Jump to content

ep0cs

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Posts posted by ep0cs

    Help requested to deal with infection by Trojan.Ransom and PUM.UserWLoad

    in Resolved Malware Removal Logs

    Posted

    Your assistance is requested to deal with an infection on my Sony VAIO laptop.

     

    On booting the machine on 3 Jan, a SysTray pop-up asked whether I wanted to 'backup my key for encrypted files', and a Windows Account Control window asked whether to allow cmd.exe to run C:\ProgramData\{$5096-7835-3933-7043-2539$}\4813394.exe - I declined both.  My McAfee Internet Security flagged up a GTI detection of Artemis!<fingerprint> on that same file; it has since flagged up further Artemis alerts with varying fingerprints.

     

    The infection seems to be preventing any web access (although other protocols such as ping, ftp, smtp, still work), and IE10 will not run (or if I touch an email with web content, Outlook hangs), so I am having to download tools on to my home desktop machine and transfer them to the laptop by USB stick.

     

    I have run MBAM, although it spends several minutes before giving up on web access trying to check for updates, so I have only been able to run with the reference rules from 275 days ago.  MBAM scanner reports detecting PUM.UserWLoad and Trojan.Ransom registry values in HKCU\SOFTWARE\Windows NT\Windows|Load, but these don't seem to get deleted upon reboot. 

    MBAM also reported Trojan.Agents on a files C:\ProgramData\12746386487231648723648726384.exe, 2345234523452345.exe and 857499941.exe, which it says were quarantined and deleted successfully.  Although those files appear to have been removed from the \ProgramData\ folder, similarly named files (without the .exe extension) still exist in the following subfolders, all of which seem to be associated (similar datetime stamps):-

     

      C:\ProgramData\REGVIEW\ contains 12746386487231648723648726384 as well as a copy of the 4813394.exe previous mentioned at the top and identically sized files regview.exe and file1314.exe (which is hidden);

      C:\ProgramData\{$5096-7835-3933-7043-2539$}\ contains 857499941 as well regview.exe (slightly bigger) and file1314.exe (which is hidden);

      C:\ProgramData\GraphicsDriver\ contains 2345234523452345

     

    I have run MBAM again (after a similar delay), and MBAM scanner still reports detecting PUM.UserWLoad and Trojan.Ransom registry values in HKCU\SOFTWARE\Windows NT\Windows|Load.

     

    I have downloaded and run DDS.com, then transferred the logs back to my desktop and pasted them below.

     

    Your help would be greatly appreciated.

     

     

     

     

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16750
    Run by User at 12:16:59 on 2014-01-06
    Microsoft Windows 7 Professional   6.1.7601.1.1252.44.1033.18.3995.2335 [GMT 0:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files\McAfee\MSC\McAPExe.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
    C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Intuit\QuickBooks 2012\QBHelp.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe
    C:\Program Files\Sony\VAIO Care\VCPerfService.exe
    C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    C:\Program Files\Sony\VAIO Update\VUAgent.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files\Sony\VAIO Care\VCAgent.exe
    C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
    C:\Program Files\Sony\VAIO Care\listener.exe
    C:\Program Files\Sony\VAIO Care\VCAdmin.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uSearch Bar = Preserve
    uProxyOverride = <local>
    uWindows: Load = C:\Users\User\LOCALS~1\Temp\msauyri.scr
    mWinlogon: Userinit = userinit.exe,
    BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
    mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
    mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
    mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun: [intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe -launchonboot
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
    StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
    StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HpM3Util.exe
    StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SONYMS~1.LNK - C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204



    TCP: NameServer = 194.168.4.100 194.168.8.100
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325} : DHCPNameServer = 194.168.4.100 194.168.8.100
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\341637161467961647F62756 : DHCPNameServer = 80.93.143.42 80.93.143.44
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\3427F677E656D205C616A716D264275656D294E6475627E65647 : DHCPNameServer = 10.0.0.1 10.0.0.1
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\3514C4140234F4E4655474E4940234143514021465941445F42554 : DHCPNameServer = 80.93.143.42 80.93.143.44
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\6594547505F494E44523 : DHCPNameServer = 194.168.8.123 194.168.4.123
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\8686F6E6F62737 : DHCPNameServer = 172.16.2.5 8.8.8.8
    TCP: Interfaces\{94D63E36-F1E9-47C1-B76B-4E18377D6325}\8686F6E6F62737D2075726C69636 : DHCPNameServer = 172.16.2.5 8.8.8.8
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [McAfeeWrapperApplication] "C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll



    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned>
    x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-12 16152]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-8-15 782360]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-8-15 343696]
    R1 MOBK649Filter;MOBK649Filter;C:\Windows\System32\drivers\MOBK649.sys [2012-4-26 66040]
    R2 ActiveDelayDeviceService;ActiveDelayDeviceService;C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [2012-4-26 78472]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-12-19 1014096]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-12-19 1104208]
    R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-11 135952]
    R2 FPLService;TrueSuiteService;C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2012-2-20 300360]
    R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928]
    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-26 13592]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-26 2429544]
    R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
    R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-4-26 127320]
    R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-4-26 162648]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-4-16 201304]
    R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-10-17 178048]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928]
    R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-10-17 328928]
    R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-10-17 1025232]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe [2012-4-26 219272]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-26 182752]
    R2 MOBK649backup;McAfee Online Backup Service;C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [2011-4-18 223544]
    R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672]
    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-26 362840]
    R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-4-26 535688]
    R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2012-4-26 967256]
    R2 WDBtnMgrSvc.exe;WD Drive Manager Service;C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-7-24 118272]
    R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
    R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2011-8-19 1050016]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-12-19 1304912]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-8-15 70112]
    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-5 331264]
    R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-12 356120]
    R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-12 788760]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-2-28 25496]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-8-15 311120]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-8-15 519576]
    R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-26 676968]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2012-1-16 14336]
    R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
    R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-4-16 1368624]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
    S2 CLKMSVC10_9EC60124;CyberLink Product - 2013/09/22 18:57:32;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2013-4-26 247768]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
    S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-12-13 94720]
    S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-12-13 747008]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-10-17 197704]
    S3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-14 60416]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-2-28 34232]
    S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-1-4 36680]
    S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-26 225216]
    S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-3-30 237328]
    S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-26 19456]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-26 340072]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-26 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-26 30208]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-17 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam.sys [2008-7-10 14464]
    S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-4-16 201304]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-01-04 15:46:24    36680    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
    2014-01-04 12:23:56    --------    d-----w-    C:\Users\User\AppData\Roaming\Malwarebytes
    2014-01-04 12:23:46    --------    d-----w-    C:\ProgramData\Malwarebytes
    2014-01-04 12:23:45    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
    2014-01-04 12:23:45    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-01-04 12:18:14    --------    d-----w-    C:\Users\User\AppData\Local\ElevatedDiagnostics
    2014-01-04 12:10:08    --------    d-----w-    C:\Utilities
    2014-01-04 12:09:19    --------    d-----w-    C:\Program Files (x86)\stinger
    2014-01-03 21:31:02    --------    d--h--w-    C:\ProgramData\REGVIEW
    2014-01-03 10:11:30    --------    d--h--w-    C:\ProgramData\{$5096-7835-3933-7043-2539$}
    2014-01-03 09:39:09    --------    d--h--w-    C:\ProgramData\GraphicsDriver
    2014-01-02 17:29:03    --------    d-----w-    C:\Users\User\AppData\Roaming\Xuim
    2014-01-02 17:29:03    --------    d-----w-    C:\Users\User\AppData\Roaming\Xorita
    2014-01-02 17:29:03    --------    d-----w-    C:\Users\User\AppData\Roaming\Utsera
    2013-12-31 17:50:36    --------    d-----w-    C:\Users\User\AppData\Roaming\Xewaug
    2013-12-31 17:50:36    --------    d-----w-    C:\Users\User\AppData\Roaming\Muufs
    2013-12-31 17:50:36    --------    d-----w-    C:\Users\User\AppData\Roaming\Dauv
    2013-12-31 17:49:44    --------    d-----w-    C:\Users\User\AppData\Local\{2E8208B2-08DE-5661-09CA-8B33E8667ADA}
    2013-12-31 17:49:43    --------    d-----w-    C:\Users\User\AppData\Local\{34B98603-871F-A8C8-4C4C-8B2A2B10BD7E}
    2013-12-26 09:53:44    167424    ----a-w-    C:\Program Files\Windows Media Player\wmplayer.exe
    2013-12-26 09:53:44    164864    ----a-w-    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2013-12-26 09:53:44    12625920    ----a-w-    C:\Windows\System32\wmploc.DLL
    2013-12-26 09:53:43    12625408    ----a-w-    C:\Windows\SysWow64\wmploc.DLL
    2013-12-26 09:45:49    81408    ----a-w-    C:\Windows\System32\imagehlp.dll
    2013-12-26 09:45:49    159232    ----a-w-    C:\Windows\SysWow64\imagehlp.dll
    2013-12-26 09:45:48    3155968    ----a-w-    C:\Windows\System32\win32k.sys
    2013-12-26 09:45:46    335360    ----a-w-    C:\Windows\System32\msieftp.dll
    2013-12-26 09:45:45    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
    2013-12-26 09:45:27    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
    2013-12-26 09:45:27    2048    ----a-w-    C:\Windows\System32\tzres.dll
    2013-12-26 09:44:51    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
    2013-12-26 09:44:51    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
    2013-12-26 09:44:47    230400    ----a-w-    C:\Windows\System32\drivers\portcls.sys
    2013-12-26 09:44:47    116736    ----a-w-    C:\Windows\System32\drivers\drmk.sys
    2013-12-26 09:43:05    202752    ----a-w-    C:\Windows\System32\scrrun.dll
    2013-12-26 09:43:05    156160    ----a-w-    C:\Windows\System32\cscript.exe
    2013-12-26 09:43:05    150016    ----a-w-    C:\Windows\System32\wshom.ocx
    2013-12-26 09:43:05    121856    ----a-w-    C:\Windows\SysWow64\wshom.ocx
    2013-12-26 09:43:04    168960    ----a-w-    C:\Windows\System32\wscript.exe
    2013-12-26 09:43:04    141824    ----a-w-    C:\Windows\SysWow64\wscript.exe
    2013-12-26 09:43:03    163840    ----a-w-    C:\Windows\SysWow64\scrrun.dll
    2013-12-26 09:43:03    126976    ----a-w-    C:\Windows\SysWow64\cscript.exe
    .
    ==================== Find3M  ====================
    .
    2013-12-11 19:37:27    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-11 19:37:27    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-11-26 22:07:44    10856    ----a-w-    C:\Windows\System32\drivers\mfeclnrk.sys
    2013-11-26 22:07:22    96112    ----a-w-    C:\Windows\System32\drivers\mfencrk.sys
    2013-11-26 22:07:02    411944    ----a-w-    C:\Windows\System32\drivers\mfencbdc.sys
    2013-11-16 19:54:41    20992    ----a-w-    C:\Windows\jestertb.dll
    2013-11-04 16:51:44    70112    ----a-w-    C:\Windows\System32\drivers\cfwids.sys
    2013-11-04 16:46:34    343696    ----a-w-    C:\Windows\System32\drivers\mfewfpk.sys
    2013-11-04 16:46:16    182752    ----a-w-    C:\Windows\System32\mfevtps.exe
    2013-11-04 16:43:04    782360    ----a-w-    C:\Windows\System32\drivers\mfehidk.sys
    2013-11-04 16:41:22    519576    ----a-w-    C:\Windows\System32\drivers\mfefirek.sys
    2013-11-04 16:40:00    311120    ----a-w-    C:\Windows\System32\drivers\mfeavfk.sys
    2013-11-04 16:39:20    179792    ----a-w-    C:\Windows\System32\drivers\mfeapfk.sys
    2013-10-25 06:19:22    2241536    ----a-w-    C:\Windows\System32\wininet.dll
    2013-10-25 06:17:57    3959808    ----a-w-    C:\Windows\System32\jscript9.dll
    2013-10-25 06:17:52    67072    ----a-w-    C:\Windows\System32\iesetup.dll
    2013-10-25 06:17:52    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
    2013-10-25 04:45:11    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
    2013-10-25 04:43:42    2877952    ----a-w-    C:\Windows\SysWow64\jscript9.dll
    2013-10-25 04:43:38    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
    2013-10-25 04:43:38    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
    2013-10-25 04:07:48    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
    2013-10-25 03:41:01    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
    2013-10-25 03:17:49    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
    2013-10-25 02:49:34    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-10-12 02:30:42    830464    ----a-w-    C:\Windows\System32\nshwfp.dll
    2013-10-12 02:29:21    859648    ----a-w-    C:\Windows\System32\IKEEXT.DLL
    2013-10-12 02:29:08    324096    ----a-w-    C:\Windows\System32\FWPUCLNT.DLL
    2013-10-12 02:03:08    656896    ----a-w-    C:\Windows\SysWow64\nshwfp.dll
    2013-10-12 02:01:25    216576    ----a-w-    C:\Windows\SysWow64\FWPUCLNT.DLL
    .
    ============= FINISH: 12:17:39.70 ===============
     

     

     

     

     

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume3
    Install Date: 03/04/2013 10:55:54
    System Uptime: 06/01/2014 10:43:40 (2 hours ago)
    .
    Motherboard: Sony Corporation |  | VAIO
    Processor: Intel® Core i5-3210M CPU @ 2.50GHz | N/A | 2501/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 299 GiB total, 235.815 GiB free.
    D: is CDROM ()
    E: is FIXED (NTFS) - 278 GiB total, 254.944 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP54: 06/12/2013 22:35:57 - Scheduled Checkpoint
    RP55: 15/12/2013 14:04:38 - Scheduled Checkpoint
    RP56: 23/12/2013 10:13:56 - Scheduled Checkpoint
    RP57: 26/12/2013 09:46:00 - Windows Update
    RP58: 02/01/2014 13:41:32 - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    ????? Windows Live
    ?????? Windows Live
    ??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ??????????
    ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
    ???????? ?????????? Windows Live
    ?????????? Windows Live
    ??????????? ?? Windows Live
    ???????????? Windows Live
    ACID Music Studio 8.0
    ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
    ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
    Adobe Acrobat X Standard - English, Français, Deutsch
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.8) MUI
    Aloha TriPeaks
    Altova XMLSpy® 2013 rel. 2 sp2 Professional Edition
    ArcSoft WebCam Companion 4
    AuthenTec TrueSuite
    AuthenTec WinBio FingerPrint Software
    Basic PAYE Tools - Real Time Information
    BBC iPlayer Desktop
    Bejeweled 3
    Bing Bar
    Build-a-lot 2
    Chuzzle Deluxe
    Contrôle ActiveX Windows Live Mesh pour connexions à distance
    Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas
    CyberLink PowerDVD
    D3DX10
    Data Lifeguard Diagnostic for Windows
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dolby Home Theater v4
    DVD Architect Studio 5.0
    Evernote v. 4.5.2
    FDUx86
    FileZilla Client 3.7.3
    Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
    Fotogalerija Windows Live
    Galeria de Fotografias do Windows Live
    Galeria fotografii uslugi Windows Live
    Galerie de photos Windows Live
    Galerie foto Windows Live
    HP FWUpdateEDO2
    HP Officejet Pro 8100 Basic Device Software
    HP Officejet Pro 8100 Help
    HP Update
    HPDiagnosticAlert
    Intel PROSet Wireless
    Intel® Management Engine Components
    Intel® OpenCL CPU Runtime
    Intel® Processor Graphics
    Intel® PROSet/Wireless for Bluetooth® + High Speed
    Intel® PROSet/Wireless Software for Bluetooth® Technology
    Intel® Rapid Storage Technology
    Intel® USB 3.0 eXtensible Host Controller Driver
    Intel® WiDi
    Intel® Wireless Display
    Intel® AT Service signup
    Intel® PROSet/Wireless WiFi Software
    Intel® Trusted Connect Service Client
    Java Auto Updater
    Java 7 Update 1
    Java 7 Update 1 (64-bit)
    Jewel Match 3
    Jewel Quest II
    Junk Mail filter update
    Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
    KUx86
    Mahjongg Artifacts
    Malwarebytes Anti-Malware version 1.75.0.1300
    McAfee Internet Security
    McAfee Online Backup
    Media Go
    Mesh Runtime
    Microsoft .NET Framework 4.5.1
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Business 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    MSVCRT
    MSVCRT Redists
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    Mystery P.I. - The London Caper
    Notepad++
    Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
    Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
    PlayStation®Network Downloader
    PlayStation®Store
    Poczta uslugi Windows Live
    Podstawowe programy Windows Live
    Pošta Windows Live
    PYV_x86
    QuickBooks
    QuickBooks Pro 2012
    Raccolta foto di Windows Live
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Realtek PCIE Card Reader
    S?????? f?t???af??? t?? Windows Live
    Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Shared C Run-time for x64
    Skype™ 5.10
    Sound Forge Audio Studio 10.0
    SSLx64
    SSLx86
    St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
    Synaptics Pointing Device Driver
    TriDef 3D (Sony) 2.0.5
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
    Update Installer for WildTangent Games App
    Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
    V3DPx86
    VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
    VAIO 3D Portal
    VAIO Care
    VAIO Control Center
    VAIO CPU Fan Diagnostic
    VAIO Data Restore Tool
    VAIO Easy Connect
    VAIO Gate
    VAIO Gate Default
    VAIO Gesture Control
    VAIO Improvement
    VAIO Improvement Validation
    VAIO Manual
    VAIO Smart Network
    VAIO Transfer Support
    VAIO Update
    VBMx86
    VCCx64
    VCCx86
    Vegas Movie Studio HD Platinum 11.0
    VGClientX64
    VGClientX86
    VHD
    VIx64
    VIx86
    VMLx86
    VPMx64
    VSNx64
    VSNx86
    VSSTx64
    VSSTx86
    VU5x64
    VU5x86
    VWSTx86
    WD Drive Manager (x64)
    WildTangent Games
    WildTangent Games App
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Fotótár
    Windows Live Fotogalerie
    Windows Live Fotogalleri
    Windows Live Fotogaléria
    Windows Live Fotograf Galerisi
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
    Windows Live Mesh ActiveX-objekt til fjernforbindelser
    Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Meshin etäyhteyksien ActiveX-komponentti
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Temel Parçalar
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Liven asennustyökalu
    Windows Liven sähköposti
    Windows Liven valokuvavalikoima
    XAMPP 1.8.1-0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    04/01/2014 19:27:18, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    04/01/2014 15:44:51, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:21:05, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
    04/01/2014 15:21:05, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
    04/01/2014 15:19:02, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:41, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    04/01/2014 15:17:40, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    04/01/2014 15:17:36, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    04/01/2014 15:17:36, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    04/01/2014 15:17:32, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    04/01/2014 15:17:22, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    04/01/2014 15:17:02, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache mfehidk MOBK649Filter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
    04/01/2014 15:17:02, Error: Service Control Manager [7001]  - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:02, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:02, Error: Service Control Manager [7001]  - The McAfee Anti-Malware Core service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 15:17:01, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
    04/01/2014 14:03:13, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
    04/01/2014 12:18:47, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
    04/01/2014 12:17:20, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MOBK649Filter spldr Wanarpv6
    04/01/2014 00:26:17, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service.
    03/01/2014 13:36:33, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
    03/01/2014 09:57:52, Error: Service Control Manager [7023]  - The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error:  %%-2147196306
    01/01/2014 16:03:17, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    01/01/2014 11:46:35, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.
    01/01/2014 11:40:06, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ActiveDelayDeviceService service.
    01/01/2014 11:39:35, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
    01/01/2014 11:33:03, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
    01/01/2014 11:33:03, Error: Service Control Manager [7000]  - The Windows Live ID Sign-in Assistant service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    .
    ==== End Of File ===========================
     

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.