ancheri_19
2010-05-21, 22:00
Here's my DDS Log:
DDS (Ver_10-03-17.01) - NTFSX64
Run by ancheri_19 at 15:31:37.19 on Fri 05/21/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4014.2405 [GMT -4:00]
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\DDNi\Oasis\Delay.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\ancheri_19\Documents\Downloads\dds.scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [Messenger (Yahoo!)] "c:\progra~2\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Skype] "c:\program files (x86)\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Aim] "c:\program files (x86)\aim\aim.exe" /d locale=en-US
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [SmartWiHelper] "c:\program files (x86)\sony\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
mRun: [ISBMgr.exe] "c:\program files (x86)\sony\isb utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] c:\program files (x86)\sony\pmb\PMBVolumeWatcher.exe
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~2\mcafee\mhn\McENUI.exe /hide
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
dRun: [DelayShred] c:\progra~2\mcafee\mshr\shrcl.exe /p7 /q c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\4jjefzsm\cl6ea1~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\45rblelt\client~4.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\096s7sh3\cl018e~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\qzd3al7j\vitali~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\096s7sh3\CLFF78~1.SH!
StartupFolder: c:\users\ancher~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files (x86)\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files (x86)\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\vaiome~1.lnk - c:\program files (x86)\ddni\oasis\Delay.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to &Evernote - c:\program files (x86)\evernote\evernote3.5\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\program files (x86)\evernote\evernote3.5\enbar.dll
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Notify: VESWinlogon - VESWinlogon.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\MSKAPB~1.DLL
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 528232]
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2010-3-5 55280]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-5-21 121936]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-5-21 22096]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-5-21 63568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2010-3-13 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2010-3-12 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-3-12 155456]
R2 Oasis2Service;Oasis2Service;c:\program files (x86)\ddni\oasis2service 1.0\Oasis2Service.exe [2010-4-28 46080]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-19 93696]
R2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-11-19 75776]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-5-21 1153368]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2010-3-5 104960]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-9-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2010-3-5 480624]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2010-3-5 19968]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-19 151040]
R3 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2010-3-12 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-12 102472]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-3-12 49480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-11-19 84512]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-11-19 11392]
R3 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2010-3-5 571248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-11-19 395264]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-5 135664]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-19 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-11-19 35104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-3-12 40904]
S3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\microsoft sql server\mssql10.ddni\mssql\binn\sqlservr.exe [2009-3-30 43010392]
S3 SampleCollector;Intel(R) Sample Collector;c:\program files\sony\vaio care\collsvc.exe [2010-3-5 167424]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\common files\sony shared\sohlib\SOHCImp.exe [2010-3-5 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHDBSvr.exe [2010-3-5 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\common files\sony shared\sohlib\SOHDms.exe [2010-3-5 427304]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\common files\sony shared\sohlib\SOHDs.exe [2010-3-5 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHPlMgr.exe [2010-3-5 91432]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\sony\vcm intelligent network service manager\VcmINSMgr.exe [2010-3-5 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper64.exe [2010-3-5 110960]
S3 VUAgent;VUAgent;c:\program files\sony\vaio update 5\VUAgent.exe [2010-3-5 1164656]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-1 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\microsoft sql server\100\shared\sqladhlp.exe [2009-3-31 47128]
S4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\microsoft sql server\mssql10.ddni\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
=============== Created Last 30 ================
2010-05-21 19:28:08 56 ---ha-w- c:\windows\syswow64\ezsidmv.dat
2010-05-21 17:08:37 0 d-----w- c:\users\ancher~1\appdata\roaming\Malwarebytes
2010-05-21 17:08:29 0 d-----w- c:\programdata\Malwarebytes
2010-05-21 17:08:27 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-21 17:08:27 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-05-21 15:44:22 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-05-21 15:44:22 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-05-21 04:19:35 63568 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-21 04:19:35 0 ----a-w- c:\windows\syswow64\config.nt
2010-05-21 04:19:21 38848 ----a-w- c:\windows\syswow64\avastSS.scr
2010-05-21 04:19:21 165032 ----a-w- c:\windows\syswow64\aswBoot.exe
2010-05-21 04:19:18 0 d-----w- c:\programdata\Alwil Software
2010-05-21 04:19:18 0 d-----w- c:\program files\Alwil Software
2010-05-20 11:16:04 194048 ----a-w- c:\windows\Hkuria.exe
2010-05-14 01:14:42 0 d-----w- c:\programdata\PopCap Games
2010-05-13 13:21:31 163 ----a-w- c:\windows\WININIT.INI
2010-05-13 13:20:18 0 d-----w- c:\users\ancher~1\appdata\roaming\Roxio Log Files
2010-05-12 12:30:43 382732601 ----a-w- c:\windows\MEMORY.DMP
2010-05-12 03:31:21 0 d-----w- C:\VAIO Entertainment
2010-05-11 23:37:41 976896 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-11 23:37:41 740864 ----a-w- c:\windows\syswow64\inetcomm.dll
2010-05-02 20:45:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-05-02 19:05:40 0 d-----w- c:\program files\iPod
2010-05-02 19:05:39 0 d-----w- c:\program files\iTunes
2010-05-02 19:05:39 0 d-----w- c:\program files (x86)\iTunes
2010-05-02 19:03:30 0 d-----w- c:\program files\Bonjour
2010-05-02 19:03:30 0 d-----w- c:\program files (x86)\Bonjour
2010-05-01 00:27:07 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-01 00:27:07 109056 ----a-w- c:\windows\system32\drivers\sdbus.sys
2010-05-01 00:25:01 79817 ----a-w- C:\test.xml
2010-05-01 00:23:26 0 d-----w- c:\users\ancher~1\appdata\roaming\Auslogics
2010-04-27 22:59:54 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-27 22:59:52 12867072 ----a-w- c:\windows\syswow64\shell32.dll
2010-04-27 22:59:51 96768 ----a-w- c:\windows\syswow64\sspicli.dll
2010-04-27 22:59:51 22016 ----a-w- c:\windows\syswow64\secur32.dll
2010-04-27 22:59:51 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-27 22:59:51 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-27 04:43:50 0 dc-h--w- c:\programdata\{1988B439-10C3-40C0-B067-74060B38F525}
2010-04-24 20:20:29 0 d-----w- c:\programdata\McAfee Security Scan
2010-04-24 20:20:28 0 d-----w- c:\program files (x86)\McAfee Security Scan
==================== Find3M ====================
2010-05-06 14:36:38 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-04-17 01:24:34 27536 ----a-w- c:\windows\system32\drivers\dc3d.sys
2010-04-08 17:33:00 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 17:33:00 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-08 17:20:02 91424 ------w- c:\windows\syswow64\dnssd.dll
2010-04-08 17:20:02 107808 ------w- c:\windows\syswow64\dns-sd.exe
2010-03-08 21:59:59 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 21:33:56 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2010-03-05 19:02:24 14664 ----a-w- c:\windows\system32\FKDRV64.sys
2010-03-05 17:33:21 411368 ------w- c:\windows\syswow64\deploytk.dll
2010-03-05 17:33:21 149280 ------w- c:\windows\syswow64\javaws.exe
2010-03-05 17:33:21 145184 ------w- c:\windows\syswow64\javaw.exe
2010-03-05 17:33:21 145184 ------w- c:\windows\syswow64\java.exe
2010-03-05 17:32:48 455680 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 17:15:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2010-03-05 17:15:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2010-03-05 17:15:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2010-03-05 17:15:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2010-02-27 15:17:00 5509008 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-27 12:07:48 3954568 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-02-27 12:07:48 3899280 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-02-23 08:22:50 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 07:56:00 977920 ----a-w- c:\windows\syswow64\wininet.dll
2010-02-23 07:55:56 1225216 ----a-w- c:\windows\syswow64\urlmon.dll
2010-02-23 07:55:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-02-23 07:55:43 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-02-23 07:55:43 5964800 ----a-w- c:\windows\syswow64\mshtml.dll
2010-02-23 07:55:24 10978816 ----a-w- c:\windows\syswow64\ieframe.dll
2010-02-23 07:55:20 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 15:33:06.24 ===============
DDS (Ver_10-03-17.01) - NTFSX64
Run by ancheri_19 at 15:31:37.19 on Fri 05/21/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4014.2405 [GMT -4:00]
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\DDNi\Oasis\Delay.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\ancheri_19\Documents\Downloads\dds.scr
C:\Windows\system32\conhost.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~2\mcafee\msk\mskapbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\mcafee\virusscan\scriptsn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [Messenger (Yahoo!)] "c:\progra~2\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [Skype] "c:\program files (x86)\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Aim] "c:\program files (x86)\aim\aim.exe" /d locale=en-US
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [SmartWiHelper] "c:\program files (x86)\sony\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
mRun: [ISBMgr.exe] "c:\program files (x86)\sony\isb utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] c:\program files (x86)\sony\pmb\PMBVolumeWatcher.exe
mRun: [mcagent_exe] "c:\program files (x86)\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~2\mcafee\mhn\McENUI.exe /hide
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
dRun: [DelayShred] c:\progra~2\mcafee\mshr\shrcl.exe /p7 /q c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\4jjefzsm\cl6ea1~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\45rblelt\client~4.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\096s7sh3\cl018e~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\qzd3al7j\vitali~1.sh! c:\users\ancher~1\appdata\local\micros~1\windows\tempor~1\content.ie5\096s7sh3\CLFF78~1.SH!
StartupFolder: c:\users\ancher~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files (x86)\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files (x86)\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\vaiome~1.lnk - c:\program files (x86)\ddni\oasis\Delay.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to &Evernote - c:\program files (x86)\evernote\evernote3.5\enbar.dll/2000
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\program files (x86)\evernote\evernote3.5\enbar.dll
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Notify: VESWinlogon - VESWinlogon.dll
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\MSKAPB~1.DLL
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\x64\mcieplg.dll
mRun-x64: [IAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe -s
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-1-5 528232]
R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2010-3-5 55280]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-5-21 121936]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-5-21 22096]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-5-21 63568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\mcafee\siteadvisor\mcsacore.exe [2010-3-13 110312]
R2 McProxy;McAfee Proxy Service;c:\progra~2\common~1\mcafee\mcproxy\mcproxy.exe [2010-3-12 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-3-12 155456]
R2 Oasis2Service;Oasis2Service;c:\program files (x86)\ddni\oasis2service 1.0\Oasis2Service.exe [2010-4-28 46080]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\sony\pmb\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-19 93696]
R2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-11-19 75776]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-5-21 1153368]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2010-3-5 104960]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-9-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2010-3-5 480624]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2010-3-5 19968]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-21 40384]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-19 151040]
R3 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe [2010-3-12 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-3-12 102472]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-3-12 49480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-11-19 84512]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-11-19 11392]
R3 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2010-3-5 571248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-11-19 395264]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-5 135664]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-19 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-11-19 35104]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-3-12 40904]
S3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\microsoft sql server\mssql10.ddni\mssql\binn\sqlservr.exe [2009-3-30 43010392]
S3 SampleCollector;Intel(R) Sample Collector;c:\program files\sony\vaio care\collsvc.exe [2010-3-5 167424]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\common files\sony shared\sohlib\SOHCImp.exe [2010-3-5 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHDBSvr.exe [2010-3-5 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\common files\sony shared\sohlib\SOHDms.exe [2010-3-5 427304]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\common files\sony shared\sohlib\SOHDs.exe [2010-3-5 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\common files\sony shared\sohlib\SOHPlMgr.exe [2010-3-5 91432]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\sony\vcm intelligent network service manager\VcmINSMgr.exe [2010-3-5 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper64.exe [2010-3-5 110960]
S3 VUAgent;VUAgent;c:\program files\sony\vaio update 5\VUAgent.exe [2010-3-5 1164656]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-1 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\microsoft sql server\100\shared\sqladhlp.exe [2009-3-31 47128]
S4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\microsoft sql server\mssql10.ddni\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
=============== Created Last 30 ================
2010-05-21 19:28:08 56 ---ha-w- c:\windows\syswow64\ezsidmv.dat
2010-05-21 17:08:37 0 d-----w- c:\users\ancher~1\appdata\roaming\Malwarebytes
2010-05-21 17:08:29 0 d-----w- c:\programdata\Malwarebytes
2010-05-21 17:08:27 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-21 17:08:27 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-05-21 15:44:22 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-05-21 15:44:22 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-05-21 04:19:35 63568 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-21 04:19:35 0 ----a-w- c:\windows\syswow64\config.nt
2010-05-21 04:19:21 38848 ----a-w- c:\windows\syswow64\avastSS.scr
2010-05-21 04:19:21 165032 ----a-w- c:\windows\syswow64\aswBoot.exe
2010-05-21 04:19:18 0 d-----w- c:\programdata\Alwil Software
2010-05-21 04:19:18 0 d-----w- c:\program files\Alwil Software
2010-05-20 11:16:04 194048 ----a-w- c:\windows\Hkuria.exe
2010-05-14 01:14:42 0 d-----w- c:\programdata\PopCap Games
2010-05-13 13:21:31 163 ----a-w- c:\windows\WININIT.INI
2010-05-13 13:20:18 0 d-----w- c:\users\ancher~1\appdata\roaming\Roxio Log Files
2010-05-12 12:30:43 382732601 ----a-w- c:\windows\MEMORY.DMP
2010-05-12 03:31:21 0 d-----w- C:\VAIO Entertainment
2010-05-11 23:37:41 976896 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-11 23:37:41 740864 ----a-w- c:\windows\syswow64\inetcomm.dll
2010-05-02 20:45:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-05-02 19:05:40 0 d-----w- c:\program files\iPod
2010-05-02 19:05:39 0 d-----w- c:\program files\iTunes
2010-05-02 19:05:39 0 d-----w- c:\program files (x86)\iTunes
2010-05-02 19:03:30 0 d-----w- c:\program files\Bonjour
2010-05-02 19:03:30 0 d-----w- c:\program files (x86)\Bonjour
2010-05-01 00:27:07 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-01 00:27:07 109056 ----a-w- c:\windows\system32\drivers\sdbus.sys
2010-05-01 00:25:01 79817 ----a-w- C:\test.xml
2010-05-01 00:23:26 0 d-----w- c:\users\ancher~1\appdata\roaming\Auslogics
2010-04-27 22:59:54 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-27 22:59:52 12867072 ----a-w- c:\windows\syswow64\shell32.dll
2010-04-27 22:59:51 96768 ----a-w- c:\windows\syswow64\sspicli.dll
2010-04-27 22:59:51 22016 ----a-w- c:\windows\syswow64\secur32.dll
2010-04-27 22:59:51 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-27 22:59:51 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-27 04:43:50 0 dc-h--w- c:\programdata\{1988B439-10C3-40C0-B067-74060B38F525}
2010-04-24 20:20:29 0 d-----w- c:\programdata\McAfee Security Scan
2010-04-24 20:20:28 0 d-----w- c:\program files (x86)\McAfee Security Scan
==================== Find3M ====================
2010-05-06 14:36:38 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-04-17 01:24:34 27536 ----a-w- c:\windows\system32\drivers\dc3d.sys
2010-04-08 17:33:00 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 17:33:00 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-08 17:20:02 91424 ------w- c:\windows\syswow64\dnssd.dll
2010-04-08 17:20:02 107808 ------w- c:\windows\syswow64\dns-sd.exe
2010-03-08 21:59:59 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 21:33:56 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2010-03-05 19:02:24 14664 ----a-w- c:\windows\system32\FKDRV64.sys
2010-03-05 17:33:21 411368 ------w- c:\windows\syswow64\deploytk.dll
2010-03-05 17:33:21 149280 ------w- c:\windows\syswow64\javaws.exe
2010-03-05 17:33:21 145184 ------w- c:\windows\syswow64\javaw.exe
2010-03-05 17:33:21 145184 ------w- c:\windows\syswow64\java.exe
2010-03-05 17:32:48 455680 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 17:15:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2010-03-05 17:15:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2010-03-05 17:15:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2010-03-05 17:15:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2010-02-27 15:17:00 5509008 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-27 12:07:48 3954568 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-02-27 12:07:48 3899280 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-02-23 08:22:50 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 07:56:00 977920 ----a-w- c:\windows\syswow64\wininet.dll
2010-02-23 07:55:56 1225216 ----a-w- c:\windows\syswow64\urlmon.dll
2010-02-23 07:55:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-02-23 07:55:43 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-02-23 07:55:43 5964800 ----a-w- c:\windows\syswow64\mshtml.dll
2010-02-23 07:55:24 10978816 ----a-w- c:\windows\syswow64\ieframe.dll
2010-02-23 07:55:20 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 15:33:06.24 ===============