Maurice Naggar Posted April 17, 2013 ID:670894 Share Posted April 17, 2013 Follow-up with this:Download this file from Ramesh S http://www.winhelpon.../reg_fix_w7.zipSave it to your DESKTOP.Un-zip (Extract) the contents to your DESKTOP.Download this 2nd file from Ramesh S http://www.winhelpon.../exe_fix_w7.zipSave it to your DESKTOP.Un-zip (Extract) the contents to your DESKTOP.Go to the Run option ----- press Windows-key+R key to start the RUN option dialog & type inREGEDIT and press Enter-keyfrom main menu, select Filethen select IMPORTnavigate the dialog (click on DESKTOP icon on left to select it)type in reg_fix_w7.reg in the Filename text-box and click Open button.Once the merge is complete, you will see a confirmation message.Click OK when done. Back to Regedit;s main menu, select Filethen select IMPORTnavigate the dialog (click on DESKTOP icon on left to select it)type in exe_fix_w7.reg in the Filename text-box and click Open button.Once the merge is complete, you will see a confirmation message.Click OK when done. Close/Exit REGEDITWhen all done, logoff & restart into normal mode.Then, nextDownload DDS and save it to your desktop from http://download.blee...om/sUBs/dds.com hereor http://download.blee...om/sUBs/dds.scr orhttp://www.infospyware.net/sUBs/ddsDisable any script blocker if your antivirus/antimalware has it.For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallDouble click dds to run the tool.DDS will run in a command prompt window and will take 3 to 4 minutes or so.Follow and answer the prompts as appropriate. When done, DDS will open two (2) logs:DDS.txtAttach.txtSave both reports to your desktop.Please Copy & Paste contents of the following logs in your next reply:DDS.txtAttach.txtUse NOTEPAD to Copy all contents of each log, then Paste directly into main-body of reply box.Do -not- use the attach option unless a single log is way-too-large & won't fit. Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671073 Share Posted April 18, 2013 Hello,Regedit would only allow me to do it in safe mode which I did with no problems.Rebooted to normal mode and managed to download the first and third dds link but neither will run as administrator - the same message comes up "The service cannot be started, either because it is disabled or because it has not enabled devices associated with it." Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 18, 2013 ID:671143 Share Posted April 18, 2013 (edited) Try to run DDS one more time by double-clicking on DDSIf that does not work, start Task Manager {CTRL+ALT+DEL keys}and select New Task Runand entercmd.exe& press Enternext, type in at the command-prompt windowcd \Users\Michelle\Downloads\Desktop& press Enterthen in the command-prompt window, type indds.scr& press Enterthen press the Start button when you get the initial DDS prompt. Have infinite patience while it runs & scans.If all that still does not work, then restart in Safe Mode with Networking and run DDS.I think "maybe" part of the issue in not being able to run "some" download tools is due to where you chose to have your download saves.You appear to not have them in your regular Desktopbut instead it appears you put some in a "Downloads" folder. Edited April 18, 2013 by Maurice Naggar Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671170 Share Posted April 18, 2013 Because I use Chrome it automatically saves them in the Downloads folder, I can't change that but I can put them on the desktop which I do. It didn't work in normal mode, currently trying in safe mode. Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 18, 2013 ID:671173 Share Posted April 18, 2013 Start Chrome. Press and hold CTRL+SHIFT+DEL keys to get to empty the Chrome cache.Press & hold ALT+F keys to get a Menu. Then click on Settings.Scroll down the screen-listed.Click on Adavanced SettingsScroll down to the Downloads block.Take a very close look at what is listed for Download location. Is that what you had picked?You can click on the Change button to navigate & specify a folder of yours on the system.AND you ought to checkmark (turn on) the box Ask where to save each file before downloadingWhen done Close the screen.Note: We typically expect and in fact, count on, that folks save & place the tools into the "normal" Desktop. Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671175 Share Posted April 18, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORKInternet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2Run by Michelle at 12:44:25 on 2013-04-18Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3758.2565 [GMT 1:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\userinit.exeC:\Windows\Explorer.EXEC:\Windows\system32\ctfmon.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankuDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEEuURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dllBHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllBHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win32\NotebookPlugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dlluRun: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /StayuRun: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /StayuRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osbootmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exemRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exemRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStartmRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exemRun: [Conime] C:\Windows\System32\conime.exemRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYmRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptmRunOnce: [OTL] "C:\Users\Michelle\Downloads\OTL.exe"dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1346960208502DPF: {6F0892F7-0D44-41C3-BF07-7599873FAA04} - hxxps://go.girlguiding.org.uk/crystalreportviewers115/ActiveXControls/ActiveXViewer.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabTCP: Interfaces\{423D4F55-13A2-4D2E-BBDA-A1774A136043} : DHCPNameServer = 10.0.0.150 10.0.0.151TCP: Interfaces\{AE879523-E971-4EF5-A301-84A0DCE2A149} : DHCPNameServer = 109.249.185.224 109.249.186.32TCP: Interfaces\{B68B29E1-ECF4-4A80-B9C7-C0631DB2A63A} : DHCPNameServer = 82.132.254.2 82.132.254.3TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\14E6462756772E08993702960586F6E656 : DHCPNameServer = 82.132.254.2 82.132.254.3TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\245727E68616D60275962756C6563737 : DHCPNameServer = 192.168.190.1TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\35075636472757D602D4162796E6160275966496 : DHCPNameServer = 172.18.233.1TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\35B4953323337313 : DHCPNameServer = 192.168.0.1Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGIx64-mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGIx64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - x64-BHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win64\NotebookPlugin.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exex64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exex64-Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exex64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\xkhvodhw.default\FF - prefs.js: browser.search.selectedEngine - Ask.comFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dllFF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dllFF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npdf.dllFF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitroie.dllFF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dllFF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllFF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dllFF - plugin: C:\Windows\SysWOW64\npDeployJava1.dllFF - plugin: C:\Windows\SysWOW64\Npindeo.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-1-4 72240]R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-1-4 15920]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-21 55024]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 39768]R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-10-12 94208]R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-10-12 78848]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-4 56344]R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-10-12 402720]S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-12 13336]S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-2-18 395640]S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-12 1153368]S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-10-21 104960]S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-21 2320920]S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-10-21 575856]S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-10-21 836608]S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]S3 ACTIVhidmini;Promethean USB Board Driver;C:\Windows\System32\drivers\ACTIVhidmini.sys [2010-11-19 97496]S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-10-21 19968]S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-10-21 342056]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-10-21 39464]S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-10-12 158976]S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-26 287232]S3 marsqx5;Digital Blue QX5 V2 Microscope;C:\Windows\System32\drivers\marsqx5.sys [2007-5-18 82944]S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]S3 prmvmouse;Promethean HID Mouse Service;C:\Windows\System32\drivers\activmouse.sys [2010-11-19 8152]S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2011-6-9 16448]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-9-10 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-11-27 44736]S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-22 1255736]S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]S4 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]S4 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-6-24 216072]S4 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-6-24 69640]S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880].=============== Created Last 30 ================.2013-04-17 21:35:25 -------- d-----w- C:\_OTL2013-04-17 14:23:37 -------- d-----w- C:\Users\Michelle\AppData\Roaming\QuickScan2013-04-17 13:28:50 -------- d-----w- C:\Users\Michelle\AppData\Roaming\PeerNetworking2013-04-16 08:30:07 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A9B93B8-ED45-4ED0-B60E-6711626E05D8}\offreg.dll2013-04-16 07:39:30 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A9B93B8-ED45-4ED0-B60E-6711626E05D8}\mpengine.dll2013-04-14 16:05:58 -------- d-----w- C:\ProgramData\HitmanPro2013-04-12 14:22:30 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-04-12 13:21:50 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy2013-04-12 13:21:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy2013-04-12 11:19:30 -------- d-----w- C:\ProgramData\SUPERSetup2013-04-12 10:02:57 3153408 ----a-w- C:\Windows\System32\win32k.sys2013-04-12 10:02:45 3717632 ----a-w- C:\Windows\System32\mstscax.dll2013-04-12 10:02:42 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll2013-04-12 10:02:36 44032 ----a-w- C:\Windows\System32\tsgqec.dll2013-04-12 10:02:36 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll2013-04-12 10:02:36 158720 ----a-w- C:\Windows\System32\aaclient.dll2013-04-12 10:02:36 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll2013-04-12 10:02:21 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys2013-04-12 10:01:59 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-04-12 10:01:56 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-04-12 10:01:56 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-04-12 10:01:54 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll2013-04-12 10:01:54 43520 ----a-w- C:\Windows\System32\csrsrv.dll2013-04-12 10:01:54 112640 ----a-w- C:\Windows\System32\smss.exe2013-03-26 08:35:23 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys.==================== Find3M ====================.2013-03-18 18:18:03 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-03-18 18:18:03 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-03-18 18:18:03 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-03-13 12:48:33 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-03-13 12:48:33 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-02-18 20:29:12 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll.============= FINISH: 12:47:15.69 =============== Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671176 Share Posted April 18, 2013 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 20/02/2011 16:33:30System Uptime: 18/04/2013 12:42:39 (0 hours ago).Motherboard: Sony Corporation | | VAIOProcessor: Intel® Core i3 CPU M 370 @ 2.40GHz | N/A | 2394/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 285 GiB total, 166.337 GiB free.D: is CDROM (UDF).==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: Security Processor Loader DriverDevice ID: ROOT\LEGACY_SPLDR\0000Manufacturer: Name: Security Processor Loader DriverPNP Device ID: ROOT\LEGACY_SPLDR\0000Service: spldr.==== System Restore Points ===================.RP295: 26/03/2013 09:00:25 - Scheduled CheckpointRP296: 26/03/2013 18:48:43 - Windows UpdateRP297: 12/04/2013 15:21:49 - Windows UpdateRP298: 14/04/2013 14:12:13 - Windows UpdateRP299: 14/04/2013 18:33:23 - Installed Microsoft Fix it 50850RP300: 14/04/2013 18:42:10 - Installed Microsoft Fix it 50850RP301: 17/04/2013 14:30:48 - Installed LogMeInRP302: 17/04/2013 14:44:26 - Installed LogMeInRP303: 17/04/2013 14:55:40 - Installed LogMeInRP304: 17/04/2013 19:44:37 - Installed LogMeInRP305: 17/04/2013 23:41:52 - Installed LogMeIn.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)1&1 EasyLoginActivDriver x64 v5.7ActivInspire Core Resources (ENU) v1ActivInspire Help (GBR) v1ActivInspire HWR Resources (ENU) v1ActivInspire v1Adobe AIRAdobe Flash Player 10 PluginAdobe Flash Player 11 ActiveXAdobe Photoshop Elements 8.0Adobe Premiere Elements 8.0Adobe Reader X (10.1.6)Adobe Shockwave Player 11.6aioprntaioscnnrAlps Pointing-device for VAIOAmazon MP3 Downloader 1.0.17Apple Application SupportApple Mobile Device SupportApple Software UpdateArcSoft Magic-i Visual Effects 2ArcSoft WebCam Companion 3AVG 2013AVG Security ToolbarBBC iPlayer DesktopBitTorrentBonjourC4USelfUpdatercenterConnecting Steps V2D3DX10Digital Blue QX5 MicroscopeessentialsFlipShareGarmin Communicator PluginGarmin Communicator Plugin x64Google AppsGoogle ChromeGoogle Update HelperIntel® Control CenterIntel® Graphics Media Accelerator DriverIntel® Management Engine ComponentsIntel® Play QX3 Computer MicroscopeIntel® Rapid Storage TechnologyIntel® System Information ViewerInterActual PlayeriPhone Backup ExtractoriTunesJava 7 Update 17Java Auto UpdaterJava 6 Update 20 (64-bit)Java 6 Update 31Junk Mail filter updateKodak AIO PrinterKODAK AiO SoftwareMalwarebytes Anti-Malware version 1.70.0.1100Media GalleryMicrosoft .NET Framework 1.1Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft IntelliType Pro 8.2Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Works 6-9 ConverterMicrosoft_VC90_CRT_x86Mozilla Firefox 13.0.1 (x86 en-US)Mozilla Maintenance ServiceMP4 To MP3 Converter V3.0.4MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)MSXML 4.0 SP3 Parser (KB973685)Nero 11 Mini RepackNero Backup DriversNitro Pro 7NVIDIA PhysXocrPazera Free FLV to AVI Converter 1.4PMBPMB VAIO Edition GuidePMB VAIO Edition Plug-inPreReqPrintProjectsQuick Web AccessQuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerRealtek High Definition Audio DriverRealUpgrade 1.1Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Sky Go DesktopSMART Common FilesSMART English (United Kingdom) Language PackSMART Notebook Interactive ViewerSmartSound Quicktracks for Premiere Elements 8.0Spybot - Search & DestroyStar Science 5swMSMThe Nelson Handwriting FontThe Nelson Handwriting Template fileUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596802) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VAIO - Media GalleryVAIO - PMB VAIO Edition GuideVAIO - PMB VAIO Edition Plug-inVAIO CareVAIO Control CenterVAIO Data Restore ToolVAIO DVD Menu DataVAIO GateVAIO Gate DefaultVAIO Hardware DiagnosticsVAIO ManualVAIO Media plusVAIO Media plus Opening MovieVAIO Movie Story Template DataVAIO Sample ContentsVAIO screensaverVAIO Smart NetworkVAIO Transfer SupportVAIO UpdateVAIO Update Merge Module x64Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesVU5x64VU5x86WIDCOMM Bluetooth SoftwareWindows Driver Package - Digital Blue (marsqx5) Image (04/04/2007 1.0.0.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox PluginWinX Free VOB to AVI Converter 2.0.6WinZip 15.5YouTube Downloader 3.4.==== Event Viewer Messages From Past Week ========.18/04/2013 12:45:23, Error: Service Control Manager [7001] - The Intel® Management & Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.18/04/2013 12:44:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}18/04/2013 12:44:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}18/04/2013 12:44:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}18/04/2013 12:44:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}18/04/2013 12:43:23, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache spldr Wanarpv618/04/2013 12:43:19, Error: Service Control Manager [7001] - The VAIO Media plus Content Importer service depends on the VAIO Media plus Device Searcher service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.18/04/2013 12:43:19, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.18/04/2013 12:43:19, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.18/04/2013 12:41:37, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.18/04/2013 12:36:42, Error: Service Control Manager [7023] - The VAIO Content Folder Watcher service terminated with the following error: %%-214702383818/04/2013 05:43:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}18/04/2013 05:43:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}18/04/2013 05:40:06, Error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).17/04/2013 23:07:27, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.17/04/2013 23:07:27, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.17/04/2013 22:46:45, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.17/04/2013 21:06:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDms service.17/04/2013 20:08:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}17/04/2013 14:35:19, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}17/04/2013 14:02:01, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.16/04/2013 20:34:13, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.15/04/2013 20:42:49, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.15/04/2013 10:23:45, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.15/04/2013 10:23:45, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.15/04/2013 05:34:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}14/04/2013 17:33:32, Error: Service Control Manager [7024] - The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error The operation completed successfully..12/04/2013 11:09:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 18, 2013 ID:671178 Share Posted April 18, 2013 Confirm that you have "tweaked" your Chrome as per my reply in # 30 in this thread. Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671179 Share Posted April 18, 2013 I have tweaked my Chrome it now asks me where I want to download to. Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 18, 2013 ID:671184 Share Posted April 18, 2013 I feel the need to re-emphasize that you save the tools I ask you to get into the "regular" Desktop.In your case, it is specifically, C:\Users\michelle\DesktopNow then, I see you got & installed a program just yesterday.....LogmeinYou should know that I meant that you should NOT install any new programs on your own, nor make changes to the system, nor run any "stuff" without first checking with me.Please understand, I have to know the true / complete state of this system during the entire life of this help-topic.You need to keep this system in isolation and treat it just like it as if it were in quarantine or like in a hospital ICU .What does LogmeIn do for you? and why did you get it? Link to post Share on other sites More sharing options...
mhomer Posted April 18, 2013 Author ID:671262 Share Posted April 18, 2013 I tried to install Log me in before I spoke to you, it was in the morning.Log me in is a free download which allows you to have remote access to other computers. I was trying to link my laptop with the files on my work computer but it would not let me install it as it used Windows Installer. The same error message came up. Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 18, 2013 ID:671268 Share Posted April 18, 2013 What is the exact "error message"? I always need that info.Is there a problem with the Windows installer service? If so, exactly what ?Please promise you will not install, nor change, nor add "stuff" without checking with me first.What is there on this system that you have not backed up on Offline media?What is on this system that you cannot afford to lose?Do you have the Windows 7 o.s. DVD? Link to post Share on other sites More sharing options...
mhomer Posted April 19, 2013 Author ID:671612 Share Posted April 19, 2013 I cannot remember the exact wording without running it again to see, although it said something about Windows Installer and then something along the lines of 'The administrator has set policies to prevent this installation.'I will not install anything on the computer without checking first.I have nothing backed up on the computer but can remove all files/photos/emails etc without any problems as it allows normal day to day functionality - it will just take a long time.I cannot afford to loose any of the files for work.I do not have a windows 7 os dvd - it is a Sony Vaio laptop and as such comes with some sort of recovery process inbuilt but whether this is .exe and will be allowed to run I do not know. Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 19, 2013 ID:671666 Share Posted April 19, 2013 Download and Save this reg file to the Desktophttp://download.blee...7/msiserver.reggo to Start, type inREGEDITand press Enter-keyfrom main menu, select Filethen select IMPORTnavigate the dialog (click on DESKTOP icon on left to select it)type in msiserver.reg in the Filename text-box and click Open button.Once the merge is complete, you will see a confirmation message.Click OK when done. Close/Exit REGEDITWhen that is completed, Logoff and Restart Windows fresh.Download >> Farbar's Service Scanner utility << and Save to your Desktop.If using Windows 7 or 8 or Vista, Right-Click on fss.exe and select Run As Administrator.If using XP, double-click to start.Answer Yes to ok when prompted.If your firewall then puts out a prompt, again, allow it to run.Once FSS is on-screen, be sure the following items are checkmarked:Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther servicesClick on "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Copy & Paste contents of FSS.txt into your reply. Link to post Share on other sites More sharing options...
mhomer Posted April 20, 2013 Author ID:672061 Share Posted April 20, 2013 Thank you for your help so far.None of the above would run in normal mode so all were done in safe mode.Farbar Service Scanner Version: 14-04-2013Ran by Michelle (administrator) on 20-04-2013 at 09:26:57Running from "C:\Users\Michelle\Downloads\Desktop"Windows 7 Home Premium Service Pack 1 (X64)Boot Mode: Network****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Attempt to access Yahoo IP returned error. Yahoo IP is offlineYahoo.com is accessible.Windows Firewall:=============Firewall Disabled Policy: ==================System Restore:============SDRSVC Service is not running. Checking service configuration:The start type of SDRSVC service is OK.The ImagePath of SDRSVC service is OK.The ServiceDll of SDRSVC service is OK.VSS Service is not running. Checking service configuration:The start type of VSS service is set to Auto. The default start type is 3.The ImagePath of VSS service is OK.System Restore Disabled Policy: ========================Action Center:============wscsvc Service is not running. Checking service configuration:The start type of wscsvc service is OK.The ImagePath of wscsvc service is OK.The ServiceDll of wscsvc service is OK.Windows Update:============wuauserv Service is not running. Checking service configuration:The start type of wuauserv service is OK.The ImagePath of wuauserv service is OK.The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".BITS Service is not running. Checking service configuration:The start type of BITS service is OK.The ImagePath of BITS service is OK.The ServiceDll of BITS service is OK.EventSystem Service is not running. Checking service configuration:The start type of EventSystem service is OK.The ImagePath of EventSystem service is OK.The ServiceDll of EventSystem service is OK.Windows Autoupdate Disabled Policy: ============================Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is OK.The ImagePath of WinDefend service is OK.The ServiceDll of WinDefend service is OK.Other Services:==============File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys => MD5 is legitC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys => MD5 is legitC:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll => MD5 is legitC:\Windows\System32\bfe.dll => MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll => MD5 is legitC:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll => MD5 is legitC:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll => MD5 is legitC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Windows\System32\ipnathlp.dll => MD5 is legitC:\Windows\System32\iphlpsvc.dll => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit**** End of log **** Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 20, 2013 ID:672110 Share Posted April 20, 2013 Be aware that malware cleanups can sometimes result in unexpected effects.If you have personal documents, files, etc of yours on the system that you have not previously backed up, take time and do so now. Copy / backup your personal stuff to Offline media, like external storage drive, cloud-based backup, or to DVDs/CDs.Also, consider that wiping the system and doing a clean new install of Windows +all your program applications is a the safest thing to do long term, and may just be quicker than us continuing to try to hunt & fix.This is not a "virus" that is on this system. But more trojan-malware-like and is pretty well hidden.The inability to run in normal mode is not a good indicator.A wipe and new install can be done by you in 1 day or so.Do let me know what you decide.If you still want to go forward with the hunt, then do this:Download Farbar Recovery Scan Tool x64 and save it to a flash drive.Plug the flashdrive into the infected PC.Enter System Recovery Options.To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Select English as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Select English as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt [*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press EnterNote: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply. Link to post Share on other sites More sharing options...
mhomer Posted April 22, 2013 Author ID:672826 Share Posted April 22, 2013 Thank you for your help. I decided to cut my losses and wipe the system after backing up all my files and folders. I now appear to virus/trojan/worm free.Thank you for your support.Michelle Link to post Share on other sites More sharing options...
Maurice Naggar Posted April 22, 2013 ID:672850 Share Posted April 22, 2013 Michelle,You are very welcome. A clean install is the only way to go to be safest.Be sure if the your original Windows included any antivirus that you un-install it, and install your own.Be sure you make a visit to Windows Update to insure your Windows is all up-to-date.If you had backed up any of your documents, When you copy back your files/documents, be sure you scan them with your antivirus & also with MBAM before opening or using them.The same would be accomplished by doing a full scan of the system with each of the antivirus & MBAM.You should create a "system repair disc" for your Windows 7 either to a CD, DVD, or new USB-flash-thumb drive {if your hardware can boot from USB}.The following is a reference page at Microsoft and also has a link to a how-to-video.Create a Windows 7 system repair disc This "repair disc" is a very handy tool that one may use when and IF you are not able to start Windows 7 normally.This "repair disc" or "rescue disc" is not intended as a replacement for having the Windows 7 operating system DVD.Make a rescue disc, put a label on it, store it away for a "rainy day".I would suggest to you that you have MBAM PRO installed to help you reduce the odds of another similar "situation".Safer practices & malware preventionHave a hardware router between the incoming internet-modem and your computer.Use a Standard user account rather than an administrator-rights account when "surfing" the web.Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.Check in at Windows Update and install any Important Updates offered.Make certain that Automatic Updates is enabled.How to configure and use Automatic Updates in Windowshttp://support.microsoft.com/kb/306525Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.See How to detect vulnerable and out-dated programs using Secunia Personal Software InspectorDownload, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and MalwareI'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htmSee the FAQ page http://mvps.org/winh...02/hostsfaq.htmThat would help to keep your browser away from known spyware/malware sites.Get notified when the MVPS HOSTS file is updatedhttp://winhelp2002.m...org/updates.htmMake regular backups of your system to removable media: DVD, USB external hard drive, etc.Having a total image backup of your system stored on DVD/CD is highly important.Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if a disaster hits.How to create a Windows system image in Windows 7 and Windows 8http://www.bleepingc...in-windows-7-8/How to use System Image Recovery in the Windows 7 and Windows 8 Recovery Environmenthttp://www.bleepingc...in-windows-7-8/Consider using Web of Trust WOT add-on for your browser(s)http://www.mywot.com/en/downloadhttp://www.mywot.com/en/faq/add-onTake extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}Don't plug in an unknown flash/thumb drive into your PC.IF you must do so, hold down the SHIFT-key when you insert the drive.Scan any file with your Antivirus prior to opening or using.On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:ESET Online ScannerBitDefender QuickscanTrend Micro HousecallF-Secure Online ScannerMicrosoft Safety ScannerPanda ActiveScanSee Six tips to help you stay safer onlineNever, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !Since you have done a clean Windows install, I will now close this thread.Best regards. Link to post Share on other sites More sharing options...
Recommended Posts