Jump to content

Infected? Logs inccluded


Recommended Posts

Computer is running slow after being infected (i think) with malware. Desktop went black, then all items from desktop vanished. I ran Malwarebytes and it cleared somethings off, but computer is still running slow:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514

Run by Holden Caulfield at 18:46:40 on 2011-10-27

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4044.1948 [GMT 1:00]

.

AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: STOPzilla Anti-Spyware *Enabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}

SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Users\Holden Caulfield\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\McAfee\Common Framework\McTray.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Program Files\Apoint\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE

C:\Windows\splwow64.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\McAfee\VirusScan Enterprise\mcconsol.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.sony.eu/vaioportal

uDefault_Page_URL = hxxp://www.sony.eu/vaioportal

uInternet Settings,ProxyOverride = <local>;*.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110901154753.dll

BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

mRun: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL

LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 172.16.55.254 131.111.8.42 131.111.12.20

TCP: Interfaces\{0402D9AE-ECF4-49CE-84BB-AFD38EC63E2B} : DhcpNameServer = 172.16.55.254 131.111.8.42 131.111.12.20

TCP: Interfaces\{624EDC9D-041C-41AF-8338-CFD8813ECAAC} : DhcpNameServer = 192.168.0.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110901154753.dll

BHO-X64: scriptproxy - No File

BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO-X64: IESpeakDoc - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

mRun-x64: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

.

================= FIREFOX ===================

.

FF - ProfilePath -

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]

R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]

R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-31 146592]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-31 75936]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-30 13336]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-5-30 2361344]

R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2011-1-12 120128]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-9-1 190256]

R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2011-1-12 209760]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]

R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-5-30 259192]

R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-5-30 105024]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-30 2656280]

R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-5-30 852160]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\drivers\btath_bus.sys --> C:\Windows\system32\drivers\btath_bus.sys [?]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\drivers\btath_hcrp.sys --> C:\Windows\system32\drivers\btath_hcrp.sys [?]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\drivers\btath_rcp.sys --> C:\Windows\system32\drivers\btath_rcp.sys [?]

R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-5-30 44736]

R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-5-30 1021112]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]

S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-10-22 366840]

S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-10-22 1150936]

S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]

S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]

S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-2-18 546608]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-18 385336]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2011-10-27 17:31:00 -------- d-----w- C:\Program Files (x86)\Trend Micro

2011-10-27 17:07:55 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{E4224944-E6FA-4E29-B3AD-4EDEADAE673C}

2011-10-27 17:07:45 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{C3EC3D74-23D4-453A-BB87-1FE5CED4D33C}

2011-10-26 17:22:46 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{BE847203-E27B-47CB-84D5-FBC58EB5162F}

2011-10-26 17:22:36 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{F2B307AE-63B1-446B-80E4-43215E297D6D}

2011-10-26 07:50:33 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2011-10-25 20:34:09 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{B3050B14-15CD-4FC9-9701-4ACDF9123287}

2011-10-25 20:33:45 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{7392D64E-AA8F-4ADB-8F8A-1A0394E2E3B2}

2011-10-25 07:46:36 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C344F718-12F3-4B53-9C61-9CAD69CA58AF}\offreg.dll

2011-10-25 07:46:23 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C344F718-12F3-4B53-9C61-9CAD69CA58AF}\mpengine.dll

2011-10-24 19:55:11 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{1C9B636A-B6F1-441C-B5CF-D87F108A1ACE}

2011-10-24 19:53:09 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{A0337D33-7B7C-434E-AF63-1E9BF155D448}

2011-10-23 18:58:07 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{D3054DB8-6129-48B1-9DB9-95BCC7BEC190}

2011-10-23 18:55:51 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{DAD8C51A-38B2-4F50-B3FC-9D083D75AD97}

2011-10-23 14:15:34 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{4EA61396-AE1D-4528-9CEF-59BAA9D9A75F}

2011-10-23 14:15:23 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{46E780B9-1F06-4433-AA44-44D81717EE29}

2011-10-23 09:03:41 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{EF66792B-0467-47CD-8486-5BEC3E8D69C4}

2011-10-23 09:03:30 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{1A7F0EEE-06D0-4EB2-80F9-37C70FB31191}

2011-10-22 22:49:04 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\CrashDumps

2011-10-22 22:46:41 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{785600B6-ED26-48B7-805C-8942F1134768}

2011-10-22 22:46:09 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{A4473C6C-3541-4516-BE50-F0DAAC5271D4}

2011-10-22 22:36:57 684297 ----a-w- C:\Windows\unhide.exe

2011-10-22 22:06:56 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{F5749FC1-D6D4-490F-8F51-697317297AAA}

2011-10-22 22:06:22 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{3271AD69-9E82-4FFC-A29B-DC4BEBED7F35}

2011-10-22 21:58:32 -------- d-----w- C:\Program Files (x86)\STOPzilla!

2011-10-22 21:58:29 -------- d-----w- C:\Program Files (x86)\Common Files\iS3

2011-10-22 21:58:28 -------- d-----w- C:\ProgramData\STOPzilla!

2011-10-22 21:49:09 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{BED2CFCE-6985-48F9-9C4C-9845B04C07D5}

2011-10-22 21:48:54 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{1CD2F04B-3371-49AE-9A4B-BB641E25F3A9}

2011-10-22 20:37:30 -------- d-----w- C:\Users\Holden Caulfield\AppData\Roaming\PC Tools

2011-10-22 20:37:30 -------- d-----w- C:\Program Files (x86)\PC Tools Security

2011-10-22 20:37:30 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2011-10-22 20:36:17 -------- d-----w- C:\ProgramData\PC Tools

2011-10-22 20:28:35 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{28947AB7-DF3A-45F3-B5FD-AB4FADD782A6}

2011-10-22 20:28:12 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{FF631C7A-0650-4536-9B31-FE931DAEFD3B}

2011-10-22 19:49:48 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{E86FC75B-F5CC-471B-94DB-C16482A2EA61}

2011-10-22 19:49:27 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{7D7DFCEF-BA71-4908-8C5D-0242AF452B1D}

2011-10-21 18:59:07 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{CAC09DBB-4807-4E3F-889E-15C75574672D}

2011-10-21 18:58:56 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{DF98C60F-B517-4167-9061-9A037A3B53B5}

2011-10-21 17:14:28 132560 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll

2011-10-21 17:14:26 99792 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll

2011-10-21 17:14:26 67024 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll

2011-10-21 17:14:26 456144 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll

2011-10-21 17:14:26 28624 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll

2011-10-21 17:14:26 103888 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll

2011-10-21 17:14:22 390608 ----a-r- C:\Windows\SysWow64\IS3UI5.dll

2011-10-21 17:14:22 230864 ----a-r- C:\Windows\SysWow64\IS3Win325.dll

2011-10-21 17:14:20 738768 ----a-r- C:\Windows\SysWow64\IS3Base5.dll

2011-10-21 16:45:30 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{01097BC6-4AFB-4CB5-B4E6-CF530EB6C824}

2011-10-21 16:44:29 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{70F64456-F432-4FD6-8F84-72B349631686}

2011-10-20 22:34:09 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{A8DB37E7-716C-494B-A66F-B88BACEFA7EC}

2011-10-20 22:33:59 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{A1773560-6165-4073-8CF7-811BDD4BCDB4}

2011-10-19 20:52:47 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{7AF8DBCE-5130-4A03-8C30-849072E2E6A9}

2011-10-19 20:52:36 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{EC7CF008-38C2-4737-BDD5-6AD0F24B5F8D}

2011-10-18 10:25:19 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{17F5A762-3D5E-4173-BE78-D1DA5B17F191}

2011-10-18 10:24:38 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{600F1ADC-FBAA-431F-B766-FAF384D90A1A}

2011-10-15 22:12:52 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{79A8C470-9008-4FCF-839A-E635566F29E8}

2011-10-15 22:12:30 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{BF18F453-BD3A-4D7A-B882-1848FC3B7E77}

2011-10-14 18:44:40 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{CA3AFD15-DEE5-4DA3-AB0B-6DFA1E4A9917}

2011-10-14 18:44:28 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{A53F4906-8FEB-43D0-8B03-F6B854BE7339}

2011-10-13 08:07:17 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{ED161EF2-509A-4280-B303-6F5A878C5039}

2011-10-13 08:07:04 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{CDAD7D3D-B109-4168-805F-98057C01AFA8}

2011-10-12 10:11:30 860672 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll

2011-10-12 10:11:29 163328 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll

2011-10-12 10:11:28 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-08 17:22:08 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{F0C52DD4-2A17-4F66-8D35-08CEF4F02D0A}

2011-10-08 15:38:14 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{197986BA-EE85-4CC4-8A0C-9FD67C9B6F77}

2011-10-08 15:37:53 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{97076B46-7F14-422F-8B9C-6DADB577744D}

2011-10-06 17:08:20 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{BEDB3231-393E-4F2F-99FB-CE42A3F6060A}

2011-10-06 17:08:06 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{27980D0D-E0E9-4C75-BFC7-50C2B39C69D9}

2011-10-05 08:09:16 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{DC1D3766-E294-445A-95B4-BA1F4387BE22}

2011-10-04 08:50:44 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{533E0AFF-2678-4CF0-B228-35F2B808B587}

2011-10-04 08:50:24 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{8F139C38-10EB-404F-9062-F7153D4DFC16}

2011-10-04 07:40:14 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{8262DFF5-B948-4661-9B36-7DE31A0780E0}

2011-10-04 07:40:03 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{59611ED9-43A7-4623-AFEF-4FAFFE2CCE8C}

2011-10-03 15:49:10 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{C269BF71-B570-478E-A369-A095E8D49A1B}

2011-10-03 15:46:31 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{8597E3E4-F54A-4003-BC6D-28709C5DAA51}

2011-09-28 21:27:39 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{9C05E027-9CBA-40BB-BC2C-CF0C56EFB96F}

2011-09-28 21:27:29 -------- d-----w- C:\Users\Holden Caulfield\AppData\Local\{EDFE882D-EA05-410A-B7E5-A4515F268981}

.

==================== Find3M ====================

.

.

============= FINISH: 18:46:52.73 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.