PDA

View Full Version : Cannot turn on virus scanner and cannot download files from internet



CabinMomma
2009-06-06, 19:21
Hello,

I'm so glad I found this site! I hope you can help.

I have a Sony VAIO laptop running Vista Business, Service Pack 1.

I am using AVG free as virus scanner and scan periodically with MalwareBytes Anti-Malware tool. About a week ago, I had a notice in my bar that my anti-virus was turned off. I tried to turn it on, but it wouldn't turn on (no error message, it just asks if I trust the program and want to run it, I click yes and then nothing happens).

I thought maybe I had "contracted" something, so I tried to run the MalwareBytes Anti-Malware, but it said my db was out of date. I tried to update it, but it wouldn't download. I cannot download anything. I get the download status window, but the status bar goes too fast (if you know what I mean... I know how slow my connection is and it goes by too fast) and then at the end, it just closes - no file, no error, no nothing.

Doesn't matter what I try to download - email attachment, from a website, txt file, zip file - nothing downloads. Makes it difficult to update anything or add any fixes. To add to my dismay, my desktop crashed a couple of weeks ago (hardware issue... it's 8 years old), so I have no other easy way to get files. I got my husband to download Search and Destroy to run a scan for me - which he put on my thumb drive and I then put on my computer. After than, I found your forums and this great info and realized that I likely infected my thumb drive (had not used it for months prior, so it was likely not infected before) and now my husband doesn't want to put it back in his laptop. :(

Search and Destroy came up with 2 malware - the first antispyware tool I had my husband transfer for me and something that said it was an ad tool? I should have written it down, but I didn't.

The only other things it found were tracking cookies.

I don't have any other signs of malware except for not being able to run my anti-virus and not being able to download.

Any help or suggestions would be greatly appreciated.

Blade81
2009-06-07, 12:28
Hi,

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.


Download Rooter.exe (http://eric.71.mespages.googlepages.com/Rooter.exe) to your desktop


Then doubleclick it to start the tool
A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post the log here.

CabinMomma
2009-06-08, 00:13
Hello,

Here is the first, DDS.txt:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 15:33:25.28 on Sun 06/07/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1083 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\NomaDesk\Dashboard\NomaDeskClient.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?

rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12

\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft

shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer

developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer

toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-

{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program

files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program

files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth

toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind

lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows

live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12

\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet

explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12

\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -

hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-

469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12

\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12

\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\paula\appdata\local\google\update\1.2.145.5\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]

=============== Created Last 30 ================

2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-06-05 17:37 <DIR> --d----- c:\users\paula\appdata\roaming\AntispywareBot
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 <DIR> --d----- c:\program files\Live Mesh

==================== Find3M ====================

2009-06-02 16:01 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh---

c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh---

c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh---

c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 15:39:02.87 ===============

CabinMomma
2009-06-08, 00:14
Here is Attach.txt:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/6/2009 10:52:58 AM (29 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 62.44 GiB free.
D: is Removable
E: is CDROM ()
L: is FIXED (FAT32) - 62 GiB total, 62.44 GiB free.
M: is FIXED (FAT32) - 63 GiB total, 62.446 GiB free.
N: is FIXED (FAT32) - 62 GiB total, 62.44 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

==== System Restore Points ===================

RP770: 5/18/2009 10:57:17 PM - Windows Update
RP771: 5/20/2009 9:24:15 AM - Scheduled Checkpoint
RP772: 5/21/2009 9:05:28 AM - Windows Update
RP774: 5/22/2009 8:15:28 AM - Avg8 Update
RP776: 5/22/2009 8:21:40 AM - Avg8 Update
RP777: 5/25/2009 4:21:34 PM - Scheduled Checkpoint
RP778: 5/26/2009 8:38:53 AM - Windows Update
RP779: 5/28/2009 11:01:05 AM - Scheduled Checkpoint
RP780: 5/28/2009 1:50:21 PM - Windows Update
RP781: 5/31/2009 10:57:25 AM - Scheduled Checkpoint
RP782: 6/2/2009 8:14:36 AM - Windows Update
RP783: 6/3/2009 6:24:58 PM - Scheduled Checkpoint
RP784: 6/5/2009 1:23:44 AM - Windows Update
RP785: 6/5/2009 5:34:55 PM - Installed AntispywareBot
RP786: 6/5/2009 6:10:08 PM - Removed AntispywareBot
RP787: 6/7/2009 12:00:01 AM - Scheduled Checkpoint

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb968503)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/6/2009 6:33:45 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.123 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/5/2009 9:43:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
6/5/2009 9:43:03 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/1/2009 9:42:16 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758162315 (0xE001018B).
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The McAfee SpamKiller Service service failed to start due to the following error: The system cannot find the file specified.
6/1/2009 2:34:07 PM, Error: Microsoft-Windows-DistributedCOM [10009] - DCOM was unable to communicate with the computer SOFTSERV4 using any of the configured protocols.

==== End Of File ===========================

CabinMomma
2009-06-08, 00:15
Lastly, here is Rooter.txt:

Microsoft Windows Vista Professional (6.0.6001) Service Pack 1

C:\ [Fixed] - NTFS - (Total:145874 Mo/Free:2498 Mo)
D:\ [Removable] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
L:\ [Fixed] - FAT32 - (Total:63940 Mo/Free:2498 Mo)
M:\ [Fixed] - FAT32 - (Total:64010 Mo/Free:2504 Mo)
N:\ [Fixed] - FAT32 - (Total:63961 Mo/Free:2498 Mo)

Sun 06/07/2009|16:03

----------------------\\ Processes..

--Locked-- [System Process]
--Locked-- System
---------- \SystemRoot\System32\smss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\wininit.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Program Files\AVG\AVG8\avgrsx.exe
---------- C:\Windows\system32\services.exe
---------- C:\Windows\system32\lsass.exe
---------- C:\Windows\system32\lsm.exe
---------- C:\Windows\system32\winlogon.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
--Locked-- audiodg.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\SLsvc.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Protector Suite QL\upeksvr.exe
---------- C:\Windows\System32\spoolsv.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
---------- C:\Windows\system32\inetsrv\inetinfo.exe
---------- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
---------- c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
---------- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\sqlservr.exe
---------- C:\Program Files\Sony\Network Utility\NSUService.exe
---------- C:\Windows\system32\svchost.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
---------- c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
---------- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
---------- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
---------- C:\Windows\system32\stacsv.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
---------- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
---------- C:\Windows\system32\SearchIndexer.exe
---------- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
---------- C:\Windows\system32\DRIVERS\xaudio.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
---------- C:\Windows\system32\WUDFHost.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
---------- C:\Windows\system32\Dwm.exe
---------- C:\Windows\Explorer.EXE
---------- C:\Program Files\Windows Defender\MSASCui.exe
---------- C:\Program Files\Apoint\Apoint.exe
---------- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
---------- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Program Files\Windows Sidebar\sidebar.exe
---------- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---------- C:\Windows\system32\wbem\unsecapp.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Apoint\ApMsgFwd.exe
---------- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
---------- C:\Users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
---------- C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
---------- C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
---------- C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
---------- C:\Program Files\WinZip\WZQKPICK.EXE
---------- C:\Program Files\NomaDesk\Dashboard\NomaDeskClient.exe
---------- C:\Windows\System32\rundll32.exe
---------- C:\Program Files\Protector Suite QL\psqltray.exe
---------- C:\Program Files\Apoint\Apntex.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
---------- C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
---------- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
---------- C:\Program Files\Windows Media Player\wmpnetwk.exe
---------- C:\Windows\system32\taskeng.exe
---------- C:\Program Files\Internet Explorer\ieuser.exe
---------- C:\Program Files\Internet Explorer\iexplore.exe
---------- C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\wuauclt.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
---------- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
---------- C:\Windows\system32\notepad.exe
---------- C:\Windows\system32\NOTEPAD.EXE
---------- C:\Windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!



1 - "C:\Rooter$\Rooter_1.txt" - Sun 06/07/2009|16:09

----------------------\\ Scan completed at 16:09

Blade81
2009-06-08, 21:11
Hi again,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds.txt log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

CabinMomma
2009-06-09, 01:31
Note: I received an error that McAfee antivirus was still running when I started ComboFix, but I had removed McAfee over a year ago. I couldn't find a process or service running to stop/kill, so ComboFix said it would run anyway (at my own risk). Hopefully, this did not affect the results. I can't find that it is still installed on my machine.

ComboFix results:
ComboFix 09-06-07.07 - Paula 06/08/2009 16:57.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1678 [GMT -5:00]
Running from: c:\users\Paula\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Paula\AppData\Roaming\.#
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD2970.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29A0.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29D0.###
c:\users\Paula\AppData\Roaming\AntispywareBot

.
((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-08 21:51 . 2009-06-08 21:55 -------- d-----w- \Qoobox
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- C:\Rooter$
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- \Rooter$
2009-06-05 22:59 . 2009-06-06 00:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-05 22:59 . 2009-06-05 23:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-29 18:46 . 2009-06-06 02:39 3219578880 --sha-w- \hiberfil.sys
2009-05-24 21:51 . 2009-05-24 21:51 -------- d-----w- c:\programdata\Apple Computer
2009-05-11 15:57 . 2009-05-11 15:57 9024 ----a-w- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 15:57 . 2009-05-11 15:57 118736 ----a-w- c:\windows\system32\rdpdispd.dll
2009-05-11 15:57 . 2009-05-11 15:57 -------- d-----w- c:\program files\Live Mesh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 02:39 . 2009-05-29 18:46 3219578880 --sha-w- \hiberfil.sys
2009-06-06 02:39 . 2007-11-07 16:56 3533176832 --sha-w- \pagefile.sys
2009-06-05 22:24 . 2008-08-10 17:59 -------- d-----w- c:\users\Paula\AppData\Roaming\FileZilla
2009-06-02 21:01 . 2007-11-11 14:40 158665 ----a-w- c:\users\Paula\AppData\Roaming\nvModes.dat
2009-05-25 21:58 . 2009-02-11 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-25 21:57 . 2009-02-13 03:38 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-24 21:56 . 2009-03-12 16:51 -------- d-----w- c:\program files\Safari
2009-05-24 21:52 . 2009-03-27 17:16 -------- d-----w- c:\program files\QuickTime
2009-05-22 13:20 . 2009-02-13 18:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-22 13:20 . 2009-02-13 18:25 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-15 08:05 . 2007-11-07 17:50 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-08 02:44 . 2007-11-15 23:04 680 ----a-w- c:\users\Paula\AppData\Local\d3d9caps.dat
2009-04-26 23:24 . 2008-10-17 21:21 -------- d-----w- c:\users\Paula\AppData\Roaming\Smilebox
2009-04-24 21:59 . 2007-06-26 17:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-12 13:56 . 2008-08-14 02:26 -------- d-----w- c:\program files\NomaDesk
2009-04-06 20:32 . 2009-02-11 17:05 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 20:32 . 2009-02-11 17:06 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-03-30 21:04 . 2009-03-30 21:04 168584 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxBrowserEngine.dll
2009-03-30 21:04 . 2008-12-11 22:55 205448 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvd.exe
2009-03-30 21:04 . 2008-11-26 02:02 254600 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
2009-03-30 21:04 . 2008-09-25 10:36 373384 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxStarter.exe
2009-03-30 20:57 . 2009-03-30 20:57 1540744 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxClient.exe
2009-03-30 20:36 . 2009-03-30 20:36 340616 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvdEngine.dll
2009-03-30 20:36 . 2009-03-30 20:36 123528 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxUpdater.exe
2009-03-23 14:50 . 2009-03-14 22:18 118784 ----a-w- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 14:50 . 2009-03-14 22:18 8749 ----a-w- c:\windows\mozver.dat
2009-03-23 14:49 . 2009-03-14 22:18 118784 ----a-w- c:\windows\GREUninstall.exe
2009-03-23 14:44 . 2009-03-23 14:41 13037568 ----a-w- c:\users\Paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-23 09:29 . 2008-08-14 02:26 312536 ----a-w- c:\windows\system32\drivers\solfs.sys
2009-03-23 09:29 . 2008-08-14 02:26 54488 ----a-w- c:\windows\system32\drivers\soldisk.sys
2009-03-17 03:38 . 2009-04-16 17:30 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 17:30 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-14 22:19 . 2007-11-12 02:02 335 ----a-w- c:\windows\nsreg.dat
2008-06-30 18:44 . 2008-06-10 21:29 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-05 21:36 . 2007-11-12 02:04 864768 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000PersonalFileserver]
@="{cf9b0966-e77e-3397-37ca-e5938982b488}"
[HKEY_CLASSES_ROOT\CLSID\{cf9b0966-e77e-3397-37ca-e5938982b488}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000TeamFileserver]
@="{9e447f8a-49cc-44d6-ad79-03ab14e81365}"
[HKEY_CLASSES_ROOT\CLSID\{9e447f8a-49cc-44d6-ad79-03ab14e81365}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2008-01-19 12800]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"SmileboxTray"="c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe" [2009-03-30 254600]
"Google Update"="c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-12 133104]
"MoeMonitor.exe"="c:\users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe" [2009-05-17 02:29 1321808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-09 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-05-14 321656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-27 136600]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-03-06 36864]
"VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2007-06-18 73728]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-01-05 49168]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2006-12-07 577536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FinePrint Dispatcher v5"="c:\windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-11-07 507904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-22 1947928]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-12 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-03-27 413696]

c:\users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
NomaDeskr.lnk - c:\program files\NomaDesk\Dashboard\NomaDeskClient.exe [2009-4-10 251392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
MiniEYE-MiniREAD Launch.lnk - c:\program files\Infinite Mind LC\eyeQ\ARLaunch.exe [2008-2-16 323584]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-12-4 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-01-05 21:28 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C35265B-ECCC-4397-8754-C59097211B77}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{D9A8D914-5ADD-4B91-B81D-706A86A8C098}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{C0D7E1C0-80EC-4AF1-A7B8-205765B0A158}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{20923077-5096-4A93-9DF7-6354460BCB9A}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{21FA6B7D-558A-4420-9F17-472C60586613}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0F892060-4192-4F14-A502-8F0726941E3B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E860886B-005A-49C1-8C5C-2E054496B2EB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EA4E2533-4324-4C4F-80B3-7EBF6A585381}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{758ABB3E-3FFA-40CC-8565-F4BC1EADA2D4}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8D1F0536-AFFC-48E0-A4C7-800B239FB7FE}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CCDAE132-87AD-4F20-AC63-42AE5EED115D}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{655B5760-4E33-4F9B-B6F8-5402D4F634DD}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{6E5D3E2B-E565-4814-B29B-9B96D930D8B6}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{20BEE8E7-F078-4D6D-A578-151983F24DE9}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{C258D1A4-2E36-4CBD-8569-44A30DA05D04}"= UDP:c:\program files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"TCP Query User{DB157681-525D-4F9A-9F33-55E66AE26FD4}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{914F47CB-1E94-49B6-8B24-643279A7DB1F}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{38C13EA6-A16F-4AF3-BD40-B50129637D15}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{B5729DCF-3F85-4774-AB96-76FA78C42E9A}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{4FB2D1BF-BB62-47D4-9B35-B1B9B2101D72}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{190016E2-E87B-4D14-99EA-8D86CA765836}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E4552DA0-5D2C-4984-8F6E-8215B26AB740}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{D7211204-55CB-4154-98EF-3E19B7C0A958}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{42A113C1-F704-4ABB-9E16-C97CBE00889A}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{3C5A50E2-A01D-4C2C-826E-F96F55EE3AF5}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{C7EBA19B-1CE6-4FDB-98D6-F4937D86D316}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{1201CA27-AC0F-4802-9B62-7A71CFB441B8}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{C73D2836-1A7D-471B-ABB4-574F21D51A86}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{DFDE1CAF-E748-40EC-95F3-83DAE35AF1F4}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{F194F2FB-1212-4D5E-98C9-51EDEE5B4CE0}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{6E144CF0-E57E-4C50-84B1-6A1852CA88E7}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{998CCE44-45BD-4CEE-A289-469E43EEBC0C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{F1946F57-2962-4FCB-972A-A2F6BD0234A3}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{4610E054-0EE9-4906-805C-4419867FA73E}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{137E5170-628B-42B6-8C55-9FAAD449A825}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{1CDA0034-DB6D-410A-986F-6AD190F5E312}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{A54DC500-FA11-4AAE-8DED-B1B57E53B913}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{25B48033-4070-42FA-8E33-29BDAA0A500D}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{D13C29A8-F3E7-47D0-8AE5-A23DF55E2134}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{30312F4E-F7B7-419B-B70C-93804D670EFE}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [6/26/2007 12:20 PM 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2/13/2009 1:25 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2/13/2009 1:25 PM 108552]
R1 SolDisk;SolDisk;c:\windows\System32\drivers\soldisk.sys [8/13/2008 9:26 PM 54488]
R1 SolFS;SolFS;c:\windows\System32\drivers\solfs.sys [8/13/2008 9:26 PM 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 6:50 PM 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [6/22/2007 9:22 AM 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2/10/2009 11:38 AM 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [5/11/2009 10:57 AM 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\System32\drivers\PTDWBus.sys [11/9/2007 5:02 PM 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\System32\drivers\PTDWMdm.sys [11/9/2007 5:02 PM 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\System32\drivers\PTDWVsp.sys [11/9/2007 5:02 PM 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [6/25/2007 6:37 PM 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [6/25/2007 6:37 PM 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\System32\drivers\rdpdispm.sys [5/11/2009 10:57 AM 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [6/25/2007 7:27 PM 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\System32\drivers\SonyPI.sys [6/25/2007 6:55 PM 33792]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [6/25/2007 6:53 PM 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/13/2009 1:25 PM 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [11/7/2007 12:27 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [11/7/2007 12:27 PM 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\System32\drivers\PWCTLDRV.sys [11/9/2007 5:02 PM 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [11/7/2007 1:52 PM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [11/7/2007 1:52 PM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [11/7/2007 1:52 PM 1089536]
S3 WMSvc;Web Management Service;c:\windows\System32\inetsrv\WMSvc.exe [9/16/2008 9:57 AM 11264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2312238057-754008070-484453957-1004.job
- c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-12 16:45]

2009-06-03 c:\windows\Tasks\User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}.job
- c:\windows\system32\msfeedssync.exe [2008-09-16 07:33]
.
- - - - ORPHANS REMOVED - - - -

ShellIconOverlayIdentifiers-{7CB86623-1BEC-4FE6-AC97-5497E6D75DFD} - c:\program files\NomaDesk\ShellExtension\NomaDesk.DriveIcon.dll
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
FF - ProfilePath - c:\users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\8spcfcqd.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Paula\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 17:06
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe\" -s:MSSQL.6 -f:MSSQLSERVER"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql$SQLEXPRESS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:SQLEXPRESS"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
.
Completion time: 2009-06-08 17:10
ComboFix-quarantined-files.txt 2009-06-08 22:09

Pre-Run: 66,259,660,800 bytes free
Post-Run: 66,261,647,360 bytes free

297 --- E O F --- 2009-06-08 17:15


______________________________________________________
______________________________________________________

New dds.txt:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 17:27:01.69 on Mon 06/08/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1414 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\System32\svchost.exe -k wdisvc
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-6-26 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]
R1 SolDisk;SolDisk;c:\windows\system32\drivers\soldisk.sys [2008-8-13 54488]
R1 SolFS;SolFS;c:\windows\system32\drivers\solfs.sys [2008-8-13 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\mssql\binn\msftesql.exe [2007-6-22 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-2-10 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.4\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\mssql.7\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\live mesh\remote desktop\wlcrasvc.exe [2009-5-11 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\system32\drivers\PTDWBus.sys [2007-11-9 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\system32\drivers\PTDWMdm.sys [2007-11-9 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\system32\drivers\PTDWVsp.sys [2007-11-9 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-25 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-25 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-5-11 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-6-25 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-6-25 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-25 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-11-7 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-11-7 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\system32\drivers\PWCTLDRV.sys [2007-11-9 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-7 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-7 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-7 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-9-16 11264]

=============== Created Last 30 ================

2009-06-08 17:10 <DIR> --d----- C:\temp
2009-06-08 17:10 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-06-08 16:55 161,792 a------- c:\windows\SWREG.exe
2009-06-08 16:55 155,136 a------- c:\windows\PEV.exe
2009-06-08 16:55 98,816 a------- c:\windows\sed.exe
2009-06-07 16:03 <DIR> --d----- C:\Rooter$
2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 <DIR> --d----- c:\program files\Live Mesh

==================== Find3M ====================

2009-06-02 16:01 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 17:27:26.30 ===============


______________________________________________________
______________________________________________________

New Attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/7/2009 2:55:02 AM (39 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 2201/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 61.805 GiB free.
D: is Removable
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

==== System Restore Points ===================

RP770: 5/18/2009 10:57:17 PM - Windows Update
RP771: 5/20/2009 9:24:15 AM - Scheduled Checkpoint
RP772: 5/21/2009 9:05:28 AM - Windows Update
RP774: 5/22/2009 8:15:28 AM - Avg8 Update
RP776: 5/22/2009 8:21:40 AM - Avg8 Update
RP777: 5/25/2009 4:21:34 PM - Scheduled Checkpoint
RP778: 5/26/2009 8:38:53 AM - Windows Update
RP779: 5/28/2009 11:01:05 AM - Scheduled Checkpoint
RP780: 5/28/2009 1:50:21 PM - Windows Update
RP781: 5/31/2009 10:57:25 AM - Scheduled Checkpoint
RP782: 6/2/2009 8:14:36 AM - Windows Update
RP783: 6/3/2009 6:24:58 PM - Scheduled Checkpoint
RP784: 6/5/2009 1:23:44 AM - Windows Update
RP785: 6/5/2009 5:34:55 PM - Installed AntispywareBot
RP786: 6/5/2009 6:10:08 PM - Removed AntispywareBot
RP787: 6/7/2009 12:00:01 AM - Scheduled Checkpoint
RP788: 6/8/2009 12:14:43 PM - Windows Update

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb968503)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/8/2009 4:57:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PEVSystemStart service to connect.
6/8/2009 4:56:58 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/8/2009 4:46:25 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.124 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/8/2009 12:10:35 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.113 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/6/2009 6:33:45 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.123 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/5/2009 9:43:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
6/5/2009 9:43:03 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/1/2009 9:42:16 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758162315 (0xE001018B).
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The McAfee SpamKiller Service service failed to start due to the following error: The system cannot find the file specified.
6/1/2009 2:34:07 PM, Error: Microsoft-Windows-DistributedCOM [10009] - DCOM was unable to communicate with the computer SOFTSERV4 using any of the configured protocols.

==== End Of File ===========================

CabinMomma
2009-06-09, 01:58
Note: I received an error that McAfee antivirus was still running when I started ComboFix, but I had removed McAfee over a year ago. I couldn't find a process or service running to stop/kill, so ComboFix said it would run anyway (at my own risk). Hopefully, this did not affect the results. I can't find that it is still installed on my machine.

ComboFix results:
ComboFix 09-06-07.07 - Paula 06/08/2009 16:57.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1678 [GMT -5:00]
Running from: c:\users\Paula\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Paula\AppData\Roaming\.#
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD2970.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29A0.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29D0.###
c:\users\Paula\AppData\Roaming\AntispywareBot

.
((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-08 21:51 . 2009-06-08 21:55 -------- d-----w- \Qoobox
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- C:\Rooter$
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- \Rooter$
2009-06-05 22:59 . 2009-06-06 00:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-05 22:59 . 2009-06-05 23:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-29 18:46 . 2009-06-06 02:39 3219578880 --sha-w- \hiberfil.sys
2009-05-24 21:51 . 2009-05-24 21:51 -------- d-----w- c:\programdata\Apple Computer
2009-05-11 15:57 . 2009-05-11 15:57 9024 ----a-w- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 15:57 . 2009-05-11 15:57 118736 ----a-w- c:\windows\system32\rdpdispd.dll
2009-05-11 15:57 . 2009-05-11 15:57 -------- d-----w- c:\program files\Live Mesh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 02:39 . 2009-05-29 18:46 3219578880 --sha-w- \hiberfil.sys
2009-06-06 02:39 . 2007-11-07 16:56 3533176832 --sha-w- \pagefile.sys
2009-06-05 22:24 . 2008-08-10 17:59 -------- d-----w- c:\users\Paula\AppData\Roaming\FileZilla
2009-06-02 21:01 . 2007-11-11 14:40 158665 ----a-w- c:\users\Paula\AppData\Roaming\nvModes.dat
2009-05-25 21:58 . 2009-02-11 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-25 21:57 . 2009-02-13 03:38 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-24 21:56 . 2009-03-12 16:51 -------- d-----w- c:\program files\Safari
2009-05-24 21:52 . 2009-03-27 17:16 -------- d-----w- c:\program files\QuickTime
2009-05-22 13:20 . 2009-02-13 18:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-22 13:20 . 2009-02-13 18:25 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-15 08:05 . 2007-11-07 17:50 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-08 02:44 . 2007-11-15 23:04 680 ----a-w- c:\users\Paula\AppData\Local\d3d9caps.dat
2009-04-26 23:24 . 2008-10-17 21:21 -------- d-----w- c:\users\Paula\AppData\Roaming\Smilebox
2009-04-24 21:59 . 2007-06-26 17:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-12 13:56 . 2008-08-14 02:26 -------- d-----w- c:\program files\NomaDesk
2009-04-06 20:32 . 2009-02-11 17:05 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 20:32 . 2009-02-11 17:06 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-03-30 21:04 . 2009-03-30 21:04 168584 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxBrowserEngine.dll
2009-03-30 21:04 . 2008-12-11 22:55 205448 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvd.exe
2009-03-30 21:04 . 2008-11-26 02:02 254600 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
2009-03-30 21:04 . 2008-09-25 10:36 373384 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxStarter.exe
2009-03-30 20:57 . 2009-03-30 20:57 1540744 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxClient.exe
2009-03-30 20:36 . 2009-03-30 20:36 340616 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvdEngine.dll
2009-03-30 20:36 . 2009-03-30 20:36 123528 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxUpdater.exe
2009-03-23 14:50 . 2009-03-14 22:18 118784 ----a-w- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 14:50 . 2009-03-14 22:18 8749 ----a-w- c:\windows\mozver.dat
2009-03-23 14:49 . 2009-03-14 22:18 118784 ----a-w- c:\windows\GREUninstall.exe
2009-03-23 14:44 . 2009-03-23 14:41 13037568 ----a-w- c:\users\Paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-23 09:29 . 2008-08-14 02:26 312536 ----a-w- c:\windows\system32\drivers\solfs.sys
2009-03-23 09:29 . 2008-08-14 02:26 54488 ----a-w- c:\windows\system32\drivers\soldisk.sys
2009-03-17 03:38 . 2009-04-16 17:30 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 17:30 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-14 22:19 . 2007-11-12 02:02 335 ----a-w- c:\windows\nsreg.dat
2008-06-30 18:44 . 2008-06-10 21:29 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-05 21:36 . 2007-11-12 02:04 864768 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000PersonalFileserver]
@="{cf9b0966-e77e-3397-37ca-e5938982b488}"
[HKEY_CLASSES_ROOT\CLSID\{cf9b0966-e77e-3397-37ca-e5938982b488}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000TeamFileserver]
@="{9e447f8a-49cc-44d6-ad79-03ab14e81365}"
[HKEY_CLASSES_ROOT\CLSID\{9e447f8a-49cc-44d6-ad79-03ab14e81365}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2008-01-19 12800]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"SmileboxTray"="c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe" [2009-03-30 254600]
"Google Update"="c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-12 133104]
"MoeMonitor.exe"="c:\users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe" [2009-05-17 02:29 1321808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-09 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-05-14 321656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-27 136600]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-03-06 36864]
"VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2007-06-18 73728]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-01-05 49168]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2006-12-07 577536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FinePrint Dispatcher v5"="c:\windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-11-07 507904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-22 1947928]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-12 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-03-27 413696]

c:\users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
NomaDeskr.lnk - c:\program files\NomaDesk\Dashboard\NomaDeskClient.exe [2009-4-10 251392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
MiniEYE-MiniREAD Launch.lnk - c:\program files\Infinite Mind LC\eyeQ\ARLaunch.exe [2008-2-16 323584]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-12-4 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-01-05 21:28 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C35265B-ECCC-4397-8754-C59097211B77}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{D9A8D914-5ADD-4B91-B81D-706A86A8C098}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{C0D7E1C0-80EC-4AF1-A7B8-205765B0A158}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{20923077-5096-4A93-9DF7-6354460BCB9A}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{21FA6B7D-558A-4420-9F17-472C60586613}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0F892060-4192-4F14-A502-8F0726941E3B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E860886B-005A-49C1-8C5C-2E054496B2EB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EA4E2533-4324-4C4F-80B3-7EBF6A585381}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{758ABB3E-3FFA-40CC-8565-F4BC1EADA2D4}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8D1F0536-AFFC-48E0-A4C7-800B239FB7FE}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CCDAE132-87AD-4F20-AC63-42AE5EED115D}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{655B5760-4E33-4F9B-B6F8-5402D4F634DD}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{6E5D3E2B-E565-4814-B29B-9B96D930D8B6}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{20BEE8E7-F078-4D6D-A578-151983F24DE9}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{C258D1A4-2E36-4CBD-8569-44A30DA05D04}"= UDP:c:\program files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"TCP Query User{DB157681-525D-4F9A-9F33-55E66AE26FD4}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{914F47CB-1E94-49B6-8B24-643279A7DB1F}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{38C13EA6-A16F-4AF3-BD40-B50129637D15}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{B5729DCF-3F85-4774-AB96-76FA78C42E9A}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{4FB2D1BF-BB62-47D4-9B35-B1B9B2101D72}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{190016E2-E87B-4D14-99EA-8D86CA765836}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E4552DA0-5D2C-4984-8F6E-8215B26AB740}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{D7211204-55CB-4154-98EF-3E19B7C0A958}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{42A113C1-F704-4ABB-9E16-C97CBE00889A}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{3C5A50E2-A01D-4C2C-826E-F96F55EE3AF5}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{C7EBA19B-1CE6-4FDB-98D6-F4937D86D316}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{1201CA27-AC0F-4802-9B62-7A71CFB441B8}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{C73D2836-1A7D-471B-ABB4-574F21D51A86}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{DFDE1CAF-E748-40EC-95F3-83DAE35AF1F4}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{F194F2FB-1212-4D5E-98C9-51EDEE5B4CE0}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{6E144CF0-E57E-4C50-84B1-6A1852CA88E7}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{998CCE44-45BD-4CEE-A289-469E43EEBC0C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{F1946F57-2962-4FCB-972A-A2F6BD0234A3}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{4610E054-0EE9-4906-805C-4419867FA73E}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{137E5170-628B-42B6-8C55-9FAAD449A825}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{1CDA0034-DB6D-410A-986F-6AD190F5E312}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{A54DC500-FA11-4AAE-8DED-B1B57E53B913}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{25B48033-4070-42FA-8E33-29BDAA0A500D}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{D13C29A8-F3E7-47D0-8AE5-A23DF55E2134}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{30312F4E-F7B7-419B-B70C-93804D670EFE}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [6/26/2007 12:20 PM 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2/13/2009 1:25 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2/13/2009 1:25 PM 108552]
R1 SolDisk;SolDisk;c:\windows\System32\drivers\soldisk.sys [8/13/2008 9:26 PM 54488]
R1 SolFS;SolFS;c:\windows\System32\drivers\solfs.sys [8/13/2008 9:26 PM 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 6:50 PM 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [6/22/2007 9:22 AM 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2/10/2009 11:38 AM 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [5/11/2009 10:57 AM 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\System32\drivers\PTDWBus.sys [11/9/2007 5:02 PM 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\System32\drivers\PTDWMdm.sys [11/9/2007 5:02 PM 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\System32\drivers\PTDWVsp.sys [11/9/2007 5:02 PM 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [6/25/2007 6:37 PM 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [6/25/2007 6:37 PM 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\System32\drivers\rdpdispm.sys [5/11/2009 10:57 AM 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [6/25/2007 7:27 PM 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\System32\drivers\SonyPI.sys [6/25/2007 6:55 PM 33792]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [6/25/2007 6:53 PM 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/13/2009 1:25 PM 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [11/7/2007 12:27 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [11/7/2007 12:27 PM 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\System32\drivers\PWCTLDRV.sys [11/9/2007 5:02 PM 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [11/7/2007 1:52 PM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [11/7/2007 1:52 PM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [11/7/2007 1:52 PM 1089536]
S3 WMSvc;Web Management Service;c:\windows\System32\inetsrv\WMSvc.exe [9/16/2008 9:57 AM 11264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2312238057-754008070-484453957-1004.job
- c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-12 16:45]

2009-06-03 c:\windows\Tasks\User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}.job
- c:\windows\system32\msfeedssync.exe [2008-09-16 07:33]
.
- - - - ORPHANS REMOVED - - - -

ShellIconOverlayIdentifiers-{7CB86623-1BEC-4FE6-AC97-5497E6D75DFD} - c:\program files\NomaDesk\ShellExtension\NomaDesk.DriveIcon.dll
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
FF - ProfilePath - c:\users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\8spcfcqd.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Paula\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 17:06
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe\" -s:MSSQL.6 -f:MSSQLSERVER"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql$SQLEXPRESS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:SQLEXPRESS"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
.
Completion time: 2009-06-08 17:10
ComboFix-quarantined-files.txt 2009-06-08 22:09

Pre-Run: 66,259,660,800 bytes free
Post-Run: 66,261,647,360 bytes free

297 --- E O F --- 2009-06-08 17:15


______________________________________________________
______________________________________________________

New dds.txt:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 17:27:01.69 on Mon 06/08/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1414 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\System32\svchost.exe -k wdisvc
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-6-26 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]
R1 SolDisk;SolDisk;c:\windows\system32\drivers\soldisk.sys [2008-8-13 54488]
R1 SolFS;SolFS;c:\windows\system32\drivers\solfs.sys [2008-8-13 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\mssql\binn\msftesql.exe [2007-6-22 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-2-10 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.4\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\mssql.7\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\live mesh\remote desktop\wlcrasvc.exe [2009-5-11 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\system32\drivers\PTDWBus.sys [2007-11-9 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\system32\drivers\PTDWMdm.sys [2007-11-9 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\system32\drivers\PTDWVsp.sys [2007-11-9 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-25 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-25 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-5-11 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-6-25 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-6-25 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-25 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-11-7 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-11-7 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\system32\drivers\PWCTLDRV.sys [2007-11-9 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-7 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-7 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-7 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-9-16 11264]

=============== Created Last 30 ================

2009-06-08 17:10 <DIR> --d----- C:\temp
2009-06-08 17:10 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-06-08 16:55 161,792 a------- c:\windows\SWREG.exe
2009-06-08 16:55 155,136 a------- c:\windows\PEV.exe
2009-06-08 16:55 98,816 a------- c:\windows\sed.exe
2009-06-07 16:03 <DIR> --d----- C:\Rooter$
2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 <DIR> --d----- c:\program files\Live Mesh

==================== Find3M ====================

2009-06-02 16:01 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 17:27:26.30 ===============


______________________________________________________
______________________________________________________

New Attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/7/2009 2:55:02 AM (39 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 2201/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 61.805 GiB free.
D: is Removable
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

==== System Restore Points ===================

RP770: 5/18/2009 10:57:17 PM - Windows Update
RP771: 5/20/2009 9:24:15 AM - Scheduled Checkpoint
RP772: 5/21/2009 9:05:28 AM - Windows Update
RP774: 5/22/2009 8:15:28 AM - Avg8 Update
RP776: 5/22/2009 8:21:40 AM - Avg8 Update
RP777: 5/25/2009 4:21:34 PM - Scheduled Checkpoint
RP778: 5/26/2009 8:38:53 AM - Windows Update
RP779: 5/28/2009 11:01:05 AM - Scheduled Checkpoint
RP780: 5/28/2009 1:50:21 PM - Windows Update
RP781: 5/31/2009 10:57:25 AM - Scheduled Checkpoint
RP782: 6/2/2009 8:14:36 AM - Windows Update
RP783: 6/3/2009 6:24:58 PM - Scheduled Checkpoint
RP784: 6/5/2009 1:23:44 AM - Windows Update
RP785: 6/5/2009 5:34:55 PM - Installed AntispywareBot
RP786: 6/5/2009 6:10:08 PM - Removed AntispywareBot
RP787: 6/7/2009 12:00:01 AM - Scheduled Checkpoint
RP788: 6/8/2009 12:14:43 PM - Windows Update

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb968503)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/8/2009 4:57:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PEVSystemStart service to connect.
6/8/2009 4:56:58 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/8/2009 4:46:25 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.124 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/8/2009 12:10:35 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.113 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/6/2009 6:33:45 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.123 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/5/2009 9:43:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
6/5/2009 9:43:03 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/1/2009 9:42:16 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758162315 (0xE001018B).
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The McAfee SpamKiller Service service failed to start due to the following error: The system cannot find the file specified.
6/1/2009 2:34:07 PM, Error: Microsoft-Windows-DistributedCOM [10009] - DCOM was unable to communicate with the computer SOFTSERV4 using any of the configured protocols.

==== End Of File ===========================

CabinMomma
2009-06-09, 01:59
Note: I received an error that McAfee antivirus was still running when I started ComboFix, but I had removed McAfee over a year ago. I couldn't find a process or service running to stop/kill, so ComboFix said it would run anyway (at my own risk). Hopefully, this did not affect the results. I can't find that it is still installed on my machine.

ComboFix results:
ComboFix 09-06-07.07 - Paula 06/08/2009 16:57.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1678 [GMT -5:00]
Running from: c:\users\Paula\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Paula\AppData\Roaming\.#
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD2970.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29A0.###
c:\users\Paula\AppData\Roaming\.#\MBX@1170@AD29D0.###
c:\users\Paula\AppData\Roaming\AntispywareBot

.
((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-08 21:51 . 2009-06-08 21:55 -------- d-----w- \Qoobox
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- C:\Rooter$
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- \Rooter$
2009-06-05 22:59 . 2009-06-06 00:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-05 22:59 . 2009-06-05 23:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-29 18:46 . 2009-06-06 02:39 3219578880 --sha-w- \hiberfil.sys
2009-05-24 21:51 . 2009-05-24 21:51 -------- d-----w- c:\programdata\Apple Computer
2009-05-11 15:57 . 2009-05-11 15:57 9024 ----a-w- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 15:57 . 2009-05-11 15:57 118736 ----a-w- c:\windows\system32\rdpdispd.dll
2009-05-11 15:57 . 2009-05-11 15:57 -------- d-----w- c:\program files\Live Mesh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 02:39 . 2009-05-29 18:46 3219578880 --sha-w- \hiberfil.sys
2009-06-06 02:39 . 2007-11-07 16:56 3533176832 --sha-w- \pagefile.sys
2009-06-05 22:24 . 2008-08-10 17:59 -------- d-----w- c:\users\Paula\AppData\Roaming\FileZilla
2009-06-02 21:01 . 2007-11-11 14:40 158665 ----a-w- c:\users\Paula\AppData\Roaming\nvModes.dat
2009-05-25 21:58 . 2009-02-11 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-25 21:57 . 2009-02-13 03:38 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-24 21:56 . 2009-03-12 16:51 -------- d-----w- c:\program files\Safari
2009-05-24 21:52 . 2009-03-27 17:16 -------- d-----w- c:\program files\QuickTime
2009-05-22 13:20 . 2009-02-13 18:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-22 13:20 . 2009-02-13 18:25 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-15 08:05 . 2007-11-07 17:50 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-08 02:44 . 2007-11-15 23:04 680 ----a-w- c:\users\Paula\AppData\Local\d3d9caps.dat
2009-04-26 23:24 . 2008-10-17 21:21 -------- d-----w- c:\users\Paula\AppData\Roaming\Smilebox
2009-04-24 21:59 . 2007-06-26 17:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-12 13:56 . 2008-08-14 02:26 -------- d-----w- c:\program files\NomaDesk
2009-04-06 20:32 . 2009-02-11 17:05 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 20:32 . 2009-02-11 17:06 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-03-30 21:04 . 2009-03-30 21:04 168584 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxBrowserEngine.dll
2009-03-30 21:04 . 2008-12-11 22:55 205448 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvd.exe
2009-03-30 21:04 . 2008-11-26 02:02 254600 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
2009-03-30 21:04 . 2008-09-25 10:36 373384 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxStarter.exe
2009-03-30 20:57 . 2009-03-30 20:57 1540744 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxClient.exe
2009-03-30 20:36 . 2009-03-30 20:36 340616 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvdEngine.dll
2009-03-30 20:36 . 2009-03-30 20:36 123528 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxUpdater.exe
2009-03-23 14:50 . 2009-03-14 22:18 118784 ----a-w- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 14:50 . 2009-03-14 22:18 8749 ----a-w- c:\windows\mozver.dat
2009-03-23 14:49 . 2009-03-14 22:18 118784 ----a-w- c:\windows\GREUninstall.exe
2009-03-23 14:44 . 2009-03-23 14:41 13037568 ----a-w- c:\users\Paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-23 09:29 . 2008-08-14 02:26 312536 ----a-w- c:\windows\system32\drivers\solfs.sys
2009-03-23 09:29 . 2008-08-14 02:26 54488 ----a-w- c:\windows\system32\drivers\soldisk.sys
2009-03-17 03:38 . 2009-04-16 17:30 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 17:30 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-14 22:19 . 2007-11-12 02:02 335 ----a-w- c:\windows\nsreg.dat
2008-06-30 18:44 . 2008-06-10 21:29 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-05 21:36 . 2007-11-12 02:04 864768 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000PersonalFileserver]
@="{cf9b0966-e77e-3397-37ca-e5938982b488}"
[HKEY_CLASSES_ROOT\CLSID\{cf9b0966-e77e-3397-37ca-e5938982b488}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000TeamFileserver]
@="{9e447f8a-49cc-44d6-ad79-03ab14e81365}"
[HKEY_CLASSES_ROOT\CLSID\{9e447f8a-49cc-44d6-ad79-03ab14e81365}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2008-01-19 12800]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"SmileboxTray"="c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe" [2009-03-30 254600]
"Google Update"="c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-12 133104]
"MoeMonitor.exe"="c:\users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe" [2009-05-17 02:29 1321808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-09 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-05-14 321656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-27 136600]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-03-06 36864]
"VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2007-06-18 73728]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-01-05 49168]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2006-12-07 577536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FinePrint Dispatcher v5"="c:\windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-11-07 507904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-22 1947928]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-12 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-03-27 413696]

c:\users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
NomaDeskr.lnk - c:\program files\NomaDesk\Dashboard\NomaDeskClient.exe [2009-4-10 251392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
MiniEYE-MiniREAD Launch.lnk - c:\program files\Infinite Mind LC\eyeQ\ARLaunch.exe [2008-2-16 323584]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-12-4 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-01-05 21:28 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C35265B-ECCC-4397-8754-C59097211B77}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{D9A8D914-5ADD-4B91-B81D-706A86A8C098}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{C0D7E1C0-80EC-4AF1-A7B8-205765B0A158}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{20923077-5096-4A93-9DF7-6354460BCB9A}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{21FA6B7D-558A-4420-9F17-472C60586613}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0F892060-4192-4F14-A502-8F0726941E3B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E860886B-005A-49C1-8C5C-2E054496B2EB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EA4E2533-4324-4C4F-80B3-7EBF6A585381}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{758ABB3E-3FFA-40CC-8565-F4BC1EADA2D4}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8D1F0536-AFFC-48E0-A4C7-800B239FB7FE}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CCDAE132-87AD-4F20-AC63-42AE5EED115D}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{655B5760-4E33-4F9B-B6F8-5402D4F634DD}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{6E5D3E2B-E565-4814-B29B-9B96D930D8B6}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{20BEE8E7-F078-4D6D-A578-151983F24DE9}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{C258D1A4-2E36-4CBD-8569-44A30DA05D04}"= UDP:c:\program files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"TCP Query User{DB157681-525D-4F9A-9F33-55E66AE26FD4}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{914F47CB-1E94-49B6-8B24-643279A7DB1F}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{38C13EA6-A16F-4AF3-BD40-B50129637D15}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{B5729DCF-3F85-4774-AB96-76FA78C42E9A}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{4FB2D1BF-BB62-47D4-9B35-B1B9B2101D72}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{190016E2-E87B-4D14-99EA-8D86CA765836}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E4552DA0-5D2C-4984-8F6E-8215B26AB740}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{D7211204-55CB-4154-98EF-3E19B7C0A958}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{42A113C1-F704-4ABB-9E16-C97CBE00889A}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{3C5A50E2-A01D-4C2C-826E-F96F55EE3AF5}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{C7EBA19B-1CE6-4FDB-98D6-F4937D86D316}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{1201CA27-AC0F-4802-9B62-7A71CFB441B8}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{C73D2836-1A7D-471B-ABB4-574F21D51A86}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{DFDE1CAF-E748-40EC-95F3-83DAE35AF1F4}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{F194F2FB-1212-4D5E-98C9-51EDEE5B4CE0}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{6E144CF0-E57E-4C50-84B1-6A1852CA88E7}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{998CCE44-45BD-4CEE-A289-469E43EEBC0C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{F1946F57-2962-4FCB-972A-A2F6BD0234A3}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{4610E054-0EE9-4906-805C-4419867FA73E}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{137E5170-628B-42B6-8C55-9FAAD449A825}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{1CDA0034-DB6D-410A-986F-6AD190F5E312}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{A54DC500-FA11-4AAE-8DED-B1B57E53B913}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{25B48033-4070-42FA-8E33-29BDAA0A500D}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{D13C29A8-F3E7-47D0-8AE5-A23DF55E2134}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{30312F4E-F7B7-419B-B70C-93804D670EFE}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [6/26/2007 12:20 PM 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2/13/2009 1:25 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2/13/2009 1:25 PM 108552]
R1 SolDisk;SolDisk;c:\windows\System32\drivers\soldisk.sys [8/13/2008 9:26 PM 54488]
R1 SolFS;SolFS;c:\windows\System32\drivers\solfs.sys [8/13/2008 9:26 PM 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 6:50 PM 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [6/22/2007 9:22 AM 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2/10/2009 11:38 AM 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [5/11/2009 10:57 AM 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\System32\drivers\PTDWBus.sys [11/9/2007 5:02 PM 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\System32\drivers\PTDWMdm.sys [11/9/2007 5:02 PM 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\System32\drivers\PTDWVsp.sys [11/9/2007 5:02 PM 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [6/25/2007 6:37 PM 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [6/25/2007 6:37 PM 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\System32\drivers\rdpdispm.sys [5/11/2009 10:57 AM 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [6/25/2007 7:27 PM 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\System32\drivers\SonyPI.sys [6/25/2007 6:55 PM 33792]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [6/25/2007 6:53 PM 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/13/2009 1:25 PM 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [11/7/2007 12:27 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [11/7/2007 12:27 PM 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\System32\drivers\PWCTLDRV.sys [11/9/2007 5:02 PM 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [11/7/2007 1:52 PM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [11/7/2007 1:52 PM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [11/7/2007 1:52 PM 1089536]
S3 WMSvc;Web Management Service;c:\windows\System32\inetsrv\WMSvc.exe [9/16/2008 9:57 AM 11264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2312238057-754008070-484453957-1004.job
- c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-12 16:45]

2009-06-03 c:\windows\Tasks\User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}.job
- c:\windows\system32\msfeedssync.exe [2008-09-16 07:33]
.
- - - - ORPHANS REMOVED - - - -

ShellIconOverlayIdentifiers-{7CB86623-1BEC-4FE6-AC97-5497E6D75DFD} - c:\program files\NomaDesk\ShellExtension\NomaDesk.DriveIcon.dll
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
FF - ProfilePath - c:\users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\8spcfcqd.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Paula\AppData\Local\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 17:06
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe\" -s:MSSQL.6 -f:MSSQLSERVER"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql$SQLEXPRESS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:SQLEXPRESS"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
.
Completion time: 2009-06-08 17:10
ComboFix-quarantined-files.txt 2009-06-08 22:09

Pre-Run: 66,259,660,800 bytes free
Post-Run: 66,261,647,360 bytes free

297 --- E O F --- 2009-06-08 17:15

CabinMomma
2009-06-09, 02:00
New dds.txt:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 17:27:01.69 on Mon 06/08/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1414 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\System32\svchost.exe -k wdisvc
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-6-26 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]
R1 SolDisk;SolDisk;c:\windows\system32\drivers\soldisk.sys [2008-8-13 54488]
R1 SolFS;SolFS;c:\windows\system32\drivers\solfs.sys [2008-8-13 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\mssql\binn\msftesql.exe [2007-6-22 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-2-10 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.4\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\mssql.7\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\live mesh\remote desktop\wlcrasvc.exe [2009-5-11 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\system32\drivers\PTDWBus.sys [2007-11-9 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\system32\drivers\PTDWMdm.sys [2007-11-9 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\system32\drivers\PTDWVsp.sys [2007-11-9 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-25 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-25 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-5-11 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-6-25 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-6-25 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-25 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-11-7 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-11-7 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\system32\drivers\PWCTLDRV.sys [2007-11-9 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-7 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-7 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-7 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-9-16 11264]

=============== Created Last 30 ================

2009-06-08 17:10 <DIR> --d----- C:\temp
2009-06-08 17:10 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-06-08 16:55 161,792 a------- c:\windows\SWREG.exe
2009-06-08 16:55 155,136 a------- c:\windows\PEV.exe
2009-06-08 16:55 98,816 a------- c:\windows\sed.exe
2009-06-07 16:03 <DIR> --d----- C:\Rooter$
2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 <DIR> --d----- c:\program files\Live Mesh

==================== Find3M ====================

2009-06-02 16:01 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 17:27:26.30 ===============

CabinMomma
2009-06-09, 02:01
New Attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/7/2009 2:55:02 AM (39 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 2201/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 61.805 GiB free.
D: is Removable
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

==== System Restore Points ===================

RP770: 5/18/2009 10:57:17 PM - Windows Update
RP771: 5/20/2009 9:24:15 AM - Scheduled Checkpoint
RP772: 5/21/2009 9:05:28 AM - Windows Update
RP774: 5/22/2009 8:15:28 AM - Avg8 Update
RP776: 5/22/2009 8:21:40 AM - Avg8 Update
RP777: 5/25/2009 4:21:34 PM - Scheduled Checkpoint
RP778: 5/26/2009 8:38:53 AM - Windows Update
RP779: 5/28/2009 11:01:05 AM - Scheduled Checkpoint
RP780: 5/28/2009 1:50:21 PM - Windows Update
RP781: 5/31/2009 10:57:25 AM - Scheduled Checkpoint
RP782: 6/2/2009 8:14:36 AM - Windows Update
RP783: 6/3/2009 6:24:58 PM - Scheduled Checkpoint
RP784: 6/5/2009 1:23:44 AM - Windows Update
RP785: 6/5/2009 5:34:55 PM - Installed AntispywareBot
RP786: 6/5/2009 6:10:08 PM - Removed AntispywareBot
RP787: 6/7/2009 12:00:01 AM - Scheduled Checkpoint
RP788: 6/8/2009 12:14:43 PM - Windows Update

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 11
Java(TM) 6 Update 3
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb968503)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/8/2009 4:57:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PEVSystemStart service to connect.
6/8/2009 4:56:58 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/8/2009 4:46:25 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.124 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/8/2009 12:10:35 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.113 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/6/2009 6:33:45 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.123 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/5/2009 9:43:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
6/5/2009 9:43:03 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/3/2009 5:22:25 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/1/2009 9:42:16 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758162315 (0xE001018B).
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/1/2009 9:38:28 AM, Error: Service Control Manager [7000] - The McAfee SpamKiller Service service failed to start due to the following error: The system cannot find the file specified.
6/1/2009 2:34:07 PM, Error: Microsoft-Windows-DistributedCOM [10009] - DCOM was unable to communicate with the computer SOFTSERV4 using any of the configured protocols.

==== End Of File ===========================

CabinMomma
2009-06-09, 02:05
:oops: I'm so sorry! I received an error the first two times I tried to post my logs (timeout error... longer than 30 seconds or something... didn't write it down). I decided it was too long with all the log files in one post, so I split it up into three. Now all 5 posts are there. My apologies. :red:

Blade81
2009-06-09, 16:53
Hi again,



Open notepad and copy/paste the text in the quotebox below into it:



DDS::
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File


Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=-
"InternetSettingsDisableNotify"=-
"AutoUpdateDisableNotify"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-



Save this as
CFScript

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.


Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.


Uninstall old Adobe Reader versions and get the latest one here (http://www.filehippo.com/download_adobe_reader/) or get Foxit Reader here (http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm). Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here (http://pdfreaders.org/).


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 14 (http://java.sun.com/javase/downloads/index.jsp).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version. Uncheck MSN toolbar if it's offered there.


Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.


Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/virusscanner) as instructed in the screenshot here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif).


Post back its report, a fresh dds.txt log and above mentioned ComboFix resultant log.

CabinMomma
2009-06-10, 07:30
ComboFix log:

ComboFix 09-06-07.07 - Paula 06/09/2009 9:59.2 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1448 [GMT -5:00]
Running from: c:\users\Paula\Desktop\ComboFix.exe
Command switches used :: c:\users\Paula\Desktop\CFScript.txt
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: AntispywareBot *disabled* (Updated) {DDE8FC2F-6613-44AA-95F8-022AF1EE0355}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 )))))))))))))))))))))))))))))))
.

2009-06-09 15:02 . 2009-06-09 15:02 -------- d-----w- C:\temp
2009-06-09 15:02 . 2009-06-09 15:02 -------- d-----w- \temp
2009-06-09 14:57 . 2009-06-09 15:03 -------- d-s---w- \ComboFix
2009-06-08 22:10 . 2009-06-09 15:02 -------- d-----w- c:\users\Paula\AppData\Local\temp
2009-06-08 21:51 . 2009-06-09 14:58 -------- d-----w- \Qoobox
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- C:\Rooter$
2009-06-07 21:03 . 2009-06-07 21:09 -------- d-----w- \Rooter$
2009-06-05 22:59 . 2009-06-06 00:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-05 22:59 . 2009-06-05 23:00 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-29 18:46 . 2009-06-06 02:39 3219578880 --sha-w- \hiberfil.sys
2009-05-24 21:51 . 2009-05-24 21:51 -------- d-----w- c:\programdata\Apple Computer
2009-05-11 15:57 . 2009-05-11 15:57 9024 ----a-w- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 15:57 . 2009-05-11 15:57 118736 ----a-w- c:\windows\system32\rdpdispd.dll
2009-05-11 15:57 . 2009-05-11 15:57 -------- d-----w- c:\program files\Live Mesh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-06 02:39 . 2009-05-29 18:46 3219578880 --sha-w- \hiberfil.sys
2009-06-06 02:39 . 2007-11-07 16:56 3533176832 --sha-w- \pagefile.sys
2009-06-05 22:24 . 2008-08-10 17:59 -------- d-----w- c:\users\Paula\AppData\Roaming\FileZilla
2009-06-02 21:01 . 2007-11-11 14:40 158665 ----a-w- c:\users\Paula\AppData\Roaming\nvModes.dat
2009-05-25 21:58 . 2009-02-11 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-25 21:57 . 2009-02-13 03:38 2967799 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-24 21:56 . 2009-03-12 16:51 -------- d-----w- c:\program files\Safari
2009-05-24 21:52 . 2009-03-27 17:16 -------- d-----w- c:\program files\QuickTime
2009-05-22 13:20 . 2009-02-13 18:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-22 13:20 . 2009-02-13 18:25 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-22 13:20 . 2009-02-13 18:25 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-15 08:05 . 2007-11-07 17:50 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-08 02:44 . 2007-11-15 23:04 680 ----a-w- c:\users\Paula\AppData\Local\d3d9caps.dat
2009-04-26 23:24 . 2008-10-17 21:21 -------- d-----w- c:\users\Paula\AppData\Roaming\Smilebox
2009-04-24 21:59 . 2007-06-26 17:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-12 13:56 . 2008-08-14 02:26 -------- d-----w- c:\program files\NomaDesk
2009-04-06 20:32 . 2009-02-11 17:05 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 20:32 . 2009-02-11 17:06 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-03-30 21:04 . 2009-03-30 21:04 168584 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxBrowserEngine.dll
2009-03-30 21:04 . 2008-12-11 22:55 205448 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvd.exe
2009-03-30 21:04 . 2008-11-26 02:02 254600 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
2009-03-30 21:04 . 2008-09-25 10:36 373384 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxStarter.exe
2009-03-30 20:57 . 2009-03-30 20:57 1540744 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxClient.exe
2009-03-30 20:36 . 2009-03-30 20:36 340616 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxDvdEngine.dll
2009-03-30 20:36 . 2009-03-30 20:36 123528 ----a-w- c:\users\Paula\AppData\Roaming\Smilebox\SmileboxUpdater.exe
2009-03-23 14:50 . 2009-03-14 22:18 118784 ----a-w- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 14:50 . 2009-03-14 22:18 8749 ----a-w- c:\windows\mozver.dat
2009-03-23 14:49 . 2009-03-14 22:18 118784 ----a-w- c:\windows\GREUninstall.exe
2009-03-23 14:44 . 2009-03-23 14:41 13037568 ----a-w- c:\users\Paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-23 09:29 . 2008-08-14 02:26 312536 ----a-w- c:\windows\system32\drivers\solfs.sys
2009-03-23 09:29 . 2008-08-14 02:26 54488 ----a-w- c:\windows\system32\drivers\soldisk.sys
2009-03-17 03:38 . 2009-04-16 17:30 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 17:30 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-14 22:19 . 2007-11-12 02:02 335 ----a-w- c:\windows\nsreg.dat
2008-06-30 18:44 . 2008-06-10 21:29 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2007-01-05 21:36 . 2007-11-12 02:04 864768 ------w- c:\program files\mozilla firefox\components\pbgk1_8.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-08_22.06.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-06-26 15:55 . 2009-06-09 01:19 500344 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000PersonalFileserver]
@="{cf9b0966-e77e-3397-37ca-e5938982b488}"
[HKEY_CLASSES_ROOT\CLSID\{cf9b0966-e77e-3397-37ca-e5938982b488}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000TeamFileserver]
@="{9e447f8a-49cc-44d6-ad79-03ab14e81365}"
[HKEY_CLASSES_ROOT\CLSID\{9e447f8a-49cc-44d6-ad79-03ab14e81365}]
2008-07-27 18:03 282112 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-01-05 21:41 2857984 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2008-01-19 12800]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"SmileboxTray"="c:\users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe" [2009-03-30 254600]
"Google Update"="c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-12 133104]
"MoeMonitor.exe"="c:\users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe" [2009-05-17 02:29 1321808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-09 118784]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-05-14 321656]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-27 136600]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-03-06 36864]
"VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2007-06-18 73728]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-01-05 49168]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2006-12-07 577536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"FinePrint Dispatcher v5"="c:\windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2007-11-07 507904]
"pdfFactory Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-11-07 507904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-22 1947928]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-12 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-12 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-03-27 413696]

c:\users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
NomaDeskr.lnk - c:\program files\NomaDesk\Dashboard\NomaDeskClient.exe [2009-4-10 251392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
MiniEYE-MiniREAD Launch.lnk - c:\program files\Infinite Mind LC\eyeQ\ARLaunch.exe [2008-2-16 323584]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-12-4 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-01-05 21:28 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1C35265B-ECCC-4397-8754-C59097211B77}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{D9A8D914-5ADD-4B91-B81D-706A86A8C098}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player
"{C0D7E1C0-80EC-4AF1-A7B8-205765B0A158}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{20923077-5096-4A93-9DF7-6354460BCB9A}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media
"{21FA6B7D-558A-4420-9F17-472C60586613}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0F892060-4192-4F14-A502-8F0726941E3B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E860886B-005A-49C1-8C5C-2E054496B2EB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EA4E2533-4324-4C4F-80B3-7EBF6A585381}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{758ABB3E-3FFA-40CC-8565-F4BC1EADA2D4}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8D1F0536-AFFC-48E0-A4C7-800B239FB7FE}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CCDAE132-87AD-4F20-AC63-42AE5EED115D}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{655B5760-4E33-4F9B-B6F8-5402D4F634DD}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{6E5D3E2B-E565-4814-B29B-9B96D930D8B6}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{20BEE8E7-F078-4D6D-A578-151983F24DE9}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{C258D1A4-2E36-4CBD-8569-44A30DA05D04}"= UDP:c:\program files\McAfee\MWL\MwlSvc.exe:McAfee Wireless Network Security
"TCP Query User{DB157681-525D-4F9A-9F33-55E66AE26FD4}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{914F47CB-1E94-49B6-8B24-643279A7DB1F}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{38C13EA6-A16F-4AF3-BD40-B50129637D15}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{B5729DCF-3F85-4774-AB96-76FA78C42E9A}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{4FB2D1BF-BB62-47D4-9B35-B1B9B2101D72}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{190016E2-E87B-4D14-99EA-8D86CA765836}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E4552DA0-5D2C-4984-8F6E-8215B26AB740}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{D7211204-55CB-4154-98EF-3E19B7C0A958}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{42A113C1-F704-4ABB-9E16-C97CBE00889A}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{3C5A50E2-A01D-4C2C-826E-F96F55EE3AF5}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{C7EBA19B-1CE6-4FDB-98D6-F4937D86D316}"= UDP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{1201CA27-AC0F-4802-9B62-7A71CFB441B8}"= TCP:c:\users\Paula\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{C73D2836-1A7D-471B-ABB4-574F21D51A86}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{DFDE1CAF-E748-40EC-95F3-83DAE35AF1F4}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{F194F2FB-1212-4D5E-98C9-51EDEE5B4CE0}"= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{6E144CF0-E57E-4C50-84B1-6A1852CA88E7}"= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{998CCE44-45BD-4CEE-A289-469E43EEBC0C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{F1946F57-2962-4FCB-972A-A2F6BD0234A3}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{4610E054-0EE9-4906-805C-4419867FA73E}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{137E5170-628B-42B6-8C55-9FAAD449A825}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{1CDA0034-DB6D-410A-986F-6AD190F5E312}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{A54DC500-FA11-4AAE-8DED-B1B57E53B913}"= UDP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{25B48033-4070-42FA-8E33-29BDAA0A500D}"= TCP:c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe:Live Mesh Remote Desktop
"{D13C29A8-F3E7-47D0-8AE5-A23DF55E2134}"= UDP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh
"{30312F4E-F7B7-419B-B70C-93804D670EFE}"= TCP:c:\users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe:Live Mesh

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [6/26/2007 12:20 PM 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2/13/2009 1:25 PM 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2/13/2009 1:25 PM 108552]
R1 SolDisk;SolDisk;c:\windows\System32\drivers\soldisk.sys [8/13/2008 9:26 PM 54488]
R1 SolFS;SolFS;c:\windows\System32\drivers\solfs.sys [8/13/2008 9:26 PM 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/11/2008 6:50 PM 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [6/22/2007 9:22 AM 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
R2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2/10/2009 11:38 AM 299008]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe [11/24/2008 11:26 PM 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [5/11/2009 10:57 AM 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\System32\drivers\PTDWBus.sys [11/9/2007 5:02 PM 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\System32\drivers\PTDWMdm.sys [11/9/2007 5:02 PM 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\System32\drivers\PTDWVsp.sys [11/9/2007 5:02 PM 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [6/25/2007 6:37 PM 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [6/25/2007 6:37 PM 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\System32\drivers\rdpdispm.sys [5/11/2009 10:57 AM 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [6/25/2007 7:27 PM 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\System32\drivers\SonyPI.sys [6/25/2007 6:55 PM 33792]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [6/25/2007 6:53 PM 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/13/2009 1:25 PM 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [11/7/2007 12:27 PM 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [11/7/2007 12:27 PM 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\System32\drivers\PWCTLDRV.sys [11/9/2007 5:02 PM 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [11/7/2007 1:52 PM 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [11/7/2007 1:52 PM 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [11/7/2007 1:52 PM 1089536]
S3 WMSvc;Web Management Service;c:\windows\System32\inetsrv\WMSvc.exe [9/16/2008 9:57 AM 11264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2312238057-754008070-484453957-1004.job
- c:\users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-12 16:45]

2009-06-03 c:\windows\Tasks\User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}.job
- c:\windows\system32\msfeedssync.exe [2008-09-16 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\Sony\Image Converter 3\menu.htm
TCP: {D5215DD3-374F-479A-91F4-C44262FF326D} = 69.78.96.14 66.174.92.14
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
FF - ProfilePath - c:\users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\8spcfcqd.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-09 10:02
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe\" -s:MSSQL.6 -f:MSSQLSERVER"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msftesql$SQLEXPRESS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:SQLEXPRESS"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll

- - - - - - - > 'Explorer.exe'(4028)
c:\program files\NomaDesk\ShellExtension\LogicNP.EZShellExtensions.dll
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
.
Completion time: 2009-06-09 10:06
ComboFix-quarantined-files.txt 2009-06-09 15:05
ComboFix2.txt 2009-06-08 22:10

Pre-Run: 66,956,828,672 bytes free
Post-Run: 66,854,694,912 bytes free

284 --- E O F --- 2009-06-08 17:15

CabinMomma
2009-06-10, 07:31
Kapersky report:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Tuesday, June 9, 2009
Operating System: Microsoft Windows Vista Business Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Tuesday, June 09, 2009 17:18:15
Records in database: 2331628
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
L:\
M:\
N:\

Scan statistics:
Files scanned: 463038
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 04:49:18

No malware has been detected. The scan area is clean.

The selected area was scanned.

CabinMomma
2009-06-10, 07:33
DDS & Attach

DDS:


DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 23:24:46.78 on Tue 06/09/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1505 [GMT -5:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\NomaDesk\Dashboard\NomaDeskClient.exe
C:\Program Files\Protector Suite QL\psqltray.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\paula\appdata\local\google\update\1.2.145.5\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-6-26 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]
R1 SolDisk;SolDisk;c:\windows\system32\drivers\soldisk.sys [2008-8-13 54488]
R1 SolFS;SolFS;c:\windows\system32\drivers\solfs.sys [2008-8-13 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\mssql\binn\msftesql.exe [2007-6-22 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-2-10 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.4\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\live mesh\remote desktop\wlcrasvc.exe [2009-5-11 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\system32\drivers\PTDWBus.sys [2007-11-9 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\system32\drivers\PTDWMdm.sys [2007-11-9 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\system32\drivers\PTDWVsp.sys [2007-11-9 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-25 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-25 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-5-11 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-6-25 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-6-25 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-25 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298776]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\mssql.7\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-11-7 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-11-7 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\system32\drivers\PWCTLDRV.sys [2007-11-9 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-7 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-7 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-7 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-9-16 11264]

=============== Created Last 30 ================

2009-06-09 10:06 <DIR> --d----- C:\temp
2009-06-09 10:04 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-06-08 16:55 161,792 a------- c:\windows\SWREG.exe
2009-06-08 16:55 155,136 a------- c:\windows\PEV.exe
2009-06-08 16:55 98,816 a------- c:\windows\sed.exe
2009-06-07 16:03 <DIR> --d----- C:\Rooter$
2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 <DIR> --d----- c:\program files\Live Mesh

==================== Find3M ====================

2009-06-09 10:32 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-02 16:01 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 23:26:56.28 ===============

####################################################
Attach:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/9/2009 2:31:16 PM (9 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 2201/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 62.928 GiB free.
D: is Removable
E: is CDROM ()
L: is FIXED (FAT32) - 63 GiB total, 62.928 GiB free.
M: is FIXED (FAT32) - 63 GiB total, 62.933 GiB free.
N: is FIXED (FAT32) - 63 GiB total, 62.928 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

==== System Restore Points ===================


==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 9.1
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 14
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb968503)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== End Of File ===========================

CabinMomma
2009-06-10, 07:40
Just to note: I got the same error about McAfee running antivirus when I ran the ComboFix again. I saw in one of the logs that McAfee proxy is running. I followed the path for that and found it in the c:\program files\common files\mcafee\mcproxy (along with other folders in the mcafee folder).

I guess when I uninstalled mcafee (a little over 2 years ago), it never completely uninstalled. I had issues with the mcafee when I first got the laptop and was told that it wasn't ready for vista yet and to wait for a patch. I tried to use the patch, but it never work, so I uninstalled it and bought Norton 360 - evenutally, that dragged the machine down so slow and caused issues with my mobile broadband that I uninstalled it, which caused me to lose my connection with the internet entirely until I found out there was a tool one had to download from Norton to completely uninstall the product (very frustrating). I suppose there must be such a tool for mcafee, too. I'll have to look that up. Are you aware of a tool to do that? Or can I just delete the mcafee folder listed above?

Blade81
2009-06-10, 17:26
Hi,

Please try this (http://majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html) removal tool to get rid of McAfee leftovers :)

Then post a fresh dds.txt log and let me know how's the system running.

CabinMomma
2009-06-12, 07:51
The tool appears to have cleaned up the McAfee left-overs. Thank you.

However, I still cannot download anything from the internet and now I cannot connect to my wireless at home (haven't tried elsewhere yet). Actually, it says that I am connected, but with 'limited connectivity' and shows that I am connected 'local' only. I tried to select the 'Diagnose and repair' option, but it says that I either need to move close to the router or that my network adapter is experiencing driver or hardware issues. aargh!

My files from the DDS are below. I apologize for the long delay to getting to this, but I have an infant and he was having difficulties these past two days. My attentions were turned elsewhere. Thank you so much for your continued assistance.

DDS.txt:

DDS (Ver_09-05-14.01) - NTFSx86
Run by Paula at 23:39:15.72 on Thu 06/11/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3070.1284 [GMT -5:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files\Microsoft SQL Server\MSSQL.6\MSSQL\Binn\msftesql.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Microsoft SQL Server\MSSQL.7\Reporting Services\ReportServer\bin\ReportingServicesService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.4\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\stacsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Paula\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Users\Paula\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.4\MoeMonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\NomaDesk\Dashboard\NomaDeskClient.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Users\Paula\AppData\Local\Microsoft\Live Mesh\GacBase\Moe.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Paula\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.f324.mail.yahoo.com/ym/ShowFolder?rb=Inbox&reset=1&YY=43816&y5beta=yes&y5beta=yes&inc=200&order=down&sort=date&pos=0&view=a&head=b&box=Inbox&YN=1
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{474B2016-9274-49FE-939A-1B0868F98EC4}
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SmileboxTray] "c:\users\paula\appdata\roaming\smilebox\SmileboxTray.exe"
uRun: [Google Update] "c:\users\paula\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MoeMonitor.exe] "c:\users\paula\appdata\local\microsoft\live mesh\bin\servicing\0.9.4014.4\MoeMonitor.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe"
mRun: [VAIOSecurity] "c:\program files\sony\vaio security center\VSC.exe" 1
mRun: [DRCU] "c:\program files\sony\drcu\DRCU.exe"
mRun: [PSQLLauncher] "c:\program files\protector suite ql\launcher.exe" /startup
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [pdfFactory Dispatcher v3] "c:\windows\system32\spool\drivers\w32x86\3\fppdis3a.exe" /source=HKLM
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\paula\appdata\roaming\micros~1\windows\startm~1\programs\startup\nomade~1.lnk - c:\program files\nomadesk\dashboard\NomaDeskClient.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Transfer by Image Converter 3 - c:\program files\sony\image converter 3\menu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://cid-18e65120c86a7b6b.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} - hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {A3E21079-7F41-4125-9EBB-FD44CFCC0AC1} - hxxps://www.mesh.com/0.9.4014.3/TSWeb.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {D5215DD3-374F-479A-91F4-C44262FF326D} = 69.78.96.14 66.174.92.14
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli psqlpwd

================= FIREFOX ===================

FF - ProfilePath - c:\users\paula\appdata\roaming\mozilla\firefox\profiles\8spcfcqd.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\paula\appdata\local\google\update\1.2.145.5\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-6-26 14720]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 108552]
R1 SolDisk;SolDisk;c:\windows\system32\drivers\soldisk.sys [2008-8-13 54488]
R1 SolFS;SolFS;c:\windows\system32\drivers\solfs.sys [2008-8-13 312536]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 msftesql$SQLEXPRESS;SQL Server FullText Search (SQLEXPRESS);c:\program files\microsoft sql server\mssql.3\mssql\binn\msftesql.exe [2007-6-22 95592]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-2-10 299008]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS);c:\program files\microsoft sql server\mssql.4\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\mssql.7\reporting services\reportserver\bin\ReportingServicesService.exe [2008-11-24 14688]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\live mesh\remote desktop\wlcrasvc.exe [2009-5-11 44880]
R3 PTDWBus;Curitel PC Card Composite Device driver (UDP);c:\windows\system32\drivers\PTDWBus.sys [2007-11-9 27392]
R3 PTDWMdm;Curitel PC Card Drivers (UDP);c:\windows\system32\drivers\PTDWMdm.sys [2007-11-9 41728]
R3 PTDWVsp;Curitel PC Card Diagnostic Serial Port (UDP);c:\windows\system32\drivers\PTDWVsp.sys [2007-11-9 39808]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-6-25 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-6-25 43904]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\drivers\rdpdispm.sys [2009-5-11 9024]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-6-25 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-6-25 33792]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-6-25 807424]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298776]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2007-11-7 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2007-11-7 67760]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 PWCTLDRV;The NECHostController Filter Driver;c:\windows\system32\drivers\PWCTLDRV.sys [2007-11-9 5888]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-11-7 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-11-7 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-11-7 1089536]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-9-16 11264]

=============== Created Last 30 ================

2009-06-09 10:06 <DIR> --d----- C:\temp
2009-06-09 10:04 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-06-08 16:55 161,792 a------- c:\windows\SWREG.exe
2009-06-08 16:55 155,136 a------- c:\windows\PEV.exe
2009-06-08 16:55 98,816 a------- c:\windows\sed.exe
2009-06-07 16:03 <DIR> --d----- C:\Rooter$
2009-06-05 17:59 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-05 17:59 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-05-24 16:51 <DIR> --d----- c:\programdata\Apple Computer

==================== Find3M ====================

2009-06-11 09:17 158,665 a------- c:\users\paula\appdata\roaming\nvModes.dat
2009-06-09 10:32 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-22 08:20 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 08:20 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 08:20 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 10:58 86,016 a------- c:\windows\inf\infpub.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-11 10:58 143,360 a------- c:\windows\inf\infstor.dat
2009-05-11 10:57 118,736 a------- c:\windows\system32\rdpdispd.dll
2009-05-11 10:57 9,024 a------- c:\windows\system32\drivers\rdpdispm.sys
2009-04-24 11:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 11:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 08:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-23 07:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 07:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-21 06:55 2,033,152 a------- c:\windows\system32\win32k.sys
2009-03-23 09:50 118,784 a------- c:\windows\SeaMonkeyUninstall.exe
2009-03-23 09:50 8,749 a------- c:\windows\mozver.dat
2009-03-23 09:49 118,784 a------- c:\windows\GREUninstall.exe
2009-03-23 09:44 13,037,568 a------- c:\users\paula\seamonkey-1.1.15.en-US.win32.installer.exe
2009-03-16 22:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:38 24,064 a------- c:\windows\system32\amxread.dll
2008-10-04 22:42 174 a--sh--- c:\program files\desktop.ini
2008-10-04 22:18 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 20:03 32 a------- c:\programdata\ezsid.dat
2008-02-27 20:03 32 a------- c:\progra~2\ezsid.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-02-11 16:40 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-02-11 16:40 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 23:40:03.08 ===============

Attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume2
Install Date: 11/7/2007 11:08:50 AM
System Uptime: 6/11/2009 4:12:46 PM (7 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz | N/A | 2201/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 142 GiB total, 61.105 GiB free.
D: is Removable
E: is CDROM ()
L: is FIXED (FAT32) - 61 GiB total, 61.105 GiB free.
M: is FIXED (FAT32) - 61 GiB total, 61.131 GiB free.
N: is FIXED (FAT32) - 61 GiB total, 61.105 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_444B5143&REV_43\5&13BE7D01&0&0120F0
Service: usbohci

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MWL Filter Miniport
Device ID: ROOT\WSC_WSCNETDRFILTERMP\0000
Manufacturer: McAfee, Inc
Name: Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller - MWL Filter Miniport
PNP Device ID: ROOT\WSC_WSCNETDRFILTERMP\0000
Service: WscNetDr

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MWL Filter Miniport
Device ID: ROOT\WSC_WSCNETDRFILTERMP\0001
Manufacturer: McAfee, Inc
Name: Intel(R) Wireless WiFi Link 4965AGN - MWL Filter Miniport
PNP Device ID: ROOT\WSC_WSCNETDRFILTERMP\0001
Service: WscNetDr

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: MWL Filter Miniport
Device ID: ROOT\WSC_WSCNETDRFILTERMP\0002
Manufacturer: McAfee, Inc
Name: Bluetooth Personal Area Network - MWL Filter Miniport
PNP Device ID: ROOT\WSC_WSCNETDRFILTERMP\0002
Service: WscNetDr

==== System Restore Points ===================

RP778: 5/26/2009 8:38:53 AM - Windows Update
RP779: 5/28/2009 11:01:05 AM - Scheduled Checkpoint
RP780: 5/28/2009 1:50:21 PM - Windows Update
RP781: 5/31/2009 10:57:25 AM - Scheduled Checkpoint
RP782: 6/2/2009 8:14:36 AM - Windows Update
RP783: 6/3/2009 6:24:58 PM - Scheduled Checkpoint
RP784: 6/5/2009 1:23:44 AM - Windows Update
RP785: 6/5/2009 5:34:55 PM - Installed AntispywareBot
RP786: 6/5/2009 6:10:08 PM - Removed AntispywareBot
RP787: 6/7/2009 12:00:01 AM - Scheduled Checkpoint
RP788: 6/8/2009 12:14:43 PM - Windows Update
RP789: 6/9/2009 10:12:24 AM - Removed Adobe Reader 8.1.2
RP790: 6/9/2009 10:14:07 AM - Removed Java(TM) SE Runtime Environment 6
RP791: 6/9/2009 10:14:50 AM - Removed Java(TM) 6 Update 11
RP792: 6/9/2009 10:15:34 AM - Removed Java(TM) 6 Update 7
RP793: 6/9/2009 10:16:29 AM - Removed Java(TM) 6 Update 3
RP794: 6/9/2009 10:18:40 AM - Installed Adobe Reader 9.1.
RP795: 6/9/2009 10:29:22 AM - Installed Java(TM) 6 Update 14
RP796: 6/10/2009 9:28:47 AM - Scheduled Checkpoint
RP797: 6/11/2009 12:21:37 AM - Scheduled Checkpoint
RP798: 6/11/2009 3:00:17 AM - Windows Update

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 9.1
Adobe Stock Photos 1.0
Alps Pointing-device for VAIO
Apple Software Update
AVG Free 8.5
Battery Care Function
Bluetooth Stack for Windows by Toshiba
Business Contact Manager for Outlook 2007 SP1
Choice Guard
Click to DVD 2.0.05 Menu Data
Click to DVD 2.6.00
Curitel PC Card Software
CuteFTP 8 Professional
DHTML Editing Component
DSD Direct
DSD Direct Player
DSD Playback Plug-in
ExamDiff 1.8
eyeQ
FileZilla Client 3.1.1.1
FinePrint
Flock (2.0.3)
GearDrvs
Google Chrome
Grouper Screen Saver 1.0
Hallmark Smilebox
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Home Design Quick & Easy
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Print Diagnostic Utility
Image Converter 3
Internet Explorer Developer Toolbar
Java(TM) 6 Update 14
Junk Mail filter update
Kids NetLinks PBS Kids Browser 2.0
Landscape Design and Construction
Live Mesh
LocationFree Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office Live Small Business Image Uploader
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (SQLEXPRESS)
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS)
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Database Publishing Wizard 1.1
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft SQL Server Management Studio Express
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual Studio Web Authoring Component
Microsoft Visual Web Developer 2008 Express Edition - ENU
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
Microsoft Works
Mobile Broadband Drivers
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.12)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NomaDesk®
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-13-24-01
OpenMG Secure Module 4.7.00
OpenOffice.org Installer 1.0
Opera 9.64
PANTECH UM175 Driver
pdfFactory
Photo Viewer 2.4
Protector Suite QL 5.6
QuickTime
Roxio Easy Media Creator Home
Safari
SeaMonkey (1.1.15)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Visio 2007 (KB957831)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Visio 2007 (KB947590)
Setting Utility Series
SonicStage 4.3
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Utilities DLL
Sony Video Shared Library
Spybot - Search & Destroy
TextPad 5
Total 3D Home, Landscape & Deck Premium Suite
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb970012)
VAIO Azure Float Wallpaper
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Center Access Bar
VAIO Central
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Floral Dusk Wallpaper
VAIO HDD Protection
VAIO Help And Support
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.0
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO OOBE
VAIO Photo 2007
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Smart Network
VAIO Status Monitor
VAIO Survey
VAIO Teal Whisper Wallpaper
VAIO Update 3
VAIO Video & Photo Suite
VC Runtimes MSI
VP Suite 3.1 3.1
VP Suite 3.2 3.2
VZAccess Manager
Web CEO 8.0
Windows Grep 2.3
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinDVD for VAIO
WinZip
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

6/9/2009 10:29:59 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
6/9/2009 10:29:59 AM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/9/2009 10:29:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
6/9/2009 10:24:37 AM, Error: Service Control Manager [7024] - The SQL Server (MSSQLSERVER) service terminated with service-specific error 5 (0x5).
6/9/2009 10:24:37 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server Reporting Services (MSSQLSERVER) service to connect.
6/9/2009 10:24:37 AM, Error: Service Control Manager [7000] - The SQL Server Reporting Services (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/9/2009 10:13:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
6/9/2009 10:13:17 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/9/2009 10:13:17 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
6/8/2009 4:57:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PEVSystemStart service to connect.
6/8/2009 4:56:58 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
6/8/2009 4:46:25 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.124 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/8/2009 12:10:35 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.113 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/6/2009 6:33:45 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.2.123 for the Network Card with network address 0013E85C063B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
6/5/2009 9:43:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
6/5/2009 9:43:03 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/5/2009 9:41:15 PM, Error: Service Control Manager [7024] - The AVG Free8 WatchDog service terminated with service-specific error 3758162315 (0xE001018B).
6/5/2009 9:41:15 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/5/2009 9:41:15 PM, Error: Service Control Manager [7000] - The McAfee SpamKiller Service service failed to start due to the following error: The system cannot find the file specified.
6/5/2009 9:15:01 AM, Error: Microsoft-Windows-DistributedCOM [10009] - DCOM was unable to communicate with the computer SOFTSERV4 using any of the configured protocols.
6/11/2009 3:05:40 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

==== End Of File ===========================

Blade81
2009-06-12, 17:06
Hi,

Let's take a look at your network settings.

Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@echo off
ipconfig /all >c:\IPSettings.txt

Double-click on fixes.bat file to execute it. Please attach c:\IPSettings.txt file to your reply.

CabinMomma
2009-06-13, 00:59
IPSettings.txt:


Windows IP Configuration

Host Name . . . . . . . . . . . . : Paula-Notebook
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter vzw:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vzw
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 70.218.246.243(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 69.78.96.14
66.174.92.14
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{B806CE1C-79E0-4668-8755-794CFE75026F}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F0413CB0-FBF1-4940-A2A1-C822CAC26B92}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{10117C88-8EF9-40D4-8DE7-67D1C7416955}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{3CD29859-CAE4-4CB4-9832-BB10A888866C}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D5215DD3-374F-479A-91F4-C44262FF326D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{074183CD-2336-40F3-9A5C-3670092C036B}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{B23D038D-04EF-4E54-A374-6CEF0C753E74}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{10117C88-8EF9-40D4-8DE7-67D1C7416955}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D5215DD3-374F-479A-91F4-C44262FF326D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #15
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D5215DD3-374F-479A-91F4-C44262FF326D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:46da:f6f3::46da:f6f3(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 69.78.96.14
66.174.92.14
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 32:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D5215DD3-374F-479A-91F4-C44262FF326D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Blade81
2009-06-13, 13:45
Hi,

Ok. You're connecting thru wireless mobile broadband, right? Could you try reinstall drivers for the modem? Also, if your friends have wired connection could it be possible to try connect system to internet with it?

CabinMomma
2009-06-13, 17:24
I have a mobile broadband that I use because I'm out a lot while I try to work. That is working right now. I cannot connect to my wireless router at my house (I could just before the last step - removal of the McAfee leftovers). I can connect if I plug into the wall - using our connection at home, just not wireless. That is a much faster connection than the broadband connection, so I'd like to be able to use it. Also, when I go into a client's office, I'm usually connecting with the wireless, so it's helpful there, too.

The biggest problem, though, is that I still cannot download anything.

Thank you for sticking with me for so long with this issue.

Blade81
2009-06-14, 11:52
Hi,

Click start, in the search box type cmd hold CTRL-SHIFT, and hit ENTER. YOu will see a UAC prompt, if UAC is still enabled. Click OK, and you will have a command prompt with admin rights.

Then type
netsh winsock reset and hit enter.

Still unable to connect wireless?

CabinMomma
2009-06-15, 08:40
I tried your suggestion and I still cannot connect to the wireless. :(

However, my download issues is resolved! I tested again and can now download from the internet! Whoo-hoo! :yahoo:

When I'm out tomorrow, I will try some other wireless connections and see if I can connect to those or if it's just my house.

Thanks again for all your help and for staying with my issues for so long. :thanks:

Blade81
2009-06-15, 16:43
Glad the download issue got sorted out :)

Please let me know how other wireless connections work.

Blade81
2009-06-24, 21:20
Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.