Please help

[Maurice Naggar]

Follow-up with this:

Download this file from Ramesh S http://www.winhelpon.../reg_fix_w7.zip

Save it to your DESKTOP.

Un-zip (Extract) the contents to your DESKTOP.

Download this 2nd file from Ramesh S http://www.winhelpon.../exe_fix_w7.zip

Save it to your DESKTOP.

Un-zip (Extract) the contents to your DESKTOP.

Go to the Run option ----- press Windows-key+R key to start the RUN option dialog & type in

REGEDIT and press Enter-key

from main menu, select File

then select IMPORT

navigate the dialog (click on DESKTOP icon on left to select it)

type in reg_fix_w7.reg in the Filename text-box and click Open button.

Once the merge is complete, you will see a confirmation message.

Click OK when done.

Back to Regedit;s main menu, select File

then select IMPORT

navigate the dialog (click on DESKTOP icon on left to select it)

type in exe_fix_w7.reg in the Filename text-box and click Open button.

Once the merge is complete, you will see a confirmation message.

Click OK when done.

Close/Exit REGEDIT

When all done, logoff & restart into normal mode.

Then, next

Download DDS and save it to your desktop from http://download.blee...om/sUBs/dds.com here

or http://download.blee...om/sUBs/dds.scr or

http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Double click dds to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.

Follow and answer the prompts as appropriate.

• When done, DDS will open two (2) logs:
  
• DDS.txt
  
• Attach.txt
  
• Save both reports to your desktop.
  

Please Copy & Paste contents of the following logs in your next reply:

DDS.txt

Attach.txt

Use NOTEPAD to Copy all contents of each log, then Paste directly into main-body of reply box.

Do -not- use the attach option unless a single log is way-too-large & won't fit.

[mhomer]

Hello,

Regedit would only allow me to do it in safe mode which I did with no problems.

Rebooted to normal mode and managed to download the first and third dds link but neither will run as administrator - the same message comes up "The service cannot be started, either because it is disabled or because it has not enabled devices associated with it."

[Maurice Naggar]

Try to run DDS one more time by double-clicking on DDS

If that does not work, start Task Manager {CTRL+ALT+DEL keys}

and select New Task Run

and enter

cmd.exe

& press Enter

next, type in at the command-prompt window

cd \Users\Michelle\Downloads\Desktop

& press Enter

then in the command-prompt window, type in

dds.scr

& press Enter

then press the Start button when you get the initial DDS prompt. Have infinite patience while it runs & scans.

If all that still does not work, then restart in Safe Mode with Networking and run DDS.

I think "maybe" part of the issue in not being able to run "some" download tools is due to where you chose to have your download saves.

You appear to not have them in your regular Desktop

but instead it appears you put some in a "Downloads" folder.

Edited April 18, 2013 by Maurice Naggar

[mhomer]

Because I use Chrome it automatically saves them in the Downloads folder, I can't change that but I can put them on the desktop which I do. It didn't work in normal mode, currently trying in safe mode.

[Maurice Naggar]

Start Chrome. Press and hold CTRL+SHIFT+DEL keys to get to empty the Chrome cache.

Press & hold ALT+F keys to get a Menu. Then click on Settings.

Scroll down the screen-listed.

Click on Adavanced Settings

Scroll down to the Downloads block.

Take a very close look at what is listed for Download location. Is that what you had picked?

You can click on the Change button to navigate & specify a folder of yours on the system.

AND you ought to checkmark (turn on) the box Ask where to save each file before downloading

When done Close the screen.

Note: We typically expect and in fact, count on, that folks save & place the tools into the "normal" Desktop.

[mhomer]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2

Run by Michelle at 12:44:25 on 2013-04-18

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3758.2565 [GMT 1:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\userinit.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE

uURLSearchHooks: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - <orphaned>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win32\NotebookPlugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

uRun: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe /Stay

uRun: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay

uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

mRun: [Conime] C:\Windows\System32\conime.exe

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

mRunOnce: [OTL] "C:\Users\Michelle\Downloads\OTL.exe"

dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1346960208502

DPF: {6F0892F7-0D44-41C3-BF07-7599873FAA04} - hxxps://go.girlguiding.org.uk/crystalreportviewers115/ActiveXControls/ActiveXViewer.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/downloads//ImageUploader6.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: Interfaces\{423D4F55-13A2-4D2E-BBDA-A1774A136043} : DHCPNameServer = 10.0.0.150 10.0.0.151

TCP: Interfaces\{AE879523-E971-4EF5-A301-84A0DCE2A149} : DHCPNameServer = 109.249.185.224 109.249.186.32

TCP: Interfaces\{B68B29E1-ECF4-4A80-B9C7-C0631DB2A63A} : DHCPNameServer = 82.132.254.2 82.132.254.3

TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\14E6462756772E08993702960586F6E656 : DHCPNameServer = 82.132.254.2 82.132.254.3

TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\245727E68616D60275962756C6563737 : DHCPNameServer = 192.168.190.1

TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\35075636472757D602D4162796E6160275966496 : DHCPNameServer = 172.18.233.1

TCP: Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}\35B4953323337313 : DHCPNameServer = 192.168.0.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGI

x64-mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGI

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

x64-BHO: SMART Notebook Download Utility: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win64\NotebookPlugin.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe

x64-Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\xkhvodhw.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npdf.dll

FF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitroie.dll

FF - plugin: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\Npindeo.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-1-4 72240]

R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-1-4 15920]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-21 55024]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 39768]

R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-10-12 94208]

R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-10-12 78848]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-4 56344]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-10-12 402720]

S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]

S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-12 13336]

S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-2-18 395640]

S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-4-12 1153368]

S2 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]

S2 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]

S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-10-21 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-21 2320920]

S2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-10-21 575856]

S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]

S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-10-21 836608]

S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]

S3 ACTIVhidmini;Promethean USB Board Driver;C:\Windows\System32\drivers\ACTIVhidmini.sys [2010-11-19 97496]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-10-21 19968]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-10-21 342056]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-10-21 39464]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-10-12 158976]

S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-26 287232]

S3 marsqx5;Digital Blue QX5 V2 Microscope;C:\Windows\System32\drivers\marsqx5.sys [2007-5-18 82944]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]

S3 prmvmouse;Promethean HID Mouse Service;C:\Windows\System32\drivers\activmouse.sys [2010-11-19 8152]

S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2011-6-9 16448]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-9-10 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]

S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-11-27 44736]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-22 1255736]

S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]

S4 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]

S4 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2012-6-24 216072]

S4 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-6-24 69640]

S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]

S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]

S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]

S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]

.

=============== Created Last 30 ================

.

2013-04-17 21:35:25 -------- d-----w- C:\_OTL

2013-04-17 14:23:37 -------- d-----w- C:\Users\Michelle\AppData\Roaming\QuickScan

2013-04-17 13:28:50 -------- d-----w- C:\Users\Michelle\AppData\Roaming\PeerNetworking

2013-04-16 08:30:07 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A9B93B8-ED45-4ED0-B60E-6711626E05D8}\offreg.dll

2013-04-16 07:39:30 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A9B93B8-ED45-4ED0-B60E-6711626E05D8}\mpengine.dll

2013-04-14 16:05:58 -------- d-----w- C:\ProgramData\HitmanPro

2013-04-12 14:22:30 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-04-12 13:21:50 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-04-12 13:21:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2013-04-12 11:19:30 -------- d-----w- C:\ProgramData\SUPERSetup

2013-04-12 10:02:57 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-04-12 10:02:45 3717632 ----a-w- C:\Windows\System32\mstscax.dll

2013-04-12 10:02:42 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-04-12 10:02:36 44032 ----a-w- C:\Windows\System32\tsgqec.dll

2013-04-12 10:02:36 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll

2013-04-12 10:02:36 158720 ----a-w- C:\Windows\System32\aaclient.dll

2013-04-12 10:02:36 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll

2013-04-12 10:02:21 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-04-12 10:01:59 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-04-12 10:01:56 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-04-12 10:01:56 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-04-12 10:01:54 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-04-12 10:01:54 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-04-12 10:01:54 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-26 08:35:23 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

.

==================== Find3M ====================

.

2013-03-18 18:18:03 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-18 18:18:03 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-18 18:18:03 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-03-13 12:48:33 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 12:48:33 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-12 00:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe

2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-02-18 20:29:12 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

.

============= FINISH: 12:47:15.69 ===============

[mhomer]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 20/02/2011 16:33:30

System Uptime: 18/04/2013 12:42:39 (0 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | N/A | 2394/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 285 GiB total, 166.337 GiB free.

D: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

RP295: 26/03/2013 09:00:25 - Scheduled Checkpoint

RP296: 26/03/2013 18:48:43 - Windows Update

RP297: 12/04/2013 15:21:49 - Windows Update

RP298: 14/04/2013 14:12:13 - Windows Update

RP299: 14/04/2013 18:33:23 - Installed Microsoft Fix it 50850

RP300: 14/04/2013 18:42:10 - Installed Microsoft Fix it 50850

RP301: 17/04/2013 14:30:48 - Installed LogMeIn

RP302: 17/04/2013 14:44:26 - Installed LogMeIn

RP303: 17/04/2013 14:55:40 - Installed LogMeIn

RP304: 17/04/2013 19:44:37 - Installed LogMeIn

RP305: 17/04/2013 23:41:52 - Installed LogMeIn

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

1&1 EasyLogin

ActivDriver x64 v5.7

ActivInspire Core Resources (ENU) v1

ActivInspire Help (GBR) v1

ActivInspire HWR Resources (ENU) v1

ActivInspire v1

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Photoshop Elements 8.0

Adobe Premiere Elements 8.0

Adobe Reader X (10.1.6)

Adobe Shockwave Player 11.6

aioprnt

aioscnnr

Alps Pointing-device for VAIO

Amazon MP3 Downloader 1.0.17

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Magic-i Visual Effects 2

ArcSoft WebCam Companion 3

AVG 2013

AVG Security Toolbar

BBC iPlayer Desktop

BitTorrent

Bonjour

C4USelfUpdater

center

Connecting Steps V2

D3DX10

Digital Blue QX5 Microscope

essentials

FlipShare

Garmin Communicator Plugin

Garmin Communicator Plugin x64

Google Apps

Google Chrome

Google Update Helper

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Play QX3 Computer Microscope

Intel® Rapid Storage Technology

Intel® System Information Viewer

InterActual Player

iPhone Backup Extractor

iTunes

Java 7 Update 17

Java Auto Updater

Java 6 Update 20 (64-bit)

Java 6 Update 31

Junk Mail filter update

Kodak AIO Printer

KODAK AiO Software

Malwarebytes Anti-Malware version 1.70.0.1100

Media Gallery

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft IntelliType Pro 8.2

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works 6-9 Converter

Microsoft_VC90_CRT_x86

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

MP4 To MP3 Converter V3.0.4

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Nero 11 Mini Repack

Nero Backup Drivers

Nitro Pro 7

NVIDIA PhysX

ocr

Pazera Free FLV to AVI Converter 1.4

PMB

PMB VAIO Edition Guide

PMB VAIO Edition Plug-in

PreReq

PrintProjects

Quick Web Access

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Sky Go Desktop

SMART Common Files

SMART English (United Kingdom) Language Pack

SMART Notebook Interactive Viewer

SmartSound Quicktracks for Premiere Elements 8.0

Spybot - Search & Destroy

Star Science 5

swMSM

The Nelson Handwriting Font

The Nelson Handwriting Template file

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VAIO - Media Gallery

VAIO - PMB VAIO Edition Guide

VAIO - PMB VAIO Edition Plug-in

VAIO Care

VAIO Control Center

VAIO Data Restore Tool

VAIO DVD Menu Data

VAIO Gate

VAIO Gate Default

VAIO Hardware Diagnostics

VAIO Manual

VAIO Media plus

VAIO Media plus Opening Movie

VAIO Movie Story Template Data

VAIO Sample Contents

VAIO screensaver

VAIO Smart Network

VAIO Transfer Support

VAIO Update

VAIO Update Merge Module x64

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

VU5x64

VU5x86

WIDCOMM Bluetooth Software

Windows Driver Package - Digital Blue (marsqx5) Image (04/04/2007 1.0.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinX Free VOB to AVI Converter 2.0.6

WinZip 15.5

YouTube Downloader 3.4

.

==== Event Viewer Messages From Past Week ========

.

18/04/2013 12:45:23, Error: Service Control Manager [7001] - The Intel® Management & Security Application User Notification Service service depends on the Intel® Management and Security Application Local Management Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

18/04/2013 12:44:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

18/04/2013 12:44:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

18/04/2013 12:44:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

18/04/2013 12:44:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

18/04/2013 12:43:23, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache spldr Wanarpv6

18/04/2013 12:43:19, Error: Service Control Manager [7001] - The VAIO Media plus Content Importer service depends on the VAIO Media plus Device Searcher service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

18/04/2013 12:43:19, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

18/04/2013 12:43:19, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

18/04/2013 12:41:37, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

18/04/2013 12:36:42, Error: Service Control Manager [7023] - The VAIO Content Folder Watcher service terminated with the following error: %%-2147023838

18/04/2013 05:43:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

18/04/2013 05:43:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

18/04/2013 05:40:06, Error: Service Control Manager [7034] - The AVGIDSAgent service terminated unexpectedly. It has done this 1 time(s).

17/04/2013 23:07:27, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

17/04/2013 23:07:27, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

17/04/2013 22:46:45, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

17/04/2013 21:06:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SOHDms service.

17/04/2013 20:08:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}

17/04/2013 14:35:19, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

17/04/2013 14:02:01, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

16/04/2013 20:34:13, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

15/04/2013 20:42:49, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FlipShare Service service.

15/04/2013 10:23:45, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

15/04/2013 10:23:45, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

15/04/2013 05:34:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

14/04/2013 17:33:32, Error: Service Control Manager [7024] - The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error The operation completed successfully..

12/04/2013 11:09:41, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

.

==== End Of File ===========================

[Maurice Naggar]

Confirm that you have "tweaked" your Chrome as per my reply in # 30 in this thread.

[mhomer]

I have tweaked my Chrome it now asks me where I want to download to.

[Maurice Naggar]

I feel the need to re-emphasize that you save the tools I ask you to get into the "regular" Desktop.

In your case, it is specifically, C:\Users\michelle\Desktop

Now then, I see you got & installed a program just yesterday.....Logmein

You should know that I meant that you should NOT install any new programs on your own, nor make changes to the system, nor run any "stuff" without first checking with me.

Please understand, I have to know the true / complete state of this system during the entire life of this help-topic.

You need to keep this system in isolation and treat it just like it as if it were in quarantine or like in a hospital ICU .

What does LogmeIn do for you? and why did you get it?

[mhomer]

I tried to install Log me in before I spoke to you, it was in the morning.

Log me in is a free download which allows you to have remote access to other computers. I was trying to link my laptop with the files on my work computer but it would not let me install it as it used Windows Installer. The same error message came up.

[Maurice Naggar]

What is the exact "error message"? I always need that info.

Is there a problem with the Windows installer service? If so, exactly what ?

Please promise you will not install, nor change, nor add "stuff" without checking with me first.

What is there on this system that you have not backed up on Offline media?

What is on this system that you cannot afford to lose?

Do you have the Windows 7 o.s. DVD?

[mhomer]

I cannot remember the exact wording without running it again to see, although it said something about Windows Installer and then something along the lines of 'The administrator has set policies to prevent this installation.'

I will not install anything on the computer without checking first.

I have nothing backed up on the computer but can remove all files/photos/emails etc without any problems as it allows normal day to day functionality - it will just take a long time.

I cannot afford to loose any of the files for work.

I do not have a windows 7 os dvd - it is a Sony Vaio laptop and as such comes with some sort of recovery process inbuilt but whether this is .exe and will be allowed to run I do not know.

[Maurice Naggar]

Download and Save this reg file to the Desktop

http://download.blee...7/msiserver.reg

go to Start, type in

REGEDIT

and press Enter-key

from main menu, select File

then select IMPORT

navigate the dialog (click on DESKTOP icon on left to select it)

type in msiserver.reg in the Filename text-box and click Open button.

Once the merge is complete, you will see a confirmation message.

Click OK when done. Close/Exit REGEDIT

When that is completed, Logoff and Restart Windows fresh.

Download >> Farbar's Service Scanner utility << and Save to your Desktop.

If using Windows 7 or 8 or Vista, Right-Click on fss.exe and select Run As Administrator.

If using XP, double-click to start.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are checkmarked:

• Internet Services
  
• Windows Firewall
  
• System Restore
  
• Security Center/Action Center
  
• Windows Update
  
• Windows Defender
  
• Other services
  

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Copy & Paste contents of FSS.txt into your reply.

[mhomer]

Thank you for your help so far.

None of the above would run in normal mode so all were done in safe mode.

Farbar Service Scanner Version: 14-04-2013

Ran by Michelle (administrator) on 20-04-2013 at 09:26:57

Running from "C:\Users\Michelle\Downloads\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Network

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Attempt to access Yahoo IP returned error. Yahoo IP is offline

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:

The start type of VSS service is set to Auto. The default start type is 3.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

Action Center:

============

wscsvc Service is not running. Checking service configuration:

The start type of wscsvc service is OK.

The ImagePath of wscsvc service is OK.

The ServiceDll of wscsvc service is OK.

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is OK.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".

BITS Service is not running. Checking service configuration:

The start type of BITS service is OK.

The ImagePath of BITS service is OK.

The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:

The start type of EventSystem service is OK.

The ImagePath of EventSystem service is OK.

The ServiceDll of EventSystem service is OK.

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is OK.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\iphlpsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

[Maurice Naggar]

Be aware that malware cleanups can sometimes result in unexpected effects.

If you have personal documents, files, etc of yours on the system that you have not previously backed up, take time and do so now. Copy / backup your personal stuff to Offline media, like external storage drive, cloud-based backup, or to DVDs/CDs.

Also, consider that wiping the system and doing a clean new install of Windows +all your program applications is a the safest thing to do long term, and may just be quicker than us continuing to try to hunt & fix.

This is not a "virus" that is on this system. But more trojan-malware-like and is pretty well hidden.

The inability to run in normal mode is not a good indicator.

A wipe and new install can be done by you in 1 day or so.

Do let me know what you decide.

If you still want to go forward with the hunt, then do this:

Download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
  
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  
• Use the arrow keys to select the Repair your computer menu item.
  
• Select English as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account an click Next.

OR If you have the Windows o.s. DVD, then To enter System Recovery Options, by using Windows installation disc:

• Insert the installation disc.
  
• Restart your computer.
  
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  
• Click Repair your computer.
  
• Select English as the keyboard language settings, and then click Next.
  
• Select the operating system you want to repair, and then click Next.
  
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• • 
    
  • Startup Repair
    
  • System Restore
    
  • Windows Complete PC Restore
    
  • Windows Memory Diagnostic Tool
    
  • Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

[mhomer]

Thank you for your help. I decided to cut my losses and wipe the system after backing up all my files and folders. I now appear to virus/trojan/worm free.

Thank you for your support.

Michelle

[Maurice Naggar]

Michelle,

You are very welcome. A clean install is the only way to go to be safest.

Be sure if the your original Windows included any antivirus that you un-install it, and install your own.

Be sure you make a visit to Windows Update to insure your Windows is all up-to-date.

If you had backed up any of your documents, When you copy back your files/documents, be sure you scan them with your antivirus & also with MBAM before opening or using them.

The same would be accomplished by doing a full scan of the system with each of the antivirus & MBAM.

You should create a "system repair disc" for your Windows 7 either to a CD, DVD, or new USB-flash-thumb drive {if your hardware can boot from USB}.

The following is a reference page at Microsoft and also has a link to a how-to-video.

Create a Windows 7 system repair disc

This "repair disc" is a very handy tool that one may use when and IF you are not able to start Windows 7 normally.

This "repair disc" or "rescue disc" is not intended as a replacement for having the Windows 7 operating system DVD.

Make a rescue disc, put a label on it, store it away for a "rainy day".

I would suggest to you that you have MBAM PRO installed to help you reduce the odds of another similar "situation".

Safer practices & malware prevention

• Have a hardware router between the incoming internet-modem and your computer.
  
• Use a Standard user account rather than an administrator-rights account when "surfing" the web.
  
• Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
  
• Check in at Windows Update and install any Important Updates offered.
  
• Make certain that Automatic Updates is enabled.
  How to configure and use Automatic Updates in Windows
  http://support.microsoft.com/kb/306525
  
• Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.
  See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
  
• Download, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)
  Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware
  
• I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
  See the FAQ page http://mvps.org/winh...02/hostsfaq.htm
  That would help to keep your browser away from known spyware/malware sites.
  Get notified when the MVPS HOSTS file is updated
  http://winhelp2002.m...org/updates.htm
  
• Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
  Having a total image backup of your system stored on DVD/CD is highly important.
  Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if a disaster hits.
  How to create a Windows system image in Windows 7 and Windows 8
  http://www.bleepingc...in-windows-7-8/
  How to use System Image Recovery in the Windows 7 and Windows 8 Recovery Environment
  http://www.bleepingc...in-windows-7-8/
  
• Consider using Web of Trust WOT add-on for your browser(s)
  http://www.mywot.com/en/download
  http://www.mywot.com/en/faq/add-on
  
• Take extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}
  Don't plug in an unknown flash/thumb drive into your PC.
  IF you must do so, hold down the SHIFT-key when you insert the drive.
  Scan any file with your Antivirus prior to opening or using.
  On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
  ESET Online Scanner
  BitDefender Quickscan
  Trend Micro Housecall
  F-Secure Online Scanner
  Microsoft Safety Scanner
  Panda ActiveScan
  
• See Six tips to help you stay safer online
  
• Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !
  

Since you have done a clean Windows install, I will now close this thread.

Best regards.