TechSpot

Seeing *32 in my task manager?

Solved
By GambitX
Sep 8, 2010
Topic Status:
Not open for further replies.
  1. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Sorry Bobbye !! Didn't mean to bombard you. I have downloaded Avila, Comodo and Spywareblaster. I will get rid of the Zoned Out program. Thanks so much!

    Will power down now and wait for next step. Thanks a lot.
  2. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    I have deleted the ZonedOut program and my fan seems to be running normally again.

    Sorry to repeat this but I forgot to ask you about this too. You had mentioned I had too many Java programs and to uninstall the ones not needed. These are the three I see on the program list under "uninstall programs". I have not done anything with Java yet. I didn't want to miss a step so how do I remove the ones not needed? Thanks a lot Bobbye!
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You always only need the most current Java on the system. Right now, that is v6u21. According to the Java Update site:
    You currently have this:
    Java (TM) 6 Update 15 (64-bit)
    Java (TM) 6 Update 21
    Java (TM) SE Development kit 6 Update 15 (64-bit)

    I would suggest that you run this program which will remove all of the Java entries. Then go to the update site, do the scan and download the appropriate 32 and 64 for Java v6u21.
    Please download JavaRa and unzip it to your desktop.
    Important!
    ***Please close any instances of Internet Explorer before continuing!***
    • Double-click on JavaRa.exe to start the program.
    • From the drop-down menu, choose English and click on Select.
    • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
    • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
    • A logfile will pop up. Please save it to a convenient location.

    Then download and install then most current version and update of Java Runtime Environment (JRE) HERE.
    ======================================
    I will have one more step for you to remove the cleaning tools.
  4. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Great, thanks Bobbye. Step is complete and I think I have installed everything correctly as instructed. Going to do a double check to make sure.

    Question for you: You had mentioned earlier that you think that the fake virus scan or whatever it was that popped up on my screen had: "I think what happened is that the malware may have damaged your permissions to run in 64 bit. I don't know that for sure- I'm waiting to hear on that. But I am wondering where that pop-up went or just what it was. " What did that mean and is there a fix for that?

    Thanks so much for your help.
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I don't have an answer for that yet. You did not mention having any problem running any of the programs showing the *32. Since they have versions that can be run in either 32 or 64 bit, I don't know if this is a problem.

    You can use CleanUp in OTL feature to remove all or most of the programs we've used in cleaning.
    • Double click OTL.exe.
    • Click the CleanUp button.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.

    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

    You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    Creating a Restore Point in Windows 7:
    • Click on Start> right click on Computer> Properties
    • Select System Protection
    • Click on the Create button (near bottom)
    • Type a name for the Restore Point
    • Click on Create again to save the restore point.

      Deleting all but the most recent System Protection point in Windows
      7
    • Click Start, type Cleanmgr.exe and press ENTER
    • Select the drive-letter from the list and click OK
    • Click Clean up system files
      This restarts Disk Cleanup to run in elevated mode.
    • Select the drive-letter from the list and click OK
    • Click the More Options tab
      [​IMG]
    • Click the Clean up… button under System Restore and Shadow Copies.
    • Click OK.
  6. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Bobbye,

    In regards to the Java, the three programs on my "uninstall list" didn't change. All 3 remain. When I did the removal, nothing was removed and everything was verfied via the link you provided saying that I was up to date. Since I have to have both 32 and 64 bit versions, is having all 3 programs normal?
  7. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Sorry for the double post. Thanks Bobbye. I did all of this but the OTL program only cleaned up itself. TFC.exe, Java uninstaller program, malwarebytes, ESET, etc are still on here. Are they safe to delete manually?

    Also- I noticed my .PDF file reader doesn't work anymore. I just noticed this today but it could of stopped working since the fake virus thing occured. I have Adobe PDF Writer and it was working fine before. Any idea why this would of happened and could it of been connected?

    Thanks a lot.
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Gambit, I don't think you can make the one pop up you had the cause for anything that isn't working right!

    1. The users who have 64 bit systems are telling me that it was common to see the *32 in the Task Manager. One person suggested that it/they might have been there but you only noticed it when you opened the Task Manager to stop a process.

    2. If there is any program we used that didn't clean up, you can uninstall in Add/Remove Programs or use the following for most:
    Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.

    TFC would have been good to keep since it was one of the programs I recommended. The Eset scan will be in addons. you can leave it as it's user invoked, If you want to remove it:
    Click on Tools> Manage add-ons> Highlight either Eset or Nod32> Disable.

    3. You will need to clarify this for me:
    I do not see the Adobe Reader in your installed programs-or as a running process in the original logs- just get plus plus for the Flash which you have.There is no other Adobe program installed. If you just want the PDF Reader, you can visit this Adobe Reader site and download the latest version.

    4. I would like to mention that you have an enormous number of processes running. You need to check what's on the machine, decide if you want it or need it and if you don't uninstall it. Don't put programs on Startup if you don't need them- and all you really need if the AV, firewall and touchpad for laptop. If you have Network Magic, there are 2 processes for that. Anything else can be started when you need it. Why have is start on boot, run in the background, use the system resources if you don't need it!

    5. Companies pre-load a lot of junk a system before they ship them. Sony, on their VAIO, is one of the worse. Most users don't use most of these processes and most don't even know they have them. systems should always be but through some kind of check to remove what isn't needed or wanted. But it's up to you to check out what the processes are for.

    5. Now that you have a firewall, you have to tell it what you want to access the internet that is on your system. You do that by configuring the firewall. So look for the Comodo help. Most of what is outgoing can be stopped by either blocking or removing and keep in mind that everything you have auto-updating will connect to the internet several times a day looking for updates- good reason to stop all auto-update except for antivirus.:

    See #5:
    1. OOBEFcdRegistration.exe>> [RegistrationReminder] "c:\program files\sony\first experience\OOBEFcdRegistration.exe"
    2. ThirdPartyAppMgr.exe>> C:\Program Files\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    3. PowerManager.exe>> C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
  9. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Haha, sorry :( I guess I panicked a bit when I saw the pop-up. My old computer I had issues with when I was in college, it was connected to a huge network so I would often get infected. It wasn't until I downloaded Spybot search & destroy and some other anti-virus stuff did the problems stop. I still have bad memories from that experience that stick with me, even four years later.

    Ok great, thanks a lot for the information. I google'd the problem when I first saw it, and I noticed some people saying it could be a virus. This is good information though.

    I ran OTC again and nothing had cleaned up other than itself. I ended up keeping TFC because it is very useful. I disabled ESET as well, thank you.


    Thank you. I fixed this. For some reason I only had Adobe Flash Player installed. The PDF was working not too long ago which is odd. I wonder if I removed it by accident? Either way, I have it back on. Thanks.

    This may be a really stupid question but how do I stop programs from running off startup? I never put any programs on startup and would definitely like to disable some (I didn't even know this was an option..). Is there somewhere you recommend that I can go to, to help me with what is safe to remove and what is not necessary? I would love to get rid of a lot of these programs, but i was always afraid of uninstalling/deactivating the wrong ones.


    This firewall is awesome. I really appreciate you referring this to me. I can tell it is very, very good and I may just have to get used to what programs are supposed to be outgoing. I will read up on this and try to teach myself how to use it properly.

    Will do thank you.

    I just wanted to take time to once again, thank you for your time in assisting me on this. I guess I panicked when I saw the virus popup but I ended up getting a great firewall and an anti-virus thanks to you. You are extremely helpful and I can't believe that you take your free time to assist people like this, it is great.

    I hope you don't mind but I referred your forum to a lot of friends of mine. A couple of them visited the site today, read the articles but have not posted yet.

    Thanks so much. I look forward to seeing your reply. I am really clueless as to what is safe to remove/not needed so any help will be greatly appreciated. I'd like to make my computer run as fast and smooth (but safe of course) as it possibly can.

    EDIT: Wanna know something interesting Bobbye? I click the IE shortcut which is pinned to my taskbar. Usually, IE would open in 64-bit. After that fake virus scan popped up, it was running in 32 bit (or so I think.. it could of just not been noticed by me, but I'm pretty sure it always ran in 64 bit..). I hit start-----> all programs then saw Internet Explorer (64 bit). I clicked that and IE is back running in 64 bit, but some other programs are still running in 32 bit. I pinned the 64 bit shortcut back to the task bar and deleted the other one. Could that fake virus scan have swapped my IE shortcuts? It is just strange because I don't see th epoint of that, lol. Anyway, just realized it and thought I'd share, hope that info can shed some light on something.

    I'm in the process of reviewing the different processes but I really have no idea what to uninstall or disable b/c depending on what site I look, some say keep it, others say turn it off. Seems like some of these programs are considered "Bloatware". It sucks that Sony has to pre-download this junk.
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Virtually every program on a new system outs itself on the Start menu. And when you download any new program, you are asked if it should go on the Start menu. Note that very few processes need to start on boot and most can be used by choosing the program itself.

    Here is a list of Sony VAIO Services that you can reset Startup to Manual. If you decide to uninstall any of these, the Service can then be changed to Disabled:
    Change Sony VAIO Services to Manual:

    Start> Run> services.msc> right click on each of the following Services> Properties> Change the Startup type to MANUAL> Stop the Service.
    If you need specific info about what any of these Services do, please do a search.

    To stop a program from starting on boot and running in the background using the msconfig utility
    Please refer to the screen shots and directions HERE.

    There are instructions I would like to add however, based on my use of msconfig with other operating systems:
    The screen shows a check in Normal Startup. Please check Selective Startup instead, then the Start tap.
    #6 has the last step and an image of a screen you get. This is essentially a nag message and you need to ut a check in 'don't shoe this message again.' IF the message includes you are 'in a diagnostic more' and suggests you go back to Normal Mode, don't do it. If this works like earlier Windows OS, going back to Normal Mode will restore all the processes you unchecked. You need to remain in Selective startup to keep the changes.

    And an FYI for you: Normal Startup vs Selective Startup is not the same as Normal Mode vs Safe Mode.

    Regarding 32 bit vs 64 bit: Here is a thread I started about this matter. You can read the discussion and use the links jobeard left if you want to do more reading:
    http://www.tech-101.com/windows-7/1547-starting-64-bit-32-bit.html#post7664

    Please let me know if I've left anything out. I do have a reference suggestion for you. There is a Windows 7 for Dummies book available at bookstores. I use this series for general reference because the language is not technical and guidance is basic. I think everyone need one for their OS!
  11. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Thanks. I didn't see a lot of those services under services.msc but the ones I found I disabled. Thanks for that.

    I went through each service starting on start-up and disabled the ones not needed. I went from 82 processes to now 70, and I'm sure there are still more to disable. It looks like a lot of the others aren't listed on the start-up list (ones that start-up on boot). For instance, ThirdPartyManager.exe isn't listed on the startup list but I did see it under services.msc

    I'm still trying to figure out which ones are good to diable and which others are not. I'll read some more about this, this way I can locate the files which are unneccessarily running right now.

    So I guess my computer was never infected with anything at all right? Is my computer safe now to use for banking or online purchases? Thanks a lot Bobbye.
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    If you check the list of the VAIO Services, you will see that I added "may be ****". I did that because the Service name and the Display name may be different. Reviewing the BlackViper site for Services is the best information you can find. Scroll down the the chart he has for the Services and take note of each column heading.Each services tells what it does, what the Dependencies are and what the best settings are. They include all of the Windows 7 Services:
    Windows 7 Service Configurations: http://www.blackviper.com/Windows_7/servicecfg.htm

    A tip about working with Services. I find it best to boot into Safe Mode when changing Startup types. That way you will be able to set any Dependencies without getting an error that 'a dependent Service isn't running."

    Take your time when working with Services. It is very important that some be set to Automatic startup because they need to be running from boot. On the other hand, those that only need to run when you use what it is does, can be set to Manual so as to not use resources unnecessarily. And lastly, a few can be Disabled, partly as a security measure.

    And you might find working with the Startup menu, using msconfig will be easier in Safe Mode
  13. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Thanks a lot Bobbeye. So everything is safe to use right? It is OK to use the internet for purchases and bill paying through this computer?
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You're welcome. Your system is clean. You should be safe. If you would like to add some security, go ahead and change your passwords.
  15. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Great! Thanks a lot Bobbye. I will go ahead and do that. I appreciate your help!
  16. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    You're welcome. Here are more security tips for you. NOTE: I haven't edited this for Windows 7 yet- there may be a couple of other programs that you can't use. The first part was the layered security which I gave you already- here's the rest:.

    Tips for added security and safer browsing:
    1. Browser Security Settings: Custom is fine if the user did the settings. Mine are Custom. Default is okay too, but sometimes too restrictive.
      This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features: Make Internet Explorer safer.
    2. Stay current on updates:
      [o] Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates.
      [o]Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
      [o]Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
    3. Reset Cookies to prevent Tracking Cookies:
      [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
      [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
      I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
      AdBlock Plus
      Easy List
    4. Do regular Maintenance
      Remove Temporary Internet Files regularly:
      [o]ATF Cleaner by Atribune
      OR
      [o]TFC
      Disable and Enable System Restore:
      [o]See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
    5. Practice Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
  17. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    I thought I replied to this when you initially posted but I guess I didn't ..

    Thanks so much Bobbye for all your help. I just wanted to let you know that Comodo Firewall is awesome and so is Avira anti-virus. I also like the file cleaner program, works great and is easy to use.

    Question though for you- I was browsing my fantasy sports sites and Avira popped up saying it detected malware (bottom right corner of screen) and asked if I wanted to remove it. I did. Is there any way to double check to make sure there is no malware on the computer? Avira came up as soon as the ad popped up and seemed ot block it but I wanted to make sure.

    THANKS!
  18. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Ok I guess I am supposed to post my new problem here? Bobbye can you please let me know if I am posting in the right spot? Broni closed my other topic I had made.. with my logs.. I'll repaste them here
  19. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    Ran my Avira virus-scan today and it picked up a Java virus.. Can you please help?

    Here is the scan log:


    Avira AntiVir Personal
    Report file date: Wednesday, October 20, 2010 22:40

    Scanning for 2955693 virus strains and unwanted programs.

    The program is running as an unrestricted full version.
    Online services are available:

    Licensee : Avira AntiVir Personal - FREE Antivirus
    Serial number : 0000149996-ADJIE-0000001
    Platform : Windows 7 x64
    Windows version : (plain) [6.1.7600]
    Boot mode : Normally booted
    Username : SYSTEM
    Computer name : MLEE-VAIO

    Version information:
    BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
    AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 17:37:38
    AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
    LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 23:33:04
    LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
    VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
    VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
    VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
    VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
    VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
    VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 22:05:50
    VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 22:05:53
    VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 22:05:58
    VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 22:06:02
    VBASE009.VDF : 7.10.11.134 2048 Bytes 9/13/2010 22:06:03
    VBASE010.VDF : 7.10.11.135 2048 Bytes 9/13/2010 22:06:03
    VBASE011.VDF : 7.10.11.136 2048 Bytes 9/13/2010 22:06:03
    VBASE012.VDF : 7.10.11.137 2048 Bytes 9/13/2010 22:06:03
    VBASE013.VDF : 7.10.11.165 172032 Bytes 9/15/2010 22:06:03
    VBASE014.VDF : 7.10.11.202 144384 Bytes 9/18/2010 23:35:05
    VBASE015.VDF : 7.10.11.231 129024 Bytes 9/21/2010 02:38:06
    VBASE016.VDF : 7.10.12.4 126464 Bytes 9/23/2010 02:57:19
    VBASE017.VDF : 7.10.12.38 146944 Bytes 9/27/2010 22:34:24
    VBASE018.VDF : 7.10.12.64 133120 Bytes 9/29/2010 00:20:25
    VBASE019.VDF : 7.10.12.99 134144 Bytes 10/1/2010 06:45:32
    VBASE020.VDF : 7.10.12.122 131584 Bytes 10/5/2010 22:20:58
    VBASE021.VDF : 7.10.12.148 119296 Bytes 10/7/2010 23:15:30
    VBASE022.VDF : 7.10.12.175 142848 Bytes 10/11/2010 22:15:59
    VBASE023.VDF : 7.10.12.198 131584 Bytes 10/13/2010 03:32:58
    VBASE024.VDF : 7.10.12.216 133120 Bytes 10/14/2010 03:32:59
    VBASE025.VDF : 7.10.12.238 137728 Bytes 10/18/2010 22:40:35
    VBASE026.VDF : 7.10.12.254 129536 Bytes 10/20/2010 02:39:45
    VBASE027.VDF : 7.10.12.255 2048 Bytes 10/20/2010 02:39:46
    VBASE028.VDF : 7.10.13.0 2048 Bytes 10/20/2010 02:39:46
    VBASE029.VDF : 7.10.13.1 2048 Bytes 10/20/2010 02:39:46
    VBASE030.VDF : 7.10.13.2 2048 Bytes 10/20/2010 02:39:46
    VBASE031.VDF : 7.10.13.9 44032 Bytes 10/20/2010 02:39:46
    Engineversion : 8.2.4.84
    AEVDF.DLL : 8.1.2.1 106868 Bytes 9/15/2010 22:06:12
    AESCRIPT.DLL : 8.1.3.45 1368443 Bytes 9/18/2010 03:29:08
    AESCN.DLL : 8.1.6.1 127347 Bytes 9/15/2010 22:06:12
    AESBX.DLL : 8.1.3.1 254324 Bytes 9/15/2010 22:06:13
    AERDL.DLL : 8.1.9.2 635252 Bytes 9/23/2010 02:38:10
    AEPACK.DLL : 8.2.3.11 471416 Bytes 10/11/2010 22:16:07
    AEOFFICE.DLL : 8.1.1.8 201081 Bytes 9/15/2010 22:06:11
    AEHEUR.DLL : 8.1.2.36 2974072 Bytes 10/21/2010 02:39:50
    AEHELP.DLL : 8.1.14.0 246134 Bytes 10/11/2010 22:16:04
    AEGEN.DLL : 8.1.3.23 401779 Bytes 10/3/2010 06:45:35
    AEEMU.DLL : 8.1.2.0 393588 Bytes 9/15/2010 22:06:08
    AECORE.DLL : 8.1.17.0 196982 Bytes 9/26/2010 02:57:23
    AEBB.DLL : 8.1.1.0 53618 Bytes 9/15/2010 22:06:07
    AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 17:03:38
    AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 17:03:35
    AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 21:47:40
    AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 17:35:46
    AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 17:39:51
    AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 17:22:13
    AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 14:53:30
    SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 17:57:58
    AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 20:38:56
    NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 19:41:00
    RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
    RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 19:14:29

    Configuration settings for the scan:
    Jobname.............................: Complete system scan
    Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
    Logging.............................: low
    Primary action......................: interactive
    Secondary action....................: ignore
    Scan master boot sector.............: on
    Scan boot sector....................: on
    Boot sectors........................: C:,
    Process scan........................: on
    Extended process scan...............: on
    Scan registry.......................: on
    Search for rootkits.................: on
    Integrity checking of system files..: off
    Scan all files......................: All files
    Scan archives.......................: on
    Recursion depth.....................: 20
    Smart extensions....................: on
    Macro heuristic.....................: on
    File heuristic......................: medium

    Start of the scan: Wednesday, October 20, 2010 22:40

    Starting search for hidden objects.
    HKEY_LOCAL_MACHINE\Software\Microsoft\DevDiv\VC\Servicing\8.0\sp
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\Software\Microsoft\DevDiv\VC\Servicing\8.0\RED\1033\sp
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTra y\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
    [NOTE] The registry entry is invisible.
    c:\program files (x86)\java\jre6\bin\jp2launcher.exe
    c:\Program Files (x86)\Java\jre6\bin\jp2launcher.exe
    [NOTE] The process is not visible.
    c:\program files (x86)\real\realupgrade\realupgrade.exe
    c:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
    [NOTE] The process is not visible.

    The scan of running processes will be started
    Scan process 'avscan.exe' - '77' Module(s) have been scanned
    Scan process 'iexplore.exe' - '146' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'iexplore.exe' - '126' Module(s) have been scanned
    Scan process 'iexplore.exe' - '126' Module(s) have been scanned
    Scan process 'iexplore.exe' - '126' Module(s) have been scanned
    Scan process 'iexplore.exe' - '152' Module(s) have been scanned
    Scan process 'iexplore.exe' - '145' Module(s) have been scanned
    Scan process 'iexplore.exe' - '147' Module(s) have been scanned
    Scan process 'iexplore.exe' - '145' Module(s) have been scanned
    Scan process 'iexplore.exe' - '148' Module(s) have been scanned
    Scan process 'iexplore.exe' - '149' Module(s) have been scanned
    Scan process 'iexplore.exe' - '151' Module(s) have been scanned
    Scan process 'FlashUtil10i_ActiveX.exe' - '41' Module(s) have been scanned
    Scan process 'GoogleToolbarUser_32.exe' - '54' Module(s) have been scanned
    Scan process 'PowerManager.exe' - '103' Module(s) have been scanned
    Scan process 'ThirdPartyAppMgr.exe' - '99' Module(s) have been scanned
    Scan process 'SmartWi.exe' - '97' Module(s) have been scanned
    Scan process 'iexplore.exe' - '125' Module(s) have been scanned
    Scan process 'CCP.exe' - '78' Module(s) have been scanned
    Scan process 'realsched.exe' - '43' Module(s) have been scanned
    Scan process 'avgnt.exe' - '61' Module(s) have been scanned
    Scan process 'ISBMgr.exe' - '46' Module(s) have been scanned
    Scan process 'VCSW.exe' - '44' Module(s) have been scanned
    Scan process 'GoogleToolbarNotifier.exe' - '73' Module(s) have been scanned
    Scan process 'IAAnotif.exe' - '42' Module(s) have been scanned
    Scan process 'VESMgrSub.exe' - '60' Module(s) have been scanned
    Scan process 'DllHost.exe' - '35' Module(s) have been scanned
    Scan process 'IAANTMon.exe' - '39' Module(s) have been scanned
    Scan process 'VzCdbSvc.exe' - '37' Module(s) have been scanned
    Scan process 'VCFw.exe' - '70' Module(s) have been scanned
    Scan process 'VESMgr.exe' - '67' Module(s) have been scanned
    Scan process 'UStorSrv.exe' - '33' Module(s) have been scanned
    Scan process 'avguard.exe' - '71' Module(s) have been scanned
    Scan process 'sched.exe' - '52' Module(s) have been scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!
    Master boot sector HD2
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!

    Starting to scan executable files (registry).
    The registry was scanned ( '735' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\Users\mlee\AppData\Local\Temp\jar_cache3360243798503805902.tmp
    [0] Archive type: ZIP
    [DETECTION] Contains recognition pattern of the JAVA/Rowindal.A Java virus
    --> Cz_0_CDKa__.class
    [DETECTION] Contains recognition pattern of the JAVA/Rowindal.A Java virus
    --> jWSyyv.class
    [DETECTION] Contains recognition pattern of the JAVA/Remote.B Java virus
    --> M8PFGFzL.class
    [DETECTION] Contains recognition pattern of the JAVA/Agent.abj Java virus
    --> rsl__E2.class
    [DETECTION] Contains recognition pattern of the JAVA/SecureSet.A Java virus
    --> saCPvD8X.class
    [DETECTION] Contains recognition pattern of the JAVA/Agent.abk.5 Java virus
    --> uwE_qu4.class
    [DETECTION] Contains recognition pattern of the JAVA/ClassLoad.AK Java virus

    Beginning disinfection:
    C:\Users\mlee\AppData\Local\Temp\jar_cache3360243798503805902.tmp
    [DETECTION] Contains recognition pattern of the JAVA/ClassLoad.AK Java virus
    [NOTE] The file was moved to the quarantine directory under the name '49d816a5.qua'.


    End of the scan: Wednesday, October 20, 2010 23:21
    Used time: 38:44 Minute(s)

    The scan has been done completely.
  20. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    www.malwarebytes.org

    Database version: 4897

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    10/20/2010 11:55:16 PM
    mbam-log-2010-10-20 (23-55-16).txt

    Scan type: Quick scan
    Objects scanned: 138084
    Time elapsed: 4 minute(s), 8 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  21. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    DDS (Ver_10-10-10.03) - NTFS_AMD64
    Run by mlee at 23:56:34.28 on Wed 10/20/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3935.2485 [GMT -4:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Windows\SysWOW64\UStorSrv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Care\VAIOCareService.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
    C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Apoint\ApMsgFwd.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Apoint\Apvfb.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Sony\VAIO Care\VCsystray.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
    C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\mlee\Downloads\moo\scan\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    mRun: [LaunchUserRequestedPrograms] "C:\Program Files\Sony\First Experience\Miniprogram.exe"
    mRun: [RegistrationReminder] "C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe"
    mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    mRunOnce: [Malwarebytes' Anti-Malware] C:\Users\mlee\Downloads\moo\scan\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Notify: VESWinlogon - VESWinlogon.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
    mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    mRun-x64: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

    ============= SERVICES / DRIVERS ===============

    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-9-3 55280]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-9-10 249496]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-9-10 33208]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-9-15 135336]
    R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-9-15 267432]
    R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2010-9-15 81072]
    R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-8-18 189984]
    R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-9-3 411496]
    R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2009-9-3 19968]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-8-18 139264]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-8-18 11392]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-8-18 393216]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-3 133104]
    S2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
    S3 SampleCollector;Intel(R) Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-2-21 167424]
    S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-9-3 120104]
    S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-9-3 70952]
    S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-9-3 427304]
    S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-9-3 75048]
    S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-9-3 91432]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-9-3 104960]
    S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-9-3 468264]
    S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-9-3 357672]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-9-3 110888]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-13 1255736]

    =============== Created Last 30 ================

    2010-10-21 03:50:36 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2010-10-19 23:05:26 8006480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{DFC7B546-FE91-4DC2-B526-2A2EA2390C8B}\mpengine.dll
    2010-09-29 05:30:18 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
    2010-09-29 05:30:18 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
    2010-09-28 23:28:44 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-09-28 23:28:44 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-09-28 23:28:32 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
    2010-09-28 23:28:32 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

    ==================== Find3M ====================

    2010-09-11 03:41:40 362784 ----a-w- C:\Windows\System32\guard64.dll
    2010-09-11 03:41:40 285480 ----a-w- C:\Windows\SysWow64\guard32.dll
    2010-09-11 03:40:44 33208 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
    2010-09-11 03:40:44 249496 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
    2010-09-11 03:40:42 20864 ----a-w- C:\Windows\System32\drivers\cmderd.sys
    2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
    2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
    2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
    2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
    2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
    2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
    2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
    2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
    2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
    2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll
    2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll
    2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll
    2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
    2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
    2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll
    2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
    2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll

    ============= FINISH: 23:59:15.16 ===============
  22. GambitX

    GambitX Newcomer, in training Topic Starter Posts: 79

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-10.03)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 12/25/2009 11:16:55 PM
    System Uptime: 10/20/2010 11:42:47 PM (0 hours ago)

    Motherboard: Sony Corporation | | VAIO
    Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | N/A | 2200/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 290 GiB total, 225.519 GiB free.
    E: is Removable
    F: is Removable
    G: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP131: 10/5/2010 6:23:28 PM - Windows Update
    RP132: 10/8/2010 1:04:26 AM - Windows Update
    RP133: 10/8/2010 6:47:20 PM - Windows Update
    RP134: 10/12/2010 7:29:26 PM - Windows Update
    RP135: 10/13/2010 1:13:52 AM - Windows Update
    RP136: 10/15/2010 7:18:17 PM - Windows Update
    RP137: 10/19/2010 7:04:49 PM - Windows Update

    ==== Installed Programs ======================


    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.4
    Apple Application Support
    Apple Software Update
    Application Manager for VAIO
    ArcSoft Magic-i Visual Effects 2
    ArcSoft WebCam Companion 3
    Avira AntiVir Personal - Free Antivirus
    Click to Disc
    Click to Disc Editor
    Compatibility Pack for the 2007 Office system
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Java Auto Updater
    Java(TM) 6 Update 21
    Junk Mail filter update
    Malwarebytes' Anti-Malware
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Music Transfer
    Primo
    QuickTime
    Realms of Kaos
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.0
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Easy Media Creator 10 LJ
    Roxio Easy Media Creator Home
    Runtime
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Setting Utility Series
    SmartWi Connection Utility
    Sony Home Network Library
    Sony Picture Utility
    U-Storage Service
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VAIO Care
    VAIO Content Metadata Intelligent Analyzing Manager
    VAIO Content Metadata Intelligent Network Service Manager
    VAIO Content Metadata Manager Settings
    VAIO Content Metadata XML Interface Library
    VAIO Content Monitoring Settings
    VAIO Control Center
    VAIO Data Restore Tool
    VAIO DVD Menu Data Basic
    VAIO Entertainment Platform
    VAIO Event Service
    VAIO Help and Support
    VAIO Media plus
    VAIO Media plus Opening Movie
    VAIO Movie Story
    VAIO Movie Story Template Data
    VAIO OOBE and Startup Assistant
    VAIO Original Function Settings
    VAIO Power Management
    VAIO Presentation Support
    VAIO Quick Web Access
    VAIO Survey
    VAIO Update 4
    VAIO Wallpaper Contents
    Visual C++ 8.0 Runtime Setup Package (x64)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    10/20/2010 7:03:39 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy7.
    10/20/2010 7:03:10 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy10.
    10/20/2010 11:43:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
    10/20/2010 11:43:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HsfXAudioService service to connect.
    10/20/2010 11:43:04 PM, Error: Service Control Manager [7000] - The HsfXAudioService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/20/2010 11:17:29 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER--PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4663E24F-3089-4E27-A1DB-886BC3E53AC6}. The master browser is stopping or an election is being forced.
    10/20/2010 10:40:37 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer GAIL that believes that it is the master browser for the domain on transport NetBT_Tcpip_{4663E24F-3089-4E27-A1DB-886BC3E53AC6}. The master browser is stopping or an election is being forced.
    10/17/2010 6:55:05 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy14.
    10/17/2010 6:54:14 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy17.

    ==== End Of File ===========================
  23. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Sorry for the confusion. This is a new problem a month after the previous problem was resolved. Apparently I forgot to close this thread.

    So this thread is now closed and new problem is being handled on http://www.techspot.com/vb/topic155242.html
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.