Inactive Malware problem? Cannot open any program in regular mode

Status
Not open for further replies.
M

myriamlavoie

Hello, I hope someone can help. This is for my boyfriend's computer. He downloaded a program (iLivid?) and now no program will load in 'Regular mode'. I used the scan programs in safe mode as this was the only way I could, but nothing seems to have been detected. See below the logs. Thank you for any help. I'll reboot and try again regular mode after this post.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7570

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.7601.17514

25/08/2011 7:34:18 PM
mbam-log-2011-08-25 (19-34-18).txt

Scan type: Quick scan
Objects scanned: 180247
Time elapsed: 4 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-25 20:44:27
Windows 6.1.7601 Service Pack 1
Running: v41h29h4.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024338b2889
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024338b2889 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)

---- EOF - GMER 1.0.15 ----




.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Michael at 20:47:21 on 2011-08-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3963.3016 [GMT -4:00]
.
AV: PC Tools AntiVirus Free *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools AntiVirus Free *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
uStart Page = hxxp://www.searchqu.com//406
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\programs installed from the net\PC Tools Security\BDT\PCTBrowserDefender.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\programs installed from the net\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Loader Class: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\programs installed from the net\PC Tools Security\BDT\PCTBrowserDefender.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
TB: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [Google Update] "C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [<NO NAME>]
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [00PCTFW] "C:\programs installed from the net\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRun: [ISTray] "C:\programs installed from the net\PC Tools Security\pctsGui.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun: [PCTools FGuard] C:\programs installed from the net\PC Tools Security\BDT\FGuard.exe
StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Ajouter au fichier PDF existant - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir en Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F957B691-E15E-49C1-83E7-E12E3F20081D} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F957B691-E15E-49C1-83E7-E12E3F20081D}\57C6166716C6D26707E6 : DhcpNameServer = 132.203.251.14
TCP: Interfaces\{F957B691-E15E-49C1-83E7-E12E3F20081D}\57C6166716C6D296E667 : DhcpNameServer = 132.203.250.10 132.203.250.13
TCP: Interfaces\{F957B691-E15E-49C1-83E7-E12E3F20081D}\A51405D2741626279656C6C656D225F6970282E43392 : DhcpNameServer = 10.1.35.2
TCP: Interfaces\{F957B691-E15E-49C1-83E7-E12E3F20081D}\D496B65672370286F6D65602E6564777F627B6 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\programs installed from the net\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO-X64: Browser Defender BHO - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Loader Class: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\programs installed from the net\PC Tools Security\BDT\PCTBrowserDefender.dll
TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
TB-X64: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [(Default)]
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun-x64: [00PCTFW] "C:\programs installed from the net\PC Tools Firewall Plus\FirewallGUI.exe" -s
mRun-x64: [ISTray] "C:\programs installed from the net\PC Tools Security\pctsGui.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun-x64: [PCTools FGuard] C:\programs installed from the net\PC Tools Security\BDT\FGuard.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\nqbng027.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: C:\programs installed from the net\PC Tools Security\BDT\Firefox\platform\WINNT_x86-msvc\components\libheuristic.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Michael\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - C:\programs installed from the net\PC Tools Security\BDT\Firefox
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
R3 pctNdisMP;PC Tools Driver;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
S2 Apache2.2;Apache2.2;"C:\xampp\apache\bin\httpd.exe" -k runservice --> C:\xampp\apache\bin\httpd.exe [?]
S2 Browser Defender Update Service;Browser Defender Update Service;C:\programs installed from the net\PC Tools Security\BDT\BDTUpdateService.exe [2011-8-25 337872]
S2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\programs installed from the net\PC Tools Firewall Plus\FWService.exe [2011-3-18 287024]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]
S2 sdAuxService;PC Tools Auxiliary Service;C:\programs installed from the net\PC Tools Security\pctsAuxs.exe [2011-3-18 371472]
S2 sdCoreService;PC Tools Security Service;C:\programs installed from the net\PC Tools Security\pctsSvc.exe [2011-3-18 1117144]
S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-12-10 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-12-10 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-12-10 427304]
S2 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-12-10 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-12-10 91432]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-6-3 104960]
S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-4-16 411496]
S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-1-14 5184872]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;\??\C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys --> C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [?]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?]
S3 pctplfw;pctplfw;\??\C:\Windows\System32\drivers\pctplfw64.sys --> C:\Windows\System32\drivers\pctplfw64.sys [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-12-10 468264]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-6-3 110376]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-25 23:39:08 767952 ----a-w- C:\Windows\BDTSupport.dll
2011-08-25 23:39:07 2029520 ----a-w- C:\Windows\PCTBDCore.dll
2011-08-25 23:39:07 1533904 ----a-w- C:\Windows\PCTBDRes.dll
2011-08-25 23:39:07 149456 ----a-w- C:\Windows\SGDetectionTool.dll
2011-08-25 23:38:58 279344 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2011-08-25 23:11:52 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-24 19:13:05 -------- d-----w- C:\ProgramData\boost_interprocess
2011-08-24 19:12:25 -------- d-----w- C:\Users\Michael\AppData\Local\PackageAware
2011-08-24 10:16:25 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 10:16:25 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-12 00:10:52 -------- d-----w- C:\Users\Michael\AppData\Local\{48E2ABC2-0EB0-47E6-BF45-CFA30F25772A}
2011-08-12 00:10:40 -------- d-----w- C:\Users\Michael\AppData\Local\{C702D8E9-F6BF-42FB-8412-6418C276C1EB}
2011-08-10 21:23:14 -------- d-----w- C:\Users\Michael\AppData\Local\{D955F22E-66D8-4C42-8F67-4408E3F091BC}
2011-08-10 21:23:02 -------- d-----w- C:\Users\Michael\AppData\Local\{FB414AFE-78FB-4400-9171-738223209525}
2011-08-10 21:21:43 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7ff9a9951cc57a305\MeshBetaRemover.exe
2011-08-10 21:20:16 -------- d-----w- C:\Users\Michael\AppData\Local\{42EF24AF-3752-4047-9BEF-F0402DE95330}
2011-08-10 16:52:48 -------- d-----w- C:\Windows\en
2011-08-10 16:51:22 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-08-10 15:54:27 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-08-10 15:54:27 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-08-10 15:54:27 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-08-10 15:54:27 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-08-10 15:44:19 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\5a2d82531cc57742a\bingbarsetup.exe
2011-08-10 15:42:48 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25a3cbb41cc577428\DSETUP.dll
2011-08-10 15:42:48 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25a3cbb41cc577428\DXSETUP.exe
2011-08-10 15:42:48 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\25a3cbb41cc577428\dsetup32.dll
2011-08-10 15:42:44 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\209d8f0e1cc577427\DSETUP.dll
2011-08-10 15:42:44 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\209d8f0e1cc577427\DXSETUP.exe
2011-08-10 15:42:44 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\209d8f0e1cc577427\dsetup32.dll
2011-08-10 15:27:33 -------- d-----w- C:\Users\Michael\AppData\Local\Windows Live
2011-08-10 01:01:49 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-08-10 01:00:11 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-08-10 01:00:10 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-08-10 01:00:09 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
.
==================== Find3M ====================
.
2011-08-18 00:51:11 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-22 05:22:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:54:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-11 16:02:34 282440 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2011-07-11 13:07:46 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2011-07-11 13:05:44 337048 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2011-07-11 13:05:44 143896 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2011-07-06 23:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-06-21 06:34:00 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-21 06:20:53 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-06-21 05:28:33 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-06-15 08:55:19 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 20:47:52.75 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/12/2009 6:56:43 AM
System Uptime: 25/08/2011 7:48:22 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz | N/A | 2094/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 166.55 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
G: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP244: 24/06/2011 12:01:22 AM - Windows Update
RP245: 30/06/2011 5:29:57 AM - Windows Update
RP246: 03/07/2011 9:16:19 AM - Windows Update
RP247: 03/07/2011 11:34:58 AM - Installed Java(TM) 6 Update 26
RP248: 03/07/2011 11:36:36 AM - Installed Java Runtime Environment
RP249: 04/07/2011 8:18:25 PM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
RP250: 04/07/2011 8:19:29 PM - Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
RP251: 04/07/2011 8:20:15 PM - Removed Microsoft Visual C++ 2005 Redistributable
RP252: 04/07/2011 8:21:01 PM - Removed Microsoft Visual C++ 2005 Redistributable (x64)
RP253: 04/07/2011 8:23:10 PM - Removed Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
RP254: 04/07/2011 8:24:09 PM - Removed Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
RP255: 04/07/2011 8:24:50 PM - Removed Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
RP256: 04/07/2011 8:25:16 PM - Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
RP257: 04/07/2011 8:26:15 PM - Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
RP258: 04/07/2011 8:27:19 PM - Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
RP259: 04/07/2011 8:28:08 PM - Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
RP260: 04/07/2011 8:28:54 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
RP261: 04/07/2011 8:29:37 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP262: 04/07/2011 8:30:40 PM - Removed Palm Desktop by ACCESS
RP263: 04/07/2011 8:34:44 PM - Removed PHP 5.2.12
RP264: 04/07/2011 8:35:35 PM - Removed Skype Toolbars
RP265: 04/07/2011 8:36:02 PM - Removed Skype™ 5.1
RP266: 05/07/2011 10:38:18 AM - Windows Update
RP267: 13/07/2011 9:01:33 AM - Scheduled Checkpoint
RP268: 13/07/2011 6:05:30 PM - Windows Update
RP269: 14/07/2011 7:35:47 AM - Windows Update
RP270: 16/07/2011 3:28:29 PM - Installed Connect Service
RP271: 24/07/2011 3:46:00 PM - Scheduled Checkpoint
RP272: 24/07/2011 7:06:47 PM - Windows Backup
RP273: 01/08/2011 5:25:10 AM - Windows Backup
RP274: 07/08/2011 7:06:54 PM - Windows Backup
RP275: 09/08/2011 9:13:41 PM - Windows Update
RP276: 09/08/2011 10:22:33 PM - Windows Update
RP277: 10/08/2011 11:26:26 AM - CheckIfInstallerIsBusy
RP278: 10/08/2011 11:43:42 AM - Windows Live Essentials
RP279: 10/08/2011 11:44:08 AM - Installed DirectX
RP280: 10/08/2011 11:54:07 AM - Installed DirectX
RP281: 10/08/2011 12:07:14 PM - WLSetup
RP282: 10/08/2011 12:38:59 PM - Windows Live Essentials
RP283: 10/08/2011 12:39:56 PM - Installed DirectX
RP284: 10/08/2011 12:49:47 PM - Installed DirectX
RP285: 10/08/2011 12:50:14 PM - WLSetup
RP286: 10/08/2011 5:19:48 PM - CheckIfInstallerIsBusy
RP287: 18/08/2011 9:12:50 AM - Scheduled Checkpoint
RP288: 20/08/2011 10:16:20 PM - PC Tools AntiVirus Free: Cleaning Threats
RP289: 21/08/2011 7:07:41 PM - Windows Backup
RP290: 24/08/2011 10:17:20 PM - Windows Update
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Recommended Settings
Adobe Color JA Extra Settings
Adobe Color NA Extra Settings
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.1.3
Adobe Setup
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Ajouter ou supprimer Adobe Creative Suite 3 Master Collection
Apple Application Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 2
Beyond Good & Evil
Bing Bar
BookSmart® 2.9.2 2.9.2
Browser Defender 3.0
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Click to Disc
Click to Disc Editor
Compatibility Pack for the 2007 Office system
D3DX10
Dropbox
Google Chrome
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) SE Runtime Environment 6
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (French) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (French) 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Mozilla Firefox (3.6.20)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Transfer
MétéoÉclair
OpenMG Secure Module 5.3.00
PC Tools AntiVirus Free 8.0
PC Tools Firewall Plus 7.0
PDF Settings
Primo
QuickTime
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Runtime
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Setting Utility Series
SmartWi Connection Utility
Sony Home Network Library
Sony Picture Utility
Sony Video Shared Library
Stickies 7.0a
SyncBack
Tom Clancy's Splinter Cell
TOSHIBA gigabeat applications 3.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2586924)
VAIO BD Menu Data
VAIO Content Folder Setting
VAIO Content Folder Watcher
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO Power Management
VAIO Survey
VAIO Update 4
VAIO Wallpaper Contents
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Windows iLivid Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinDVD for VAIO
.
==== Event Viewer Messages From Past Week ========
.
25/08/2011 8:44:39 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2011 8:16:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
25/08/2011 8:16:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
25/08/2011 8:14:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
25/08/2011 8:14:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
25/08/2011 8:14:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
25/08/2011 8:14:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
25/08/2011 7:48:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache PCTSD spldr Wanarpv6
25/08/2011 7:48:52 PM, Error: Service Control Manager [7003] - The NVIDIA Display Driver Service service depends the following service: nvlddmkm. This service might not be installed.
25/08/2011 7:47:24 PM, Error: Service Control Manager [7000] - The Apache2.2 service failed to start due to the following error: The system cannot find the file specified.
25/08/2011 7:46:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PC Tools Security Service service to connect.
25/08/2011 7:46:15 PM, Error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:35 PM, Error: Service Control Manager [7001] - The VAIO Media plus Content Importer service depends on the VAIO Media plus Device Searcher service which failed to start because of the following error: The dependency service or group failed to start.
25/08/2011 7:42:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Entertainment Database Service service to connect.
25/08/2011 7:42:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Content Folder Watcher service to connect.
25/08/2011 7:42:34 PM, Error: Service Control Manager [7000] - The VAIO Entertainment Database Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:34 PM, Error: Service Control Manager [7000] - The VAIO Content Folder Watcher service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Event Service service to connect.
25/08/2011 7:42:30 PM, Error: Service Control Manager [7000] - The VAIO Event Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CamMonitor service to connect.
25/08/2011 7:42:29 PM, Error: Service Control Manager [7000] - The CamMonitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Media plus Database Manager service to connect.
25/08/2011 7:42:28 PM, Error: Service Control Manager [7001] - The VAIO Media plus Playlist Manager service depends on the VAIO Media plus Database Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:28 PM, Error: Service Control Manager [7001] - The VAIO Media plus Digital Media Server service depends on the VAIO Media plus Database Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:28 PM, Error: Service Control Manager [7001] - The VAIO Media plus Device Searcher service depends on the VAIO Media plus Database Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:28 PM, Error: Service Control Manager [7000] - The VAIO Media plus Database Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:24 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SeaPort service to connect.
25/08/2011 7:42:24 PM, Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 7:42:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
25/08/2011 7:42:17 PM, Error: Service Control Manager [7000] - The regi service failed to start due to the following error: The system cannot find the file specified.
25/08/2011 7:42:16 PM, Error: Service Control Manager [7000] - The MySQL service failed to start due to the following error: The system cannot find the file specified.
25/08/2011 7:06:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
25/08/2011 6:56:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
25/08/2011 6:45:04 PM, Error: Service Control Manager [7001] - The VAIO Media plus Content Importer service depends on the VAIO Media plus Device Searcher service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Media plus Playlist Manager service to connect.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Media plus Digital Media Server service to connect.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VAIO Media plus Device Searcher service to connect.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7000] - The VAIO Media plus Playlist Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7000] - The VAIO Media plus Digital Media Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 6:45:03 PM, Error: Service Control Manager [7000] - The VAIO Media plus Device Searcher service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
25/08/2011 11:46:29 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00-1E-8F-A5-94-F8. Network operations on this system may be disrupted as a result.
24/08/2011 3:09:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR380.
22/08/2011 6:58:48 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR5.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================================================

no program will load in 'Regular mode
Click to expand...
What happens when you try?

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:


On completion of the scan click "Save log", save it to your desktop and post in your next reply:


NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
793
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back