Emma1 Posted July 14, 2012 ID:570698 Share Posted July 14, 2012 My internet access has been down for a week. I thought I may have DNS but no malware/antivirus program found it. Today internet access returned and I tried to download Malwarebytes but definitions will not update even after cleaning tool.Vaio laptop running Win 7.I have attached the two logs as directed.Hope you can help me please.DDS2.txtAttach2.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 16, 2012 ID:571375 Share Posted July 16, 2012 Hello Emma1 and welcome to MalwareBytes forums.Did you only just recently install MS Security Essentials in June?What antivirus program was installed before MSE ?Was this system ever without an antivirus program?Please provide answers.And do as much as possible of the followingStep 11. Go >> Here << and download ERUNT (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup (the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked 6. Press OK7. Press YES to create the folder.Step 2To show all files:Go to your DesktopDouble-Click the Computer icon. From the menu options, Select Tools, then Folder Options. Next click the View tab. Locate and uncheck Hide file extensions for known file types. Locate and uncheck Hide protected operating system files (Recommended). Locate and click Show hidden files and folders and drives. Click Apply > OK. Step 3Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsFor directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallDownload aswMBR.exe ( 511KB ) to your desktop.On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.On Windows XP, double click the exe to start.change the a-v scan to None.uncheck trace disk IO callsClick the "Scan" button to start scanOn completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next replyStep 4Please read carefully and follow these steps.Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.Download TDSSKiller and save it to your Desktop.If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.If on Windows XP, double-click to start. Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OKThen press Start ScanWhen the scan is done, it will display a summary screen. If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. Step 5RE-Enable your antivirus program. Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exeClose all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 Right click the icon and Run as Administrator) to start the program.In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!Exit OTL by clicking the X at top right.Download Security Check by screen317 and save it to your Desktop: here or hereRun Security Check Follow the onscreen instructions inside of the command window.A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.Then copy/paste the following into your post (in order):the contents of aswMBR report;the contents of TDSSKILLER log;the contents of OTL.txt;the contents of Extras.txt ; andthe contents of checkup.txt Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply. Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 18, 2012 ID:572543 Share Posted July 18, 2012 It has been 2 days since my reply to you. Kindly give status update & advise if you need extra help or have questions.If I do not hear back from you in another 2 days, this topic will be closed. Link to post Share on other sites More sharing options...
Emma1 Posted July 19, 2012 Author ID:572840 Share Posted July 19, 2012 Thank you Mr. Naggar. I must have missed your first reply. Sorry. I have used Microsft Essentials for past 2 yrs. But when I lost ability to connect to the internet I noticed my antivirus had disappeared from my laptop.I've tried sending the test results 5x and each time I am told it is too long even with only one result listed.Can I please attach? Frustration is setting in! Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 19, 2012 ID:572986 Share Posted July 19, 2012 Yes, you can attach logs as needed. See our webpage-help and review the section on Attachments http://forums.malwarebytes.org/index.php?app=core&module=helpThen attach as needed in your reply.Keep up your courage and don't be so frustrated. Link to post Share on other sites More sharing options...
Emma1 Posted July 19, 2012 Author ID:573019 Share Posted July 19, 2012 Test Results:aswMBR version 0.9.9.1665 Copyright© 2011 AVAST SoftwareRun date: 2012-07-18 20:32:21-----------------------------20:32:21.437 OS Version: Windows x64 6.1.7601 Service Pack 120:32:21.437 Number of processors: 4 586 0x250520:32:21.437 ComputerName: FLEURYMD-VAIO UserName: fleurymd20:32:21.546 Initialize success20:33:08.050 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-120:33:08.050 Disk 0 Vendor: Intel___ 1.0. Size: 122110MB BusType: 820:33:08.065 Disk 0 MBR read successfully20:33:08.065 Disk 0 MBR scan20:33:08.065 Disk 0 Windows 7 default MBR code20:33:08.065 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 11306 MB offset 204820:33:08.081 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2315673620:33:08.081 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 110702 MB offset 2336153620:33:08.081 Disk 0 scanning C:\Windows\system32\drivers20:33:09.516 Service scanning20:33:12.511 Modules scanning20:33:12.511 Scan finished successfully20:34:54.052 Disk 0 MBR has been saved successfully to "C:\Users\fleurymd\Desktop\MBR.dat"20:34:54.052 The log file has been saved successfully to "C:\Users\fleurymd\Desktop\aswMBR.txt"tdsskiller report.txtOTL.TxtExtras.Txtcheckup.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 19, 2012 ID:573039 Share Posted July 19, 2012 Your logs showed some peer-to-peer filesharing apps: uTorrent I do not recommend the use of P-2-P programs since such filesharing/downloading from unknown sources is one of the leading causes of transmission of malware.Risks of File-Sharing Technology.P2P file sharing: Know the risksUtorrent and any peer-to-peer fileshare must be de-installed before we continue, AND you must confirm having done so.This pc has Iobit Advanced System Care. Iobit has a poor reputation. Please un-install Advanced System Care.Go to Control Panel >> Programs and Features.Locate, select, then do a Right-click on it and select Uninstall (remove).This pc has S*uperantispyware. For the duration of this help-case, Uninstall that.Confirm this, and give me an idea of how the system appears today ?The results from aswMBR & TDSSKILLER are good. Link to post Share on other sites More sharing options...
Emma1 Posted July 19, 2012 Author ID:573155 Share Posted July 19, 2012 I deleted the programs you suggested but still cannot access the internet through my D-link-655.. The network worked fine before this strange event and although I have reconfigured to start fresh no connection is made. I even hooked the internet cable direct to my laptop but still no connection is made. My service provider is stymied.Afraid I've tried so many things over the last couple of weeks I may have made it worse.Appreciate any thoughts you may have. Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 20, 2012 ID:573555 Share Posted July 20, 2012 Do you have access to another pc where you can do downloads of tools, then sneaker-net-transport to the problem pc using CD/DVD or a new/clean USB-flash-thumb drive?IF you have MBAM already installed on this pc, please go ahead & start MBAM and do a Full scan.Then post copy of the scan log for review. Link to post Share on other sites More sharing options...
Emma1 Posted July 23, 2012 Author ID:574876 Share Posted July 23, 2012 Good news. PC is connecting to the internet.I did download Malwarebytes but during setup I received an error message stating I could not update."Program_Error_Updating [0,0,DNS error]"I ran a quick and full scan with updates 19 days in arrears. Both scans said I was clear of problems.Could the DNS error be router related?Thank you again for all your help and putting up with my late night frustrations of copying test results. Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 23, 2012 ID:575051 Share Posted July 23, 2012 Cannot tell if the router is involved or not.Let's put aside the MBAM update issue for now.Please do the following:Note this will involve a restart of the system as part of the batch-run. So close any work documents you may have opened.Please copy/paste the lines in bold below to Notepad:@Echo onpushd\windows\system32\drivers\etcattrib -h -s -r hostsecho 127.0.0.1 localhost>HOSTSattrib +r +h +s hostspopdipconfig /releaseipconfig /renewipconfig /flushdnsnetsh winsock reset allnetsh int ip reset allshutdown -r -t 1del %0Save as flush.bat to your desktop.Double-click flush.bat file to run it. Your computer will reboot.Next, do a new run of DDSthen copy & paste all contents of DDS.txt + Attach.txt for review Link to post Share on other sites More sharing options...
Emma1 Posted July 25, 2012 Author ID:576136 Share Posted July 25, 2012 .DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 8.0.7601.17514Run by fleurymd at 20:31:19 on 2012-07-24Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3766.2031 [GMT -7:00].AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\system32\conhost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\nvvsvc.exeC:\Program Files\Protector Suite\upeksvr.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exeC:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exeC:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\SysWOW64\DllHost.exeC:\Windows\System32\alg.exeC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\system32\taskeng.exeC:\Program Files\Sony\VAIO Gate\VAIO Gate.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Sony\VAIO Care\VCSpt.exeC:\Windows\system32\taskhost.exeC:\Program Files\Sony\VAIO Power Management\SPMgr.exeC:\Program Files\Sony\VAIO Power Management\SPMService.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\explorer.exeC:\Program Files\Realtek\Audio\HDA\vncutil64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Program Files\Protector Suite\psqltray.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exeC:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exeC:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Sony\VAIO Care\VCsystray.exeC:\Windows\System32\vds.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Windows\system32\sppsvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exeC:\Windows\system32\conhost.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://news1130.com/mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNTBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartupmRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startupmRun: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLIE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dllTrusted Zone: behr.com\wwwTrusted Zone: benjaminmoore.com\wwwTrusted Zone: costco.ca\wwwTrusted Zone: mls.caTrusted Zone: utorrent.comDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/CA/Core/Player/2020PlayerAX_IKEA_Win32.cabDPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/CA/Core/Player/2020PlayerAX_Win32.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{5AA4DC31-007E-4DF3-AF2D-3D56E85F0FE1} : NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00} : NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00} : DhcpNameServer = 192.168.0.1TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00}\46C696E6B6 : DhcpNameServer = 192.168.0.1TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00}\64C454552595D444 : DhcpNameServer = 192.168.0.1TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00}\74967616375647530354 : DhcpNameServer = 192.168.1.254 192.168.1.254TCP: Interfaces\{8B9218F7-9A87-4080-88BC-01A05528F982} : NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{8B9218F7-9A87-4080-88BC-01A05528F982} : DhcpNameServer = 192.168.0.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllLSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dllBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dllBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllmRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartupmRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startupmRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayIE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmSEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R0 SMR300;Symantec SMR Utility Service 3.0.0;C:\Windows\system32\drivers\SMR300.SYS --> C:\Windows\system32\drivers\SMR300.SYS [?]R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-1 13336]R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-22 655944]R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-9-5 190496]R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-9-5 104960]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-1 2320920]R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-9-6 574320]R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-5 135664]S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-3-18 852336]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-20 257224]S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-5 135664]S3 MSSQL$DDNI;SQL Server (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-3-30 43010392]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-9-6 108400]S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-9-6 422768]S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-9-6 67952]S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-2-8 302448]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 KMService;KMService;C:\Windows\System32\srvany.exe [2011-3-20 8192]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]S4 SQLAgent$DDNI;SQL Server Agent (DDNI);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 366936].=============== Created Last 30 ================.2012-07-24 22:44:41 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30A8667C-A82E-43DE-8029-376B4CDEAE2A}\mpengine.dll2012-07-23 22:44:19 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-07-23 02:43:14 -------- d-----w- C:\Users\fleurymd\AppData\Roaming\Malwarebytes2012-07-23 02:43:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-07-23 02:43:03 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware2012-07-21 23:31:56 -------- d-----w- C:\Users\fleurymd\.MakeMKV2012-07-21 23:31:40 -------- d-----w- C:\Program Files (x86)\MakeMKV2012-07-16 23:02:45 -------- d-----w- C:\Users\fleurymd\AppData\Local\Adobe2012-07-14 16:22:01 -------- d-----w- C:\ProgramData\Malwarebytes2012-07-14 04:01:53 -------- d-----w- C:\Windows\pss2012-07-14 02:26:53 -------- d-sh--w- C:\$RECYCLE.BIN2012-07-14 02:08:51 98816 ----a-w- C:\Windows\sed.exe2012-07-14 02:08:51 518144 ----a-w- C:\Windows\SWREG.exe2012-07-14 02:08:51 256000 ----a-w- C:\Windows\PEV.exe2012-07-14 02:08:51 208896 ----a-w- C:\Windows\MBR.exe2012-07-13 04:21:08 96376 ----a-w- C:\Windows\System32\drivers\SMR300.SYS2012-07-13 04:21:05 -------- d-----w- C:\Users\fleurymd\AppData\Local\NPE2012-07-12 10:03:07 3148800 ----a-w- C:\Windows\System32\win32k.sys2012-07-11 17:16:44 33096 ----a-w- C:\Windows\System32\drivers\48230029.sys2012-07-05 18:36:04 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EE9E971E-97A9-43C7-8B4D-639DE4E4038A}\gapaengine.dll.==================== Find3M ====================.2012-06-21 04:30:52 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-06-21 04:30:52 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe.============= FINISH: 20:31:48.12 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 11/1/2010 4:48:18 PMSystem Uptime: 7/24/2012 8:28:48 PM (0 hours ago).Motherboard: Sony Corporation | | VAIOProcessor: Intel® Core i5 CPU M 520 @ 2.40GHz | N/A | 1464/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 108 GiB total, 37.99 GiB free.D: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP356: 7/12/2012 3:00:13 AM - Windows UpdateRP357: 7/15/2012 11:00:00 AM - Windows UpdateRP358: 7/19/2012 9:46:58 PM - Windows UpdateRP359: 7/20/2012 9:09:04 PM - Shaw Internet ÄüRP360: 7/23/2012 3:44:12 PM - Windows Update.==== Installed Programs ======================.. Update for Microsoft Office 2007 (KB2508958)µTorrentAdobe AIRAdobe Flash Player 10 PluginAdobe Flash Player 11 ActiveXAdobe Reader 9.4.6Application Manager for VAIOArcSoft Magic-i Visual Effects 2ArcSoft WebCam Companion 3Auslogics BoostSpeed 5.2Debut Video Capture SoftwareDulux MyColour4eRegEvernoteFreeze.com NetAssistantGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperGoToAssist CorporateIntel® Control CenterIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyIntel® Turbo Boost Technology DriverJava Auto UpdaterJava 6 Update 18Junk Mail filter updateMakeMKV v1.7.6Malwarebytes Anti-Malware version 1.62.0.1300Media GalleryMicrosoft Choice GuardMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2008Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Common FilesMicrosoft SQL Server 2008 Database Engine ServicesMicrosoft SQL Server 2008 Database Engine SharedMicrosoft SQL Server 2008 RsFx DriverMicrosoft SQL Server 2008 Setup Support FilesMicrosoft SQL Server Compact 3.5 SP2 ENUMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MSVCRTMSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)NetAssistantOOBEPMBPMB VAIO Edition GuidePMB VAIO Edition plug-in (Click to Disc)PMB VAIO Edition plug-in (VAIO Image Optimizer)PMB VAIO Edition plug-in (VAIO Movie Story)Realtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2596917) 32-Bit EditionService Pack 1 for SQL Server 2008 (KB968369)Setting Utility SeriesSmartWi Connection UtilitySony Home Network LibrarySql Server Customer Experience Improvement ProgramSysTools WAB ConverterUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VAIO CareVAIO Content Monitoring SettingsVAIO Control CenterVAIO Data Restore ToolVAIO DVD Menu DataVAIO Entertainment PlatformVAIO Event ServiceVAIO GateVAIO Gate DefaultVAIO Hardware DiagnosticsVAIO Help and SupportVAIO Media plusVAIO Media plus Opening MovieVAIO MessengerVAIO Movie Story Template DataVAIO Original Function SettingsVAIO Power ManagementVAIO Sample ContentsVAIO SurveyVAIO Transfer SupportVAIO Wallpaper ContentsVAIO Window OrganizerVideoPad Video EditorVLC media player 1.1.11Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live Upload ToolWindows Live WriterWinZip 15.0.==== Event Viewer Messages From Past Week ========.7/24/2012 8:31:10 PM, Error: Service Control Manager [7001] - The VAIO Entertainment Common Service service depends on the Remote Desktop Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.7/24/2012 8:31:10 PM, Error: Service Control Manager [7001] - The VAIO Content Folder Watcher service depends on the Remote Desktop Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.7/24/2012 8:29:14 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.7/24/2012 8:29:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom PxHlpa64 wayuia zvijcv7/24/2012 8:00:06 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR5.7/22/2012 7:18:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.7/21/2012 7:38:49 AM, Error: NetBT [4321] - The name "HOMENETWORK27 :1d" could not be registered on the interface with IP address 192.168.0.197. The computer with the IP address 192.168.0.199 did not allow the name to be claimed by this computer.7/21/2012 4:42:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.7/21/2012 3:34:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: wayuia zvijcv7/20/2012 6:40:53 PM, Error: BROWSER [8019] - The browser was unable to promote itself to master browser. The browser will continue to attempt to promote itself to the master browser, but will no longer log any events in the event log in Event Viewer.7/20/2012 4:57:31 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is FLEURYMDPC.7/19/2012 9:38:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1760.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.7/19/2012 10:01:03 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1760.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.7/18/2012 7:36:34 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.7/18/2012 7:34:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.7/18/2012 12:43:22 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1760.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.7/18/2012 10:04:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1760.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 25, 2012 ID:576591 Share Posted July 25, 2012 Log still shows µTorrent. You must uninstall it. Use Control Panel >> Programs and Features.Select µTorrent, do a right-click on it and uninstallWhen done, close Control Panel.1. Open Internet Explorer.2. Click "Tools," and then click "Internet Options."3. Click "Connections," and then click "LAN Settings."4. Make sure the check boxes for "Automatically detect settings" and "Use automatic configuration script" are not selected.5. Make sure Proxy servers block is not selected (not checkmarked).6. Apply changes & OKNow, logoff and Restart Windows fresh.You will want to print out or copy these instructions to Notepad for offline reference!These steps are for member Emma1 only. If you are a casual viewer, do NOT try this on your system! If you are not and have a similar problem, do NOT post here; start your own topicDo not run or start any other programs while these utilities and tools are in use!Do NOT run any other tools on your own or do any fixes other than what is listed here.If you have questions, please ask before you do something on your own.But it is important that you get going on these following steps.=Close any of your open programs while you run these tools.On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn.If you have a prior copy of Combofix, delete it now Download Combofix from any of the links below, and SAVE it to your Desktop. Link 1Link 2**Note: It is important that it is saved directly to your Desktop and not run straight away from download **Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsHave infinite patience during the run & scan by Combofix. It has many phases: some 50+ stagesIt will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.Right- click on Combo-Fix.exe on your Desktop and select "Run as Administrator". A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. A file will be created at => C:\Combofix.txt. Notes:[1] IF after Combofix reboot you get the message Illegal operation attempted on registry key that has been marked for deletion....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed.[2] Do not mouseclick combofix's window nor run any program while Combofix is running.That may cause it to stall.[3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh :!:Reply & attach the C:\Combofix.txt log and tell me, How is the system now ?Re-enable your antivirus program. Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 29, 2012 ID:578096 Share Posted July 29, 2012 Are you still with me? Have you resolved all your issues? Please advise soon. If I do not hear back from you, I will close this help-topic. Link to post Share on other sites More sharing options...
Emma1 Posted July 29, 2012 Author ID:578164 Share Posted July 29, 2012 Yes, still with you but delayed because of life demands and not on my pc.Thank you for your patience!Utorrent deleted.Lan settings in placeCombofix log:ComboFix 12-07-29.02 - fleurymd 07/29/2012 9:57.2.4 - x64Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3766.2188 [GMT -7:00]Running from: D:\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))))..2012-07-29 17:00 . 2012-07-29 17:00 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-29 00:06 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5052DB8C-2119-4886-A4E2-C42B8EC1AD20}\mpengine.dll2012-07-28 16:17 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-07-26 02:24 . 2012-07-26 02:24 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll2012-07-26 02:23 . 2012-07-26 02:23 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll2012-07-26 02:22 . 2012-07-26 02:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll2012-07-26 02:22 . 2012-07-26 02:22 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll2012-07-23 02:43 . 2012-07-23 02:43 -------- d-----w- c:\users\fleurymd\AppData\Roaming\Malwarebytes2012-07-23 02:43 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys2012-07-23 02:43 . 2012-07-23 02:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-07-21 23:31 . 2012-07-21 23:31 -------- d-----w- c:\users\fleurymd\.MakeMKV2012-07-21 23:31 . 2012-07-21 23:31 -------- d-----w- c:\program files (x86)\MakeMKV2012-07-16 23:02 . 2012-07-21 22:52 -------- d-----w- c:\users\fleurymd\AppData\Local\Adobe2012-07-14 16:22 . 2012-07-14 16:22 -------- d-----w- c:\programdata\Malwarebytes2012-07-13 04:21 . 2012-07-13 04:21 96376 ----a-w- c:\windows\system32\drivers\SMR300.SYS2012-07-13 04:21 . 2012-07-13 04:36 -------- d-----w- c:\users\fleurymd\AppData\Local\NPE2012-07-12 10:03 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys2012-07-11 17:16 . 2012-07-11 17:16 33096 ----a-w- c:\windows\system32\drivers\48230029.sys2012-07-05 18:36 . 2012-02-12 18:51 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE9E971E-97A9-43C7-8B4D-639DE4E4038A}\gapaengine.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-07-03 10:19 . 2010-11-08 22:48 59701280 ----a-w- c:\windows\system32\MRT.exe2012-06-21 04:30 . 2012-06-21 04:30 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-06-21 04:30 . 2011-06-26 02:00 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-06-02 22:19 . 2012-06-22 11:54 38424 ----a-w- c:\windows\system32\wups.dll2012-06-02 22:19 . 2012-06-22 11:54 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-02 22:19 . 2012-06-22 11:54 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-02 22:19 . 2012-06-22 11:54 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-02 22:19 . 2012-06-22 11:53 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 22:19 . 2012-06-22 11:54 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-02 22:15 . 2012-06-22 11:54 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:15 . 2012-06-22 11:53 36864 ----a-w- c:\windows\system32\wuapp.exe2012-06-02 22:15 . 2012-06-22 11:54 99840 ----a-w- c:\windows\system32\wudriver.dll2012-05-15 04:01 . 2012-06-21 06:23 1188864 ----a-w- c:\windows\system32\wininet.dll2012-05-15 03:59 . 2012-06-21 06:23 64512 ----a-w- c:\windows\system32\jsproxy.dll2012-05-15 03:03 . 2012-06-21 06:23 981504 ----a-w- c:\windows\SysWow64\wininet.dll2012-05-04 11:06 . 2012-06-21 06:21 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe2012-05-04 10:03 . 2012-06-21 06:21 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2012-05-04 10:03 . 2012-06-21 06:21 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2012-05-01 05:40 . 2012-06-21 06:23 209920 ----a-w- c:\windows\system32\profsvc.dll..((((((((((((((((((((((((((((( SnapShot@2012-07-14_02.12.13 ))))))))))))))))))))))))))))))))))))))))).+ 2010-04-01 21:28 . 2012-07-29 16:52 74802 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin+ 2009-07-14 05:10 . 2012-07-29 16:52 39162 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin+ 2010-09-06 06:22 . 2012-07-29 17:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2010-09-06 06:22 . 2012-07-14 01:30 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2010-09-06 06:22 . 2012-07-29 17:01 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2010-09-06 06:22 . 2012-07-14 01:30 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat+ 2009-07-14 04:54 . 2012-07-29 17:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat- 2009-07-14 04:54 . 2012-07-14 01:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2010-11-04 01:00 . 2012-07-29 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2010-11-04 01:00 . 2012-07-14 01:32 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2012-07-26 02:20 . 2012-07-29 16:56 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat+ 2012-07-26 02:20 . 2012-07-29 16:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat+ 2012-07-26 02:20 . 2012-07-29 16:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat+ 2010-11-04 01:00 . 2012-07-29 16:56 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2010-11-04 01:00 . 2012-07-14 01:32 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2010-11-04 01:00 . 2012-07-14 01:32 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2010-11-04 01:00 . 2012-07-29 16:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2010-11-04 00:13 . 2012-07-29 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2010-11-04 00:13 . 2012-07-14 01:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2010-11-04 00:13 . 2012-07-29 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat- 2010-11-04 00:13 . 2012-07-14 01:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat- 2011-03-21 02:48 . 2012-07-12 10:03 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe- 2011-03-21 02:48 . 2012-07-12 10:03 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe- 2011-03-21 02:48 . 2012-07-12 10:03 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe+ 2009-02-26 20:09 . 2009-02-26 20:09 10120 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\XLCALL32.DLL+ 2009-02-27 01:43 . 2009-02-27 01:43 71520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\XL12CNVP.DLL+ 2009-02-27 00:45 . 2009-02-27 00:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WRD12EXE.EXE+ 2011-05-31 23:31 . 2011-05-31 23:31 32128 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VPREVIEW.EXE+ 2009-02-26 05:05 . 2009-02-26 05:05 76168 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWSTRUCT.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 18808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWRECS.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 50544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWRECE.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 26488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWORIENT.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 57192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWLAY32.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 86896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWCUTLIN.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 29000 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\THOCRAPI.DLL+ 2011-07-20 12:17 . 2011-07-20 12:17 33152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SETLANG.EXE+ 2009-02-26 05:05 . 2009-02-26 05:05 18808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\REVERSE.DLL+ 2011-07-27 11:53 . 2011-07-27 11:53 39464 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\REFIEBAR.DLL+ 2009-02-27 02:21 . 2009-02-27 02:21 38224 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\REFEDIT.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 76176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\PSOM.DLL+ 2009-02-26 19:09 . 2009-02-26 19:09 43352 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLRPC.DLL+ 2011-07-27 12:17 . 2011-07-27 12:17 22432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OISCTRL.DLL+ 2011-07-27 12:25 . 2011-07-27 12:25 53728 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OFFRHD.DLL+ 2011-07-27 11:53 . 2011-07-27 11:53 64872 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\NAME.DLL+ 2009-02-27 10:42 . 2009-02-27 10:42 66440 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSONPUI.DLL+ 2009-02-27 10:42 . 2009-02-27 10:42 31640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSONPMON.DLL+ 2011-07-20 12:23 . 2011-07-20 12:23 65408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOMSE.DLL+ 2009-02-27 00:07 . 2009-02-27 00:07 67440 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOHTMED.EXE+ 2009-02-27 00:07 . 2009-02-27 00:07 75120 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOHEV.DLL+ 2009-02-27 02:21 . 2009-02-27 02:21 25968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOEURO.DLL+ 2011-07-27 11:34 . 2011-07-27 11:34 13712 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOCFU.DLL+ 2011-07-20 12:23 . 2011-07-20 12:23 47472 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSE7.EXE+ 2009-02-26 20:13 . 2009-02-26 20:13 65928 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSAEXP30.DLL+ 2009-02-26 19:09 . 2009-02-26 19:09 20352 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MLSHEXT.DLL+ 2011-05-31 23:26 . 2011-05-31 23:26 88448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\METCONV.DLL+ 2011-07-20 14:06 . 2011-07-20 14:06 65408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\INLAUNCH.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 32624 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESYSTEMMODE.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 15720 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESTDURLLAUNCHER.EXE+ 2009-02-27 01:36 . 2009-02-27 01:36 21856 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVENEW.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 30040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEMONITOR.EXE+ 2009-02-27 01:36 . 2009-02-27 01:36 32616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECLEAN.EXE+ 2009-02-27 01:36 . 2009-02-27 01:36 15200 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEAUTOPROXY.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 64856 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEAUDITSERVICE.EXE+ 2009-02-26 05:05 . 2009-02-26 05:05 75120 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\FORM.DLL+ 2011-07-28 00:49 . 2011-07-28 00:49 56696 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\EXP_XPS.DLL+ 2011-07-28 00:49 . 2011-07-28 00:49 95608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\EXP_PDF.DLL+ 2009-02-26 20:46 . 2009-02-26 20:46 64344 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\COLLIMP.DLL+ 2009-02-27 00:07 . 2009-02-27 00:07 53120 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\AUTHZAX.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 55168 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACERCLR.DLL+ 2009-02-26 18:18 . 2009-02-26 18:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEODTXT.DLL+ 2009-02-26 18:18 . 2009-02-26 18:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEODPDX.DLL+ 2009-02-26 18:18 . 2009-02-26 18:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEODEXL.DLL+ 2009-02-26 18:18 . 2009-02-26 18:18 14192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEODDBS.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 47024 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEERR.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 55240 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACECNFLT.EXE+ 2011-07-27 11:40 . 2011-07-27 11:40 93576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACCOLK.DLL+ 2010-11-04 00:58 . 2012-07-29 16:52 8312 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2481258249-3817420873-3961177970-1004_UserData.bin- 2010-11-04 00:59 . 2010-11-04 00:59 9560 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_48.bin+ 2010-11-04 00:59 . 2012-07-20 04:54 9560 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_48.bin+ 2010-11-04 00:59 . 2012-07-20 04:54 4280 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_32.bin- 2010-11-04 00:59 . 2010-11-04 00:59 4280 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_32.bin+ 2010-11-04 00:59 . 2012-07-20 04:54 2456 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_24.bin- 2010-11-04 00:59 . 2010-11-04 00:59 2456 c:\windows\system32\NetworkList\Icons\{6B1CB9C9-7E78-471D-AC13-B06A6EB1F4C3}_24.bin+ 2012-07-29 17:01 . 2012-07-29 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat- 2012-07-14 01:29 . 2012-07-14 01:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat+ 2012-07-29 17:01 . 2012-07-29 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat- 2012-07-14 01:29 . 2012-07-14 01:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat+ 2010-11-04 00:10 . 2012-07-25 17:24 265598 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin+ 2009-07-14 02:36 . 2012-07-29 16:56 696406 c:\windows\system32\perfh009.dat- 2009-07-14 02:36 . 2012-07-14 02:03 696406 c:\windows\system32\perfh009.dat- 2009-07-14 02:36 . 2012-07-14 02:03 133190 c:\windows\system32\perfc009.dat+ 2009-07-14 02:36 . 2012-07-29 16:56 133190 c:\windows\system32\perfc009.dat- 2009-07-14 05:01 . 2012-07-14 01:29 415964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat+ 2009-07-14 05:01 . 2012-07-29 17:00 415964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat+ 2011-03-21 02:48 . 2012-07-21 15:32 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe- 2011-03-21 02:48 . 2012-07-12 10:03 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe- 2011-03-21 02:48 . 2012-07-12 10:03 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe- 2011-03-21 02:48 . 2012-07-12 10:03 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe- 2011-03-21 02:48 . 2012-07-12 10:03 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe- 2011-03-21 02:48 . 2012-07-12 10:03 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe- 2011-03-21 02:48 . 2012-07-12 10:03 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe- 2011-03-21 02:48 . 2012-07-12 10:03 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe+ 2009-02-26 05:05 . 2009-02-26 05:05 531840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\XPAGE3C.DLL+ 2009-02-27 00:45 . 2009-02-27 00:45 509256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\WRD12CVR.DLL+ 2011-06-22 18:46 . 2011-06-22 18:46 434016 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\UMOUTLOOKADDIN.DLL+ 2009-02-26 05:05 . 2009-02-26 05:05 126328 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\TWCUTCHR.DLL+ 2011-07-27 11:40 . 2011-07-27 11:40 501648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SOA.DLL+ 2011-07-27 11:58 . 2011-07-27 11:58 439160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SETUP.EXE+ 2011-07-27 11:54 . 2011-07-27 11:54 503184 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SELFCERT.EXE+ 2011-05-27 04:13 . 2011-05-27 04:13 368520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\PPSLAX.DLL+ 2011-05-31 23:58 . 2011-05-31 23:58 521080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\POWERPNT.EXE+ 2011-07-27 11:36 . 2011-07-27 11:36 481640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\PORTCONN.DLL+ 2011-07-27 13:00 . 2011-07-27 13:00 783296 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONSYNCPC.DLL+ 2011-07-27 13:25 . 2011-07-27 13:25 664968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONBTTNOL.DLL+ 2011-07-27 13:25 . 2011-07-27 13:25 603552 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONBTTNIE.DLL+ 2011-07-27 12:17 . 2011-07-27 12:17 284560 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OISGRAPH.DLL+ 2011-07-27 12:16 . 2011-07-27 12:16 997768 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OISAPP.DLL+ 2011-07-27 12:16 . 2011-07-27 12:16 273792 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OIS.EXE+ 2009-02-26 22:24 . 2009-02-26 22:24 231864 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ODEPLOY.EXE+ 2011-07-20 12:22 . 2011-07-20 12:22 538968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSTORES.DLL+ 2011-07-20 12:22 . 2011-07-20 12:22 144728 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSTORE.EXE+ 2011-07-20 12:22 . 2011-07-20 12:22 832360 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSTORDB.EXE+ 2009-02-26 05:02 . 2009-02-26 05:02 504176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSSOAP30.DLL+ 2011-07-27 13:10 . 2011-07-27 13:10 670560 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSQRY32.EXE+ 2011-06-01 00:19 . 2011-06-01 00:19 732000 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSPROOF6.DLL+ 2009-02-26 04:46 . 2009-02-26 04:46 435568 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSORUN.DLL+ 2009-02-27 10:42 . 2009-02-27 10:42 863128 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSONPDRV.DLL+ 2011-07-27 11:53 . 2011-07-27 11:53 427856 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSODCW.DLL+ 2011-07-27 11:34 . 2011-07-27 11:34 160632 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSOCF.DLL+ 2011-06-23 16:54 . 2011-06-23 16:54 119160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSCONV97.DLL+ 2011-06-01 00:23 . 2011-06-01 00:23 289616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSCDM.DLL+ 2011-07-20 12:23 . 2011-07-20 12:23 459664 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MODHELP.DLL+ 2011-07-20 12:22 . 2011-07-20 12:22 828264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MEDCAT.DLL+ 2011-07-28 00:49 . 2011-07-28 00:49 177536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IETAG.DLL+ 2011-06-01 00:00 . 2011-06-01 00:00 626032 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEWEBSERVICES.DLL+ 2011-06-01 00:00 . 2011-06-01 00:00 689024 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEWEBPLATFORMSERVICES.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 262504 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEWEBBROWSERTOOL2.DLL+ 2011-07-27 12:14 . 2011-07-27 12:14 967008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEUTIL.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 178040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESYSTEMSERVICES.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 361312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESKETCHTOOL.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 222056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEPROJECTTOOLSET.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 316784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEMIGRATOR.EXE+ 2009-02-27 01:36 . 2009-02-27 01:36 196448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEGAMES.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 280432 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEFETCHSERVICES.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 375144 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEDATAVIEWERTOOL.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 758112 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECOMPONENTMGR.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 114056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 294752 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECALENDARTOOL.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 278872 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEAUDIO.DLL+ 2011-05-31 23:59 . 2011-05-31 23:59 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVE.EXE+ 2009-02-26 22:24 . 2009-02-26 22:24 970128 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\FPWEC.DLL+ 2011-07-27 12:13 . 2011-07-27 12:13 434080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\DWTRIG20.EXE+ 2011-07-27 11:53 . 2011-07-27 11:53 105872 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\DSSM.EXE+ 2009-02-27 01:36 . 2009-02-27 01:36 233832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\DRAT.EXE+ 2011-07-27 11:53 . 2011-07-27 11:53 188800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\CONTACTPICKER.DLL+ 2011-07-27 13:13 . 2011-07-27 13:13 204664 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\CLVIEW.EXE+ 2011-07-27 13:20 . 2011-07-27 13:20 400216 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\CDLMSO.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 370608 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEXBE.DLL+ 2009-02-27 02:47 . 2009-02-27 02:47 198072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEWSS.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 223152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACETXT.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 550840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEREP.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 288688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACER3X.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 255920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACER2X.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 391096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEPDE.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 378808 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEOLEDB.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 278912 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEODBC.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 206776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACELTS.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 632752 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEEXCL.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 337848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEEXCH.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 186304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEES.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 571320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACEDAO.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 763848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACECNF.DLL+ 2011-05-31 22:52 . 2011-05-31 22:52 162176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACCWIZ.DLL+ 2011-07-27 11:41 . 2011-07-27 11:41 571320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACACEDAO.DLL+ 2012-07-19 02:38 . 2005-10-20 19:02 163328 c:\windows\erdnt\7-18-2012\ERDNT.EXE- 2010-09-06 07:33 . 2012-07-14 01:29 2599072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat+ 2010-09-06 07:33 . 2012-07-29 17:00 2599072 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat- 2010-11-04 00:25 . 2012-07-14 01:29 1367088 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2481258249-3817420873-3961177970-1004-8192.dat+ 2010-11-04 00:25 . 2012-07-29 17:00 1367088 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2481258249-3817420873-3961177970-1004-8192.dat+ 2011-03-21 02:48 . 2012-07-21 15:32 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe- 2011-03-21 02:48 . 2012-07-12 10:03 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe+ 2011-03-21 02:48 . 2012-07-21 15:32 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe- 2011-03-21 02:48 . 2012-07-12 10:03 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe+ 2009-02-26 05:05 . 2009-02-26 05:05 1195912 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\XIMAGE3B.DLL+ 2011-07-20 15:12 . 2011-07-20 15:12 3750776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VVIEWER.DLL+ 2011-06-29 14:02 . 2011-06-29 14:02 1846656 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VVIEWDWG.DLL+ 2011-07-28 01:15 . 2011-07-28 01:15 2335648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\STSLIST.DLL+ 2011-06-10 06:51 . 2011-06-10 06:51 2171736 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\PSRCHFEA.DLL+ 2011-07-27 11:59 . 2011-07-27 11:59 6540136 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OSETUP.DLL+ 2011-07-27 12:47 . 2011-07-27 12:47 6598008 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONMAIN.DLL+ 2011-06-10 06:50 . 2011-06-10 06:50 1165176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONLIBS.DLL+ 2011-07-27 12:47 . 2011-07-27 12:47 1019760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONENOTE.EXE+ 2011-07-27 12:51 . 2011-07-27 12:51 7040896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OFFOWC.DLL+ 2011-08-03 07:14 . 2011-08-03 07:14 8579448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OARTCONV.DLL+ 2011-07-20 12:31 . 2011-07-20 12:31 1523632 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\NLSD0000.DLL+ 2011-05-27 02:28 . 2011-05-27 02:28 6637952 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSORES.DLL+ 2011-07-27 11:40 . 2011-07-27 11:40 9894768 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSACCESS.EXE+ 2009-02-27 01:37 . 2009-02-27 01:37 1382256 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEUIFRAMEWORK.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 4693872 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVETRANSCEIVER.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 1132896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVETEXTTOOLS.DLL+ 2009-02-27 01:37 . 2009-02-27 01:37 2679152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESTORAGEMGR.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 2217832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVESHELLEXTENSIONS.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 7015272 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVERESOURCE.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 1560912 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEMISC.DLL+ 2011-05-31 23:59 . 2011-05-31 23:59 3070840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEDOCUMENTSHARETOOL.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 1344360 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECRYPTO.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 3413896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECOMMUNICATIONSSERVICES.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 2639736 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVECOMMONCOMPONENTS.DLL+ 2009-02-27 01:36 . 2009-02-27 01:36 6119792 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\GROOVEACCOUNTMGR.DLL+ 2011-06-22 15:16 . 2011-06-22 15:16 1681784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\FPSRVUTL.DLL+ 2011-07-07 09:28 . 2011-07-07 09:28 1193320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\FM20.DLL+ 2011-08-04 01:27 . 2011-08-04 01:27 1415072 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ACECORE.DLL+ 2012-07-19 02:38 . 2012-07-19 02:38 2527232 c:\windows\erdnt\7-18-2012\Users\00000002\UsrClass.dat+ 2012-07-19 02:38 . 2012-07-19 02:38 6684672 c:\windows\erdnt\7-18-2012\Users\00000001\ntuser.dat+ 2012-07-15 21:33 . 2012-07-03 10:13 57442464 c:\windows\SysWOW64\MRT.exe+ 2011-08-17 17:01 . 2011-08-17 17:01 16149352 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OART.DLL+ 2011-08-04 02:53 . 2011-08-04 02:53 17324928 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSO.DLL.-- Snapshot reset to current date --.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-06 39408].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2010-01-20 82944]"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-01-15 316784]"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-22 597792]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".R0 wayuia;wayuia; [x]R0 zvijcv;zvijcv; [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-02-23 2320920]R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 257224]R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-02-18 52264]R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-02-18 35104]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 135664]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]R3 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400]R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768]R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952]R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-07 1255736]R4 KMService;KMService;c:\windows\system32\srvany.exe [x]R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]S0 SMR300;Symantec SMR Utility Service 3.0.0;c:\windows\System32\drivers\SMR300.SYS [2012-07-13 96376]S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 135664]S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-02-18 93184]S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-02-18 77312]S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-02-16 190496]S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776]S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416]S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2010-03-08 294064]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-19 151936]S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-02-22 84584]S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-01-21 12032]S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320]S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]..Contents of the 'Scheduled Tasks' folder.2012-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 04:30].2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 06:34].2012-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 06:34]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]2009-10-30 02:08 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-22 166424]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-22 390680]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-22 410136]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-19 16414824]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-16 9962016]"vncutil"="c:\program files\Realtek\Audio\HDA\vncutil64.exe" [2010-02-16 475680]"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]"PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2009-10-29 84744]"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://news1130.com/mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNTmLocal Page = c:\windows\SysWOW64\blank.htmTrusted Zone: behr.com\wwwTrusted Zone: benjaminmoore.com\wwwTrusted Zone: costco.ca\wwwTrusted Zone: mls.caTrusted Zone: utorrent.comTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{5AA4DC31-007E-4DF3-AF2D-3D56E85F0FE1}: NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{5F05E34A-0FB1-4085-82AA-B62D51C3BE00}: NameServer = 8.8.8.8,8.8.4.4TCP: Interfaces\{8B9218F7-9A87-4080-88BC-01A05528F982}: NameServer = 8.8.8.8,8.8.4.4DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/CA/Core/Player/2020PlayerAX_IKEA_Win32.cab..--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exec:\program files (x86)\Sony\VAIO Event Service\VESMgr.exec:\windows\SysWOW64\DllHost.exec:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exec:\program files\Sony\VAIO Care\VCSpt.exe.**************************************************************************.Completion time: 2012-07-29 10:03:04 - machine was rebootedComboFix-quarantined-files.txt 2012-07-29 17:03ComboFix2.txt 2012-07-14 02:13.Pre-Run: 41,543,188,480 bytes freePost-Run: 44,251,557,888 bytes free.- - End Of File - - D5B8F38F732D9E78AEDF6088D33B5A2CWhen I tried to copy/paste the log to notepad it advised the registry key for notepad was up for deletion. I reboot. Notepad now ok.Reactivated antivirus and attempted to update Malwarebytes. I received an error message "PROGRAM_ERROR_UPDATING [0,0, Host not found] Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 29, 2012 ID:578167 Share Posted July 29, 2012 OK. Let me review the logs and get back to you with further reply.A) Life and family responsibilities (needless to say) come first. So do as you must.B) on this case, just let me know if you will be delayed or unavailable in future. eg, keep in touch.I'll review and reply. Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 29, 2012 ID:578170 Share Posted July 29, 2012 When you need to start replies, press the More Reply options button {at bottom right},do not put logs in Quote or Code boxes,do not use any special formatting in your replies, please.Click on the little gray button that looks like a small light switch and it will disable the rich text formatting.Navigate to this folder, C:\Qooboxin it, you will see ComboFix-quarantined-files.txtNeed for you to Open with Notepad, Copy all linesthen Paste contents in a new reply, for my review. Link to post Share on other sites More sharing options...
Emma1 Posted July 30, 2012 Author ID:578371 Share Posted July 30, 2012 2012-07-14 02:12:52 . 2012-07-14 02:12:52 610 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-Amazon Kindle For PC.reg.dat2012-07-14 02:12:44 . 2012-07-14 02:12:44 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat2012-07-14 02:12:37 . 2012-07-14 02:12:37 558 ----a-w- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-29657671.sys.reg.dat2012-07-14 02:11:09 . 2012-07-29 16:59:38 13,751 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg2012-07-14 02:08:35 . 2012-07-29 16:57:01 102 ----a-w- C:\Qoobox\Quarantine\catchme.log2012-01-17 22:42:40 . 2012-01-17 22:42:41 103,784 ----a-w- C:\Qoobox\Quarantine\C\Users\fleurymd\GoToAssistDownloadHelper.exe.vir2011-12-27 03:35:38 . 2011-12-27 03:35:50 21,600,241 ----a-w- C:\Qoobox\Quarantine\C\Users\fleurymd\Documents\~ytFD24.tmp.vir2011-12-27 03:34:22 . 2011-12-27 03:34:46 21,600,241 ----a-w- C:\Qoobox\Quarantine\C\Users\fleurymd\Documents\~ytD634.tmp.vir2010-12-30 05:43:21 . 2012-07-14 01:30:01 439 ----a-w- C:\Qoobox\Quarantine\C\Windows\System32\drivers\etc\hosts.ics.vir2010-11-09 17:21:18 . 2010-11-09 17:21:18 371,320 ----a-w- C:\Qoobox\Quarantine\C\Program Files (x86)\Freeze.com\NetAssistant\NeTAssistant.dll.vir Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 30, 2012 ID:578517 Share Posted July 30, 2012 Save and close any work documents, close any apps that you started. Close all your browsers too.Start your MBAM MalwareBytes' Anti-Malware. Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.Next, Click the Update tab. Press the "Check for Updates" button. If prompted for a Restart, do that.When done, click the Scanner tab.Do a Quick Scan. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy and Paste latest MBAM scan log AND tell me, How is the system now Link to post Share on other sites More sharing options...
Emma1 Posted July 30, 2012 Author ID:578563 Share Posted July 30, 2012 Clicking Update Tab still brings same Error Message.Scan Results:Malwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.07.03.05Windows 7 Service Pack 1 x64 NTFSInternet Explorer 8.0.7601.17514fleurymd :: FLEURYMD-VAIO [administrator]Protection: Enabled7/30/2012 8:36:59 AMmbam-log-2012-07-30 (08-36-59).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 215215Time elapsed: 47 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)Question: I noticed there is an Activate button on bottom right of Settings page.I downloaded a free version. If it is not could that be a reason not to update? Link to post Share on other sites More sharing options...
Maurice Naggar Posted July 30, 2012 ID:578601 Share Posted July 30, 2012 If you did not buy a MBAM license, then do not press the Activate button.IF you -did buy- a license, then, stop and let me know.No, the free version should be updating. Yours is sitting with definitions of July 3.Let's give this a try.Download and SAVE to your system mbam-clean.exe from >> here << Then, RUN mbam-cleanIt will ask to restart your computer, please allow it to do so very importantAfter the computer restarts, temporarily disable your Anti-VirusIf you need how-to guidance, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsNext Download & SAVE the latest version of Malwarebytes' Anti-Malware from >> here <<Run the mbam-setup.Then go to the UPDATE tab if not done during installation and check for updates.Now do a QUICK scanRe-enable the anti-virus application that you turned off before. Link to post Share on other sites More sharing options...
Emma1 Posted August 1, 2012 Author ID:579344 Share Posted August 1, 2012 The first thing I noticed was after running the clean and commencing the download it asked if I wanted to replace the existing mbam in my download folder? [Thought cleaning would eliminate all?]After installation another error message "PROGRAM_ERROR_UPDATING [0,0,Host not found]" Data base is 28 days behind.Did quick scan and no problems found. Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 1, 2012 ID:579386 Share Posted August 1, 2012 You'll need to print out this section for offline reference.Let's try to reset the router to its factory/default configuration.First, save your open work documents (if any) and close 'em.Logoff and shutdown the pc. You will need the user manual for your router. NOTE: You may want to ask your ISP for help ahead of time, in case there are custom settings that need to be maintained.To reset the router, insert something tiny like a paper clip end or the tip of a pen into a small hole labeled "reset" located on the back of the router.NOTE: Modern-day routers have a push-button to use for hardware reset.With the power to the router on, press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10-20 seconds).After resetting the router, power up pc and start Windows.login into the router by following instructions in the user manual. You will need to reconfigure any security settings you had in place prior to the reset.Then change your admin login and password--make it a strong password. You can get help with that here: Password HelpWhen done, start MBAMdo a FULL scanallow it to Quarantine what it tagsWhen all done, copy and paste the MBAM scan log for review. Link to post Share on other sites More sharing options...
Emma1 Posted August 1, 2012 Author ID:579501 Share Posted August 1, 2012 Before I follow your latest instructions I have to advise I have reset my router twice since this problem began. In the first instance my service provider insisted it be done because I could not logon to the internet with my laptop although the desktop [xp pro] was fully functional. That was the beginning of days of hit and miss router configuration.I reset a second time and again it did not reset and work immediately. The laptop is now running as before this problem except Outlook 2007 will not work. I have read there are compatibility issues with win7 and outlook 2007 but why now after working for a year.I hesitate reseting because in each instance there was lenthy configuration issues.But if you think this will route out the problem I will gladly comply. Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 1, 2012 ID:579509 Share Posted August 1, 2012 If you are sure the hardware router has been reset properly, then skip it.(btw, I am talking about router that goes in between the incoming broadband-modem and your pc.)I'd like for you to start MBAM. Do a FULL scan. Allow it to Quarantine anything tagged, if unable to quarantine, then delete.I need a copy of that MBAM scan log for review.Also, tell me if you have noticed similar issue of unable to update for any of your other programs / app-utilities. Link to post Share on other sites More sharing options...
Recommended Posts