Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

McAfee Real Time scanning turns off

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

McAfee Real Time scanning turns off

Unread postby shreekar » November 13th, 2012, 4:32 am

Hi,

McAfee Real Time scanning is turned off. McAfee Firewall is also turned Off. On system startup, it tries to start the Real Time Scanner but comes back after 5-10 minutes saying it is Off.

I realize that some McAfee services are not starting...

DDS Log File

DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.9.2
Run by Shreekar at 0:22:33 on 2012-11-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2798.1592 [GMT -8:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: IE to GetRight Helper: {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121112234846.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{6DD0B22D-C026-4940-9700-1362E8BA5673} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\34963736F61393331353 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121112234846.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-20 55856]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-3 30568]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2011-8-10 91864]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-25 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-10 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-10 201304]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2009-12-25 93696]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2009-12-25 75776]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-23 259192]
R2 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-23 44736]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-3 711112]
R2 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-1-20 19968]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-25 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-8-27 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-30 317440]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-11-10 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-11-10 513456]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-12-25 11392]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-20 571248]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-12-25 395264]
S2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-10 201304]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-10 201304]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-11-10 237920]
S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-11-10 218320]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-12-25 52264]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-12-25 35104]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-11-10 69672]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-10 196440]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2010-6-18 116224]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-11-10 106112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]
S3 TVICHW64;TVICHW64;C:\Windows\System32\drivers\TVicHW64.sys [2011-11-7 21200]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-22 1255736]
S4 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-7-1 151552]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-23 360224]
S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-30 313840]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-30 362992]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S4 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-9-10 108400]
S4 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S4 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-9-10 67952]
S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S4 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-5-15 206120]
S4 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-5-15 185640]
S4 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-20 104960]
S4 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-25 2320920]
S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]
S4 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-11-7 845312]
S4 WTGService;WTGService;C:\Program Files (x86)\InternetEverywhere\WTGService.exe [2010-6-18 308688]
.
=============== Created Last 30 ================
.
2012-11-12 03:06:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-12 03:06:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-12 02:14:35 16200 ----a-w- C:\Windows\stinger.sys
2012-11-12 02:13:27 -------- d-----w- C:\Program Files (x86)\stinger
2012-11-11 06:11:01 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2012-11-11 06:10:44 -------- d-----w- C:\Program Files (x86)\McAfee.com
2012-11-11 06:10:40 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2012-11-11 06:10:39 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2012-11-11 06:10:33 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2012-11-11 06:10:33 513456 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2012-11-11 06:10:33 300392 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2012-11-11 06:10:33 106112 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2012-11-11 06:10:28 -------- d-----w- C:\Program Files\Common Files\McAfee
2012-11-11 06:10:25 -------- d-----w- C:\Program Files\McAfee.com
2012-11-11 06:10:25 -------- d-----w- C:\Program Files\McAfee
2012-11-11 06:10:23 -------- d-----w- C:\Program Files (x86)\McAfee
2012-11-10 17:54:54 -------- d-----w- C:\Users\Shreekar\AppData\Roaming\Digiarty
2012-11-10 17:51:05 -------- d-----w- C:\ProgramData\xml_param
2012-11-10 17:45:31 -------- d-----w- C:\Users\Shreekar\AppData\Local\Aimersoft
2012-11-10 17:45:30 -------- d-----w- C:\Program Files (x86)\Common Files\Aimersoft
2012-11-10 17:45:27 496640 ----a-w- C:\Windows\SysWow64\xvid.ax
2012-11-10 17:45:26 892928 ----a-w- C:\Windows\SysWow64\iconv.dll
2012-11-10 17:45:26 675840 ----a-w- C:\Windows\SysWow64\ac3filter.ax
2012-11-10 17:45:26 -------- d-----w- C:\ProgramData\Aimersoft DVD Ripper
2012-11-10 17:45:24 -------- d-----w- C:\Program Files (x86)\Aimersoft
2012-11-10 05:40:34 -------- d--h--w- C:\$AVG
2012-11-04 02:12:59 -------- d-----w- C:\Users\Shreekar\AppData\Local\AVG Secure Search
2012-11-04 02:12:56 -------- d-----w- C:\Users\Shreekar\AppData\Roaming\TuneUp Software
2012-11-04 02:12:49 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-11-04 02:12:46 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-11-04 00:58:32 177144 ----a-w- C:\Windows\System32\mfevtps.exe
2012-11-04 00:26:46 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-04 00:20:48 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-11-04 00:20:48 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-11-04 00:20:47 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-11-04 00:20:46 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-04 00:20:46 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-04 00:20:46 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-11-04 00:20:46 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2012-11-04 00:20:45 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-11-04 00:20:45 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-11-04 00:20:34 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-11-04 00:20:33 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-11-04 00:17:17 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-04 00:09:46 -------- d-----w- C:\mfe
2012-10-28 18:46:40 103832 ----a-w- C:\Users\Shreekar\GoToAssistDownloadHelper.exe
2012-10-28 18:46:08 -------- d-----w- C:\Users\Shreekar\AppData\Local\Deployment
2012-10-28 18:46:08 -------- d-----w- C:\Users\Shreekar\AppData\Local\Apps
2012-10-22 08:19:17 -------- d-----w- C:\Users\Shreekar\AppData\Roaming\McAfee
.
==================== Find3M ====================
.
2012-11-04 00:26:46 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-04 00:17:03 821736 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-10-02 21:56:43 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-10-02 21:56:43 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-29 03:24:53 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-28 02:49:03 158976 ----a-w- C:\Windows\System32\drivers\Impcd.sys
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-23 14:13:11 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2012-08-23 14:10:20 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-08-23 14:07:35 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2012-08-23 13:47:20 46592 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2012-08-23 13:46:20 16896 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2012-08-23 13:41:52 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-08-23 13:40:56 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-23 13:24:57 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2012-08-23 13:20:40 54272 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2012-08-23 13:18:14 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2012-08-23 13:17:54 18432 ----a-w- C:\Windows\System32\wksprtPS.dll
2012-08-23 13:06:58 43520 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-08-23 12:52:53 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2012-08-23 11:20:06 62976 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2012-08-23 11:15:57 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll
2012-08-23 11:14:09 384000 ----a-w- C:\Windows\System32\wksprt.exe
2012-08-23 11:12:17 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2012-08-23 10:54:24 322560 ----a-w- C:\Windows\System32\aaclient.dll
2012-08-23 10:51:14 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2012-08-23 10:39:24 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe
2012-08-23 10:22:22 1123840 ----a-w- C:\Windows\System32\mstsc.exe
2012-08-23 09:51:57 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-08-23 08:19:01 4916224 ----a-w- C:\Windows\SysWow64\mstscax.dll
2012-08-23 08:13:07 5773824 ----a-w- C:\Windows\System32\mstscax.dll
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 0:23:38.11 ===============


Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 04/06/2010 13:36:11
System Uptime: 12/11/2012 23:39:11 (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | N/A | 1983/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 66.303 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&108D72A9&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&108D72A9&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
A Series of Unfortunate Events
Acoustica Effects Pack
Acoustica Mixcraft 5
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Akamai NetSession Interface
Alps Pointing-device for VAIO
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aquapolis
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
Atlantis Sky Patrol™
Audacity 2.0
Awakening: The Dreamless Castle
Be a King 2
Be Richer
Big Fish Games: Game Manager
Bonjour
Burger Bustle: Ellie's Organics
CCleaner
Chicken Chase
Chicken Invaders 4: Ultimate Omelette
Chocolatier
Cisco Connect
Cisco WebEx Meetings
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Comcast Desktop Software (v1.2.1)
Compatibility Pack for the 2007 Office system
D3DX10
Diego`s Dinosaur Adventure
DivX Setup
Doras Carnival 2: At the Boardwalk
Dragon Keeper 2
Evernote
Express Zip File Compression Software
Facebook Messenger 2.1.4651.0
Facebook Video Calling 1.2.0.159
Facebook Video Calling 1.2.0.287
Farm Frenzy
Farm Frenzy 3
Farm Frenzy: Gone Fishing
Feeding Frenzy 2 Shipwreck Showdown
FFmpeg v0.6.2 for Audacity
Fishdom
Fishing Craze
FormatFactory 2.96
Gardenscapes: Mansion Makeover™
Garmin Lifetime Updater
GetRight
Gold Miner Vegas
Google Chrome
Google Update Helper
GoToAssist Corporate
Grim Tales: The Wishes Collector's Edition
Haunted Hotel
IHA_MessageCenter
Insaniquarium! Deluxe
InstallVC90Support
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Internet Everywhere
Internet TV for Windows Media Center
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 16 (64-bit)
Java(TM) 6 Update 35
Junk Mail filter update
Kingdom Chronicles Collector's Edition
LandGrabbers
Life Quest ™
Luxor 3
Mahjong Towers Eternity ™
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Internet Security
McAfee Virtual Technician
Media Gallery
Microsoft .NET Framework 4 Client Profile
Microsoft Age of Empires II Trial Version
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 x64 English
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
MixPad Audio Mixer
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MusicStation
Mystery Case Files &reg;: Dire Grove ™
Mystery Case Files: Ravenhearst &reg;
Mystic Inn ™
Online Plug-in
OpenOffice.org 3.2
Paranormal Crime Investigations: Brotherhood of the Crescent Snake Collector's Edition
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
Quick Web Access
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Redist
Rescue Frenzy
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Royal Envoy 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Setting Utility Series
Setup_msm_VCMS_x64
Setup_msm_VOFS_x64
Setup_VEP_x64_Contain_SSDB
Shared C Run-time for x64
Skype Click to Call
Skype™ 5.10
SOHLib Merge Module
Sony Home Network Library
Strange Cases: The Tarot Card Mystery
Switch Sound File Converter
System Requirements Lab CYRI
System Requirements Lab for Intel
Taranaa Karaoke Player v4.0.0
TextPad 5
The Agency of Anomalies: Cinderstone Orphanage
The Agency of Anomalies: Mystic Hospital
The Agency of Anomalies: The Last Performance Collector's Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO Care
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Intelligent Network Service Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Original Function Settings
VAIO Personalization Manager
VAIO Power Management
VAIO Premium Partners
VAIO screensaver
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VAIO Update Merge Module x64
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.6195
Verizon Download Manager
Verizon Media Manager
VideoPad Video Editor
Virtual Villagers: A New Home
Virtual Villagers: New Believers
Virtual Villagers: The Lost Children
Virtual Villagers: The Secret City
Virtual Villagers: The Tree of Life
Visual Studio 2010 x64 Redistributables
VLC media player 1.0.5
VU5x64
VU5x86
Vz In Home Agent
WavePad Sound Editor
Wedding Dash 4-Ever
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Silverlight
Windows Movie Maker 2.6
Yahoo! Messenger
Yahoo! Software Update
Yontoo 1.10.02
.
==== Event Viewer Messages From Past Week ========
.
12/11/2012 23:48:46, Error: Service Control Manager [7003] - The McAfee McShield service depends the following service: mfevtp. This service might not be installed.
12/11/2012 23:48:46, Error: Service Control Manager [7003] - The McAfee Firewall Core Service service depends the following service: mfevtp. This service might not be installed.
12/11/2012 23:48:37, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
12/11/2012 23:40:18, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
12/11/2012 23:40:18, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/11/2012 23:40:16, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/11/2012 23:39:52, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/11/2012 23:39:52, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
12/11/2012 23:39:41, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
12/11/2012 23:39:41, Error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
12/11/2012 23:39:30, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Akamai NetSession Interface service to connect.
12/11/2012 23:39:30, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.
11/11/2012 21:18:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
11/11/2012 19:51:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
11/11/2012 19:49:26, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/11/2012 19:47:47, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/11/2012 19:47:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/11/2012 19:47:37, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/11/2012 19:47:36, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/11/2012 19:47:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/11/2012 19:47:26, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ctxusbm discache spldr Wanarpv6
11/11/2012 19:47:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
11/11/2012 19:47:25, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/11/2012 19:03:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
11/11/2012 18:14:39, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
10/11/2012 21:52:46, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
.
==== End Of File ===========================


Thanks
Shreekar
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am
Advertisement
Register to Remove

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 13th, 2012, 3:03 pm

Hello... Welcome to the forum.
My name is Elrond, and I'll be helping you with any malware problems.
As an introduction, please note that I am not Superhuman, I do not know everything, but what I do know has taken me years to learn. I am happy to pass on this information to you, but please bear in mind that I am also fallible.
The logs I request need to be properly researched and a complete fix for many malware problems can take some time and be spread over a number of posts, so please be patient and try to see it through to the end.
Before we start: Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start.


Before we begin...please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. DO NOT run any other fix or removal tools unless instructed to do so!
  3. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched and can make the cleanup more dificult..
  4. Only- post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  5. Print each set of instructions...if possible...your Internet connection will not be available during some fix processes.
  6. Only- reply to this thread, do not start another ... Please, continue responding, until I give you the "All Clean"
    REMEMBER, ABSENCE OF SYMPTOMS DOES NOT MEAN THE INFECTION IS ALL GONE.

  • Please note that you should have Administrator rights to perform the fixes. (XP accounts are Administrator by default)
    Also note that multiple identity PC's (family PC's) present a different problem; please tell me if your PC has more than one individual's setting, but continue with the fix.Please let me know if you are using a computer with multiple accounts, as this can affect the instructions given.
  • Please Note:
    In Vista and Windows 7 you hopefully are not running as administrator and therefore will need to get into Administrator Mode by... Right clicking the program file & selecting: Run as Administrator.
    Additionally, the built-in User Account Control (UAC) utility, if enabled, may prompt you for permission to run the program.
    When prompted, please select: Allow. Reference: User Account Control (UAC) and Running as Administrator

Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.


Please note that I will be off line for about 26 hours (sundown Friday until nightfall Saturday my local time) every week.


End of preliminaries. What follows is related to analyzing what is on your computer and cleaning it up.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Before we start, how do use this computer? Pure home use, log in to work and also home use, shool or what?
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 14th, 2012, 12:10 pm

Hi Elrond,

I use this computer mainly for home use. Any use for work is web based. I have 3 accounts setup on this machine. Sadly, I am using the one with Admin privileges. 2nd a/c is non admin and 3rd was created to test some McAfee related issues, and is not used.

I have to admit that I am not even sure there is malware on the system, as there are no other symptoms that I can see besides McAfee Firewall not working.

Looking at the diagnostics, do you recommend that I follow up aggressively with McAfee first?

Thanks,
Shreekar
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 15th, 2012, 9:05 am

Security Check

Let's see if this will tell us what is going on with the MacAfee firewll.

There are signs that you installed MacAfee recently. If so did the problem with the firewall start imediately?

-------------------------------------------------
Download Security Check by screen317 from one of these ocations:
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
Save it to your Desktop.
Right click SecurityCheck.exe and select " Run as administrator " , then follow the onscreen instructions inside of the black box.
The program will add a number of progress lines as it performs the scans.
Wait until the program tells you it has copied the information to checkup.txt
A Notepad document also should open automatically with all the information in it.
Please copy the contents of that Notepad document and paste it in your reply here.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 16th, 2012, 12:28 am

I have had McAfee for about 1.5 years now. Some problems with the McAfee Security Center started about 2 months ago. Finally, I had to uninstall and reinstall McAfee.

After the most recent re install, this problem started occurring.

Here is the checkup.txt:


Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java(TM) 6 Update 35
Java 7 Update 9
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X (10.1.4)
Google Chrome 16.0.912.77
Google Chrome 17.0.963.56
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 16th, 2012, 9:33 am

OK let's dive a bit deeper.

Run a Scan with OTL
Download OTL by OldTimer to your Desktop (right-click the link, select Save Target As..., select your Desktop and press Save).


    • Double click OTL.exe to launch the programme.
    • Check the following.
      • Scan all users.
      • Lop check.
      • Purity check.
    • Under Extra Registry section, select Use SafeList
    • Under Custom Scans/Fixes copy/paste the contents of the code box below.
    Code: Select all
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.*
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    CREATERESTOREPOINT
    %PROGRAMFILES%\*.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents

    • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
    • When finished it will produce two logs.
      • OTL.txt (open on your desktop).
      • Extras.txt (minimised in your taskbar)
    • Please post me both logs.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 16th, 2012, 10:34 pm

I have attached OTL.txt due to message size restriction
----------
Extras.txt
----------

OTL Extras logfile created on: 16/11/2012 17:55:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shreekar\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.73 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 50.10% Memory free
5.46 Gb Paging File | 3.72 Gb Available in Paging File | 68.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.65 Gb Total Space | 65.75 Gb Free Space | 22.86% Space Free | Partition Type: NTFS

Computer Name: SHREEKAR-VAIO | User Name: McAfee Test | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-488977929-1352770973-3116428565-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0159F687-C21E-41F6-A253-BD9C11FD89C4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{01A7328B-6459-4A9D-B740-4C0E31DB711E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{049D1D4C-598E-4122-9ECC-222FFBAAEDCD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{07CCC253-9CAE-48ED-AAC4-E01BCCFE7455}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{0A530FFB-D4DF-4511-BFC0-096DE036A9D7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{125CEC96-B4FF-499C-8167-D1CA9D22DC1C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{15AB50B0-FCD5-4A0E-8779-A65892FFF52A}" = lport=52163 | protocol=6 | dir=in | name=akamai netsession interface |
"{191C04EE-A44C-456F-994E-14AFE78A01AE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C762B06-C178-4967-B310-817D827B9462}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CE2C784-5744-473A-81C9-7A749000ECBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{223635DE-CEAB-4CB6-9939-A6D4F4E65BAF}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{23423BA2-C9F1-463A-B3CE-B0C83B178A4B}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{2E48D8AA-8BCF-4299-A9C9-27B401EBA834}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{31148006-D891-4C5C-9619-7D942AE7CA4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B66537F-EF27-4FFB-AB9B-DB3DF6CCFF3A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{41F57989-2FBE-4826-B686-825F8E7C208E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4881D971-481D-43E1-9D2C-09DBED5B4E88}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{4C62B9EB-FB61-4EBC-ACFC-2B7245C81706}" = lport=139 | protocol=6 | dir=in | app=system |
"{4FC44A9A-7707-4B9F-9BFA-F8C0E44D2235}" = rport=139 | protocol=6 | dir=out | app=system |
"{5533A010-FCCD-4073-B7E8-863C7DDDDEA3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5884A4F1-65BB-448A-839C-F2CC5367F48A}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{67C30F86-9063-4726-B03F-F9467DCEFCDD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{689253E6-85A9-46A1-9582-4A16E8982EE5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{68E67FBD-8D5B-4601-B7DA-BF08D817027F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7B554D16-5894-4855-A44C-353D9C057DD9}" = rport=138 | protocol=17 | dir=out | app=system |
"{7CCB36A6-CC1A-42C1-9AE8-D400117D7FE1}" = lport=3390 | protocol=6 | dir=in | app=system |
"{7E46B58A-2149-44F6-943A-47151E03E994}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{902ED31C-78B6-4C0A-8667-555AD604D3D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{96703B1A-FB55-4B92-8720-3FBED14EE8B3}" = lport=10244 | protocol=6 | dir=in | app=system |
"{96A729EE-BA91-40BF-8824-4B369F805281}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{ABB2F1C2-596D-4F31-9B84-C761C11E18EC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B231D3BE-8A39-4C9F-B5F1-F34FC15812C6}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B8947B48-516F-4814-B3D9-FE676D789F31}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C02A181C-0213-47D1-8DDA-5D6845A5EE3E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C04F686E-EB55-4536-9692-E9921CA42927}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C4A984C9-21A1-4FEC-BC48-63FC09805986}" = lport=3390 | protocol=6 | dir=in | app=system |
"{C7DC366F-3367-4CE9-A286-764731BB3617}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC022001-6FD7-4CF4-893D-96C96F0F0036}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCD5A3E1-24DB-461D-ACDB-F1D29ACDBCA0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{D02100B4-9F8F-4C29-9698-272C41BF2A99}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DD2E2213-E092-4B0C-9C8D-02254FE4A267}" = lport=445 | protocol=6 | dir=in | app=system |
"{E35D4DF9-E3E5-403C-AF3B-9C5FB583E6A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E3C3D7DB-6479-41A1-B4E8-BEEF01663FB7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6967695-C0D4-40D3-A09C-838E87ECF3C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{E8BD2C9C-44CB-43EE-8797-F8C3690C24E7}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{EDAE0C13-AE68-4BD0-B9A4-8EF5A316E5A0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EDC9CF68-5746-4724-A2BA-EAD4F2634997}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{F31CE242-8F40-4E10-AFCC-028AABB35B18}" = rport=137 | protocol=17 | dir=out | app=system |
"{F474CD88-91BA-441F-8BF0-4BEEF5F585F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{FCFCF76A-B6DF-4FC1-80B1-F6226E6BDECF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD74DDAB-C23F-4793-8CCE-7B01606FBE52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FD8C5345-8E2C-4277-9664-FE590B7EA857}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{FED7FBB9-41B8-4C00-8B5C-2F721E5E1A11}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00861CE9-402C-409B-BAEE-CACCF5D3C0A2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{00F29DE1-4C3C-4C49-B2C8-4645139A5E95}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{012B4B77-8ED8-4F2B-B86A-B2855BBC8BC1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{07D31E29-EECD-4E62-A871-1582A97816CF}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe |
"{0AB3206F-5B3D-4922-8A18-ECBD753F2700}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{0E0A7BE0-FCB1-41A3-82F2-A0DECD667FDA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1366C174-4F0C-4093-95B4-4D2952EE3D17}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{137ADB09-1143-4273-83F9-78200A8542D6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{19B62F32-F586-427C-A724-02C90A65C075}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{1E95CB31-EE62-460D-9BBB-21FC159BD9FB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2690377B-8565-410A-9C43-4D177CB9F152}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2CFDEE8A-1A43-4FB3-A474-7562BD5C94A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3127C619-52FF-4C4A-A95E-7CEA154BCF18}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{392059FF-832F-4996-A825-5114DFBEE1CA}" = protocol=17 | dir=in | app=c:\program files (x86)\animal planet games\kuma.exe |
"{39994356-9CC3-4BBA-84C3-4E754EDAB826}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3BDC189A-B1D1-45EB-9CBA-46211B1B29A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ECE43DA-87A2-483C-BBD2-05F4FA9EC2A5}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{410F7133-14CE-4D9F-B0B9-6E42561ADE91}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{49B76C3C-0F1A-46B2-8C58-DD7B5995D6E1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D9FCA5B-E645-443E-8EA5-638D4AFF3A32}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4F0527D8-652C-4B7C-9ACD-544E0F0C9745}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{51E51982-9F80-4C9E-8875-4E6F9B07832F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5A644D17-B9B0-4AB7-8753-D0040B635C8D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E4BC0A0-A0F9-4F70-9A8C-7FF9DAF6F733}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{662B0782-859B-4993-9656-D2BE05F1D63B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{729E02F8-AF84-43BB-AFDC-27AB684A4821}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{74B6DA29-77D8-4D71-AB94-80D6B594498A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7762BEB1-549C-452A-B8A8-ABA8CE3909B9}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{7B06C97A-CB40-4219-A83C-944DD8E6698F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7B287EDC-3C26-45E9-BB90-C2CF23EE2046}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84DB63BC-5AE1-4BFE-A986-212158DB33F5}" = protocol=6 | dir=in | app=c:\program files (x86)\animal planet games\kuma.exe |
"{89754F55-AABF-41C9-91B0-68864709B4CB}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{8B572FEA-2052-4955-BFEA-2477DCF1A991}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8C0E0E7C-C9B1-4504-81C0-C78D1A9A35AB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F5639C9-F0EA-4C17-9F3D-51DEF439A383}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{91E10307-5029-44DE-AA5C-166D19F466FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A230AF53-0065-47DC-B285-B4C983784E41}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{A3276AE3-AF24-42B9-BFFF-F801DEC71CC6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A4E7C7CC-75A5-41E6-A821-C9EA8970DA09}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{AA542717-4C29-4066-A1F5-3BD615A916EA}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{AB676EBD-80D0-4498-9596-7DB9F7CDB263}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{B0C2B1BF-7F0C-4305-BDE0-25EF8F46A85D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{B38CBA11-4A6D-4D9F-BFE4-8E5FC0DBEF34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5DC0C0A-4A64-432C-B1F5-A12A44F8E7CC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B9D68BCA-EBEA-49B5-85EC-234539F97F0E}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BA4F31F3-D6A7-4EE6-BECA-E6F8832635D4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC6CB455-ECBB-4EBB-AFFE-68CC911BD78D}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{BE0D7D9E-C554-45C0-BE9C-ABC9DD075865}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{C0DA109B-574E-45D7-B582-ABB1A293E578}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C7C6AB49-7CF0-4926-A23F-38CF9140E95D}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe |
"{C95F89EF-C381-4472-B64F-2211C65094D2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CA933B75-8952-4421-80EE-0611BEAEE08C}" = protocol=17 | dir=in | app=c:\users\shreekar\appdata\local\akamai\netsession_win.exe |
"{CAB73965-C232-4FF6-B60E-233CE6437AED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC0CBB5D-0B8F-4B69-82B5-2E4A5DD0572E}" = protocol=58 | dir=in | app=system |
"{CEEC6259-F06D-4D53-B234-B711AE1C782E}" = protocol=6 | dir=in | app=c:\users\shreekar\appdata\local\akamai\netsession_win.exe |
"{CF546F07-837C-4F4D-A60C-484B512E4706}" = protocol=6 | dir=out | app=system |
"{D254D5D2-890E-403B-8BB6-34C5D7C1E30F}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{D97FE5B6-E500-4A7B-8004-6594B9EFF63E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{DC8A7F50-BD84-4D71-94A4-73EEE252711B}" = dir=in | app=c:\users\shreekar\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E0860948-CE8A-4136-837E-6E74ED0D2FAA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{E16C76B4-F176-4D10-9318-182C4A6552C2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2937359-4590-4358-BB65-E2F4B72E2634}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5BEFF04-397A-432E-AACD-AE6FB4FA5D70}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{E7FE0821-A43C-4DA8-9742-CC8A9B10E6CD}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EBC0C148-23D8-446F-A2AA-DB12849C39BD}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{EE74E29C-E712-4CA7-B3A5-5D35C1388C23}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F18EA7F8-4ADA-4638-9E0E-9E580DF3F70E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F86F6725-7A63-4669-A5C7-9CF6697C92DA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{FC374683-4A4A-4417-803C-AE50C9269FE7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{59B7A8A2-2FA1-471B-A2DE-812C14D94EBB}C:\users\shreekar\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\shreekar\appdata\local\akamai\netsession_win.exe |
"UDP Query User{9FCA3C5E-4C0E-42CD-A05A-52B2DD2F5486}C:\users\shreekar\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\shreekar\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}" = VAIO Content Metadata Intelligent Network Service Manager
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{7ECD4ACB-E1B6-425B-B8AA-5761A59B77E0}" = Setup_VEP_x64_Contain_SSDB
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8FE3CF66-4484-4D39-B47D-DEBBA173619D}" = VAIO Content Metadata Manager Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C58294-36D8-4594-8A49-7AB4AE096504}" = VAIO Content Metadata XML Interface Library
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A62F9CD0-B2E0-4F2A-88F2-79254A3C8539}" = WinPatrol
"{BAD9A7B0-FA18-4247-A6F5-BDCF64B40C4C}" = VAIO Personalization Manager
"{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"{F8B40DB4-FD07-4368-AA57-34F2B0839683}" = VAIO Content Metadata Intelligent Analyzing Manager
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
"{04EAE65A-CDCF-480F-B754-5C3A9364239C}" = VAIO Original Function Settings
"{06C05B90-2127-4933-8ABA-61833BDE13FA}" = VAIO Content Monitoring Settings
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{09DF00E6-520C-49D5-B7E0-9612165CACA8}" = OpenOffice.org 3.2
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B74F57C-4636-4D70-A7A9-95074DF21802}" = Citrix Receiver(Aero)
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{118C3943-1683-42EF-824D-C22E70DB42E7}" = Comcast Desktop Software (v1.2.1)
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{149C2374-E707-4B53-A487-A2DA2064E03D}" = Vz In Home Agent
"{164B26C5-9BC9-48E8-8FB5-C3C0AC0FE1C8}" = Citrix Receiver Inside
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B45DFA-5DD9-47F0-BCC7-F25B9562A738}" = Citrix Receiver(USB)
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}" = Garmin Lifetime Updater
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9E384B32-59C8-46EF-BEA6-4DC8F27CDB8E}" = InstallVC90Support
"{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD6E2415-407E-40D3-A550-126E67509D84}" = Citrix Receiver(DV)
"{AE2E0F4A-E08F-4A15-B4DC-D8FC9CEFF9C7}" = Online Plug-in
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BE2DDF55-4C42-44CC-A56E-C8E4A65CB2FF}" = IHA_MessageCenter
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C71067FC-288F-4E0B-88C6-44DFDA8311E2}" = System Requirements Lab for Intel
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1D603C4-8C68-40F3-85AE-6DBEF3B712B5}" = Citrix Receiver (HDX Flash Redirection)
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FB7D0926-37A5-4042-9DF4-046BAF608B76}" = Verizon Download Manager
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires II Trial" = Microsoft Age of Empires II Trial Version
"Audacity_is1" = Audacity 2.0
"BFG-A Series of Unfortunate Events" = A Series of Unfortunate Events
"BFG-Aquapolis" = Aquapolis
"BFG-Atlantis Sky Patrol" = Atlantis Sky Patrol™
"BFG-Awakening - The Dreamless Castle" = Awakening: The Dreamless Castle
"BFG-Be a King 2" = Be a King 2
"BFG-Be Richer" = Be Richer
"BFG-Burger Bustle - Ellie's Organics" = Burger Bustle: Ellie's Organics
"BFGC" = Big Fish Games: Game Manager
"BFG-Chicken Chase" = Chicken Chase
"BFG-Chicken Invaders 4 - Ultimate Omelette" = Chicken Invaders 4: Ultimate Omelette
"BFG-Chocolatier" = Chocolatier
"BFG-Diego`s Dinosaur Adventure" = Diego`s Dinosaur Adventure
"BFG-Doras Carnival 2 - At the Boardwalk" = Doras Carnival 2: At the Boardwalk
"BFG-Dragon Keeper 2" = Dragon Keeper 2
"BFG-Farm Frenzy" = Farm Frenzy
"BFG-Farm Frenzy - Gone Fishing" = Farm Frenzy: Gone Fishing
"BFG-Farm Frenzy 3" = Farm Frenzy 3
"BFG-Feeding Frenzy 2 Shipwreck Showdown" = Feeding Frenzy 2 Shipwreck Showdown
"BFG-Fishdom" = Fishdom
"BFG-Fishing Craze" = Fishing Craze
"BFG-Gardenscapes - Mansion Makeover" = Gardenscapes: Mansion Makeover™
"BFG-Gold Miner Vegas" = Gold Miner Vegas
"BFG-Grim Tales - The Wishes Collector's Edition" = Grim Tales: The Wishes Collector's Edition
"BFG-Haunted Hotel" = Haunted Hotel
"BFG-Insaniquarium! Deluxe" = Insaniquarium! Deluxe
"BFG-Kingdom Chronicles Collector's Edition" = Kingdom Chronicles Collector's Edition
"BFG-LandGrabbers" = LandGrabbers
"BFG-Life Quest" = Life Quest ™
"BFG-Luxor 3" = Luxor 3
"BFG-Mahjong Towers Eternity" = Mahjong Towers Eternity ™
"BFG-Mystery Case Files - Dire Grove" = Mystery Case Files &reg;: Dire Grove ™
"BFG-Mystery Case Files - Ravenhearst" = Mystery Case Files: Ravenhearst &reg;
"BFG-Mystic Inn" = Mystic Inn ™
"BFG-Paranormal Crime Investigations - Brotherhood of the Crescent Snake Collectors Edition" = Paranormal Crime Investigations: Brotherhood of the Crescent Snake Collector's Edition
"BFG-Rescue Frenzy" = Rescue Frenzy
"BFG-Royal Envoy 2" = Royal Envoy 2
"BFG-Strange Cases - The Tarot Card Mystery" = Strange Cases: The Tarot Card Mystery
"BFG-The Agency of Anomalies - Cinderstone Orphanage" = The Agency of Anomalies: Cinderstone Orphanage
"BFG-The Agency of Anomalies - Mystic Hospital" = The Agency of Anomalies: Mystic Hospital
"BFG-The Agency of Anomalies - The Last Performance Collector's Edition" = The Agency of Anomalies: The Last Performance Collector's Edition
"BFG-Virtual Villagers" = Virtual Villagers: A New Home
"BFG-Virtual Villagers - New Believers" = Virtual Villagers: New Believers
"BFG-Virtual Villagers - The Secret City" = Virtual Villagers: The Secret City
"BFG-Virtual Villagers - The Tree of Life" = Virtual Villagers: The Tree of Life
"BFG-Virtual Villagers The Lost Children" = Virtual Villagers: The Lost Children
"BFG-Wedding Dash 4-Ever" = Wedding Dash 4-Ever
"Cisco Connect" = Cisco Connect
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExpressZip" = Express Zip File Compression Software
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"FormatFactory" = FormatFactory 2.96
"GetRight_is1" = GetRight
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist Corporate
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InternetEverywhere" = Internet Everywhere
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"McAfee Virtual Technician" = McAfee Virtual Technician
"MixPad" = MixPad Audio Mixer
"MSC" = McAfee Internet Security
"RealPlayer 15.0" = RealPlayer
"splashtop" = Quick Web Access
"Switch" = Switch Sound File Converter
"Taranaa Karaoke Player_is1" = Taranaa Karaoke Player v4.0.0
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"Verizon Media Manager" = Verizon Media Manager
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.0.5
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-488977929-1352770973-3116428565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Amazon Kindle" = Amazon Kindle

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/11/2012 23:00:01 | Computer Name = Shreekar-VAIO | Source = Windows Backup | ID = 4103
Description =

Error - 13/11/2012 03:39:51 | Computer Name = Shreekar-VAIO | Source = ESENT | ID = 455
Description = Windows (2412) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0010F.log.

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 9000
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 7040
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 7042
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 9002
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 3029
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 3029
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 3028
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 3058
Description =

Error - 13/11/2012 03:39:52 | Computer Name = Shreekar-VAIO | Source = Windows Search Service | ID = 7010
Description =

[ Media Center Events ]
Error - 22/06/2010 04:43:42 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 09:43:41 - Error connecting to the internet. 09:43:41 - Unable
to contact server..

Error - 22/06/2010 12:18:01 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 17:18:01 - Error connecting to the internet. 17:18:01 - Unable
to contact server..

Error - 22/06/2010 12:18:11 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 17:18:06 - Error connecting to the internet. 17:18:06 - Unable
to contact server..

Error - 22/06/2010 13:18:16 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 18:18:16 - Error connecting to the internet. 18:18:16 - Unable
to contact server..

Error - 22/06/2010 13:18:22 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 18:18:21 - Error connecting to the internet. 18:18:21 - Unable
to contact server..

Error - 23/06/2010 09:22:38 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 14:22:38 - Error connecting to the internet. 14:22:38 - Unable
to contact server..

Error - 23/06/2010 09:22:47 | Computer Name = Shreekar-VAIO | Source = MCUpdate | ID = 0
Description = 14:22:43 - Error connecting to the internet. 14:22:43 - Unable
to contact server..

Error - 14/07/2012 14:13:37 | Computer Name = Shreekar-VAIO | Source = Microsoft-Windows-Media Center Extender | ID = 539
Description =

Error - 14/07/2012 14:15:56 | Computer Name = Shreekar-VAIO | Source = Microsoft-Windows-Media Center Extender | ID = 539
Description =

Error - 14/07/2012 14:36:41 | Computer Name = Shreekar-VAIO | Source = Microsoft-Windows-Media Center Extender | ID = 539
Description =

[ System Events ]
Error - 16/11/2012 21:17:13 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7003
Description = The McAfee McShield service depends the following service: mfevtp.
This service might not be installed.

Error - 16/11/2012 21:22:49 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7003
Description = The McAfee McShield service depends the following service: mfevtp.
This service might not be installed.

Error - 16/11/2012 21:22:49 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7003
Description = The McAfee Firewall Core Service service depends the following service:
mfevtp. This service might not be installed.

Error - 16/11/2012 21:41:49 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Akamai
NetSession Interface service to connect.

Error - 16/11/2012 21:41:50 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7003
Description = The McAfee Firewall Core Service service depends the following service:
mfevtp. This service might not be installed.

Error - 16/11/2012 21:41:50 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7001
Description = The McAfee Anti-Spam Service service depends on the McAfee Firewall
Core Service service which failed to start because of the following error: %%1075

Error - 16/11/2012 21:41:55 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7001
Description = The McAfee Personal Firewall Service service depends on the McAfee
Firewall Core Service service which failed to start because of the following error:
%%1075

Error - 16/11/2012 21:41:55 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7001
Description = The McAfee Network Agent service depends on the McAfee Firewall Core
Service service which failed to start because of the following error: %%1075

Error - 16/11/2012 21:41:55 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7001
Description = The McAfee Proxy Service service depends on the McAfee Firewall Core
Service service which failed to start because of the following error: %%1075

Error - 16/11/2012 21:43:59 | Computer Name = Shreekar-VAIO | Source = Service Control Manager | ID = 7003
Description = The McAfee McShield service depends the following service: mfevtp.
This service might not be installed.


< End of report >
You do not have the required permissions to view the files attached to this post.
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 18th, 2012, 2:45 pm

Hi shreekar

Sorry for the delay but I will need a bit more time to analyze the log that you sent me. They are long and needs a lot of painstaiking research. :)
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 18th, 2012, 5:45 pm

No problem - thanks a lot for devoting your time to this.
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 21st, 2012, 1:49 am

Did not find much bad in the log but a lot of leftovers from different programs.

I believe that your problem with McAfee is caused by the the problem shown in the following line:
(McAfee, Inc.) ["Start" not found. | Unknown] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
which I believe means that a service necessary for McAfee Firewall is not able to be started.

Let us continue. :)

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    :otl 
    IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-488977929-1352770973-3116428565-1000\..\SearchScopes,DefaultScope = {C6D31446-00DD-4EB9-BF42-E9F409F22CB4}
    IE - HKU\S-1-5-21-488977929-1352770973-3116428565-1007\..\SearchScopes,DefaultScope = {F66C5C26-2FE5-4029-9CE0-AB3C09CD7F23}
    FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2:[b]64bit:[/b] - BHO: (no name) - AutorunsDisabled - No CLSID value found.
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
    O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
    O18:[b]64bit:[/b] - Protocol\Filter\ica - No CLSID value found
    O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    MsConfig:64bit - State: "services" - Reg Error: Key error.
    MsConfig:64bit - State: "startup" - Reg Error: Key error.
    @Alternate Data Stream - 261 bytes -> C:\ProgramData\TEMP:D987CB43
    @Alternate Data Stream - 257 bytes -> C:\ProgramData\TEMP:EBF0842B
    @Alternate Data Stream - 246 bytes -> C:\ProgramData\TEMP:5164A01F
    @Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:A2B3764A
    @Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:A6B07419
    @Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:A1A86E40
    @Alternate Data Stream - 242 bytes -> C:\ProgramData\TEMP:54403233
    @Alternate Data Stream - 239 bytes -> C:\ProgramData\TEMP:61A065F2
    @Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:A26AFC00
    @Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:6DDFD746
    @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:D3A8AA31
    @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:06C34166
    @Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:A02025CE
    @Alternate Data Stream - 228 bytes -> C:\ProgramData\TEMP:9D6EAEC3
    @Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:51E66512
    @Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:453190EC
    @Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:27F44544
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:A18121AD
    @Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:D453E38B
    @Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:ACCEFF0E
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:EEB25EAE
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:D1713795
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:3C9B05C4
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:206470A5
    @Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:2CED8825
    @Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:18DEBC51
    @Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:CB0FEE2B
    @Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:76A59E49
    @Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:6F1F66C0
    @Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:59846E5E
    @Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:ED9B661E
    @Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:60C897F3
    @Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:FACB65E7
    @Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:F1175E1D
    @Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:3BCA993F
    @Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:064877B6
    @Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:114BD271
    @Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:E73B14E2
    @Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:E1D6C864
    @Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:0459F5AC
    @Alternate Data Stream - 200 bytes -> C:\ProgramData\TEMP:8247A199
    @Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:A7DA2BCD
    @Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:3118E26B
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:258D2F8B
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:E153075C
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:F98E6C67
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:FD786DCA
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:F5FC5DCE
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A082A539
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:7EC01D6D
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:581B0446
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:2C678471
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:5B09C4D9
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D0AB0B4A
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:DD95E6D9
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:8DD36B71
    ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
    
    :files 
    C:\Program Files (x86)\Yontoo
    
    :commands
    [emptyflash]
    [emptytemp]
    [emptyjava]
    [createrestorepoint]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Right click on OTL.exe and select Run As Administrator to run it. If Windows UAC prompts you, please allow it.
==========================================================================

Next please download aswMBR and save it to your Desktop.
  • Right click aswMBR.exe & choose "Run as Administrator" to run it.
  • Click Yes to the prompt to download Avast! virus definitions.
    (Please be patient whilst the virus definitions download)
  • With the AVscan set to Quick Scan, click the Scan button.
    (Please be patient whilst your computer is scanned.)
  • After a while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
  • Click OK > Exit.
  • Note: Do not attempt to fix anything at this stage!
  • Two files will be created, aswMBR.txt & a file named MBR.dat.
  • MBR.dat is a backup of the MBR(master boot record), do not delete it..
  • I strongly suggest you keep a copy of this backup stored on an external device.
  • Copy & Paste the contents of aswMBR.txt into your next reply.

Please post the logs from these two programs with your next post.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 22nd, 2012, 1:38 am

===========================================================================================
Output of OTL Fixes:
===========================================================================================

All processes killed
========== PROCESSES ==========
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-488977929-1352770973-3116428565-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-488977929-1352770973-3116428565-1007\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:D987CB43 deleted successfully.
ADS C:\ProgramData\TEMP:EBF0842B deleted successfully.
ADS C:\ProgramData\TEMP:5164A01F deleted successfully.
ADS C:\ProgramData\TEMP:A2B3764A deleted successfully.
ADS C:\ProgramData\TEMP:A6B07419 deleted successfully.
ADS C:\ProgramData\TEMP:A1A86E40 deleted successfully.
ADS C:\ProgramData\TEMP:54403233 deleted successfully.
ADS C:\ProgramData\TEMP:61A065F2 deleted successfully.
ADS C:\ProgramData\TEMP:A26AFC00 deleted successfully.
ADS C:\ProgramData\TEMP:6DDFD746 deleted successfully.
ADS C:\ProgramData\TEMP:D3A8AA31 deleted successfully.
ADS C:\ProgramData\TEMP:06C34166 deleted successfully.
ADS C:\ProgramData\TEMP:A02025CE deleted successfully.
ADS C:\ProgramData\TEMP:9D6EAEC3 deleted successfully.
ADS C:\ProgramData\TEMP:51E66512 deleted successfully.
ADS C:\ProgramData\TEMP:453190EC deleted successfully.
ADS C:\ProgramData\TEMP:27F44544 deleted successfully.
ADS C:\ProgramData\TEMP:A18121AD deleted successfully.
ADS C:\ProgramData\TEMP:D453E38B deleted successfully.
ADS C:\ProgramData\TEMP:ACCEFF0E deleted successfully.
ADS C:\ProgramData\TEMP:EEB25EAE deleted successfully.
ADS C:\ProgramData\TEMP:D1713795 deleted successfully.
ADS C:\ProgramData\TEMP:3C9B05C4 deleted successfully.
ADS C:\ProgramData\TEMP:206470A5 deleted successfully.
ADS C:\ProgramData\TEMP:2CED8825 deleted successfully.
ADS C:\ProgramData\TEMP:18DEBC51 deleted successfully.
ADS C:\ProgramData\TEMP:CB0FEE2B deleted successfully.
ADS C:\ProgramData\TEMP:76A59E49 deleted successfully.
ADS C:\ProgramData\TEMP:6F1F66C0 deleted successfully.
ADS C:\ProgramData\TEMP:59846E5E deleted successfully.
ADS C:\ProgramData\TEMP:ED9B661E deleted successfully.
ADS C:\ProgramData\TEMP:60C897F3 deleted successfully.
ADS C:\ProgramData\TEMP:FACB65E7 deleted successfully.
ADS C:\ProgramData\TEMP:F1175E1D deleted successfully.
ADS C:\ProgramData\TEMP:3BCA993F deleted successfully.
ADS C:\ProgramData\TEMP:064877B6 deleted successfully.
ADS C:\ProgramData\TEMP:114BD271 deleted successfully.
ADS C:\ProgramData\TEMP:E73B14E2 deleted successfully.
ADS C:\ProgramData\TEMP:E1D6C864 deleted successfully.
ADS C:\ProgramData\TEMP:0459F5AC deleted successfully.
ADS C:\ProgramData\TEMP:8247A199 deleted successfully.
ADS C:\ProgramData\TEMP:A7DA2BCD deleted successfully.
ADS C:\ProgramData\TEMP:3118E26B deleted successfully.
ADS C:\ProgramData\TEMP:258D2F8B deleted successfully.
ADS C:\ProgramData\TEMP:E153075C deleted successfully.
ADS C:\ProgramData\TEMP:F98E6C67 deleted successfully.
ADS C:\ProgramData\TEMP:FD786DCA deleted successfully.
ADS C:\ProgramData\TEMP:F5FC5DCE deleted successfully.
ADS C:\ProgramData\TEMP:A082A539 deleted successfully.
ADS C:\ProgramData\TEMP:7EC01D6D deleted successfully.
ADS C:\ProgramData\TEMP:581B0446 deleted successfully.
ADS C:\ProgramData\TEMP:2C678471 deleted successfully.
ADS C:\ProgramData\TEMP:5B09C4D9 deleted successfully.
ADS C:\ProgramData\TEMP:D0AB0B4A deleted successfully.
ADS C:\ProgramData\TEMP:DD95E6D9 deleted successfully.
ADS C:\ProgramData\TEMP:8DD36B71 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ not found.
========== FILES ==========
C:\Program Files (x86)\Yontoo folder moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 56475 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: McAfee Test
->Flash cache emptied: 56981 bytes

User: Mcx1-SHREEKAR-VAIO
->Flash cache emptied: 56475 bytes

User: Public

User: Shreekar
->Flash cache emptied: 537 bytes

User: Tanu
->Flash cache emptied: 10514 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: McAfee Test
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 81920 bytes
->Flash cache emptied: 0 bytes

User: Mcx1-SHREEKAR-VAIO
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 172585 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Shreekar
->Temp folder emptied: 2597 bytes
->Temporary Internet Files folder emptied: 1231344 bytes
->Java cache emptied: 8646693 bytes
->Google Chrome cache emptied: 335731547 bytes
->Flash cache emptied: 0 bytes

User: Tanu
->Temp folder emptied: 330486 bytes
->Temporary Internet Files folder emptied: 252772065 bytes
->Java cache emptied: 719 bytes
->Google Chrome cache emptied: 368741681 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56667268 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 320822 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 977.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: McAfee Test

User: Mcx1-SHREEKAR-VAIO

User: Public

User: Shreekar
->Java cache emptied: 0 bytes

User: Tanu
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 11212012_211129

Files\Folders moved on Reboot...
File move failed. C:\Users\Shreekar\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

===========================================================================================
aswMBR.txt
===========================================================================================

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-21 21:20:44
-----------------------------
21:20:44.428 OS Version: Windows x64 6.1.7601 Service Pack 1
21:20:44.428 Number of processors: 4 586 0x2502
21:20:44.428 ComputerName: SHREEKAR-VAIO UserName: McAfee Test
21:20:45.692 Initialize success
21:23:02.005 AVAST engine defs: 12112101
21:23:28.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:23:28.790 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
21:23:28.790 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000071
21:23:28.806 Disk 1 Vendor: RICOH 02 Size: 305245MB BusType: 0
21:23:28.806 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000072
21:23:28.806 Disk 2 Vendor: RICOH 02 Size: 305245MB BusType: 0
21:23:28.837 Disk 0 MBR read successfully
21:23:28.837 Disk 0 MBR scan
21:23:28.837 Disk 0 Windows 7 default MBR code
21:23:28.853 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10594 MB offset 2048
21:23:28.868 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 21698560
21:23:28.884 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 294549 MB offset 21903360
21:23:28.915 Disk 0 scanning C:\Windows\system32\drivers
21:23:44.624 Service scanning
21:24:46.371 Modules scanning
21:24:46.387 Disk 0 trace - called modules:
21:24:46.434 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:24:46.449 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004fb1060]
21:24:46.449 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> [0xfffffa8002f85830]
21:24:46.465 5 ACPI.sys[fffff88000f9e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002f88050]
21:24:47.947 AVAST engine scan C:\Windows
21:24:50.599 AVAST engine scan C:\Windows\system32
21:28:36.799 AVAST engine scan C:\Windows\system32\drivers
21:28:54.266 AVAST engine scan C:\Users\McAfee Test
21:29:04.952 AVAST engine scan C:\ProgramData
21:31:31.343 Scan finished successfully
21:31:45.857 Disk 0 MBR has been saved successfully to "C:\Users\McAfee Test\Desktop\MBR.dat"
21:31:45.862 The log file has been saved successfully to "C:\Users\McAfee Test\Desktop\aswMBR.txt"
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 22nd, 2012, 12:32 pm

I am sorry but it will be a few days Sunday probably because I ended up in hospital for a day because of an emergency with my eye and at the moment I am half blind and should be in bed. :(
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 22nd, 2012, 1:36 pm

Get well soon!
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am

Re: McAfee Real Time scanning turns off

Unread postby Elrond » November 24th, 2012, 11:08 pm

Hi shreekar
So far your logs appear to be cleanas far as I can see with my somewhat limited vision, but i would like you to run another scan for me.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Java(TM) 6 Update 16 (64-bit)
Java(TM) 6 Update 35
Yontoo 1.10.02


Next.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

Re: McAfee Real Time scanning turns off

Unread postby shreekar » November 28th, 2012, 1:51 am

Elrond,

I have un installed Java 6.x & Yontoo. Left Java 7 installed.

Here is the result of the ESET scan:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=cb7ad8f6fb36fe4ba73ff8d45d2ccaed
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-11-28 03:10:58
# local_time=2012-11-27 07:10:58 (-0800, Pacific Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777214 83 75 361273 5825620 0 0
# compatibility_mode=5893 16776574 100 94 35528660 105614624 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=31636
# found=0
# cleaned=0
# scan_time=1084
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=cb7ad8f6fb36fe4ba73ff8d45d2ccaed
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-11-28 05:41:39
# local_time=2012-11-27 09:41:39 (-0800, Pacific Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777214 83 75 363150 5827497 0 0
# compatibility_mode=5893 16776574 100 94 35530537 105616501 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=244038
# found=4
# cleaned=0
# scan_time=8247
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\Users\All Users\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Shreekar\Downloads\All_In_One_Karaoke_Player_2.22.rar_downloader_98842.exe a variant of Win32/YourFileDownloader application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\11212012_211129\C_Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application (unable to clean) 00000000000000000000000000000000 I

Thanks
Shreekar
shreekar
Active Member
 
Posts: 11
Joined: November 13th, 2012, 4:13 am
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 134 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware