Solved Very slow PC and Wireless disconnecting

thierry1 · 2009/05/30

[Resolved] Very slow PC and Wireless disconnecting

Hi guys, unfortunately not the first time I've posted on Windows BBS, my PC seems to have piked up a problem with slow performance, for an example the DDS logs took over 30 minutes to generate from download to the text files being displayed.

I also have an problem where my wireless internet disconnects at intervals when I'm using the internet. If I try to 'disable' or 'repair' the problem the screen gets stuck. The wireless cannot be reconnected until the PC is rebooted. A reboot usually takes around 15 minutes. It's proving to be very frustrating.

I have lots of the applications from previous problems, like MBAM, but it's not picking up anything malicious, neither is a full Norton and Windows Defender scan, so I'm not sure what's causing the slow performance, and in particular, the wireless network to disconnect.

I have a second PC which uses the wireless network fine, so it's not a problem with that. The symbol in the system tray in my PC also shows that a signal from the wireless is detected, but when I try using the internet it displays a 'page cannot be found' screen which I can't get round other that with a reboot, it's the same in Firefox as it is in IE.

I've posted my two DDS logs below.

Thank you for your assistance

==========================================================

DDS (Ver_09-05-14.01) - NTFSx86
Run by user user at 12:28:36.42 on 30/05/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.134 [GMT 1:00]

AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user user\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = <local>;*.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Internet Security: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} -
TB: {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Mouse Suite 98 Daemon] ICO.EXE
mRun: [SonyPowerCfg] c:\program files\sony\vaio power management\SPMgr.exe
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe "
mRun: [Symantec NetDriver Monitor] c:\progra~1\symnet~1\SNDMon.exe /Consumer
mRun: [SsAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe
mRun: [NvCplDaemon] //~rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
mRun: [LXCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCCtime.dll,_RunDLLEntry@16
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} - hxxps://myconnect.bbc.co.uk/InternalSite/WhlCompMgr.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rabind~1\applic~1\mozilla\firefox\profiles\9h1aav5x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - plugin: c:\documents and settings\user user\application data\mozilla\firefox\profiles\9h1aav5x.default\extensions\npfax@microgaming.co.uk\platform\winnt_x86-msvc\plugins\npfax.dll

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-31 28544]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [2004-7-6 45627]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\SAVRTPEL.SYS [2005-2-5 53896]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2005-3-5 185704]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2005-3-5 239264]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2005-3-5 177512]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -svaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlservr.exe -sVAIO_VEDB [?]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-4 118784]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.exe [2005-3-25 128160]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20051230.004\NAVENG.Sys [2006-1-1 77864]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20051230.004\NavEx15.Sys [2006-1-1 750952]
R3 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\SAVRT.SYS [2005-2-5 334984]
S2 SBService;ScriptBlocking Service;c:\progra~1\common~1\symant~1\script~1\SBServ.exe [2005-3-24 67184]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2005-3-5 83304]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-4-14 33176]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
S3 SAVScan;SAVScan;c:\program files\norton internet security\norton antivirus\SAVSCAN.EXE [2005-2-18 198368]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.exe -i vaio_vedb --> c:\program files\microsoft sql server\mssql$vaio_vedb\binn\sqlagent.EXE -i VAIO_VEDB [?]

=============== Created Last 30 ================

2009-05-24 23:31 0 a------- c:\windows\system32\w32apiw.dll
2009-05-24 14:04 <DIR> --d----- c:\windows\system32\CatRoot2
2009-05-23 15:30 73,728 a------- c:\windows\system32\javacpl.cpl
2009-05-21 11:17 <DIR> --d----- C:\HostsXpert
2009-05-21 10:38 <DIR> --d----- C:\_OTMoveIt
2009-05-20 23:41 130,048 a------- c:\windows\PEV.exe

==================== Find3M ====================

2009-05-23 15:30 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-23 12:36 12,800 a------- c:\program files\hijackthis.log
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-02 10:34 1,878,888 a------- C:\install_flash_player.exe
2009-03-31 13:54 175,504 a------- C:\activescan2_en.exe
2009-03-29 15:41 353,485 a------- C:\HostsXpert.zip
2009-03-26 16:07 62,729,728 a------- C:\avg_free_stf_en_85_283a1450.exe
2009-03-25 13:41 1,339,834 a------- C:\MGtools.exe
2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-03 01:18 826,368 a------- c:\windows\system32\wininet.dll
2008-12-21 15:21 7,590,400 a------- c:\program files\ica32web.msi
2008-12-12 20:29 186 a------- c:\docume~1\rabind~1\applic~1\wklnhst.dat
2008-06-15 13:27 59,839,784 a------- c:\program files\iTunesSetup.exe
2008-04-10 22:17 1,495,112 a------- c:\program files\install_flash_player.exe
2007-07-22 16:59 41,384 a------- c:\program files\basiccms.zip
2007-07-22 16:43 22,312,757 a------- c:\program files\wamp5_1.7.2.exe
2007-07-21 18:38 1,126 a------- c:\docume~1\rabind~1\applic~1\filterclsid.dat
2007-01-01 16:28 4,308,596 a------- c:\program files\BitTornado-0.3.17-w32install.exe
2006-12-29 17:19 899,414 a------- c:\program files\DVDDecrypter_3.5.4.0.exe
2006-12-28 21:01 734,160 a------- c:\program files\VobSub_2.23.exe
2006-12-20 21:59 9,918,872 a------- c:\program files\WMEncoder.exe
2006-12-20 21:52 878,896 a------- c:\program files\WGAPluginInstall.exe
2006-12-20 16:13 4,865,728 a------- c:\program files\rminstall.exe
2006-12-19 14:14 1,035,271 a------- c:\program files\wrar362.exe
2006-12-02 15:16 1,480,862 a------- c:\program files\aresregular196_installer.exe
2006-12-02 15:15 1,480,862 a------- c:\program files\Ares.exe
2005-02-16 12:06 218,112 a------- c:\program files\HijackThis.exe
2005-07-14 13:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
2005-06-26 16:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
2005-06-21 23:37 45,568 a--shr-- c:\windows\system32\cygz.dll
2006-05-03 10:06 163,328 ---shr-- c:\windows\system32\flvDX.dll
2004-01-25 01:00 70,656 a--shr-- c:\windows\system32\i420vfw.dll
2007-02-21 11:47 31,232 ---shr-- c:\windows\system32\msfDX.dll
2008-12-24 13:01 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008122420081225\index.dat

============= FINISH: 12:29:40.90 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 20/11/2005 17:09:51
System Uptime: 30/05/2009 11:22:01 (1 hours ago)
Processor: Intel(R) Pentium(R) M processor 1.73GHz | N/A | 1729/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 33 GiB total, 11.288 GiB free.
D: is FIXED (NTFS) - 35 GiB total, 9.409 GiB free.
E: is Removable
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP598: 16/04/2009 02:50:34 - Software Distribution Service 3.0
RP599: 17/04/2009 22:45:20 - System Checkpoint
RP600: 18/04/2009 01:30:10 - Software Distribution Service 3.0
RP601: 19/04/2009 00:37:55 - Removed Windows Live Upload Tool
RP602: 19/04/2009 00:38:25 - Removed Windows Live Sign-in Assistant
RP603: 20/04/2009 15:51:20 - Software Distribution Service 3.0
RP604: 22/04/2009 16:33:46 - System Checkpoint
RP605: 23/04/2009 19:56:15 - Software Distribution Service 3.0
RP606: 25/04/2009 16:09:45 - System Checkpoint
RP607: 26/04/2009 18:31:08 - System Checkpoint
RP608: 27/04/2009 22:26:31 - System Checkpoint
RP609: 28/04/2009 10:47:52 - Software Distribution Service 3.0
RP610: 29/04/2009 14:26:43 - System Checkpoint
RP611: 29/04/2009 19:25:32 - Software Distribution Service 3.0
RP612: 30/04/2009 21:17:07 - System Checkpoint
RP613: 01/05/2009 11:07:07 - Software Distribution Service 3.0
RP614: 03/05/2009 22:16:28 - System Checkpoint
RP615: 04/05/2009 22:18:04 - System Checkpoint
RP616: 05/05/2009 22:49:29 - System Checkpoint
RP617: 06/05/2009 11:43:08 - Software Distribution Service 3.0
RP618: 07/05/2009 14:19:19 - System Checkpoint
RP619: 08/05/2009 11:55:16 - Software Distribution Service 3.0
RP620: 10/05/2009 19:19:00 - System Checkpoint
RP621: 11/05/2009 21:12:33 - System Checkpoint
RP622: 12/05/2009 10:21:43 - Software Distribution Service 3.0
RP623: 13/05/2009 12:58:30 - System Checkpoint
RP624: 13/05/2009 13:21:24 - Software Distribution Service 3.0
RP625: 14/05/2009 14:15:55 - System Checkpoint
RP626: 15/05/2009 10:56:01 - Software Distribution Service 3.0
RP627: 16/05/2009 14:44:19 - System Checkpoint
RP628: 17/05/2009 18:20:15 - System Checkpoint
RP629: 18/05/2009 15:11:03 - Software Distribution Service 3.0
RP630: 19/05/2009 15:21:31 - System Checkpoint
RP631: 20/05/2009 22:37:31 - System Checkpoint
RP632: 22/05/2009 10:19:57 - Software Distribution Service 3.0
RP633: 23/05/2009 14:36:42 - System Checkpoint
RP634: 23/05/2009 15:27:59 - Removed Java(TM) 6 Update 13
RP635: 23/05/2009 15:30:09 - Installed Java(TM) 6 Update 13
RP636: 24/05/2009 17:17:45 - System Checkpoint
RP637: 25/05/2009 15:57:44 - Software Distribution Service 3.0
RP638: 30/05/2009 12:23:57 - Software Distribution Service 3.0

==== Installed Programs ======================

Adobe Acrobat 7.0 Elements
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 3.0
Adobe Premiere Standard
Adobe Reader 7.1.0
Apple Mobile Device Support
Apple Software Update
Ares 1.9.6
BitTornado 0.3.17
Bonjour
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
Citrix Presentation Server Client
Click to DVD 2.0.03 Menu Data
Click to DVD 2.4.10
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07
DAEMON Tools
DivxToDVD 1.99.20b
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVgate Plus
FileZilla Client 3.1.6
Football Manager 2006
Google Earth
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HijackThis 1.99.1
Hotfix for Windows Internet Explorer 7 (KB947864)
Image Converter 2
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD for VAIO
InterVideo WinDVDX
iPod for Windows 2005-09-23
iTunes
Java(TM) 6 Update 13
K-Lite Codec Pack 3.2.5 Standard
Kazaa 3.2.2
LAN-Express AS IEEE 802.11 Wireless LAN
Lexmark 3300 Series
Lexmark Fax Solutions
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Macromedia Dreamweaver 8
Macromedia Dreamweaver MX
Macromedia Extension Manager
Macromedia Fireworks MX
Macromedia Flash MX
Macromedia Flash Player
Malwarebytes' Anti-Malware
Malwarebytes' RogueRemover
mCore
mDriver
Memory Stick Formatter
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft SQL Server Desktop Engine (VAIO_VEDB)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mMHouse
MoodLogic
Mozilla Firefox (3.0.10)
mPfMgr
mProSafe
MSRedist
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
mWlsSafe
mXML
nCleaner second 2.3.4.0
Nero 7 Ultra Edition
Nokia Connectivity Cable Driver
Norton AntiSpam
Norton AntiVirus 2005
Norton Internet Security
Norton Internet Security 2005 (Symantec Corporation)
Norton Security Center
Norton WMI Update
NVIDIA Drivers
OpenMG Secure Module 4.2.00
Orange Livebox
Panda ActiveScan
Panda ActiveScan 2.0
Pcast P2P ÃÃ·Ãƒ½ÃŒÃ¥¿Ã˜¼Ã¾ 1.0.0.17
PictureGear Studio 2.0
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Roxio DigitalMedia Audio
Roxio DigitalMedia Copy
Roxio DigitalMedia Data
Runtime 8.0 Libraries
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio
Samsung PC Studio 3 USB Driver Installer
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Setting Utility Series
SonicStage 3.2
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony MP4 Shared Library
Sony Utilities DLL
Sony Video Shared Library
SopCast 2.0.4
SPBBC
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
SUPER © Version 2007.bld.23 (July 4, 2007)
SUPERAntiSpyware Free Edition
Symantec Network Drivers Update
Symantec Script Blocking Installer
SymNet
TomTom HOME
TVAnts 1.0
TVUPlayer 2.3.2.52
Update for Windows XP (KB951978)
Update for Windows XP (KB967715)
VAIO Control Center
VAIO Edit Components
VAIO Entertainment Platform
VAIO Event Service
VAIO Light Flo Wallpaper
VAIO Long Battery Life Wallpaper
VAIO Media 4.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 4.2
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Online Registration (English)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion HD Normal Contents
VAIO Original Screen Saver VAIO Motion HD Wide Contents
VAIO Original Screen Saver VAIO Motion SD Normal Contents
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Original Screen Saver VAIO Scene HD Wide Contents
VAIO Original Screen Saver VAIO Scene SD Normal Contents
VAIO Original Screen Saver VAIO Scene SD Wide Contents
VAIO Power Management
VAIO Product Survey
VAIO Update 2
VC_MergeModuleToMSI
VOR
VPS
WebFldrs XP
Whale Communications' Client Components v3.6
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Wireless LAN Starter

==== Event Viewer Messages From Past Week ========

30/05/2009 12:02:14, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
24/05/2009 23:23:26, error: Service Control Manager [7034] - The VAIO Event Service service terminated unexpectedly. It has done this 1 time(s).
24/05/2009 22:14:06, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
24/05/2009 21:55:18, error: System Error [1003] - Error code 100000d1, parameter1 30000014, parameter2 00000002, parameter3 00000000, parameter4 f529c3c0.
24/05/2009 21:53:01, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
24/05/2009 21:53:01, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
24/05/2009 21:35:48, error: Service Control Manager [7034] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s).
23/05/2009 17:15:05, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
23/05/2009 16:23:20, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the VAIO Event Service service.
23/05/2009 15:28:43, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
23/05/2009 15:14:05, error: Service Control Manager [7022] - The VAIO Entertainment File Import Service service hung on starting.
23/05/2009 14:58:38, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
23/05/2009 14:58:24, error: Service Control Manager [7034] - The VAIO Entertainment Database Service service terminated unexpectedly. It has done this 1 time(s).
23/05/2009 14:45:26, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
23/05/2009 14:44:30, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
23/05/2009 14:19:56, error: DCOM [10000] - Unable to start a DCOM Server: {FB7199AB-79BF-11D2-8D94-0000F875C541}. The error: "%3" Happened while starting this command: "C:\Program Files\Messenger\msmsgs.exe" -Embedding
23/05/2009 12:29:56, error: Service Control Manager [7034] - The Symantec Network Proxy service terminated unexpectedly. It has done this 1 time(s).
23/05/2009 11:57:32, error: Service Control Manager [7034] - The VAIO Entertainment File Import Service service terminated unexpectedly. It has done this 1 time(s).
23/05/2009 11:57:27, error: Service Control Manager [7034] - The Windows Defender service terminated unexpectedly. It has done this 3 time(s).
23/05/2009 11:56:58, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
23/05/2009 11:55:40, error: Service Control Manager [7034] - The ISSVC service terminated unexpectedly. It has done this 1 time(s).
23/05/2009 11:48:03, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
23/05/2009 11:47:54, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

==== End Of File ===========================

broni · 2009/05/31

From your description, and DDS log, it doesn't look like security problem, but let's double check.

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

thierry1 · 2009/05/31

Hi Broni, thanks for the help.

I ran the Combofix scan and the results, along with a HJT log is below:

======================================================
Combofix

ComboFix 09-05-30.06 - user user 31/05/2009 16:36.8 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.69 [GMT 1:00]
Running from: c:\documents and settings\user user\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\w32apiw.dll

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-31 )))))))))))))))))))))))))))))))
.

2009-05-24 13:04 . 2009-05-31 15:36 -------- d-----w- c:\windows\system32\CatRoot2
2009-05-23 15:23 . 2009-05-23 15:23 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\Mozilla
2009-05-23 14:29 . 2009-05-23 14:29 152576 ----a-w- c:\documents and settings\user user\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-21 10:17 . 2009-05-21 10:18 -------- d-----w- C:\HostsXpert
2009-05-21 09:38 . 2009-05-21 09:38 -------- d-----w- C:\_OTMoveIt

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-30 11:09 . 2005-07-11 16:37 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-05-23 14:30 . 2009-03-29 13:10 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-23 14:30 . 2005-07-11 16:29 -------- d-----w- c:\program files\Java
2009-05-23 11:37 . 2005-11-29 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-23 11:36 . 2009-03-25 11:25 12800 ----a-w- c:\program files\hijackthis.log
2009-05-23 09:22 . 2008-01-20 18:00 -------- d-----w- c:\program files\Lx_cats
2009-05-20 22:15 . 2006-12-24 11:52 -------- d-----w- c:\program files\backups
2009-05-20 20:10 . 2009-03-25 10:29 117760 ----a-w- c:\documents and settings\user user\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-20 20:08 . 2007-12-08 01:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-04-30 13:44 . 2008-12-18 19:17 -------- d-----w- c:\documents and settings\user user\Application Data\FileZilla
2009-04-14 12:57 . 2009-04-14 12:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-04-14 12:57 . 2009-04-14 12:57 -------- d-----w- c:\program files\NOS
2009-04-10 15:15 . 2009-03-24 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-04-10 15:15 . 2009-03-30 22:19 2967799 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-04-07 19:09 . 2005-11-20 17:10 77256 ----a-w- c:\documents and settings\user user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-06 14:32 . 2009-03-24 14:47 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 14:32 . 2009-03-24 14:47 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-04-02 09:34 . 2009-04-02 09:33 1878888 ----a-w- C:\install_flash_player.exe
2009-03-31 12:54 . 2009-03-31 12:54 175504 ----a-w- C:\activescan2_en.exe
2009-03-29 14:41 . 2009-03-29 14:41 353485 ----a-w- C:\HostsXpert.zip
2009-03-26 15:07 . 2009-03-26 14:57 62729728 ----a-w- C:\avg_free_stf_en_85_283a1450.exe
2009-03-25 12:41 . 2009-03-25 12:41 1339834 ----a-w- C:\MGtools.exe
2009-03-24 15:09 . 2009-03-24 15:09 65024 ----a-r- c:\documents and settings\user user\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2009-03-24 15:09 . 2009-03-24 15:09 18944 ----a-r- c:\documents and settings\user user\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2009-03-06 14:22 . 2005-07-11 04:48 284160 ----a-w- c:\windows\system32\pdh.dll
2009-03-03 13:53 . 2009-04-14 12:56 17464 ----a-w- c:\documents and settings\user user\Application Data\Mozilla\Firefox\Profiles\9h1aav5x.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg.exe
2009-03-03 13:53 . 2009-04-14 12:56 12792 ----a-w- c:\documents and settings\user user\Application Data\Mozilla\Firefox\Profiles\9h1aav5x.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg_bootstrap.exe
2009-03-03 13:53 . 2009-04-14 12:56 109420 ----a-w- c:\documents and settings\user user\Application Data\Mozilla\Firefox\Profiles\9h1aav5x.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll
2009-03-03 00:18 . 2005-07-11 04:48 826368 ----a-w- c:\windows\system32\wininet.dll
2008-12-21 14:21 . 2007-07-27 18:57 7590400 ----a-w- c:\program files\ica32web.msi
2008-06-15 12:27 . 2008-06-15 12:24 59839784 ----a-w- c:\program files\iTunesSetup.exe
2008-04-10 21:17 . 2007-11-15 18:29 1495112 ----a-w- c:\program files\install_flash_player.exe
2007-07-22 15:59 . 2007-07-22 15:59 41384 ----a-w- c:\program files\basiccms.zip
2007-07-22 15:43 . 2007-07-22 15:42 22312757 ----a-w- c:\program files\wamp5_1.7.2.exe
2007-01-01 15:28 . 2007-01-01 15:27 4308596 ----a-w- c:\program files\BitTornado-0.3.17-w32install.exe
2006-12-29 16:19 . 2006-12-29 16:20 899414 ----a-w- c:\program files\DVDDecrypter_3.5.4.0.exe
2006-12-28 20:01 . 2006-12-28 20:51 734160 ----a-w- c:\program files\VobSub_2.23.exe
2006-12-20 20:59 . 2006-12-20 20:57 9918872 ----a-w- c:\program files\WMEncoder.exe
2006-12-20 20:52 . 2006-12-20 20:52 878896 ----a-w- c:\program files\WGAPluginInstall.exe
2006-12-20 15:13 . 2006-12-20 15:13 4865728 ----a-w- c:\program files\rminstall.exe
2006-12-19 13:14 . 2006-12-19 13:14 1035271 ----a-w- c:\program files\wrar362.exe
2006-12-02 14:16 . 2006-12-02 14:16 1480862 ----a-w- c:\program files\aresregular196_installer.exe
2006-12-02 14:15 . 2006-12-02 14:15 1480862 ----a-w- c:\program files\Ares.exe
2005-02-16 11:06 . 2006-12-23 11:32 218112 ----a-w- c:\program files\HijackThis.exe
2005-07-14 12:31 . 2005-07-14 12:31 27648 --sha-r- c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 . 2005-06-26 15:32 616448 --sha-r- c:\windows\system32\cygwin1.dll
2005-06-21 22:37 . 2005-06-21 22:37 45568 --sha-r- c:\windows\system32\cygz.dll
2006-05-03 09:06 . 2007-07-21 17:30 163328 --sh--r- c:\windows\system32\flvDX.dll
2004-01-25 00:00 . 2004-01-25 00:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2007-02-21 10:47 . 2007-07-21 17:30 31232 --sh--r- c:\windows\system32\msfDX.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-05-20_10.59.20.79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-31 15:18 . 2009-05-31 15:18 16384 c:\windows\Temp\Perflib_Perfdata_808.dat
+ 2009-05-31 15:18 . 2009-05-31 15:18 16384 c:\windows\Temp\Perflib_Perfdata_2d8.dat
+ 2005-07-11 13:01 . 2004-08-04 12:00 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat
+ 2008-10-23 20:45 . 2008-01-18 15:13 2247 c:\windows\ServicePackFiles\i386\tscdsbl.bat
+ 2008-10-23 20:45 . 2008-01-18 15:13 2247 c:\windows\Installer\tsclientmsitrans\tscdsbl.bat
+ 2005-07-11 16:22 . 2004-08-04 12:00 2589 c:\windows\I386\RUNW32.BAT
+ 2009-05-23 14:30 . 2009-05-23 14:30 148888 c:\windows\system32\javaws.exe
- 2009-04-12 12:49 . 2009-04-12 12:49 148888 c:\windows\system32\javaws.exe
+ 2009-05-23 14:30 . 2009-05-23 14:30 144792 c:\windows\system32\javaw.exe
- 2009-04-12 12:49 . 2009-04-12 12:49 144792 c:\windows\system32\javaw.exe
- 2009-04-12 12:49 . 2009-04-12 12:49 144792 c:\windows\system32\java.exe
+ 2009-05-23 14:30 . 2009-05-23 14:30 144792 c:\windows\system32\java.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint "= "c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]
"SonyPowerCfg "= "c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-05-15 184320]
"ISBMgr.exe "= "c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"VAIO Update 2 "= "c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 151552]
"ccApp "= "c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-01-08 49512]
"Symantec NetDriver Monitor "= "c:\progra~1\SYMNET~1\SNDMon.exe" [2007-10-18 100056]
"SsAAD.exe "= "c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2005-06-03 81920]
"NvCplDaemon "= "c:\windows\system32\nvcpl.dll" [2005-06-09 6746112]
"LXCCCATS "= "c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]
"FaxCenterServer "= "c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2009-05-23 148888]
"Mouse Suite 98 Daemon "= "ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "= "c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"aux2 "=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@= "Service "

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [31/03/2009 13:56 28544]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [06/07/2004 14:07 45627]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/03/2009 15:07 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/03/2009 15:07 72944]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [04/10/2004 04:47 98304]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [04/10/2004 03:40 118784]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 20:19 13592]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [14/04/2009 13:57 33176]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/03/2009 15:07 7408]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]
.
Contents of the 'Scheduled Tasks' folder

2009-05-31 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2009-05-22 c:\windows\Tasks\Norton AntiVirus - Scan my computer - user user.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2005-03-25 13:47]

2009-05-30 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-07-11 11:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = <local>;*.local
IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
FF - ProfilePath - c:\documents and settings\user user\Application Data\Mozilla\Firefox\Profiles\9h1aav5x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk
FF - plugin: c:\documents and settings\user user\Application Data\Mozilla\Firefox\Profiles\9h1aav5x.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-31 16:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Std\7.0\DefaultPreset]
@DACL=(02 0000)
@SACL=
@= "c:\\Program Files\\Adobe\\Premiere Standard\\Settings\\DV - NTSC\\Standard 48kHz.prpreset "

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Std\7.0\Help]
@DACL=(02 0000)
@SACL=
"AdobeMediaEncoder "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\1_0_0_0.html "
"Contents "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\1_0_0_0.html "
"ExportToDVD "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\1_13_2_0.html "
"HowToUse "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\0_0_0_0.html "
"Keyboard "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\1_4_15_0.html "
"Search "= "c:\\Program Files\\Adobe\\Premiere Standard\\Help\\search.html "
"Support "= "http://www.adobe.com/support/products/premiere.html "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(896)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-05-31 16:46
ComboFix-quarantined-files.txt 2009-05-31 15:46
ComboFix2.txt 2009-05-24 21:39
ComboFix3.txt 2009-05-21 10:01
ComboFix4.txt 2009-05-20 22:53
ComboFix5.txt 2009-05-31 15:34

Pre-Run: 12,460,593,152 bytes free
Post-Run: 12,448,034,816 bytes free

205 --- E O F --- 2009-05-30 11:24

==========================================================

HJT Log

Logfile of HijackThis v1.99.1
Scan saved at 16:50:24, on 31/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [NvCplDaemon] //~rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [TABS] Tabbed Browsing
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) - https://myconnect.bbc.co.uk/InternalSite/WhlCompMgr.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot= "SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt= "Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot= "SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt= "\Addons\Packages\Mobile\Gateway" /DisplayName= "VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

broni · 2009/05/31

You used an outdated HJT version, but I don't see any issues in Combofix log, so you'll need to re-post your problem at Windows section.
Before you go there...

Uninstall Combofix:

Go Start > Run
Type in:
combofix /u
Note the space between the "combofix" and the "/u "
Restart computer.

I'm going to mark this thread as resolved.

Log in or Sign up

Solved Very slow PC and Wireless disconnecting

thierry1 Inactive Thread Starter

broni Moderator Malware Analyst

thierry1 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Very slow PC and Wireless disconnecting

thierry1 Inactive Thread Starter

broni Moderator Malware Analyst

thierry1 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches