it was all ok until today, everything was running well
today the Internet stopped working, the firewall could not turn on,
i did system restore, INTERNET started working back, but my avast which was v7 updated, rolled back to v6(normal to happen) but stopped working, shields cannot start anymore, firefox doesn't start, avast installer doesn't work anymore either
ravenous123
0
Newbie Poster
The attachment preview is chopped off after the first 10 KB. Please download the entire file.
ComboFix 12-03-09.05 - sony_2 09-03-2012 21:12:11.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.91.1033.18.4078.2435 [GMT 5.5:30]
Running from: c:\users\Mohit\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Maximum Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Maximum Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\rllvcg.pif
F:\twela.pif
G:\uiki.pif
.
.
((((((((((((((((((((((((( Files Created from 2012-02-09 to 2012-03-09 )))))))))))))))))))))))))))))))
.
.
2012-03-09 15:53 . 2012-03-09 15:53 -------- d-----w- c:\users\sony_2\AppData\Local\temp
2012-03-09 15:53 . 2012-03-09 15:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-09 15:53 . 2012-03-09 15:53 -------- d-----w- c:\users\Manisha\AppData\Local\temp
2012-03-09 15:53 . 2012-03-09 15:53 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-08 16:45 . 2012-03-08 19:29 -------- d-----w- c:\users\Mohit\AppData\Roaming\tixati
2012-03-08 16:44 . 2012-03-09 14:05 -------- d-----w- c:\program files (x86)\tixati
2012-03-07 18:45 . 2012-03-07 18:45 -------- d-----w- c:\users\Mohit\AppData\Roaming\Rovio
2012-03-03 16:26 . 2012-03-09 14:13 -------- d-----w- c:\users\Mohit Sadana
2012-03-01 11:56 . 2012-03-01 11:56 -------- d-----w- c:\users\Mohit\dwhelper
2012-02-29 16:06 . 2012-02-29 16:06 -------- d-----w- c:\program files (x86)\Google
2012-02-29 14:21 . 2012-03-01 13:13 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-02-29 14:11 . 2012-03-09 14:06 -------- d-----w- c:\program files (x86)\Adobe Media Player
2012-02-29 14:09 . 2012-03-09 14:05 -------- d-----w- c:\program files\Common Files\Adobe
2012-02-29 14:07 . 2012-02-29 14:07 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-02-29 13:59 . 2012-02-29 14:20 -------- d-----w- c:\users\sony_2\AppData\Local\Adobe
2012-02-29 13:14 . 2012-03-09 14:03 -------- d-----w- c:\users\sony_2\AppData\Roaming\IDM
2012-02-29 13:03 . 2012-02-29 13:03 -------- d-----w- c:\users\sony_2\AppData\Local\Diagnostics
2012-02-29 11:58 . 2012-02-29 11:58 417440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-02-29 11:58 . 2012-02-29 11:58 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-29 11:58 . 2012-02-29 11:58 -------- d-----w- c:\windows\system32\Macromed
2012-02-29 11:46 . 2012-02-29 11:46 -------- d-----w- c:\program files (x86)\Internet Download Manager
2012-02-25 12:11 . 2007-04-12 08:49 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2012-02-25 12:11 . 2006-09-26 08:27 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2012-02-25 12:11 . 2012-02-25 12:12 -------- d-----w- c:\program files (x86)\Ultra Video Splitter
2012-02-12 08:55 . 2012-02-12 08:55 -------- d-----w- c:\users\Mohit\AppData\Roaming\nView_Wallpaper
2012-02-10 11:20 . 2012-02-10 12:39 -------- d-----w- c:\users\Manisha\AppData\Roaming\vlc
2012-02-10 05:56 . 2012-02-10 05:56 -------- d-----w- c:\users\Manisha\AppData\Roaming\IrfanView
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-12 18:23 . 2011-12-12 18:23 17 ----a-w- c:\windows\SysWow64\shoE474.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-11-7 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-09 65536]
R2 mi-raysat_3dsMax2009_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [2008-03-09 65536]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-29 253600]
R3 Drmks_tnorc;Drmks_tnorc; [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-30 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-30 91296]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-27 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-28 1817088]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-01 378472]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-14 2656280]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine In
techsheaven
45
Posting Pro in Training
Uninstall firefox and all old/broken antivirus/antimalware programs.
Reinstall avast
Run avast boot time scan (quarantine or delete all detected objects).
http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html
Download, install, and run Emsisoft Anti-malware (quarantine or delete all detected objects).
http://download.cnet.com/Emsisoft-Anti-Malware-Free-Previously-A-squared-Free/3000-8022_4-10262215.html?tag=mncol;2
Download, install, and run HijackThis and post the report here
http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html?tag=mncol;1
Good Luck
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.