My laptop hasn't really been slowing down, but sometimes it just has a real problem starting up - and even when it's managed to boot up, it doesn't always even make it to the welcome screen or any measure of functionability. In trying to boot it up last night, it failed to respond at least 15+ times, and froze mid-MSE scan at least 3-4 times as well. It's currently up and running, and I've pushed one Malwarebytes/MSE scan through, but all scans seem clean.
However, the first time it did this - last week or so - the MSE scan pulled out three viruses. I thought the issue was over then, but since my laptop's been acting up again, I'm not sure if some other virus escaped the scans, or if MSE failed to remove the viruses entirely. I didn't copy down the names of the viruses, unfortunately. Sorry!
MBAM log:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.09.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Vincent :: NOISELESS [administrator]
2/15/2013 10:36:12 AM
mbam-log-2013-02-15 (10-36-12).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215501
Time elapsed: 4 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS Log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_39
Run by Vincent at 10:45:47 on 2013-02-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2968.999 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\msiexec.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.plusnetwork.com/?sp=hp&t=b0213
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: WinToFlash Suggestor: {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
uRun: [Google Update] "C:\Users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [googletalk] C:\Users\Vincent\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Vincent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {8EF9626B-2251-4C5E-BD17-D5F3E0E98B03} - hxxps://management.pna.utexas.edu/idengineswpa/tools/xc_loader_activex.ocx
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 10.111.218.254 10.113.218.254 10.112.218.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6} : DHCPNameServer = 10.111.218.254 10.113.218.254 10.112.218.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\14C62656274723 : DHCPNameServer = 192.168.24.1
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\2375942554336383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\77F6F64713 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\D646167657563747 : DHCPNameServer = 216.136.95.2 64.132.94.250
TCP: Interfaces\{BD783C53-2E55-4428-BABB-30C58E4C8B16} : DHCPNameServer = 10.160.220.60 10.160.16.66
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\9sijq2hf.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-08 22:29; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-11 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 202752]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-8 398184]
R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-2-2 119296]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2008-8-22 316544]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2009-9-22 7369728]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-27 24176]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-8 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-7-1 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-2 1255736]
.
=============== Created Last 30 ================
.
2013-02-15 16:44:309161176----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CDA3F42D-3ECB-4C9C-9549-D1086A774D6B}\mpengine.dll
2013-02-15 16:25:05--------d-----w-C:\Users\Vincent\AppData\Local\{9E6BECEB-0D61-4166-B607-4292BF90BB59}
2013-02-15 13:04:01996352----a-w-C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 13:04:01768000----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 13:02:042382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-02-15 13:02:042382848----a-w-C:\Windows\System32\mshtml.tlb
2013-02-15 13:02:02420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-02-15 13:02:02304640----a-w-C:\Program Files\Internet Explorer\IEShims.dll
2013-02-15 13:02:02182816----a-w-C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-15 13:02:02149528----a-w-C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-15 13:02:01194048----a-w-C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-15 13:02:00173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-02-15 05:12:199161176------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-15 04:24:27--------d-----w-C:\Users\Vincent\AppData\Local\{7AAB4094-6685-4332-9873-60CC0C6F9DCA}
2013-02-14 15:00:10--------d-----w-C:\Users\Vincent\AppData\Local\{CACC86CB-0E85-49B5-A088-28B305BC08C2}
2013-02-13 15:46:355553512----a-w-C:\Windows\System32\ntoskrnl.exe
2013-02-13 15:46:353967848----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 15:46:343913064----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 15:46:243153408----a-w-C:\Windows\System32\win32k.sys
2013-02-13 15:46:22215040----a-w-C:\Windows\System32\winsrv.dll
2013-02-13 15:46:217680----a-w-C:\Windows\SysWow64\instnm.exe
2013-02-13 15:46:215120----a-w-C:\Windows\SysWow64\wow32.dll
2013-02-13 15:46:2125600----a-w-C:\Windows\SysWow64\setup16.exe
2013-02-13 15:46:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 15:46:192048----a-w-C:\Windows\SysWow64\user.exe
2013-02-13 15:46:181913192----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-02-13 15:46:17288088----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 15:39:11--------d-----w-C:\Users\Vincent\AppData\Local\{B14D8464-B386-43EB-82A3-84C27A16B971}
2013-02-11 15:04:34--------d-----w-C:\Users\Vincent\AppData\Local\{BA1A6346-7B0E-4F78-814F-B5DB5EF60BEC}
2013-02-11 03:04:10--------d-----w-C:\Users\Vincent\AppData\Local\{3714717F-5132-44A5-9F8A-4D71A95EB04F}
2013-02-09 03:02:37--------d-----w-C:\Users\Vincent\AppData\Local\{439E0B16-A624-4791-8EE6-97F6C14ADA51}
2013-02-08 15:05:22--------d-----w-C:\Users\Vincent\AppData\Local\Programs
2013-02-08 15:02:12--------d-----w-C:\Users\Vincent\AppData\Local\{165321E6-EC59-483B-B20E-1AABB9D6A469}
2013-02-06 20:52:27--------d-----w-C:\Users\Vincent\AppData\Local\{5B6D8BCE-2660-4B7A-8FB0-6B5733B561E1}
2013-02-06 16:29:45--------d-----w-C:\Users\Vincent\AppData\Local\{153F2C24-CD44-4680-A12D-70D722C17682}
2013-02-04 18:07:41--------d-----w-C:\Users\Vincent\AppData\Local\{E6EA3636-AB3A-46A1-A516-D6E58FBB74F5}
2013-02-04 18:03:22--------d-----w-C:\Users\Vincent\AppData\Local\{0F82E8E7-B153-4930-AAFE-35CD58E9B5DD}
2013-02-04 03:20:39--------d-----w-C:\Users\Vincent\AppData\Local\{C6EB04E4-AA14-4F8A-8854-31293D71494C}
2013-02-01 13:33:22--------d-----w-C:\Users\Vincent\AppData\Local\{AFFDF80A-2FC5-44A8-8B14-C28BE23A70E2}
2013-01-31 14:28:14--------d-----w-C:\Users\Vincent\AppData\Local\{AFBC5FFE-90FB-4070-AC2F-1A82C1A60946}
2013-01-28 15:18:43--------d-----w-C:\Users\Vincent\AppData\Local\{5E961521-E292-46D3-871C-2E1572AAE051}
2013-01-26 22:49:36--------d-----w-C:\Program Files (x86)\Mozilla Firefox.bak
2013-01-26 21:12:26--------d-----w-C:\Users\Vincent\AppData\Local\{DDDFF6E0-6C7F-4B3C-B7C5-102E0D36EC77}
2013-01-25 16:50:58--------d-----w-C:\Users\Vincent\AppData\Local\{D5D0D6FD-06F6-48A8-B7BF-4AC5030DC29E}
2013-01-24 15:23:54--------d-----w-C:\Users\Vincent\AppData\Local\{1B2E9EA9-CC21-4E6D-9420-0DCB045E9981}
2013-01-21 16:16:33--------d-----w-C:\Users\Vincent\AppData\Local\{62F4D638-B6C0-464C-A5B1-7A76C99FFC8B}
2013-01-20 21:59:04230320----a-w-C:\Windows\System32\drivers\MpFilter.sys
2013-01-18 15:21:42--------d-----w-C:\Users\Vincent\AppData\Local\{5802D00E-6B90-48AB-A4EE-2188231798C8}
2013-01-18 03:21:06--------d-----w-C:\Users\Vincent\AppData\Local\{866896EA-9A49-477B-A00E-7B99A5AB8CA0}
2013-01-17 15:20:53--------d-----w-C:\Users\Vincent\AppData\Local\{836F901D-4CFD-4031-A748-56D47CA0B63D}
2013-01-17 15:16:08--------d-----w-C:\Users\Vincent\AppData\Local\{DB296446-7097-4E6F-9B4A-FB7104D862F6}
.
==================== Find3M ====================
.
2013-02-08 16:09:2574096----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:09:25697712----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-30 10:53:22273840------w-C:\Windows\System32\MpSigStub.exe
2013-01-20 21:59:04130008----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
2013-01-15 22:56:10477616----a-w-C:\Windows\SysWow64\npdeployJava1.dll
2013-01-15 22:56:07473520----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-01-09 01:19:092312704----a-w-C:\Windows\System32\jscript9.dll
2013-01-09 01:12:031392128----a-w-C:\Windows\System32\wininet.dll
2013-01-09 01:11:061494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-01-08 22:11:211800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:201129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:121427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-01-04 04:43:2144032----a-w-C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:2246080----a-w-C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03367616----a-w-C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28295424----a-w-C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:2034304----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-14 22:49:2824176----a-w-C:\Windows\System32\drivers\mbam.sys
2012-12-07 13:20:16441856----a-w-C:\Windows\System32\Wpc.dll
2012-12-07 13:15:312746368----a-w-C:\Windows\System32\gameux.dll
2012-12-07 12:26:17308736----a-w-C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:432576384----a-w-C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:0430720----a-w-C:\Windows\System32\usk.rs
2012-12-07 11:20:0343520----a-w-C:\Windows\System32\csrr.rs
2012-12-07 11:20:0323552----a-w-C:\Windows\System32\oflc.rs
2012-12-07 11:20:0145568----a-w-C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:0144544----a-w-C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:0120480----a-w-C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:0020480----a-w-C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:5920480----a-w-C:\Windows\System32\pegi.rs
2012-12-07 11:19:5846592----a-w-C:\Windows\System32\fpb.rs
2012-12-07 11:19:5740960----a-w-C:\Windows\System32\cob-au.rs
2012-12-07 11:19:5721504----a-w-C:\Windows\System32\grb.rs
2012-12-07 11:19:5715360----a-w-C:\Windows\System32\djctq.rs
2012-12-07 11:19:5655296----a-w-C:\Windows\System32\cero.rs
2012-12-07 11:19:5551712----a-w-C:\Windows\System32\esrb.rs
2012-11-30 05:45:35362496----a-w-C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35243200----a-w-C:\Windows\System32\wow64.dll
2012-11-30 05:45:3513312----a-w-C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:1216384----a-w-C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07424448----a-w-C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48338432----a-w-C:\Windows\System32\conhost.exe
2012-11-30 02:38:596144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:594608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:593584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:593072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:13:5768608----a-w-C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23800768----a-w-C:\Windows\System32\usp10.dll
2012-11-22 04:45:03626688----a-w-C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49307200----a-w-C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09220160----a-w-C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 10:46:39.80 ===============
However, the first time it did this - last week or so - the MSE scan pulled out three viruses. I thought the issue was over then, but since my laptop's been acting up again, I'm not sure if some other virus escaped the scans, or if MSE failed to remove the viruses entirely. I didn't copy down the names of the viruses, unfortunately. Sorry!
MBAM log:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.09.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Vincent :: NOISELESS [administrator]
2/15/2013 10:36:12 AM
mbam-log-2013-02-15 (10-36-12).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215501
Time elapsed: 4 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS Log:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 1.6.0_39
Run by Vincent at 10:45:47 on 2013-02-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2968.999 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vincent\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\msiexec.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.plusnetwork.com/?sp=hp&t=b0213
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: WinToFlash Suggestor: {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
uRun: [Google Update] "C:\Users\Vincent\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [googletalk] C:\Users\Vincent\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Vincent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {8EF9626B-2251-4C5E-BD17-D5F3E0E98B03} - hxxps://management.pna.utexas.edu/idengineswpa/tools/xc_loader_activex.ocx
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 10.111.218.254 10.113.218.254 10.112.218.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6} : DHCPNameServer = 10.111.218.254 10.113.218.254 10.112.218.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\14C62656274723 : DHCPNameServer = 192.168.24.1
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\2375942554336383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\77F6F64713 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{25EC66F7-E07D-453E-AAE1-390EDA1EABC6}\D646167657563747 : DHCPNameServer = 216.136.95.2 64.132.94.250
TCP: Interfaces\{BD783C53-2E55-4428-BABB-30C58E4C8B16} : DHCPNameServer = 10.160.220.60 10.160.16.66
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\9sijq2hf.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Vincent\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-08 22:29; {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-11 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 202752]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-8 398184]
R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-2-2 119296]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2008-8-22 316544]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2009-9-22 7369728]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-8-27 24176]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-8 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-7-1 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-2 1255736]
.
=============== Created Last 30 ================
.
2013-02-15 16:44:309161176----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CDA3F42D-3ECB-4C9C-9549-D1086A774D6B}\mpengine.dll
2013-02-15 16:25:05--------d-----w-C:\Users\Vincent\AppData\Local\{9E6BECEB-0D61-4166-B607-4292BF90BB59}
2013-02-15 13:04:01996352----a-w-C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 13:04:01768000----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 13:02:042382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-02-15 13:02:042382848----a-w-C:\Windows\System32\mshtml.tlb
2013-02-15 13:02:02420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-02-15 13:02:02304640----a-w-C:\Program Files\Internet Explorer\IEShims.dll
2013-02-15 13:02:02182816----a-w-C:\Program Files\Internet Explorer\sqmapi.dll
2013-02-15 13:02:02149528----a-w-C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-02-15 13:02:01194048----a-w-C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-02-15 13:02:00173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-02-15 05:12:199161176------w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-15 04:24:27--------d-----w-C:\Users\Vincent\AppData\Local\{7AAB4094-6685-4332-9873-60CC0C6F9DCA}
2013-02-14 15:00:10--------d-----w-C:\Users\Vincent\AppData\Local\{CACC86CB-0E85-49B5-A088-28B305BC08C2}
2013-02-13 15:46:355553512----a-w-C:\Windows\System32\ntoskrnl.exe
2013-02-13 15:46:353967848----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 15:46:343913064----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 15:46:243153408----a-w-C:\Windows\System32\win32k.sys
2013-02-13 15:46:22215040----a-w-C:\Windows\System32\winsrv.dll
2013-02-13 15:46:217680----a-w-C:\Windows\SysWow64\instnm.exe
2013-02-13 15:46:215120----a-w-C:\Windows\SysWow64\wow32.dll
2013-02-13 15:46:2125600----a-w-C:\Windows\SysWow64\setup16.exe
2013-02-13 15:46:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 15:46:192048----a-w-C:\Windows\SysWow64\user.exe
2013-02-13 15:46:181913192----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-02-13 15:46:17288088----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 15:39:11--------d-----w-C:\Users\Vincent\AppData\Local\{B14D8464-B386-43EB-82A3-84C27A16B971}
2013-02-11 15:04:34--------d-----w-C:\Users\Vincent\AppData\Local\{BA1A6346-7B0E-4F78-814F-B5DB5EF60BEC}
2013-02-11 03:04:10--------d-----w-C:\Users\Vincent\AppData\Local\{3714717F-5132-44A5-9F8A-4D71A95EB04F}
2013-02-09 03:02:37--------d-----w-C:\Users\Vincent\AppData\Local\{439E0B16-A624-4791-8EE6-97F6C14ADA51}
2013-02-08 15:05:22--------d-----w-C:\Users\Vincent\AppData\Local\Programs
2013-02-08 15:02:12--------d-----w-C:\Users\Vincent\AppData\Local\{165321E6-EC59-483B-B20E-1AABB9D6A469}
2013-02-06 20:52:27--------d-----w-C:\Users\Vincent\AppData\Local\{5B6D8BCE-2660-4B7A-8FB0-6B5733B561E1}
2013-02-06 16:29:45--------d-----w-C:\Users\Vincent\AppData\Local\{153F2C24-CD44-4680-A12D-70D722C17682}
2013-02-04 18:07:41--------d-----w-C:\Users\Vincent\AppData\Local\{E6EA3636-AB3A-46A1-A516-D6E58FBB74F5}
2013-02-04 18:03:22--------d-----w-C:\Users\Vincent\AppData\Local\{0F82E8E7-B153-4930-AAFE-35CD58E9B5DD}
2013-02-04 03:20:39--------d-----w-C:\Users\Vincent\AppData\Local\{C6EB04E4-AA14-4F8A-8854-31293D71494C}
2013-02-01 13:33:22--------d-----w-C:\Users\Vincent\AppData\Local\{AFFDF80A-2FC5-44A8-8B14-C28BE23A70E2}
2013-01-31 14:28:14--------d-----w-C:\Users\Vincent\AppData\Local\{AFBC5FFE-90FB-4070-AC2F-1A82C1A60946}
2013-01-28 15:18:43--------d-----w-C:\Users\Vincent\AppData\Local\{5E961521-E292-46D3-871C-2E1572AAE051}
2013-01-26 22:49:36--------d-----w-C:\Program Files (x86)\Mozilla Firefox.bak
2013-01-26 21:12:26--------d-----w-C:\Users\Vincent\AppData\Local\{DDDFF6E0-6C7F-4B3C-B7C5-102E0D36EC77}
2013-01-25 16:50:58--------d-----w-C:\Users\Vincent\AppData\Local\{D5D0D6FD-06F6-48A8-B7BF-4AC5030DC29E}
2013-01-24 15:23:54--------d-----w-C:\Users\Vincent\AppData\Local\{1B2E9EA9-CC21-4E6D-9420-0DCB045E9981}
2013-01-21 16:16:33--------d-----w-C:\Users\Vincent\AppData\Local\{62F4D638-B6C0-464C-A5B1-7A76C99FFC8B}
2013-01-20 21:59:04230320----a-w-C:\Windows\System32\drivers\MpFilter.sys
2013-01-18 15:21:42--------d-----w-C:\Users\Vincent\AppData\Local\{5802D00E-6B90-48AB-A4EE-2188231798C8}
2013-01-18 03:21:06--------d-----w-C:\Users\Vincent\AppData\Local\{866896EA-9A49-477B-A00E-7B99A5AB8CA0}
2013-01-17 15:20:53--------d-----w-C:\Users\Vincent\AppData\Local\{836F901D-4CFD-4031-A748-56D47CA0B63D}
2013-01-17 15:16:08--------d-----w-C:\Users\Vincent\AppData\Local\{DB296446-7097-4E6F-9B4A-FB7104D862F6}
.
==================== Find3M ====================
.
2013-02-08 16:09:2574096----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 16:09:25697712----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-30 10:53:22273840------w-C:\Windows\System32\MpSigStub.exe
2013-01-20 21:59:04130008----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
2013-01-15 22:56:10477616----a-w-C:\Windows\SysWow64\npdeployJava1.dll
2013-01-15 22:56:07473520----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-01-09 01:19:092312704----a-w-C:\Windows\System32\jscript9.dll
2013-01-09 01:12:031392128----a-w-C:\Windows\System32\wininet.dll
2013-01-09 01:11:061494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-01-08 22:11:211800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:201129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:121427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-01-04 04:43:2144032----a-w-C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:2246080----a-w-C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03367616----a-w-C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28295424----a-w-C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:2034304----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-14 22:49:2824176----a-w-C:\Windows\System32\drivers\mbam.sys
2012-12-07 13:20:16441856----a-w-C:\Windows\System32\Wpc.dll
2012-12-07 13:15:312746368----a-w-C:\Windows\System32\gameux.dll
2012-12-07 12:26:17308736----a-w-C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:432576384----a-w-C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:0430720----a-w-C:\Windows\System32\usk.rs
2012-12-07 11:20:0343520----a-w-C:\Windows\System32\csrr.rs
2012-12-07 11:20:0323552----a-w-C:\Windows\System32\oflc.rs
2012-12-07 11:20:0145568----a-w-C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:0144544----a-w-C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:0120480----a-w-C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:0020480----a-w-C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:5920480----a-w-C:\Windows\System32\pegi.rs
2012-12-07 11:19:5846592----a-w-C:\Windows\System32\fpb.rs
2012-12-07 11:19:5740960----a-w-C:\Windows\System32\cob-au.rs
2012-12-07 11:19:5721504----a-w-C:\Windows\System32\grb.rs
2012-12-07 11:19:5715360----a-w-C:\Windows\System32\djctq.rs
2012-12-07 11:19:5655296----a-w-C:\Windows\System32\cero.rs
2012-12-07 11:19:5551712----a-w-C:\Windows\System32\esrb.rs
2012-11-30 05:45:35362496----a-w-C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35243200----a-w-C:\Windows\System32\wow64.dll
2012-11-30 05:45:3513312----a-w-C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:1216384----a-w-C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07424448----a-w-C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48338432----a-w-C:\Windows\System32\conhost.exe
2012-11-30 02:38:596144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:594608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:593584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:593072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:13:5768608----a-w-C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23800768----a-w-C:\Windows\System32\usp10.dll
2012-11-22 04:45:03626688----a-w-C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49307200----a-w-C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09220160----a-w-C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 10:46:39.80 ===============