pierre11

okay i did it. turns out the menu was hidden. also did the RSIT but i only go one log. this is all that popped up: Logfile of random's system information tool 1.09 (written by random/random) Run by Pierre at 2012-02-21 14:35:46 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 550 GB (92%) free of 600 GB Total RAM: 4044 MB (41% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:35:53 PM, on 2/21/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Program Files\trend micro\Pierre.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120220230635.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: McAfee Online Backup (MOBK370backup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Oasis2Service - Unknown owner - C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel® Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16019 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=3b379a70-c4de-4f34-a501-7d302091df6b /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\3d168d7d-2e27-4b5f-8874-2a7b5f378c1d-200-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe 24239472 \??\C:\Windows\system32\conhost.exe "36398949113062813192056460508-593220254-10091120197801747102140996882-1185000935 C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe "C:\Windows\system32\mfevtps.exe" "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait "c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Windows\system32\Dwm.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" "taskhost.exe" taskeng.exe {0F5ECE82-1F29-4722-B02A-6787EEECE5BC} C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe" "C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe "C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe" "C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe" C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83} C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5} "C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe WLIDSvcM.exe 3140 "C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529} "C:\Program Files\Apoint\Apoint.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "C:\Program Files (x86)\AVG Secure Search\vprot.exe" "C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113} "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" "C:\Program Files\Apoint\Apvfb.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding "Apntex.exe" \??\C:\Windows\system32\conhost.exe "835441962-79570932920535046321795894196870027621-6213941352032075395-1994043787 C:\Windows\system32\SearchIndexer.exe /Embedding /Device:000000a2 "C:\Program Files\iPod\bin\iPodService.exe" -netsvcs \??\C:\Windows\system32\conhost.exe "141632364-20273860671915398779-7969737612829117431225141274-1878644302-351390220 C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Windows Media Player\wmpnetwk.exe" taskeng.exe {F4B88556-C4E2-437A-A520-6D878AD15BC2} C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} /tasktray /nosplash "C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary "C:\Program Files\Sony\VAIO Update Common\VUAgent.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe" "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" "C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe" /wts 2648 504 508 "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Sony\VAIO Care\VCsystray.exe" "C:\Program Files\Sony\VAIO Care\VCService.exe" "C:\Program Files\Sony\VAIO Care\VCAgent.exe" C:\Windows\System32\vds.exe "C:\Program Files\Common Files\McAfee\Core\mchost.exe" {5eb661d4-ed9b-477e-a576-b7090147f2fd} /pid=5076 StartVC*SelfHeal*silence+US\en-US "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" /o /eo /l /b /id 6076 C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7104.14de2100.877992733 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 7104 "\\.\pipe\gecko-crash-server-pipe.7104" plugin "C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe" -Embedding "C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe" -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\Pierre\Downloads\RSITx64(1).exe" ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\drfg5nsb.default prefs.js - "browser.startup.homepage" - "http://www.yahoo.com/?ilc=1" prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Bf6360952-44bf-48bc-9ced-525f213fa39f%7D&mid=423f581f52b047d1ad80a9cd7a0d2ec4-206dd2a43dbefbf96fd85338060b4defeefc7caf&ds=AVG&v=10.0.0.7〈=en&pr=fr&d=2012-02-21%2009%3A33%3A38&sap=ku&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0] "Description"= "Path"=C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\progra~2\mcafee\msc\npmcsn~1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin] "Description"= "Path"=C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0] "Description"= "Path"=C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10] "Description"=McAfee Total Protection MIME Plugin "Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\searchplugins\ amazondotcom.xml avg-secure-search.xml bing.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120220230635.dll [2011-12-06 94688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-01 49440] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120220230635.dll [2011-12-06 79744] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll [2012-02-21 1811296] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-01-01 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2011-04-08 251928] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll [2012-02-21 1811296] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Apoint"=C:\Program Files\Apoint\Apoint.exe [2011-02-16 226672] "IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-05 1933584] "IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCUDelayStartup.exe [2011-03-01 718336] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-08 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-08 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-08 416024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-01-03 35736] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160] "ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312] "PMBVolumeWatcher"=c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-11-22 1675160] "AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480] "vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-02-21 939872] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-07-18 390144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-02-21 12:45:44 ----D---- C:\Program Files\trend micro 2012-02-21 12:45:43 ----D---- C:\rsit 2012-02-21 11:26:22 ----A---- C:\Windows\svchost.exe 2012-02-21 11:25:03 ----A---- C:\Windows\system32\FNTCACHE.DAT 2012-02-21 09:40:46 ----D---- C:\Users\Pierre\AppData\Roaming\AVG2012 2012-02-21 09:33:34 ----D---- C:\ProgramData\AVG Secure Search 2012-02-21 09:32:59 ----D---- C:\Program Files (x86)\AVG Secure Search 2012-02-21 09:32:53 ----HD---- C:\ProgramData\Common Files 2012-02-21 09:32:06 ----D---- C:\Windows\SYSWOW64\drivers\AVG 2012-02-21 09:31:09 ----D---- C:\Program Files\CCleaner 2012-02-21 09:30:25 ----D---- C:\Windows\system32\drivers\AVG 2012-02-21 09:30:25 ----D---- C:\ProgramData\AVG2012 2012-02-21 09:29:34 ----D---- C:\Program Files (x86)\AVG 2012-02-21 09:29:05 ----D---- C:\Program Files (x86)\Google 2012-02-21 09:21:09 ----D---- C:\ProgramData\MFAData 2012-02-20 23:07:24 ----D---- C:\Program Files (x86)\McAfeeMOBK 2012-02-20 23:07:21 ----A---- C:\Windows\system32\drivers\MOBK370.sys 2012-02-20 23:07:20 ----D---- C:\Program Files (x86)\McAfee Online Backup 2012-02-20 23:06:47 ----D---- C:\Program Files (x86)\McAfee.com 2012-02-20 23:06:34 ----A---- C:\Windows\system32\drivers\mfeclnk.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\mfewfpk.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\mferkdet.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\mfenlfk.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\mfefirek.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\mfeavfk.sys 2012-02-20 23:06:27 ----A---- C:\Windows\system32\drivers\cfwids.sys 2012-02-20 23:06:10 ----D---- C:\Program Files\Common Files\McAfee 2012-02-20 23:06:09 ----D---- C:\Program Files\McAfee.com 2012-02-20 23:06:08 ----D---- C:\Program Files\McAfee 2012-02-20 22:45:47 ----A---- C:\Windows\system32\mfevtps.exe 2012-02-20 17:06:37 ----D---- C:\Windows\Minidump 2012-02-20 13:35:55 ----D---- C:\Program Files (x86)\MSECache 2012-02-20 13:31:09 ----A---- C:\Windows\ODBC.INI 2012-02-20 13:29:33 ----D---- C:\Program Files (x86)\Microsoft ActiveSync 2012-02-17 01:19:01 ----A---- C:\Windows\system32\mshtmled.dll 2012-02-17 01:19:00 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2012-02-17 01:18:58 ----A---- C:\Windows\SYSWOW64\url.dll 2012-02-17 01:18:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2012-02-17 01:18:58 ----A---- C:\Windows\system32\url.dll 2012-02-17 01:18:58 ----A---- C:\Windows\system32\jscript9.dll 2012-02-17 01:18:58 ----A---- C:\Windows\system32\iertutil.dll 2012-02-17 01:18:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2012-02-17 01:18:57 ----A---- C:\Windows\SYSWOW64\jscript.dll 2012-02-17 01:18:57 ----A---- C:\Windows\SYSWOW64\ieui.dll 2012-02-17 01:18:57 ----A---- C:\Windows\system32\jscript.dll 2012-02-17 01:18:57 ----A---- C:\Windows\system32\ieui.dll 2012-02-17 01:18:56 ----A---- C:\Windows\SYSWOW64\wininet.dll 2012-02-17 01:18:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2012-02-17 01:18:56 ----A---- C:\Windows\system32\urlmon.dll 2012-02-17 01:18:56 ----A---- C:\Windows\system32\jsproxy.dll 2012-02-17 01:18:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2012-02-17 01:18:55 ----A---- C:\Windows\system32\wininet.dll 2012-02-17 01:18:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2012-02-17 01:18:53 ----A---- C:\Windows\system32\mshtml.dll 2012-02-17 01:18:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2012-02-17 01:18:52 ----A---- C:\Windows\system32\ieframe.dll 2012-02-16 16:30:15 ----A---- C:\Windows\system32\shell32.dll 2012-02-16 16:30:14 ----A---- C:\Windows\SYSWOW64\shell32.dll 2012-02-16 16:30:13 ----A---- C:\Windows\SYSWOW64\ntshrui.dll 2012-02-16 16:30:13 ----A---- C:\Windows\system32\ntshrui.dll 2012-02-16 16:30:09 ----A---- C:\Windows\system32\win32k.sys 2012-02-16 16:30:08 ----A---- C:\Windows\system32\drivers\afd.sys 2012-02-16 16:29:59 ----A---- C:\Windows\SYSWOW64\msvcrt.dll 2012-02-16 16:29:59 ----A---- C:\Windows\system32\msvcrt.dll 2012-02-12 13:42:59 ----D---- C:\Program Files (x86)\QuickTime 2012-02-09 20:34:59 ----D---- C:\Users\Pierre\AppData\Roaming\vlc 2012-02-09 20:34:20 ----D---- C:\Program Files (x86)\VideoLAN 2012-01-30 22:29:36 ----A---- C:\Windows\SYSWOW64\schannel.dll 2012-01-30 22:29:36 ----A---- C:\Windows\system32\schannel.dll 2012-01-30 22:29:36 ----A---- C:\Windows\system32\lsasrv.dll 2012-01-30 22:29:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2012-01-30 22:29:36 ----A---- C:\Windows\system32\drivers\cng.sys 2012-01-30 22:29:35 ----A---- C:\Windows\SYSWOW64\webio.dll 2012-01-30 22:29:35 ----A---- C:\Windows\SYSWOW64\secur32.dll 2012-01-30 22:29:35 ----A---- C:\Windows\system32\webio.dll 2012-01-30 22:29:35 ----A---- C:\Windows\system32\sspisrv.dll 2012-01-30 22:29:35 ----A---- C:\Windows\system32\sspicli.dll 2012-01-30 22:29:35 ----A---- C:\Windows\system32\secur32.dll 2012-01-30 22:29:35 ----A---- C:\Windows\system32\lsass.exe 2012-01-30 22:29:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2012-01-30 22:29:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll ======List of files/folders modified in the last 1 month====== 2012-02-21 14:35:47 ----D---- C:\Windows\Temp 2012-02-21 12:45:44 ----RD---- C:\Program Files 2012-02-21 12:43:20 ----SD---- C:\Users\Pierre\AppData\Roaming\Microsoft 2012-02-21 12:41:15 ----RD---- C:\Program Files (x86) 2012-02-21 11:39:35 ----D---- C:\Windows\system32\config 2012-02-21 11:38:56 ----D---- C:\Windows\Prefetch 2012-02-21 11:27:54 ----A---- C:\Windows\SYSWOW64\log.txt 2012-02-21 11:26:22 ----D---- C:\Windows 2012-02-21 11:25:26 ----D---- C:\Program Files (x86)\McAfee 2012-02-21 11:25:03 ----D---- C:\Windows\System32 2012-02-21 09:40:46 ----D---- C:\Users\Pierre\AppData\Roaming\Skype 2012-02-21 09:37:17 ----SHD---- C:\Windows\Installer 2012-02-21 09:36:02 ----D---- C:\Windows\Panther 2012-02-21 09:36:02 ----D---- C:\Windows\inf 2012-02-21 09:36:01 ----D---- C:\Windows\Logs 2012-02-21 09:36:01 ----D---- C:\Windows\debug 2012-02-21 09:35:07 ----D---- C:\Windows\system32\Tasks 2012-02-21 09:33:34 ----HD---- C:\ProgramData 2012-02-21 09:33:14 ----D---- C:\Program Files (x86)\Common Files 2012-02-21 09:32:06 ----D---- C:\Windows\SYSWOW64\drivers 2012-02-21 09:31:48 ----D---- C:\Windows\system32\drivers 2012-02-21 09:30:12 ----D---- C:\Windows\Tasks 2012-02-21 09:29:56 ----SHD---- C:\System Volume Information 2012-02-21 07:35:59 ----D---- C:\ProgramData\McAfee 2012-02-20 23:17:32 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-02-20 23:07:21 ----DC---- C:\Windows\system32\DRVSTORE 2012-02-20 23:06:43 ----D---- C:\Windows\system32\catroot 2012-02-20 23:06:40 ----D---- C:\Windows\system32\DriverStore 2012-02-20 23:06:35 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-02-20 23:06:10 ----D---- C:\Program Files\Common Files 2012-02-20 13:37:38 ----D---- C:\Program Files (x86)\Microsoft Office 2012-02-20 13:37:13 ----D---- C:\Windows\system32\catroot2 2012-02-20 13:30:10 ----RSD---- C:\Windows\assembly 2012-02-20 13:30:04 ----A---- C:\Windows\win.ini 2012-02-20 13:29:39 ----D---- C:\Windows\SysWOW64 2012-02-20 13:29:38 ----RSD---- C:\Windows\Fonts 2012-02-20 13:29:34 ----D---- C:\Windows\ShellNew 2012-02-20 13:29:12 ----SD---- C:\ProgramData\Microsoft 2012-02-20 13:29:12 ----D---- C:\Program Files (x86)\Microsoft.NET 2012-02-20 13:28:36 ----D---- C:\Windows\system 2012-02-19 19:34:12 ----D---- C:\Windows\system32\sysprep 2012-02-17 23:18:23 ----D---- C:\Windows\Microsoft.NET 2012-02-17 08:48:21 ----D---- C:\Windows\winsxs 2012-02-17 08:46:31 ----D---- C:\Program Files\Internet Explorer 2012-02-17 08:46:31 ----D---- C:\Program Files (x86)\Internet Explorer 2012-02-17 08:46:30 ----D---- C:\Windows\SYSWOW64\migration 2012-02-17 08:46:30 ----D---- C:\Windows\system32\migration 2012-02-17 01:19:40 ----A---- C:\Windows\system32\MRT.exe 2012-01-31 10:03:02 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-29 17:25:54 ----D---- C:\Update 2012-01-29 17:19:06 ----A---- C:\Windows\Model.txt 2012-01-25 20:00:28 ----SHD---- C:\$Recycle.Bin 2012-01-23 19:16:44 ----D---- C:\Users\Pierre\AppData\Roaming\Sony Corporation ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-02-22 437272] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2011-10-15 647080] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2011-10-15 284648] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376] R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2011-10-15 75808] R1 MOBK370Filter;MOBK370Filter; C:\Windows\system32\DRIVERS\MOBK370.sys [2010-11-29 66040] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-09-20 317776] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776] R3 bpenum;Intel® Centrino® WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2011-02-17 75264] R3 bpmp;Intel® Centrino® WiMAX 6050 Series; C:\Windows\system32\DRIVERS\bpmp.sys [2011-02-17 174080] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver; C:\Windows\System32\Drivers\bpusb.sys [2011-02-17 81920] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2011-10-15 65264] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-08-08 1591936] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-07-18 12287456] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-03-29 317440] R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2011-10-15 160280] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2011-10-15 229528] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2011-10-15 481768] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392] R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-28 335464] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-28 425064] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-19 1394688] S3 e1yexpress;Intel® Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088] S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2011-06-21 34200] S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys [] S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2011-10-15 100912] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12352] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 109056] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 41984] S3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-02-27 499200] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-28 2361344] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2011-02-16 101048] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-12-06 199272] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2011-11-18 161168] R2 MOBK370backup;McAfee Online Backup; C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe [2010-11-29 218424] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 Oasis2Service;Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-02-15 47104] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880] R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704] R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160] R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-02-21 909152] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-02-27 885248] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760] R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176] S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 136176] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2011-10-18 502032] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824] S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232] S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936] S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24 652016] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1255736] S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------

Hi Maurice. i was able to get the mbam log. But i was trying to find the menu options after clicking the computer icon but there seems to be no menu. here is the mbam log: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.21.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Pierre :: PIERRE-VAIO [administrator] 2/21/2012 11:17:32 AM mbam-log-2012-02-21 (11-17-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 183883 Time elapsed: 4 minute(s), 8 second(s) Memory Processes Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> 5372 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot. (end)

Hi. i am having an issue with malwarebytes detecting trojan.agent and keeps saying it needs to restart but once the computer restarts and i re scan it, it still picks up the infected objects. i have done this numerous times and it won't get rid of it. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Pierre at 10:42:46 on 2012-02-21 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.1876 [GMT -8:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe C:\Windows\system32\mfevtps.exe c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Apoint\Apvfb.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\DllHost.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe C:\Program Files\Sony\VAIO Update Common\VUAgent.exe C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Windows\System32\vds.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe -netsvcs C:\Windows\system32\conhost.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files\Sony\VAIO Care\Admload.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://sony.msn.com uDefault_Page_URL = hxxp://sony.msn.com uInternet Settings,ProxyOverride = *.local uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120220230635.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 68.94.156.1 68.94.157.1 TCP: Interfaces\{0FF0480B-A425-4F9D-947F-EA1DBB05FC04} : DhcpNameServer = 68.94.156.1 68.94.157.1 TCP: Interfaces\{0FF0480B-A425-4F9D-947F-EA1DBB05FC04}\4556D607C656E456470343 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{0FF0480B-A425-4F9D-947F-EA1DBB05FC04}\D4960234163716 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{3617BE3C-46B7-4004-901B-5183CD37C530} : DhcpNameServer = 68.94.156.1 68.94.157.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120220230635.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\drfg5nsb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?ilc=1 FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bf6360952-44bf-48bc-9ced-525f213fa39f%7D&mid=423f581f52b047d1ad80a9cd7a0d2ec4-206dd2a43dbefbf96fd85338060b4defeefc7caf&ds=AVG&v=10.0.0.7〈=en&pr=fr&d=2012-02-21%2009%3A33%3A38&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 MOBK370Filter;MOBK370Filter;C:\Windows\system32\DRIVERS\MOBK370.sys --> C:\Windows\system32\DRIVERS\MOBK370.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-2-27 499200] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-1 13336] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-1-1 2361344] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-20 101048] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-20 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-20 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-20 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-2-20 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-2-20 208536] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 MOBK370backup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBK370backup.exe [2010-11-29 218424] R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-2-15 47104] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176] R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-1-1 259192] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-1-1 2656280] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-1-1 852160] R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-2-21 909152] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-2-27 885248] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\system32\DRIVERS\bpenum.sys --> C:\Windows\system32\DRIVERS\bpenum.sys [?] R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\system32\DRIVERS\bpmp.sys --> C:\Windows\system32\DRIVERS\bpmp.sys [?] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\system32\Drivers\bpusb.sys --> C:\Windows\system32\Drivers\bpusb.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?] R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-1-1 44736] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-10-27 1429608] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-21 136176] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560] S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-21 136176] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240] S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824] S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232] S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-2-18 652016] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-02-21 17:40:46 -------- d-----w- C:\Users\Pierre\AppData\Roaming\AVG2012 2012-02-21 17:33:34 -------- d-----w- C:\ProgramData\AVG Secure Search 2012-02-21 17:33:14 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2012-02-21 17:32:59 -------- d-----w- C:\Program Files (x86)\AVG Secure Search 2012-02-21 17:32:53 -------- d--h--w- C:\ProgramData\Common Files 2012-02-21 17:32:06 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-02-21 17:31:09 -------- d-----w- C:\Program Files\CCleaner 2012-02-21 17:30:25 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-02-21 17:30:25 -------- d-----w- C:\ProgramData\AVG2012 2012-02-21 17:29:34 -------- d-----w- C:\Program Files (x86)\AVG 2012-02-21 17:29:05 -------- d-----w- C:\Users\Pierre\AppData\Local\Google 2012-02-21 17:21:09 -------- d-----w- C:\ProgramData\MFAData 2012-02-21 17:13:30 20480 ----a-w- C:\Windows\svchost.exe 2012-02-21 07:07:24 -------- d-----w- C:\Program Files (x86)\McAfeeMOBK 2012-02-21 07:07:21 66040 ----a-w- C:\Windows\System32\drivers\MOBK370.sys 2012-02-21 07:07:20 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup 2012-02-21 07:06:47 -------- d-----w- C:\Program Files (x86)\McAfee.com 2012-02-21 07:06:35 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll 2012-02-21 07:06:34 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2012-02-21 07:06:27 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys 2012-02-21 07:06:27 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2012-02-21 07:06:27 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2012-02-21 07:06:27 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2012-02-21 07:06:27 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2012-02-21 07:06:27 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys 2012-02-21 07:06:10 -------- d-----w- C:\Program Files\Common Files\McAfee 2012-02-21 07:06:09 -------- d-----w- C:\Program Files\McAfee.com 2012-02-21 07:06:08 -------- d-----w- C:\Program Files\McAfee 2012-02-21 06:45:47 161168 ----a-w- C:\Windows\System32\mfevtps.exe 2012-02-20 21:35:55 -------- d-----w- C:\Program Files (x86)\MSECache 2012-02-20 21:29:33 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync 2012-02-20 03:34:08 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\F5D5.tmp 2012-02-20 03:34:08 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\F5C5.tmp 2012-02-17 09:19:01 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-17 09:19:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-17 09:19:00 174392 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll 2012-02-17 09:19:00 141112 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll 2012-02-17 00:30:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll 2012-02-17 00:30:13 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll 2012-02-17 00:30:11 515584 ----a-w- C:\Windows\System32\timedate.cpl 2012-02-17 00:30:11 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl 2012-02-17 00:30:09 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-02-17 00:30:08 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-02-17 00:29:59 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-02-17 00:29:59 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-02-12 21:43:33 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-02-10 04:34:20 -------- d-----w- C:\Program Files (x86)\VideoLAN . ==================== Find3M ==================== . 2012-02-20 18:06:14 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-01-02 02:45:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-01-02 02:44:55 521448 ----a-w- C:\Windows\System32\deployJava1.dll 2012-01-02 02:10:02 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\qwavedrv.sys.mui 2012-01-02 02:09:59 25600 ----a-w- C:\Windows\SysWow64\drivers\en-US\bfe.dll.mui 2012-01-02 02:09:59 15360 ----a-w- C:\Windows\SysWow64\drivers\en-US\pacer.sys.mui 2012-01-02 02:09:53 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\scfilter.sys.mui 2012-01-02 02:09:52 5632 ----a-w- C:\Windows\SysWow64\drivers\en-US\ndiscap.sys.mui 2012-01-02 02:09:49 44032 ----a-w- C:\Windows\SysWow64\drivers\en-US\tcpip.sys.mui 2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll 2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll 2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2011-12-10 23:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 10:43:58.32 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 1/1/2012 8:00:34 PM System Uptime: 2/21/2012 9:12:11 AM (1 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i3-2310M CPU @ 2.10GHz | N/A | 2100/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 586 GiB total, 537.425 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP26: 2/7/2012 9:13:48 PM - Scheduled Checkpoint RP27: 2/12/2012 1:41:56 PM - Installed QuickTime RP28: 2/17/2012 1:18:24 AM - Windows Update RP29: 2/20/2012 1:27:05 PM - Installed Microsoft Office Professional Edition 2003 RP30: 2/20/2012 1:36:15 PM - Installed Compatibility Pack for the 2007 Office system RP31: 2/21/2012 9:28:59 AM - Installed AVG 2012 RP32: 2/21/2012 9:29:47 AM - Installed AVG 2012 . ==== Installed Programs ====================== . . Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.2) Apple Application Support Apple Software Update Application Manager for VAIO ArcSoft WebCam Companion 4 Best Buy pc app Bing Bar Compatibility Pack for the 2007 Office system D3DX10 Google Chrome Google Update Helper Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® WiDi Java Auto Updater Java 6 Update 22 Junk Mail filter update Malwarebytes Anti-Malware version 1.60.1.1000 McAfee Internet Security McAfee Online Backup McAfee Security Scan Plus Mesh Runtime Microsoft Office 2010 Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox 10.0.2 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) Oasis2Service 1.0 OOBE PMB PMB VAIO Edition Guide PMB VAIO Edition Plug-in QuickTime Realtek PCIE Card Reader Remote Keyboard Remote Play with PlayStation 3 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype™ 5.6 SSLx86 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) VAIO - Media Gallery VAIO - PMB VAIO Edition Guide VAIO - PMB VAIO Edition Plug-in VAIO - Remote Keyboard VAIO - Remote Play with PlayStation®3 VAIO Care VAIO Control Center VAIO Data Restore Tool VAIO Easy Connect VAIO Event Service VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Help and Support VAIO Improvement VAIO Manual VAIO Messenger VAIO Quick Web Access VAIO Sample Contents VAIO Satisfaction Survey. VAIO Smart Network VAIO Transfer Support VAIO Update VCCx86 VESx86 Visual Studio 2008 x64 Redistributables VIx86 VLC media player 1.1.11 VWSTx86 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 2/21/2012 7:36:53 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 2/20/2012 8:33:35 PM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s). 2/20/2012 8:33:35 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/20/2012 5:06:44 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000001000000dd, 0x0000000000000002, 0x0000000000000001, 0xfffff800030f9ab5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022012-24601-01. 2/20/2012 11:11:14 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 2/20/2012 11:10:51 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/20/2012 11:10:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/20/2012 11:10:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 2/20/2012 11:05:58 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107. 2/20/2012 11:05:58 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed. 2/20/2012 10:36:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VAIO Event Service service. 2/19/2012 7:34:53 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly. 2/15/2012 7:38:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service. . ==== End Of File ===========================