Results 1 to 2 of 2

Thread: Slow PC & unable to start Security Center

  1. 2011-03-27, 08:52 #1
    skape7
    skape7 is offline
    Junior Member
    Join Date
    Mar 2011
    Posts
    1

    Default Slow PC & unable to start Security Center

    Hi,
    1. Problem: I have a PC that runs dreadfully slow & I suspect it is infected with malware. I cannot start the Windows Security Center & hence, System Restore remains disabled (The Windows Services are unable to start).

    2. DDS.scr
    On attemting to run DDS.scr, a new dialogue box opens with an error message” Windows can’t open this file PEV.dat”

    3. Unfortunately, before I came to this forum, I had I already run Combofix.
    The log is pasted below:

    ComboFix 11-03-23.04 - SK 03/27/2011 2:57.2.8 - x64
    Running from: c:\users\Sumeet\Downloads\PC Clean Softwares\Combo-Fix.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\SysWow64\e95c6f1e.dlllllllllllllllll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-02-26 to 2011-03-26 )))))))))))))))))))))))))))))))
    .
    .
    2011-03-26 21:33 . 2011-03-26 21:33 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-03-25 16:39 . 2010-12-20 12:39 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-03-25 16:39 . 2011-03-25 16:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-03-24 15:16 . 2011-03-24 15:16 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
    2011-03-23 17:34 . 2011-03-23 17:34 -------- d-----w- c:\program files (x86)\Microsoft Security Client
    2011-03-23 17:34 . 2011-03-23 17:34 -------- d-----w- c:\program files\Microsoft Security Client
    2011-03-22 07:55 . 2010-02-02 07:04 17216 ----a-w- c:\windows\system32\nitrolocalui.dll
    2011-03-22 07:55 . 2010-02-02 07:04 28992 ----a-w- c:\windows\system32\nitrolocalmon.dll
    2011-03-22 07:55 . 2011-03-22 07:55 -------- d-----w- c:\programdata\Nitro PDF
    2011-03-22 07:55 . 2011-03-22 07:55 -------- d-----w- c:\program files\Common Files\Nitro PDF
    2011-03-22 07:55 . 2011-03-22 07:55 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
    2011-03-22 07:55 . 2011-03-22 07:55 -------- d-----w- c:\program files (x86)\Nitro PDF
    2011-03-22 05:51 . 2011-03-22 05:51 -------- d-----w- c:\program files\iPod
    2011-03-22 05:51 . 2011-03-22 05:51 -------- d-----w- c:\program files\iTunes
    2011-03-22 05:51 . 2011-03-22 05:51 -------- d-----w- c:\program files (x86)\iTunes
    2011-03-22 05:01 . 2011-03-22 05:01 -------- dc----w- c:\windows\system32\DRVSTORE
    2011-03-22 05:01 . 2009-05-18 07:47 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2011-03-22 05:01 . 2008-04-17 06:42 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
    2011-03-22 05:01 . 2008-04-17 06:42 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
    2011-03-22 05:00 . 2011-03-22 05:01 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-03-22 04:54 . 2011-03-22 04:54 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-03-22 04:54 . 2011-03-22 05:51 -------- d-----w- c:\programdata\Apple Computer
    2011-03-22 04:54 . 2011-03-22 04:54 -------- d-----w- c:\program files (x86)\QuickTime
    2011-03-22 04:54 . 2011-03-22 04:54 -------- d-----w- c:\program files (x86)\Apple Software Update
    2011-03-22 04:53 . 2011-03-22 04:53 -------- d-----w- c:\program files\Common Files\Apple
    2011-03-22 04:53 . 2011-03-22 04:53 -------- d-----w- c:\program files\Bonjour
    2011-03-22 04:53 . 2011-03-22 04:53 -------- d-----w- c:\program files (x86)\Bonjour
    2011-03-22 04:53 . 2011-03-22 06:10 -------- d-----w- c:\programdata\Apple
    2011-03-22 04:53 . 2011-03-22 05:51 -------- d-----w- c:\program files (x86)\Common Files\Apple
    2011-03-21 08:03 . 2011-03-21 11:45 -------- d-----w- C:\lame3.98.4
    2011-03-21 07:54 . 2011-03-21 07:54 -------- d-----w- c:\program files (x86)\Exact Audio Copy
    2011-03-20 19:19 . 2011-03-20 19:19 -------- d-----w- c:\program files (x86)\FreeTime
    2011-03-19 16:54 . 2011-03-19 16:54 -------- d-----w- c:\program files\CCleaner
    2011-03-19 09:41 . 2011-03-19 09:41 -------- d-----w- c:\program files (x86)\bitRipper
    2011-03-16 18:13 . 2011-03-16 18:27 -------- d-----w- c:\program files (x86)\DVDFab 8
    2011-03-16 13:49 . 2011-03-16 13:49 -------- d-----w- c:\program files (x86)\Handbrake
    2011-03-16 08:04 . 2011-03-16 08:04 -------- d--h--w- c:\programdata\ArcSoft
    2011-03-15 10:10 . 2011-03-15 10:11 -------- d-----w- c:\program files (x86)\DVD43 Plug-in
    2011-03-15 10:10 . 2010-05-25 09:56 611840 ----a-w- c:\windows\SysWow64\DVD43.dll
    2011-03-13 13:26 . 2011-03-19 16:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2011-03-13 13:26 . 2011-03-13 13:26 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
    2011-03-13 13:01 . 2010-01-10 14:10 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
    2011-03-13 13:01 . 2011-03-13 13:03 -------- d-----w- c:\program files (x86)\SpywareBlaster
    2011-03-13 12:42 . 2011-03-13 12:42 -------- d-----w- c:\programdata\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}
    2011-03-13 12:38 . 2011-03-16 18:26 -------- d-----w- c:\users\SK
    2011-03-13 10:55 . 2011-03-13 10:55 -------- d-----w- c:\programdata\Malwarebytes
    2011-03-13 10:55 . 2010-12-20 12:38 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-03-12 12:29 . 2011-03-12 12:29 -------- d-----w- C:\temp
    2011-03-11 15:43 . 2011-03-11 15:43 -------- d-----w- c:\program files (x86)\VideoLAN
    2011-03-11 10:18 . 2011-03-11 10:18 -------- d-----w- c:\program files (x86)\CleanUp!
    2011-03-11 10:10 . 2011-03-11 10:10 -------- d-----w- c:\programdata\Hewlett-Packard
    2011-03-11 10:10 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
    2011-03-11 06:25 . 2011-03-11 06:25 -------- d-----w- c:\windows\system32\SPReview
    2011-03-11 06:25 . 2011-03-11 06:25 -------- d-----w- c:\windows\system32\EventProviders
    2011-03-11 06:22 . 2010-11-20 13:28 566208 ----a-w- c:\windows\system32\winresume.efi
    2011-03-11 06:21 . 2010-11-20 13:33 155008 ----a-w- c:\windows\system32\drivers\mpio.sys
    2011-03-11 06:20 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
    2011-03-11 06:20 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
    2011-03-11 06:20 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
    2011-03-11 06:20 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
    2011-03-11 06:20 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
    2011-03-11 06:20 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
    2011-03-11 06:19 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2011-03-11 06:19 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
    2011-03-11 06:19 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
    2011-03-11 06:19 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
    2011-03-11 06:19 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
    2011-03-11 06:19 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
    2011-03-11 06:19 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
    2011-03-09 16:27 . 2011-03-25 10:09 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2011-03-09 16:27 . 2006-11-29 21:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll
    2011-03-09 16:27 . 2006-11-29 21:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
    2011-03-09 16:26 . 2011-03-09 16:26 -------- d-----w- c:\program files (x86)\Microsoft
    2011-03-09 16:26 . 2011-03-09 16:26 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
    2011-03-09 16:26 . 2011-03-09 16:26 -------- d-----w- c:\windows\PCHEALTH
    2011-03-09 16:25 . 2011-03-09 16:25 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
    2011-03-09 16:19 . 2011-03-09 16:19 -------- d-----w- c:\program files\SPHE BD-Live
    2011-03-09 16:14 . 2011-03-09 16:15 -------- d-----w- C:\VAIO Sample Contents
    2011-03-09 15:46 . 2011-03-09 15:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
    2011-03-09 15:46 . 2007-07-20 02:14 5073256 ----a-w- c:\windows\system32\d3dx9_35.dll
    2011-03-09 15:43 . 2009-09-05 01:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll
    2011-03-09 15:43 . 2009-09-05 01:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
    2011-03-09 15:43 . 2009-09-05 01:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
    2011-03-09 15:43 . 2009-09-05 01:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
    2011-03-09 15:43 . 2009-09-05 01:44 238936 ----a-w- c:\windows\SysWow64\xactengine3_5.dll
    2011-03-09 15:43 . 2009-09-05 01:44 176968 ----a-w- c:\windows\system32\xactengine3_5.dll
    2011-03-09 15:43 . 2009-09-05 01:29 5501792 ----a-w- c:\windows\SysWow64\d3dcsx_42.dll
    2011-03-09 15:43 . 2009-09-05 01:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
    2011-03-09 15:43 . 2009-09-05 01:29 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
    2011-03-09 15:43 . 2009-09-05 01:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
    2011-03-09 15:42 . 2009-09-05 01:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
    2011-03-09 15:41 . 2005-04-28 00:36 245408 ----a-w- c:\windows\SysWow64\unicows.dll
    2011-03-09 15:41 . 2003-03-19 06:14 499712 ----a-r- c:\windows\SysWow64\msvcp71.dll
    2011-03-09 15:41 . 2003-02-21 12:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
    2011-03-09 15:41 . 1995-07-31 21:44 212480 ----a-w- c:\windows\SysWow64\PCDLIB32.DLL
    2011-03-09 15:41 . 2011-03-09 16:17 -------- d-----w- c:\program files (x86)\ArcSoft
    2011-03-09 15:41 . 2011-03-09 15:41 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
    2011-03-09 15:41 . 2009-05-26 22:32 19968 ----a-w- c:\windows\system32\drivers\ArcSoftKsUFilter.sys
    2011-03-09 15:41 . 2008-09-05 01:06 55808 ----a-w- c:\windows\system\ArcSoftKsUFilter.dll
    2011-03-09 15:41 . 2011-03-09 15:41 -------- d-----w- c:\program files (x86)\Evernote
    2011-03-09 15:41 . 2011-03-09 15:41 -------- d-----w- c:\programdata\Evernote
    2011-03-09 15:39 . 2007-04-17 19:51 14112 ----a-w- c:\windows\system32\drivers\regi.sys
    2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\program files (x86)\Common Files\InterVideo
    2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\program files (x86)\Common Files\Protexis
    2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\programdata\Corel
    2011-03-09 15:39 . 2011-03-09 15:39 -------- d-----w- c:\program files (x86)\Corel
    2011-03-09 15:38 . 2011-03-09 15:38 -------- d-----w- C:\Documentation
    2011-03-09 15:38 . 2011-03-09 15:38 -------- d-----w- C:\_FS_SWRINFO
    2011-03-09 15:37 . 2008-09-25 02:17 114688 ----a-w- c:\program files (x86)\Windows Sidebar\Gadgets\eBayGadget.Gadget\Bin\eBayGadget.dll
    2011-03-09 15:37 . 2008-09-25 02:17 114688 ----a-w- c:\program files\Windows Sidebar\Gadgets\eBayGadget.Gadget\Bin\eBayGadget.dll
    2011-03-09 15:36 . 2011-03-09 15:36 -------- d-----w- c:\users\boinc_master
    2011-03-09 15:35 . 2011-03-09 03:09 -------- d-----w- c:\program files (x86)\BOINC
    2011-03-09 15:35 . 2011-03-09 03:09 -------- d-----w- c:\programdata\BOINC
    2011-03-09 15:35 . 2011-03-09 15:35 -------- d-----w- c:\windows\Downloaded Installations
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-03-11 06:30 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2011-03-11 06:30 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2011-03-09 14:44 . 2011-03-09 14:44 2560 ----a-w- c:\windows\SysWow64\drivers\en-US\qwavedrv.sys.mui
    2011-03-09 14:43 . 2011-03-09 14:43 25600 ----a-w- c:\windows\SysWow64\drivers\en-US\bfe.dll.mui
    2011-03-09 14:43 . 2011-03-09 14:43 15360 ----a-w- c:\windows\SysWow64\drivers\en-US\pacer.sys.mui
    2011-03-09 14:43 . 2011-03-09 14:43 2560 ----a-w- c:\windows\SysWow64\drivers\en-US\scfilter.sys.mui
    2011-03-09 14:43 . 2011-03-09 14:43 5632 ----a-w- c:\windows\SysWow64\drivers\en-US\ndiscap.sys.mui
    2011-03-09 14:43 . 2011-03-09 14:43 44032 ----a-w- c:\windows\SysWow64\drivers\en-US\tcpip.sys.mui
    2011-02-18 11:06 . 2011-02-18 11:06 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
    2011-02-18 11:06 . 2011-02-18 11:06 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
    "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-07-15 89080]
    "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-06-01 673136]
    "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2009-12-31 91520]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-21 406992]
    "WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2011-02-13 325000]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-03-07 421160]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R0 mscank;mscank;c:\windows\system32\DRIVERS\mscank64.sys [x]
    R2 Core Scanning ServerEx;Core Scanning ServerEx;c:\program files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [2010-10-22 253384]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-09 136176]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
    R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
    R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-09 1436424]
    R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2009-12-31 30935416]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-12-29 4925184]
    R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-21 108400]
    R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
    R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-21 67952]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
    R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 wsnf;Network Filter Service;c:\windows\system32\DRIVERS\wsnf.sys [x]
    S1 ggc;ggc;c:\windows\system32\DRIVERS\ggc.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 catflt;catflt;c:\windows\system32\DRIVERS\catflt.sys [x]
    S2 Core Mail Protection;Core Mail Protection;c:\program files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE [2010-10-22 35784]
    S2 Core Scanning Server;Core Scanning Server;c:\program files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [2010-10-22 253384]
    S2 EMLSS;EMLSS;c:\windows\system32\drivers\emltdi.sys [x]
    S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2010-02-02 324928]
    S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2010-02-02 65856]
    S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-02-15 47104]
    S2 Online Protection System;Online Protection System;c:\program files\Quick Heal\Quick Heal Total Security\opssvc.exe [2010-10-22 27592]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
    S2 Quick Update Service;Quick Update Service;c:\program files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe [2010-10-22 110024]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
    S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
    S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
    S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-05-25 252416]
    S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
    S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-22 575856]
    S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
    S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
    S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-07 304496]
    S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-01 1250160]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    S3 wsnfmp;Network Filter Miniport;c:\windows\system32\DRIVERS\wsnf.sys [x]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-09 15:13]
    .
    2011-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-09 15:13]
    .
    2011-03-26 c:\windows\Tasks\Quick Heal AntiMalware Scan.job
    - c:\program files\Quick Heal\Quick Heal Total Security\ASMAIN.EXE [2010-10-22 14:39]
    .
    2011-03-26 c:\windows\Tasks\Resume Quickup Download.job
    - c:\program files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE [2010-10-22 14:39]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-21 10775584]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-06-21 2040352]
    "Quick Heal Core UI"="c:\program files\Quick Heal\Quick Heal Total Security\strtupap.exe" [2010-10-22 138696]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208]
    "WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2011-02-13 325000]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKLM-Run-Apoint - %ProgramFiles%\Apoint\Apoint.exe
    AddRemove-ad4aca43 - c:\windows\system32\ad4aca43.exe
    AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}\VAIO Messenger Setup 2.0.291.0.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
    "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1649904300-369593567-363999876-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:8b,16,24,05,32,6a,a4,c5,d2,62,d5,69,b9,f3,28,b6,ed,35,f0,95,ec,7e,ce,
    2f,fe,ec,e0,92,5c,03,f5,b3,df,d1,8c,fc,de,36,ef,95,b7,59,42,d9,e7,4e,e0,5e,\
    "??"=hex:b8,a8,ac,19,9a,2d,e0,70,f9,20,10,05,0c,b5,2f,4e
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-03-27 03:05:29
    ComboFix-quarantined-files.txt 2011-03-26 21:35
    .
    Pre-Run: 43,726,262,272 bytes free
    Post-Run: 43,353,559,040 bytes free
    .
    - - End Of File - - D7ACE1653D99BBA7C67E6E9C67B7F402





    4. Results of Spybot, pasted below:

    --- Search result list ---
    DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Statcounter: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, fixed)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-01-26 TeaTimer.exe (1.6.4.26)
    2011-03-13 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-01-26 advcheck.dll (1.6.2.15)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2011-02-24 Includes\Adware.sbi (*)
    2011-03-08 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2010-12-14 Includes\Dialer.sbi (*)
    2011-03-08 Includes\DialerC.sbi (*)
    2011-02-24 Includes\HeavyDuty.sbi (*)
    2010-11-30 Includes\Hijackers.sbi (*)
    2011-03-08 Includes\HijackersC.sbi (*)
    2010-06-02 Includes\iPhone.sbi (*)
    2010-12-14 Includes\Keyloggers.sbi (*)
    2011-03-08 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2011-02-24 Includes\Malware.sbi (*)
    2011-03-08 Includes\MalwareC.sbi (*)
    2011-02-24 Includes\PUPS.sbi (*)
    2011-03-03 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2011-03-08 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2011-02-24 Includes\Spyware.sbi (*)
    2011-03-08 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-12-28 Includes\Trojans.sbi (*)
    2011-03-08 Includes\TrojansC-02.sbi (*)
    2011-03-03 Includes\TrojansC-03.sbi (*)
    2011-03-08 Includes\TrojansC-04.sbi (*)
    2011-03-08 Includes\TrojansC-05.sbi (*)
    2011-03-08 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll



    --- System information ---
    Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)


    --- Startup entries list ---
    Located: HK_LM:Run, Adobe ARM
    command: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    file: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    size: 932288
    MD5: BAD6BEA0DE1F69C82BDB74378CE0C20A

    Located: HK_LM:Run, Adobe Reader Speed Launcher
    command: "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    file: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
    size: 35736
    MD5: 8A6683AC1DAFA824615BB3857EF8C709

    Located: HK_LM:Run, AdobeCS5ServiceManager
    command: "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    file: C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
    size: 406992
    MD5: D5B783DACE1BBDD382A63C894BAB8E1E

    Located: HK_LM:Run, BCSSync
    command: "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    file: C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
    size: 91520
    MD5: DD475BD97B73008DAF3700506D919AC7

    Located: HK_LM:Run, IAStorIcon
    command: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    file: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    size: 284696
    MD5: 25107F58D1B8F60D67D1EE95798C0DE8

    Located: HK_LM:Run, ISBMgr.exe
    command: "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    file: C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    size: 673136
    MD5: CCA9023E3DDBE290D4381344115D99B7

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    file: C:\Program Files (x86)\iTunes\iTunesHelper.exe
    size: 421160
    MD5: 0CFBE2D135A73CA98381FC8CC8BC5A03

    Located: HK_LM:Run, Malwarebytes' Anti-Malware (reboot)
    command: "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    file: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    size: 963976
    MD5: 4CEC4B72C5B255EC2F7C54CD03554540

    Located: HK_LM:Run, PMBVolumeWatcher
    command: c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    file: c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
    size: 600928
    MD5: AC32E0F47BB9083BB4164171A4C562A2

    Located: HK_LM:Run, QuickTime Task
    command: "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    file: C:\Program Files (x86)\QuickTime\QTTask.exe
    size: 421888
    MD5: 0AEE5668EB59912F32FF245BFA72465F



    --- Browser helper object list ---
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: AcroIEHelperStub
    CLSID name: Adobe PDF Link Helper
    Path: C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\
    Long name: AcroIEHelperShim.dll
    Short name: ACROIE~2.DLL
    Date (created): 1/30/2011 9:15:14 PM
    Date (last access): 3/25/2011 3:35:58 PM
    Date (last write): 1/30/2011 9:15:14 PM
    Filesize: 62376
    Attributes: archive
    MD5: F31208835709A62ECC5D45211D89C772
    CRC32: 7859C01E
    Version: 10.0.1.434

    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~2\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 3/13/2011 6:56:50 PM
    Date (last access): 3/13/2011 6:56:50 PM
    Date (last write): 1/26/2009 3:31:02 PM
    Filesize: 1879896
    Attributes: archive
    MD5: 022C2F6DCCDFA0AD73024D254E62AFAC
    CRC32: 5BA24007
    Version: 1.6.2.14

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Groove GFS Browser Helper
    Path: C:\PROGRA~2\MICROS~3\Office14\
    Long name: GROOVEEX.DLL
    Short name:
    Date (created): 12/31/2009 11:12:22 AM
    Date (last access): 3/9/2011 8:56:44 AM
    Date (last write): 12/31/2009 11:12:22 AM
    Filesize: 4220816
    Attributes: archive
    MD5: 6B60AAF932713A9622D2D5575579DBCF
    CRC32: A2B66CF0
    Version: 14.0.4730.1007

    {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Windows Live Sign-in Helper
    Path: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
    Long name: WindowsLiveLogin.dll
    Short name: WINDOW~1.DLL
    Date (created): 1/23/2009 5:11:30 AM
    Date (last access): 3/9/2011 9:56:42 PM
    Date (last write): 1/23/2009 5:11:30 AM
    Filesize: 408448
    Attributes: archive
    MD5: B7899C3E21B299D7A3C0DA96CAE340BD
    CRC32: 288935F8
    Version: 5.0.818.5

    {B4F3A835-0E21-4959-BA22-42B3008E02FF} (URLRedirectionBHO)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: URLRedirectionBHO
    CLSID name: Office Document Cache Handler
    Path: C:\PROGRA~2\MICROS~3\Office14\
    Long name: URLREDIR.DLL
    Short name:
    Date (created): 12/30/2009 12:34:06 PM
    Date (last access): 3/9/2011 8:57:16 AM
    Date (last write): 12/30/2009 12:34:06 PM
    Filesize: 561040
    Attributes: archive
    MD5: F67963D3ED8230443ADB2CB5D53C1F34
    CRC32: B08DBB63
    Version: 14.0.4730.1007

    {DBC80044-A445-435b-BC74-9C25C1C588A9} (Java(tm) Plug-In 2 SSV Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Java(tm) Plug-In 2 SSV Helper
    Path: C:\Program Files (x86)\Java\jre6\bin\
    Long name: jp2ssv.dll
    Short name:
    Date (created): 3/9/2011 8:47:04 PM
    Date (last access): 3/9/2011 8:47:04 PM
    Date (last write): 3/9/2011 8:47:04 PM
    Filesize: 41760
    Attributes: archive
    MD5: 385BD69743EA92E76CDF07B3345A25D5
    CRC32: D47CB5BA
    Version: 6.0.200.2

    The log of Sybot is way too long for me to attach in 1 post.
    Hope you can help me & Thanks in advance!
  2. 2011-03-27, 16:41 #2
    tashi
    tashi is offline
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,961

    Default

    Hello skape7,

    If the infection prevents DDS from running, please start a topic anyway and make note of the situation. Please don't post other logs until requested.
    "BEFORE you POST"(Read this Procedure Before Requesting Assistance)

    Please start a new topic and make a note that DDS won't run.

    There is no need to copy paste the short Spybot log again but please provide a link back to this thread.

    Thanks.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules