT 0:00]
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Belkin\Wire Mouse Driver\Mouse32A.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\sony laptop\Desktop\dds.com
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
hxxp://www.google.comuStart Page =
hxxp://www.leicestergirlsleague.co.uk/index.aspuSearch Bar =
hxxp://www.google.com/iemDefault_Page_URL =
hxxp://www.club-vaio.comBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [AppMon Utility] "c:\program files\sony\appmonutil\AppMonUtility.exe" @@@Start
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [LWBMOUSE] c:\program files\belkin\wire mouse driver\MOUSE32A.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [CTCheck] c:\program files\creative\creative zen\zen media explorer\CTCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
TCP: NameServer = 85.255.113.93;85.255.112.210
TCP: {D6A6465D-7E1B-4D70-9DC3-3935024A8476} = 85.255.113.93;85.255.112.210
TCP: {E41D7A99-7D3F-469F-B589-BD87931F8545} = 85.255.113.93;85.255.112.210
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\sonyla~1\appdata\roaming\mozilla\firefox\profiles\lne6jb3r.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.leicestergirlsleague.co.uk/index.aspFF - prefs.js: keyword.URL -
hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=FF - component: c:\program files\mozilla firefox\components\iamfamous.dll
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.01.01
============= SERVICES / DRIVERS ===============
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-7-1 34312]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-5-21 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-5-21 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-5-21 31104]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-4-23 812544]
R4 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-7-1 468224]
R4 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-2-26 29183504]
R4 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
S3 AVerM115S;AVerM115S service;c:\windows\system32\drivers\AVerM115S.sys [2007-5-21 785280]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-12-5 10976]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-1-8 38496]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2008-12-5 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2008-12-5 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2008-12-5 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2008-12-5 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2008-12-5 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2008-12-5 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2008-12-5 115752]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2008-11-23 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2008-11-23 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2008-11-23 1089536]
=============== Created Last 30 ================
2009-01-08 22:13 250 a------- c:\windows\gmer.ini
2009-01-08 20:14 <DIR> --d----- c:\users\sonyla~1\appdata\roaming\Malwarebytes
2009-01-08 20:14 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-08 20:14 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-08 20:14 <DIR> --d----- c:\programdata\Malwarebytes
2009-01-08 20:14 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-08 20:14 <DIR> --d----- c:\progra~2\Malwarebytes
2009-01-04 15:21 <DIR> --d----- c:\program files\Trend Micro
2009-01-03 22:26 <DIR> --d----- C:\7339935329a444ff9cda1de3
2009-01-03 22:14 244 a---h--- C:\sqmnoopt00.sqm
2009-01-03 22:14 232 a---h--- C:\sqmdata00.sqm
2009-01-02 22:07 <DIR> --d----- c:\program files\ESET
2008-12-31 08:48 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2008-12-31 08:48 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2008-12-31 08:08 <DIR> --d----- c:\program files\AVG
2008-12-31 08:08 <DIR> --d----- c:\programdata\avg8
2008-12-31 08:08 <DIR> --d----- c:\progra~2\avg8
2008-12-31 00:09 <DIR> --d----- c:\program files\Anti Trojan Elite
2008-12-25 09:38 56 a---h--- c:\programdata\ezsidmv.dat
2008-12-25 09:38 56 a---h--- c:\progra~2\ezsidmv.dat
2008-12-22 22:50 107,888 a------- c:\windows\system32\CmdLineExt.dll
2008-12-22 21:57 22,328 a------- c:\users\sonyla~1\appdata\roaming\PnkBstrK.sys
2008-12-22 21:57 107,832 a------- c:\windows\system32\PnkBstrB.exe
2008-12-22 21:57 66,872 a------- c:\windows\system32\PnkBstrA.exe
2008-12-22 20:02 133,120 a------- c:\windows\system32.exe
2008-12-22 20:02 20,480 a------- c:\windows\kernel32.exe
2008-12-22 19:06 <DIR> --d----- c:\program files\UseNeXT
2008-12-22 00:06 <DIR> --d----- c:\programdata\Roxio
2008-12-14 23:00 1,414,440 a------- c:\windows\system32\ShellManager310E2D762.dll
2008-12-14 23:00 773,120 a------- c:\windows\system32\NEROINSTAEC43759.DB
2008-12-14 16:52 <DIR> --d----- c:\programdata\eMule
2008-12-14 16:52 <DIR> --d----- c:\progra~2\eMule
2008-12-14 16:50 <DIR> --d----- c:\program files\eMule
2008-12-14 14:39 222 a------- c:\windows\FinalUninstall.ini
2008-12-14 14:38 <DIR> --d----- c:\program files\FinalUninstaller
2008-12-14 14:34 <DIR> --d----- c:\windows\Profiles
2008-12-13 11:33 255 a------- C:\autorun.inf.vir
2008-12-13 11:32 <DIR> --d----- c:\program files\extravideo
2008-12-13 11:32 <DIR> --dshr-- C:\resycled
2008-12-13 10:20 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-12-13 10:09 7,062 a------- c:\windows\system32\audiopid.vxd
2008-12-13 10:09 53,248 -------- c:\windows\Ctregrun.exe
2008-12-13 10:08 417,792 a------- c:\windows\system32\awrdscdc.ax
2008-12-13 10:08 24,576 -------- c:\windows\system32\msxml3a.dll
2008-12-13 10:08 <DIR> --d----- c:\program files\Audible
2008-12-13 10:07 <DIR> --d----- c:\programdata\Creative
2008-12-13 10:06 <DIR> --d----- c:\program files\common files\Creative
2008-12-13 10:06 <DIR> --d-h--- c:\program files\Creative Installation Information
2008-12-13 10:06 <DIR> --d----- c:\program files\Creative
2008-12-11 22:51 2,560 a------- c:\windows\_MSRSTRT.EXE
2008-12-11 22:47 479,298 a------- c:\windows\system32\wbocx.ocx
2008-12-11 22:47 172,032 a------- c:\windows\system32\AniGIF.ocx
2008-12-11 22:47 50,688 a------- c:\windows\system32\wbhelp2.dll
2008-12-10 21:55 <DIR> --d----- c:\users\sonyla~1\appdata\roaming\EA
2008-12-10 21:19 <DIR> --d----- c:\users\sonyla~1\appdata\roaming\URSoft
2008-12-10 21:19 <DIR> a-d----- c:\programdata\TEMP
2008-12-10 17:02 2,048 a------- c:\windows\system32\tzres.dll
2008-12-10 16:56 296,960 a------- c:\windows\system32\gdi32.dll
==================== Find3M ====================
2009-01-07 18:39 64,601 a------- c:\users\sonyla~1\appdata\roaming\nvModes.dat
2008-12-13 11:23 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-05 21:47 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2008-12-05 21:39 143,360 a------- c:\windows\inf\infstrng.dat
2008-12-05 21:39 86,016 a------- c:\windows\inf\infstor.dat
2008-12-05 21:39 51,200 a------- c:\windows\inf\infpub.dat
2008-12-05 21:34 1,107,296 a------- c:\windows\system32\WdfCoInstaller01007.dll
2008-12-05 21:34 22,368 a------- c:\windows\system32\drivers\ggsemc.sys
2008-12-05 21:34 10,976 a------- c:\windows\system32\drivers\ggflt.sys
2008-11-29 11:26 174 a--sh--- c:\program files\desktop.ini
2008-11-29 11:16 665,600 a------- c:\windows\inf\drvindex.dat
2008-11-29 11:05 101,888 a------- c:\windows\system32\ifxcardm.dll
2008-11-29 11:05 82,432 a------- c:\windows\system32\axaltocm.dll
2008-11-24 18:55 269,312 a------- c:\windows\system32\es.dll
2008-11-23 12:36 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2008-11-23 12:36 272,896 a------- c:\windows\system32\polstore.dll
2008-11-23 12:36 61,440 a------- c:\windows\system32\winipsec.dll
2008-11-23 12:36 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2008-11-23 12:34 2,560 a------- c:\windows\apppatch\AcRes.dll
2008-11-23 12:34 1,695,744 a------- c:\windows\system32\gameux.dll
2008-11-23 12:30 428,544 a------- c:\windows\system32\EncDec.dll
2008-11-23 12:30 293,376 a------- c:\windows\system32\psisdecd.dll
2008-11-23 12:26 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2008-11-23 12:23 303,616 a------- c:\windows\system32\wmpeffects.dll
2008-11-23 12:23 2,032,640 a------- c:\windows\system32\win32k.sys
2008-11-23 12:22 1,191,936 a------- c:\windows\system32\msxml3.dll
2008-11-23 12:22 2,048 a------- c:\windows\system32\msxml3r.dll
2008-11-23 12:10 3,104,768 a------- c:\windows\system32\NlsData004e.dll
2008-11-23 12:09 6,656 a------- c:\windows\system32\kbd106n.dll
2008-11-23 12:08 988,216 a------- c:\windows\system32\winload.exe
2008-11-23 12:08 927,288 a------- c:\windows\system32\winresume.exe
2008-11-23 12:08 40,960 a------- c:\windows\system32\srclient.dll
2008-11-23 12:08 378,368 a------- c:\windows\system32\srcore.dll
2008-11-23 12:08 318,464 a------- c:\windows\system32\rstrui.exe
2008-11-23 12:08 46,592 a------- c:\windows\system32\setbcdlocale.dll
2008-11-23 12:08 19,000 a------- c:\windows\system32\kd1394.dll
2008-11-23 12:08 14,848 a------- c:\windows\system32\srdelayed.exe
2008-11-23 12:08 615,992 a------- c:\windows\system32\ci.dll
2008-11-23 12:07 288,768 a------- c:\windows\system32\drivers\srv.sys
2008-11-23 12:04 443,392 a------- c:\windows\system32\win32spl.dll
2008-11-23 12:04 37,888 a------- c:\windows\system32\printcom.dll
2008-11-23 12:04 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2008-11-23 12:04 14,848 a------- c:\windows\system32\wshrm.dll
2008-11-23 11:57 738,304 a------- c:\windows\system32\inetcomm.dll
2008-11-23 11:57 84,480 a------- c:\windows\system32\INETRES.dll
2008-11-23 11:56 1,314,816 a------- c:\windows\system32\quartz.dll
2008-11-23 11:54 3,601,464 a------- c:\windows\system32\ntkrnlpa.exe
2008-11-23 11:54 3,549,240 a------- c:\windows\system32\ntoskrnl.exe
2008-11-23 11:54 1,334,272 a------- c:\windows\system32\msxml6.dll
2008-11-23 11:54 2,048 a------- c:\windows\system32\msxml6r.dll
2008-11-23 09:03 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-11-23 09:03 83,456 a------- c:\windows\system32\wudriver.dll
2008-11-23 09:03 162,064 a------- c:\windows\system32\wuwebv.dll
2008-11-23 09:03 31,232 a------- c:\windows\system32\wuapp.exe
2008-11-23 08:36 0 a---hr-- c:\windows\system32\drivers\Sony_VGN-AR41L.mrk
2008-11-01 03:44 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-11-01 03:44 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2008-11-01 03:44 541,696 a------- c:\windows\apppatch\AcLayers.dll
2008-11-01 03:44 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2008-11-01 03:44 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-11-01 03:44 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-11-01 01:21 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 a------- c:\windows\explorer.exe
2008-10-22 03:57 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-10-21 05:25 1,645,568 a------- c:\windows\system32\connect.dll
2008-10-16 04:47 827,392 a------- c:\windows\system32\wininet.dll
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 22:26:45.25 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-01-07.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 23/11/2008 15:27:04
System Uptime: 01/08/2009 22:01:44 (-4920 hours ago)
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | N/A | 800/200mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 98 GiB total, 48.729 GiB free.
D: is Removable
E: is Removable
F: is FIXED (NTFS) - 41 GiB total, 10.331 GiB free.
G: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP553: 03/01/2009 22:18:25 - Scheduled Checkpoint
RP554: 04/01/2009 14:37:13 - Installed
RP555: 04/01/2009 14:37:52 - Installed
RP556: 04/01/2009 14:38:27 - Installed
RP557: 04/01/2009 14:39:01 - Installed
RP558: 04/01/2009 14:39:37 - Installed
RP559: 04/01/2009 14:40:12 - Installed
RP560: 04/01/2009 14:40:46 - Installed
RP561: 04/01/2009 14:41:18 - Installed
RP562: 04/01/2009 14:41:49 - Installed
RP563: 04/01/2009 14:42:25 - Installed
RP564: 04/01/2009 14:42:57 - Installed
RP565: 04/01/2009 14:43:28 - Installed
RP566: 04/01/2009 14:44:00 - Installed
RP567: 04/01/2009 14:44:36 - Installed
RP568: 04/01/2009 14:45:06 - Installed
RP569: 04/01/2009 14:45:41 - Installed
RP570: 04/01/2009 14:46:13 - Installed
RP571: 04/01/2009 14:46:44 - Installed
RP572: 04/01/2009 14:47:18 - Installed
RP573: 04/01/2009 14:47:48 - Installed
RP574: 04/01/2009 14:48:20 - Installed
RP575: 04/01/2009 14:48:42 - Installed
RP576: 04/01/2009 14:49:13 - Installed
RP577: 04/01/2009 14:49:41 - Installed
RP578: 04/01/2009 14:50:17 - Installed
RP579: 04/01/2009 14:50:56 - Installed
RP580: 04/01/2009 14:51:31 - Installed
RP581: 04/01/2009 14:52:05 - Installed
RP582: 04/01/2009 14:52:39 - Installed
RP583: 04/01/2009 14:53:26 - Installed
RP584: 04/01/2009 14:54:40 - Installed
RP585: 04/01/2009 14:55:46 - Installed
RP586: 04/01/2009 14:56:52 - Installed
RP587: 04/01/2009 14:57:52 - Installed
RP588: 04/01/2009 14:58:45 - Installed
RP589: 04/01/2009 14:59:27 - Installed
RP590: 04/01/2009 15:00:17 - Installed
RP591: 04/01/2009 15:00:56 - Installed
RP592: 04/01/2009 15:01:49 - Installed
RP593: 04/01/2009 15:02:28 - Installed
RP594: 04/01/2009 15:02:55 - Installed
RP595: 04/01/2009 15:04:02 - Removed SpyZooka
RP596: 06/01/2009 00:00:01 - Scheduled Checkpoint
RP597: 07/01/2009 - Scheduled Checkpoint
RP598: 08/01/2009 00:00:02 - Scheduled Checkpoint
==== Installed Programs ======================
"Nero SoundTrax Help
2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Adobe Shockwave Player
Apple Software Update
AppMon Utility
AudibleManager
Avanquest update
Belkin Wire Mouse Driver 3.82
Browser Address Error Redirector
Camera RAW Plug-In for EPSON Creativity Suite
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Creative Software AutoUpdate
Creative System Information
Creative ZEN
CX4300_5500_DX4400 manual
Disc2Phone
DSD Direct
DSD Playback Plug-in
EPSON-Drucker-Software
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
ESET NOD32 Antivirus
extravideo
GameHouse Games Collection: Academy of Magic
GameHouse Games Collection: Adventure Inlay
GameHouse Games Collection: Adventure Inlay - Safari Edition
GameHouse Games Collection: Air Strike 3D
GameHouse Games Collection: Alien Sky
GameHouse Games Collection: Aloha Solitaire
GameHouse Games Collection: Aloha TriPeaks
GameHouse Games Collection: Ancient Tri-Jong
GameHouse Games Collection: Ancient Tripeaks
GameHouse Games Collection: Astrobatics
GameHouse Games Collection: Atlantis
GameHouse Games Collection: Atomaders
GameHouse Games Collection: Bejeweled 2
GameHouse Games Collection: Bewitched
GameHouse Games Collection: Big Kahuna Reef
GameHouse Games Collection: Boggle Supreme
GameHouse Games Collection: Bounce Out Blitz
GameHouse Games Collection: Casino Island To Go
GameHouse Games Collection: Chainz
GameHouse Games Collection: Chainz 2 - Relinked
GameHouse Games Collection: Charm Solitaire
GameHouse Games Collection: Charm Tale
GameHouse Games Collection: Chicktionary
GameHouse Games Collection: Chuzzle Deluxe
GameHouse Games Collection: Collapse! Crunch
GameHouse Games Collection: Combo Chaos!
GameHouse Games Collection: Crystal Path
GameHouse Games Collection: Cubis Gold 2
GameHouse Games Collection: Digby's Donuts
GameHouse Games Collection: Diner Dash
GameHouse Games Collection: Feeding Frenzy
GameHouse Games Collection: Fiber Twig
GameHouse Games Collection: Five Card Deluxe
GameHouse Games Collection: Flip Words
GameHouse Games Collection: Flying Leo
GameHouse Games Collection: Fortune Tiles Gold
GameHouse Games Collection: Fresco Wizard
GameHouse Games Collection: GameHouse Sudoku
GameHouse Games Collection: Gearz
GameHouse Games Collection: Granny in Paradise
GameHouse Games Collection: Gutterball
GameHouse Games Collection: Gutterball 2
GameHouse Games Collection: Hamsterball
GameHouse Games Collection: Hello!
GameHouse Games Collection: Holiday Express
GameHouse Games Collection: Iggle Pop!
GameHouse Games Collection: Incadia
GameHouse Games Collection: Incredible Ink
GameHouse Games Collection: Insaniquarium Deluxe
GameHouse Games Collection: Inspector Parker
GameHouse Games Collection: Invadazoid
GameHouse Games Collection: Jewel Quest
GameHouse Games Collection: Lemonade Tycoon
GameHouse Games Collection: Luxor
GameHouse Games Collection: Mad Caps
GameHouse Games Collection: Magic Ball
GameHouse Games Collection: Magic Ball 2
GameHouse Games Collection: Magic Ball 2 - New Worlds
GameHouse Games Collection: Magic Inlay
GameHouse Games Collection: Magic Vines
GameHouse Games Collection: Mah Jong Adventures
GameHouse Games Collection: Mah Jong Medley
GameHouse Games Collection: Mah Jong Quest
GameHouse Games Collection: Mahjong Garden To Go
GameHouse Games Collection: Mahjong Towers Eternity
GameHouse Games Collection: Maui Wowee
GameHouse Games Collection: Phlinx To Go
GameHouse Games Collection: Pin High Country Club Golf
GameHouse Games Collection: Pizza Frenzy
GameHouse Games Collection: Platypus
GameHouse Games Collection: Poker Superstars
GameHouse Games Collection: Puzzle Express
GameHouse Games Collection: Puzzle Inlay
GameHouse Games Collection: Puzzle Solitaire
GameHouse Games Collection: QBz
GameHouse Games Collection: Reader's Digest Super Word Power
GameHouse Games Collection: Ricochet
GameHouse Games Collection: Ricochet Lost Worlds
GameHouse Games Collection: Ricochet Lost Worlds - Recharged
GameHouse Games Collection: Roller Rush
GameHouse Games Collection: Saints & Sinners Bingo
GameHouse Games Collection: SCRABBLE
GameHouse Games Collection: Shape Shifter
GameHouse Games Collection: Slingo Deluxe
GameHouse Games Collection: Spelvin
GameHouse Games Collection: Splash
GameHouse Games Collection: Spring Sprang Sprung
GameHouse Games Collection: Super 5-Line Slots
GameHouse Games Collection: Super Blackjack!
GameHouse Games Collection: Super Bounce Out!
GameHouse Games Collection: Super Candy Cruncher
GameHouse Games Collection: Super Collapse!
GameHouse Games Collection: Super Collapse! II
GameHouse Games Collection: Super Collapse! II Platinum
GameHouse Games Collection: Super Fruit Frolic
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
GameHouse Games Collection: Super Gem Drop
GameHouse Games Collection: Super Glinx!
GameHouse Games Collection: Super Letter Linker
GameHouse Games Collection: Super Mah Jong Solitaire
GameHouse Games Collection: Super Nisqually
GameHouse Games Collection: Super PileUp!
GameHouse Games Collection: Super Pool
GameHouse Games Collection: Super Pop & Drop!
GameHouse Games Collection: Super Rumble Cube
GameHouse Games Collection: Super SpongeBob Collapse!
GameHouse Games Collection: Super TextTwist
GameHouse Games Collection: Super WHATword
GameHouse Games Collection: Super Wild Wild Words
GameHouse Games Collection: Tap a Jam
GameHouse Games Collection: Ten Pin Championship Bowling Pro
GameHouse Games Collection: Tennis Titans
GameHouse Games Collection: Tradewinds 2
GameHouse Games Collection: Trivia Machine
GameHouse Games Collection: Tropical Swaps
GameHouse Games Collection: Tumblebugs
GameHouse Games Collection: Turtle Bay
GameHouse Games Collection: Twistingo
GameHouse Games Collection: Ultimate Dominoes
GameHouse Games Collection: Varmintz Deluxe
GameHouse Games Collection: Walls of Jericho, The
GameHouse Games Collection: Wheel of Fortune
GameHouse Games Collection: Word Jolt
GameHouse Games Collection: Word Slinger
GameHouse Games Collection: WordJong To Go
GameHouse Games Collection: Zuma Deluxe
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
ImagXpress
Intel(R) Matrix Storage Manager
Java(TM) 6 Update 11
Java(TM) SE Runtime Environment 6
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Movie Templates - Starter Kit
Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
Nero BurningROM
Nero BurnRights
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero ShowTime
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
Picasa 2
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Setting Utility Series
SigmaTel Audio
Skype™ 3.8
Smart Menus (Windows Live Toolbar)
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Ericsson Media Manager 1.2
Sony Ericsson PC Suite 4.006.00
Sony Utilities DLL
Sony Video Shared Library
SoundTrax
Synaptics Pointing Device Driver
Update for Microsoft Office 2007 Help for Common Features (KB957244)
Update for Microsoft Office Access 2007 Help (KB957241)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office InfoPath 2007 Help (KB957243)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Publisher 2007 Help (KB957249)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb958619)
Update Service
VAIO Aqua Breeze Wallpaper
VAIO AV Mode Launcher
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Content Importer VAIO Content Exporter
VAIO Content Importer / VAIO Content Exporter
VAIO Control Center
VAIO Cozy Orange Wallpaper
VAIO Data Restore Tool
VAIO Entertainment Platform
VAIO Event Service
VAIO Hardware Diagnostics
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO Original Screen Saver
VAIO Photo 2007
VAIO Power Management
VAIO Tender Green Wallpaper
VAIO Update 4
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Writer
WinDVD for VAIO
WinRAR archiver
Wireless Switch Setting Utility
ZEN Media Explorer
ZENcast Organizer
==== Event Viewer Messages From Past Week ========
02/01/2009 21:51:06, Error: volmgr [46] - Crash dump initialization failed!
02/01/2009 21:53:01, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DNS Client service to connect.
02/01/2009 21:53:01, Error: Service Control Manager [7000] - The DNS Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
02/01/2009 21:53:01, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
02/01/2009 22:01:11, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume USB 120GB Harddrive.
02/01/2009 22:07:44, Error: Service Control Manager [7030] - The Eset Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
04/01/2009 02:11:41, Error: EventLog [6008] - The previous system shutdown at 02:10:10 on 04/01/2009 was unexpected.
08/01/2009 20:26:12, Error: EventLog [6008] - The previous system shutdown at 20:21:34 on 08/01/2009 was unexpected.
08/01/2009 20:27:48, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/1384518911/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
08/01/2009 20:27:48, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
08/01/2009 20:34:48, Error: EventLog [6008] - The previous system shutdown at 20:34:04 on 08/01/2009 was unexpected.
08/01/2009 20:44:19, Error: EventLog [6008] - The previous system shutdown at 20:42:40 on 08/01/2009 was unexpected.
08/01/2009 21:52:28, Error: EventLog [6008] - The previous system shutdown at 21:51:09 on 08/01/2009 was unexpected.
==== End Of File ===========================
GMER 1.0.14.14536 -
http://www.gmer.netRootkit scan 2009-01-08 22:19:36
Windows 6.0.6001 Service Pack 1
---- System - GMER 1.0.14 ----
Code 8D4DABB8 ZwEnumerateKey
Code 8D4ED808 ZwFlushInstructionCache
Code 8D4EEAD5 IofCallDriver
Code 8D4BB0D6 IofCompleteRequest
---- Kernel code sections - GMER 1.0.14 ----
.text ntkrnlpa.exe!IofCompleteRequest 8206FFE2 5 Bytes JMP 8D4BB0DB
.text ntkrnlpa.exe!IofCallDriver 820F1F6F 5 Bytes JMP 8D4EEADA
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 821E830B 5 Bytes JMP 8D4ED80C
PAGE ntkrnlpa.exe!ZwEnumerateKey 8223DBB4 5 Bytes JMP 8D4DABBC
---- User code sections - GMER 1.0.14 ----
.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[224] kernel32.dll!SetUnhandledExceptionFilter 76426E2D 4 Bytes [ C2, 04, 00, 00 ]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2204] kernel32.dll!SetUnhandledExceptionFilter 76426E2D 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [1002DA90] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRect] [1002DB00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
---- Devices - GMER 1.0.14 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys
---- Services - GMER 1.0.14 ----
Service C:\Windows\system32\drivers\msqpdxmcmbcrrx.sys (*** hidden *** ) [SYSTEM] msqpdxserv.sys <-- ROOTKIT !!!
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@imagepath \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules@msqpdxserv \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules@msqpdxl \systemroot\system32\msqpdxwqsctmei.dll
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@imagepath \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules@msqpdxserv \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules@msqpdxl \systemroot\system32\msqpdxwqsctmei.dll
Reg HKLM\SOFTWARE\Classes\msqpdxvx
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxrun 71
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxpff 7967
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxaff 2956
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxinfo ?}gx~yc?~c?k`omcyjloumllqRPRc
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxid qfy?z?? x?iagmgo`nmb
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxsrv 1745024793
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxpos 5}~p}}t{}p4biedba`az
---- EOF - GMER 1.0.14 ----
GMER 1.0.14.14536 -
http://www.gmer.netRootkit scan 2009-01-08 22:25:12
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.14 ----
INT 0x51 ? FFFFFFFF
INT 0x51 ? 84DF2708
INT 0x51 ? 00000000
INT 0x52 ? FFFFFFFF
INT 0x52 ? 866A4030
INT 0x61 ? FFFFFFFF
INT 0x61 ? 8666D678
INT 0x62 ? FFFFFFFF
INT 0x62 ? 866A4030
INT 0x71 ? FFFFFFFF
INT 0x71 ? 8666D678
INT 0x72 ? FFFFFFFF
INT 0x72 ? 00280026
INT 0x82 ? FFFFFFFF
INT 0x82 ? 853086B8
INT 0x92 ? FFFFFFFF
INT 0x92 ? 853086B8
INT 0xA2 ? FFFFFFFF
INT 0xA2 ? 86693068
INT 0xB0 ? FFFFFFFF
INT 0xB0 ? A01DDE70
INT 0xB1 ? FFFFFFFF
INT 0xB1 ? 5F534750
INT 0xB1 ? 00000000
INT 0xB3 ? FFFFFFFF
INT 0xB3 ? 000000B3
Code 8D4DABB8 ZwEnumerateKey
Code 8D4ED808 ZwFlushInstructionCache
Code 8D4EEAD5 IofCallDriver
Code 8D4BB0D6 IofCompleteRequest
---- Kernel code sections - GMER 1.0.14 ----
.text ntkrnlpa.exe!IofCompleteRequest 8206FFE2 5 Bytes JMP 8D4BB0DB
.text ntkrnlpa.exe!IofCallDriver 820F1F6F 5 Bytes JMP 8D4EEADA
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 821E830B 5 Bytes JMP 8D4ED80C
PAGE ntkrnlpa.exe!ZwEnumerateKey 8223DBB4 5 Bytes JMP 8D4DABBC
---- User code sections - GMER 1.0.14 ----
.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[224] kernel32.dll!SetUnhandledExceptionFilter 76426E2D 4 Bytes [ C2, 04, 00, 00 ]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2204] kernel32.dll!SetUnhandledExceptionFilter 76426E2D 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [1002DA90] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRect] [1002DB00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[4028] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
---- Devices - GMER 1.0.14 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys
---- Services - GMER 1.0.14 ----
Service C:\Windows\system32\drivers\msqpdxmcmbcrrx.sys (*** hidden *** ) [SYSTEM] msqpdxserv.sys <-- ROOTKIT !!!
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@imagepath \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules@msqpdxserv \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules@msqpdxl \systemroot\system32\msqpdxwqsctmei.dll
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@imagepath \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules@msqpdxserv \systemroot\system32\drivers\msqpdxmcmbcrrx.sys
Reg HKLM\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules@msqpdxl \systemroot\system32\msqpdxwqsctmei.dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@CurrentVersion 6.0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@ProductName Windows Vista (TM) Home Premium
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion@CSDVersion Service Pack 1
Reg HKLM\SOFTWARE\Classes\msqpdxvx
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxrun 71
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxpff 7967
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxaff 2956
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxinfo ?}gx~yc?~c?k`omcyjloumllqRPRc
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxid qfy?z?? x?iagmgo`nmb
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxsrv 1745024793
Reg HKLM\SOFTWARE\Classes\msqpdxvx@msqpdxpos 5}~p}}t{}p4biedba`az
---- EOF - GMER 1.0.14 ----