Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PUP.Optional.Conduit.A [Solved]


  • This topic is locked This topic is locked

#1
strew1221

strew1221

    Member

  • Member
  • PipPip
  • 49 posts
Hi, I have a Sony Vaio laptop running Windows XP. My system was running slow so I ran Malwarebytes. It found 11 instances of PUP.Optional.Conduit.A. The results of the scan follow:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.11.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Stacey :: SONYLAPTOP [administrator]

1/10/2014 8:46:08 PM
MBAM-log-2014-01-10 (21-33-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 255298
Time elapsed: 29 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 11
C:\Documents and Settings\Stacey\Local Settings\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temp\nsg69D.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temp\nsh6A2.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temp\nsk6AF.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temp\nsx6B4.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\34THU4B3\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\34THU4B3\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\KLWO35OG\SPSetup[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\KLWO35OG\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\QXWZQQTX\connect_dlc_5[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\WEXP3SKR\Connect_DLC_5[1].exe (PUP.Optional.Conduit.A) -> No action taken.

(end)


Will quarantining them take care of this problem? Also, why wouldn't Microsoft Security Essentials have caught this? The MSE scans always came up clean.

Thank you in advance for your help.
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello strew1221,

This is Malwarebytes definition of a PUP. A potentially unwanted program. Foistware is another example.

Not necessarily picked up by an anti-virus program as in itself it is not malicious.

Those ones found by Malwarebytes are part of Conduit and in my opinion undesirable. They are likely part of the reason your computer is slow. You should quarantine them.

Also we should run some scans to see what else might have been brought with them.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2014 01
Ran by Stacey (administrator) on SONYLAPTOP on 10-01-2014 22:37:59
Running from C:\Documents and Settings\Stacey\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(HP) C:\WINDOWS\system32\HPSIsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
(America Online, Inc.) C:\Program Files\Common Files\AOL\1288073631\ee\aolsoftware.exe
(Primax Electronics Ltd.) C:\WINDOWS\system32\ico.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Program Files\Intel\IntelAppStore\bin\serviceManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(FileHippo.com) C:\Program Files\FileHippo.com\UpdateChecker.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2004-11-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-04-05] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-04-05] (Intel Corporation)
HKLM\...\Run: [VAIO Recovery] - C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe [28672 2003-04-19] (Sony Electronics Inc)
HKLM\...\Run: [SonyPowerCfg] - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [217088 2006-06-27] (Sony Corporation)
HKLM\...\Run: [VAIO Update 2] - C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [151552 2005-10-11] (Sony Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Switcher.exe] - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [176128 2006-02-14] (Sony Corporation)
HKLM\...\Run: [VAIOCameraUtility] - C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [69632 2005-12-27] (Sony Corporation)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\AOL\1288073631\ee\aolsoftware.exe [50792 2006-04-13] (America Online, Inc.)
HKLM\...\Run: [PartSeal] - C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe [28672 2003-04-19] (Sony Electronics Inc)
HKLM\...\Run: [Mouse Suite 98 Daemon] - C:\WINDOWS\system32\ico.exe [45056 2002-03-14] (Primax Electronics Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [HPHUPD08] - C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2006-07-11] (Hewlett-Packard)
HKLM\...\Run: [Intel AppUp(SM) center] - C:\Program Files\Intel\IntelAppStore\bin\serviceManager.lnk [933 2011-03-21] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [KeyScrambler] - C:\Program Files\KeyScrambler\KeyScrambler.exe [508048 2013-07-13] (QFX Software Corporation)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [455232 2013-12-01] (BillP Studios)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - DefaultScope {B1D63494-F151-44ED-05FF-39F2940B4E3C} URL = http://www.bing.com/...UGO&form=ZGAIDF
SearchScopes: HKCU - {3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKCU - {B1D63494-F151-44ED-05FF-39F2940B4E3C} URL = http://www.bing.com/...UGO&form=ZGAIDF
SearchScopes: HKCU - {BAAEA39D-8867-4144-B687-D5484383CE23} URL = http://search.yahoo....0309,6900,0,6,0
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Password Depot 5 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files\AceBIT\Password Depot 5\pdIEAddOn.dll (AceBIT)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1288064784980
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.micr...loadManager.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D95E6A15-5462-4948-A065-E33B972A359C}: [NameServer]192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703
FF Homepage: www.yahoo.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 - C:\WINDOWS\ ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\DOCUME~1\Stacey\APPLIC~1\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: hopster.com/CouponPrinterPlugin - C:\Documents and Settings\Stacey\Application Data\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll (Hopster)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Safe Preview - C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\Extensions\[email protected]
FF Extension: NoScript - C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AceBIT\Password Depot 5\Firefox\
FF Extension: Password Depot Extension - C:\Program Files\AceBIT\Password Depot 5\Firefox\
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

========================== Services (Whitelisted) =================

S3 Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [32768 2005-07-14] (Sony Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation)
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation )
R2 SonicStageMonitoring; C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe [135168 2005-03-11] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2006-04-27] (Sony Corporation)
S3 SQLAgent$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-05-08] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2005-11-25] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [176128 2006-04-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2084864 2006-06-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [770048 2006-05-18] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-04-04] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [167936 2005-11-28] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2005-11-28] (Sony Corporation)
S3 WmcCds; c:\program files\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Program Files\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2006-07-24] (Meetinghouse Data Communications)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-13] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [202112 2005-10-18] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [998656 2005-10-18] (Conexant Systems, Inc.)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [17251 2002-06-28] (Primax Electronics Ltd.)
S3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [7520 2001-07-24] (Primax Electronics Ltd.)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation)
S0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [67456 2005-09-21] (Silicon Image, Inc.)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [5248 2005-09-20] (Silicon Image, Inc.)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [30080 2006-03-06] (Sony Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1177032 2006-05-26] (SigmaTel, Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [226304 2006-02-21] (Texas Instruments)
R3 usbvm321; C:\Windows\System32\Drivers\usbvm321.sys [234496 2005-12-29] (Vimicro Corporation)
R3 w39n51; C:\Windows\System32\DRIVERS\w39n51.sys [1428096 2005-12-05] (Intel® Corporation)
S3 catchme; \??\C:\DOCUME~1\Stacey\LOCALS~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
S1 MpKsl819cdbde; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A5C5189-B8DF-4F13-93D9-523D2F3CBD49}\MpKsl819cdbde.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-01-10 22:37 - 2014-01-10 22:37 - 00020714 _____ C:\Documents and Settings\Stacey\Desktop\FRST.txt
2014-01-10 22:37 - 2014-01-10 22:37 - 00000000 ____D C:\FRST
2014-01-10 22:34 - 2014-01-10 22:34 - 01220096 _____ (Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe
2014-01-10 20:44 - 2014-01-10 20:45 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-08 19:19 - 2014-01-08 19:19 - 02633042 _____ C:\Documents and Settings\Stacey\Desktop\MCShield-Setup.exe
2014-01-08 00:01 - 2014-01-08 00:01 - 00010851 _____ C:\Documents and Settings\Stacey\Desktop\s-2.xlsx
2014-01-07 23:56 - 2014-01-07 23:56 - 00000000 ____D C:\Program Files\MSECache
2014-01-07 23:46 - 2014-01-07 23:46 - 00001892 _____ C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk
2014-01-07 23:46 - 2014-01-07 23:46 - 00000000 ____D C:\Program Files\Microsoft Download Manager
2014-01-07 23:46 - 2014-01-07 23:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Download Manager
2014-01-07 23:43 - 2014-01-07 23:43 - 00010707 _____ C:\Documents and Settings\Stacey\Desktop\s.xlsx
2013-12-14 17:42 - 2013-12-14 17:42 - 01226802 _____ C:\Documents and Settings\Stacey\Desktop\adwcleaner(1).exe
2013-12-14 17:32 - 2013-12-14 17:33 - 00000000 ____D C:\Click to DVD 2
2013-12-14 17:08 - 2013-12-14 17:08 - 00102608 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-12-13 21:10 - 2013-12-13 21:10 - 00019495 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00011777 _____ C:\WINDOWS\KB2904266.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 20:56 - 2013-12-13 21:09 - 00023795 _____ C:\WINDOWS\KB2898715.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00023125 _____ C:\WINDOWS\KB2893984.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00022629 _____ C:\WINDOWS\KB2893294.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00022046 _____ C:\WINDOWS\KB2892075.log

==================== One Month Modified Files and Folders =======

2014-01-10 22:37 - 2014-01-10 22:37 - 00020714 _____ C:\Documents and Settings\Stacey\Desktop\FRST.txt
2014-01-10 22:37 - 2014-01-10 22:37 - 00000000 ____D C:\FRST
2014-01-10 22:36 - 2006-07-24 12:43 - 01469869 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-10 22:34 - 2014-01-10 22:34 - 01220096 _____ (Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe
2014-01-10 22:30 - 2013-11-19 21:20 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-10 22:21 - 2006-07-25 18:01 - 00039936 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-10 22:21 - 2006-07-24 12:41 - 00000000 ____D C:\WINDOWS\Registration
2014-01-10 22:20 - 2006-07-24 14:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB888795$
2014-01-10 22:20 - 2006-07-24 12:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-10 22:20 - 2006-07-24 05:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-10 22:20 - 2006-07-24 05:38 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-10 22:20 - 2006-07-24 05:34 - 00188200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-10 22:19 - 2006-07-24 12:49 - 00032460 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-10 22:18 - 2010-10-26 01:26 - 00000178 ___SH C:\Documents and Settings\Stacey\ntuser.ini
2014-01-10 22:18 - 2010-10-26 01:26 - 00000000 ____D C:\Documents and Settings\Stacey
2014-01-10 22:17 - 2010-12-12 21:36 - 00000000 ____D C:\Documents and Settings\Stacey\Application Data\Skype
2014-01-10 22:07 - 2013-12-03 21:05 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-10 21:54 - 2013-12-10 20:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-10 20:45 - 2014-01-10 20:44 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-08 19:19 - 2014-01-08 19:19 - 02633042 _____ C:\Documents and Settings\Stacey\Desktop\MCShield-Setup.exe
2014-01-08 00:01 - 2014-01-08 00:01 - 00010851 _____ C:\Documents and Settings\Stacey\Desktop\s-2.xlsx
2014-01-07 23:57 - 2010-10-26 00:59 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-07 23:57 - 2006-07-24 05:35 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-07 23:56 - 2014-01-07 23:56 - 00000000 ____D C:\Program Files\MSECache
2014-01-07 23:47 - 2013-06-29 21:41 - 00433770 _____ C:\WINDOWS\setupapi.log
2014-01-07 23:46 - 2014-01-07 23:46 - 00001892 _____ C:\Documents and Settings\All Users\Desktop\Microsoft Download Manager.lnk
2014-01-07 23:46 - 2014-01-07 23:46 - 00000000 ____D C:\Program Files\Microsoft Download Manager
2014-01-07 23:46 - 2014-01-07 23:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Download Manager
2014-01-07 23:43 - 2014-01-07 23:43 - 00010707 _____ C:\Documents and Settings\Stacey\Desktop\s.xlsx
2013-12-31 23:55 - 2013-02-03 10:37 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-12-24 21:06 - 2010-12-12 21:36 - 00000000 ___RD C:\Program Files\Skype
2013-12-24 21:06 - 2010-12-12 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-12-23 19:29 - 2013-05-19 23:07 - 00000000 ____D C:\Documents and Settings\Stacey\Desktop\Landon Pics
2013-12-17 22:21 - 2013-09-16 22:11 - 00000000 ____D C:\AdwCleaner
2013-12-17 21:50 - 2011-01-24 00:26 - 00000000 ____D C:\Documents and Settings\Stacey\Local Settings\Application Data\Adobe
2013-12-17 21:49 - 2013-12-03 21:05 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-17 21:49 - 2013-12-03 21:05 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-14 17:42 - 2013-12-14 17:42 - 01226802 _____ C:\Documents and Settings\Stacey\Desktop\adwcleaner(1).exe
2013-12-14 17:33 - 2013-12-14 17:32 - 00000000 ____D C:\Click to DVD 2
2013-12-14 17:32 - 2010-10-26 01:26 - 00000000 ____D C:\Documents and Settings\Stacey\Application Data\Sony Corporation
2013-12-14 17:20 - 2010-10-25 23:10 - 00081359 _____ C:\WINDOWS\KB941569.log
2013-12-14 17:19 - 2010-10-25 23:25 - 00093440 _____ C:\WINDOWS\KB978695.log
2013-12-14 17:19 - 2010-10-25 23:21 - 00128228 _____ C:\WINDOWS\KB952069.log
2013-12-14 17:16 - 2006-07-24 13:33 - 00190322 _____ C:\WINDOWS\spupdsvc.log
2013-12-14 17:08 - 2013-12-14 17:08 - 00102608 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-12-14 17:08 - 2006-07-24 05:30 - 00000000 ____D C:\WINDOWS\security
2013-12-13 21:10 - 2013-12-13 21:10 - 00019495 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-13 21:10 - 2006-07-24 13:12 - 00289511 _____ C:\WINDOWS\updspapi.log
2013-12-13 21:10 - 2006-07-24 05:35 - 02657817 _____ C:\WINDOWS\FaxSetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 01273529 _____ C:\WINDOWS\ocgen.log
2013-12-13 21:10 - 2006-07-24 05:35 - 01224072 _____ C:\WINDOWS\tsoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00907887 _____ C:\WINDOWS\iis6.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00821318 _____ C:\WINDOWS\msmqinst.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00782230 _____ C:\WINDOWS\comsetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00479030 _____ C:\WINDOWS\netfxocm.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00471777 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00298878 _____ C:\WINDOWS\plusoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00268302 _____ C:\WINDOWS\MedCtrOC.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00143872 _____ C:\WINDOWS\ehOCGen.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00134558 _____ C:\WINDOWS\tabletoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00132967 _____ C:\WINDOWS\msgsocm.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00127884 _____ C:\WINDOWS\ocmsn.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00011777 _____ C:\WINDOWS\KB2904266.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-13 21:09 - 2013-12-12 20:56 - 00023795 _____ C:\WINDOWS\KB2898715.log
2013-12-13 21:09 - 2010-10-25 23:25 - 00046592 _____ C:\WINDOWS\system32\TZLog.log
2013-12-13 21:09 - 2006-07-24 05:35 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-13 21:08 - 2013-07-13 16:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-13 21:04 - 2010-10-25 23:18 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-13 21:03 - 2013-12-12 20:56 - 00023125 _____ C:\WINDOWS\KB2893984.log
2013-12-13 21:03 - 2013-12-12 20:56 - 00022629 _____ C:\WINDOWS\KB2893294.log
2013-12-13 21:03 - 2013-12-12 20:56 - 00022046 _____ C:\WINDOWS\KB2892075.log
2013-12-11 20:59 - 2012-07-19 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Documents and Settings\Stacey\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\wpsetup.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-01-2014 01
Ran by Stacey at 2014-01-10 22:43:15
Running from C:\Documents and Settings\Stacey\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
7-Zip 4.65 (Version: - )
AC3Filter 2.6.0b (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (Version: 11.0.05 - Adobe Systems Incorporated)
AnswerWorks 5.0 English Runtime (Version: 5.0.7 - Vantage Software Technologies)
AOL Uninstaller (Choose which Products to Remove) (Version: - )
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.328 - Hewlett-Packard) Hidden
Catalina Savings Printer (Version: 1.0.0 - Catalina Marketing Corp)
Click to DVD 2.0.03 Menu Data (Version: 2.0.03 - Sony Corporation)
Click to DVD 2.5.30 (Version: 2.5.30 - Sony Corporation)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect DLC 5 Toolbar for IE (Version: 6.17.2.8 - Connect DLC 5) <==== ATTENTION
Copy (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (Version: 5.0.0.4 - Coupons.com Incorporated)
CouponPrinterPlugin (Version: 2.0.2.0 - Hopster)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Setup (Version: 2.6.1.44 - DivX, LLC)
DJ_AIO_05_F4400_Software_Min (Version: 120.0.235.000 - Hewlett-Packard) Hidden
DSD Direct (Version: 1.0.02 - Sony Corporation)
DSD Playback Plug-in 1.0 (Version: - )
DVgate Plus (Version: - )
ESET Online Scanner v3 (Version: - )
F4400 (Version: 120.0.235.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (Version: - )
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 12.0 (Version: 12.0 - HP)
HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5 (Version: 12.0 - HP)
HP Imaging Device Functions 12.0 (Version: 12.0 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (Version: - )
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1 - HP)
HP Smart Web Printing (Version: 4.05 - HP)
HP Solution Center 12.0 (Version: 12.0 - HP)
HP Update (Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Image Converter 2 Plus (Version: 2.2.06 - Sony Corporation)
ImageStation (Version: 1.0.0 - Sony)
Intel AppUp(SM) center (Version: 19079 - Intel)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4543 - )
Intel® PRO Network Connections Drivers (Version: - )
Intel® PROSet/Wireless Software (Version: - Intel Corporation)
InterVideo WinDVD for VAIO (Version: 5.0-B11.795 - InterVideo Inc.)
iSkysoft PDF Editor(Build 2.0.1) (Version: 2.0.1.28 - iSkysoft Studio)
ISScript (Version: 3.00.185 - InstallShield Software Corp.) Hidden
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 21 (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
KeyScrambler (Version: 3.2.0.3 - QFX Software Corporation)
LAN Setting Utility (Version: - )
Macromedia Flash Player 8 (Version: 8.0.24.0 - Macromedia)
Macromedia Flash Player 8 Plugin (Version: 8.0.24.0 - Macromedia)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
mCore (Version: 5.40.0000 - Intel Corporation) Hidden
mDriver (Version: 5.40.0000 - Intel) Hidden
Memory Stick Formatter (Version: - )
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Data Access Components KB870669 (Version: - Microsoft Corporation)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Download Manager (Version: 1.2.1 - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (Version: 8.00.761 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 08.05.0818 - Microsoft Corporation)
mMHouse (Version: 5.40.0000 - Intel Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
mPfMgr (Version: 5.40.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.40.0000 - Intel Corporation) Hidden
NVIDIA Drivers (Version: - )
Office 2003 Trial Assistant (Version: 1.0.0 - Microsoft)
OpenMG AAC Add-on Module 1.0.00 (Version: 1.0.00.04270 - Sony Corporation)
OpenMG AAC Add-on Module 1.0.00 (Version: 1.0.00.04270 - Sony Corporation) Hidden
OpenMG Limited Patch 4.5-06-05-12-01 (Version: - )
OpenMG Metadata Extractor for Windows Media Player (Version: 1.0.02.03110 - )
OpenMG Secure Module 4.5.01 (Version: 4.5.01.04270 - Sony Corporation)
OpenMG Secure Module 4.5.01 (Version: 4.5.01.04270 - Sony Corporation) Hidden
Password Depot 5 (Version: 5.3.1 - AceBIT GmbH)
PS8200 (Version: 8.01.0000 - HP) Hidden
PSPrinters08 (Version: 8.01.0000 - HP) Hidden
PSTAPlugin (Version: 8.01.0000 - Hewlett-Packard) Hidden
Quicken 2010 (Version: 19.1.1.27 - Intuit)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Roxio DigitalMedia Audio (Version: 2.0.4 - Roxio)
Roxio DigitalMedia Copy (Version: 2.0.4 - Roxio)
Roxio DigitalMedia Data (Version: 2.0.4 - Roxio)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Setting Utility Series (Version: - )
SigmaTel Audio (Version: 5.10.4811.0 - SigmaTel)
Skype Click to Call (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Sonic Encoders (Version: 1.00 - Sonic Solutions)
SonicStage 4.0 (Version: 4.0 - Sony Corporation)
SonicStage Mastering Studio 2.2 (Version: - )
SonicStage Mastering Studio Audio Filter (Version: - )
SonicStage Mastering Studio Audio Filter Custom Preset (Version: - )
SonicStage Mastering Studio Plugins (Version: - )
Sony Certificate PCH (Version: - )
Sony MP4 Shared Library (Version: 2.0 - Sony Corporation)
Sony USB Mouse (Version: - )
Sony Utilities DLL (Version: - )
Sony Video Shared Library (Version: 2.0.01 - Sony Corporation)
Speccy (Version: 1.22 - Piriform)
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB913800) (Version: - Microsoft Corporation)
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (Version: - Microsoft Corporation)
VAIO Backup Utility (Version: 1.00.7246 - Sony)
VAIO Breeze Wallpaper (Version: 1.0.01.13200 - Sony Corporation)
VAIO Camera Utility (Version: - )
VAIO Central (Version: 1.1.02.032706 - Sony Corporation)
VAIO Entertainment Platform (Version: 1.3.32.06120 - Sony Corporation)
VAIO Event Service (Version: 2.3.00.05310 - Sony Corporation)
VAIO Hardware Diagnostics (Version: - )
VAIO Light Flo Wallpaper (Version: - )
VAIO Media 5.0 (Version: 5.0.20 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (Version: - )
VAIO Media Integrated Server 5.0 (Version: - Sony Corporation)
VAIO Media Redistribution 5.0 (Version: 5.0.20 - Sony Corporation)
VAIO Media Registration Tool 5.0 (Version: 5.0.00 - Sony Corporation)
VAIO Original Screen Saver (Version: - )
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents (Version: - )
VAIO Power Management (Version: - )
VAIO Registration (Version: 17.1.1 - Sony Electronics)
VAIO Registration (Version: 17.1.1 - Sony Electronics) Hidden
VAIO Security Center (Version: 2.02.0320 - Sony)
VAIO Support Central (Version: 1.1.0.060412 - Sony Corporation)
VAIO Update 2 (Version: - )
VAIO Wireless LAN Setup Utility (Version: - )
VAIOSurveySA (Version: 4.02 - Sony Electronics)
VAIOSurveySA (Version: 4.02 - Sony Electronics) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (Version: 1.1.11 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Connect (Version: - )
Windows Media Connect (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 10 Hotfix [See KB886612 for more information] (Version: - Microsoft Corporation) Hidden
Windows XP Media Center Edition 2005 KB2502898 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908250 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (Version: 28.1.2013.0 - BillP Studios)
WinPatrol (Version: 29.1.2013 - BillP Studios)
Wireless Switch Setting Utility (Version: - )
Yahoo! Software Update (Version: - )

==================== Restore Points =========================

11-10-2013 10:32:28 Software Distribution Service 3.0
12-10-2013 20:12:02 Software Distribution Service 3.0
14-10-2013 01:47:16 Software Distribution Service 3.0
14-10-2013 01:57:41 Software Distribution Service 3.0
15-10-2013 02:01:23 Software Distribution Service 3.0
16-10-2013 02:02:05 Software Distribution Service 3.0
17-10-2013 02:08:07 Software Distribution Service 3.0
17-10-2013 02:23:04 Software Distribution Service 3.0
18-10-2013 02:37:22 Software Distribution Service 3.0
21-10-2013 00:16:24 Software Distribution Service 3.0
22-10-2013 00:48:41 Software Distribution Service 3.0
22-10-2013 02:30:18 Software Distribution Service 3.0
23-10-2013 03:28:52 System Checkpoint
23-10-2013 22:59:40 Software Distribution Service 3.0
24-10-2013 02:36:40 Software Distribution Service 3.0
25-10-2013 02:36:22 Software Distribution Service 3.0
26-10-2013 19:19:56 Software Distribution Service 3.0
28-10-2013 01:41:20 Software Distribution Service 3.0
28-10-2013 02:22:42 Software Distribution Service 3.0
29-10-2013 02:32:58 Software Distribution Service 3.0
30-10-2013 02:25:06 Software Distribution Service 3.0
31-10-2013 23:47:20 System Checkpoint
31-10-2013 23:57:54 Software Distribution Service 3.0
02-11-2013 01:52:47 Software Distribution Service 3.0
03-11-2013 01:57:29 Software Distribution Service 3.0
05-11-2013 01:16:09 Software Distribution Service 3.0
05-11-2013 02:50:57 Software Distribution Service 3.0
06-11-2013 03:00:29 Software Distribution Service 3.0
07-11-2013 02:51:11 Software Distribution Service 3.0
08-11-2013 04:21:29 Software Distribution Service 3.0
10-11-2013 03:02:45 Software Distribution Service 3.0
11-11-2013 02:42:37 Software Distribution Service 3.0
13-11-2013 00:49:33 Software Distribution Service 3.0
13-11-2013 03:01:36 Software Distribution Service 3.0
14-11-2013 00:24:17 Installed CouponPrinterPlugin
14-11-2013 04:10:22 Software Distribution Service 3.0
15-11-2013 02:38:53 Software Distribution Service 3.0
16-11-2013 03:27:40 Software Distribution Service 3.0
16-11-2013 22:00:25 Software Distribution Service 3.0
17-11-2013 02:59:08 Software Distribution Service 3.0
18-11-2013 23:08:54 Software Distribution Service 3.0
20-11-2013 02:06:34 Software Distribution Service 3.0
20-11-2013 02:24:33 Software Distribution Service 3.0
20-11-2013 11:42:52 Removed ooVoo
21-11-2013 02:55:10 Software Distribution Service 3.0
21-11-2013 03:27:54 Software Distribution Service 3.0
25-11-2013 01:58:51 Software Distribution Service 3.0
25-11-2013 03:46:38 Software Distribution Service 3.0
26-11-2013 03:26:25 Software Distribution Service 3.0
28-11-2013 03:44:27 Software Distribution Service 3.0
29-11-2013 21:29:05 Software Distribution Service 3.0
30-11-2013 14:44:51 Software Distribution Service 3.0
01-12-2013 15:17:47 Software Distribution Service 3.0
03-12-2013 00:10:29 Software Distribution Service 3.0
03-12-2013 03:03:04 Software Distribution Service 3.0
04-12-2013 03:23:27 Software Distribution Service 3.0
05-12-2013 03:26:57 Software Distribution Service 3.0
06-12-2013 03:13:11 Software Distribution Service 3.0
07-12-2013 03:32:50 Software Distribution Service 3.0
08-12-2013 13:45:20 System Checkpoint
08-12-2013 13:53:23 Software Distribution Service 3.0
08-12-2013 22:01:23 Installed Windows XP Wudf01000.
08-12-2013 22:01:49 Installed Samsung Kies
08-12-2013 22:27:59 Installed Samsung Kies3
08-12-2013 22:51:57 Removed Samsung Kies
08-12-2013 23:08:59 Removed Samsung Kies3
09-12-2013 03:34:36 Software Distribution Service 3.0
09-12-2013 23:33:34 Software Distribution Service 3.0
10-12-2013 03:29:24 Software Distribution Service 3.0
10-12-2013 23:55:47 Software Distribution Service 3.0
11-12-2013 04:13:28 Software Distribution Service 3.0
12-12-2013 01:57:45 Software Distribution Service 3.0
12-12-2013 03:56:35 Software Distribution Service 3.0
13-12-2013 12:03:03 Software Distribution Service 3.0
14-12-2013 02:00:34 Software Distribution Service 3.0
14-12-2013 04:17:22 Software Distribution Service 3.0
14-12-2013 22:04:58 Software Distribution Service 3.0
14-12-2013 22:19:09 Software Distribution Service 3.0
14-12-2013 22:34:17 Removed DIRECTV Player.
15-12-2013 03:50:24 Software Distribution Service 3.0
16-12-2013 03:32:15 Software Distribution Service 3.0
17-12-2013 03:35:06 Software Distribution Service 3.0
18-12-2013 03:47:53 Software Distribution Service 3.0
19-12-2013 02:49:31 Software Distribution Service 3.0
20-12-2013 02:36:04 Software Distribution Service 3.0
21-12-2013 15:15:39 Software Distribution Service 3.0
22-12-2013 03:01:27 Software Distribution Service 3.0
23-12-2013 03:03:48 Software Distribution Service 3.0
24-12-2013 02:57:57 Software Distribution Service 3.0
25-12-2013 03:19:00 System Checkpoint
26-12-2013 15:33:32 Software Distribution Service 3.0
27-12-2013 03:03:15 Software Distribution Service 3.0
28-12-2013 02:57:55 Software Distribution Service 3.0
29-12-2013 21:02:45 Software Distribution Service 3.0
30-12-2013 02:53:35 Software Distribution Service 3.0
31-12-2013 17:51:28 Software Distribution Service 3.0
06-01-2014 00:02:27 Software Distribution Service 3.0
07-01-2014 00:49:19 Software Distribution Service 3.0
07-01-2014 02:53:59 Software Distribution Service 3.0
08-01-2014 03:27:32 System Checkpoint
08-01-2014 04:46:49 Installed Microsoft Download Manager
08-01-2014 04:57:00 Installed Compatibility Pack for the 2007 Office system
08-01-2014 13:40:14 Software Distribution Service 3.0
09-01-2014 02:54:23 Software Distribution Service 3.0
10-01-2014 01:25:08 Software Distribution Service 3.0
10-01-2014 02:55:45 Software Distribution Service 3.0
11-01-2014 01:23:20 Software Distribution Service 3.0
11-01-2014 02:56:52 Software Distribution Service 3.0

==================== Hosts content: ==========================

2006-07-24 12:27 - 2013-06-29 18:16 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Registration reminder 1.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 2.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 3.job => C:\WINDOWS\system32\OOBE\oobebaln.exe

==================== Loaded Modules (whitelisted) =============

2005-11-28 13:59 - 2005-11-28 13:59 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-11-28 13:59 - 2005-11-28 13:59 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-11-28 13:59 - 2005-11-28 13:59 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2011-01-30 19:12 - 2010-03-04 16:55 - 00147456 _____ () C:\WINDOWS\system32\HP1100LM.DLL
2011-01-30 19:12 - 2010-03-04 16:55 - 00069632 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-07-24 12:27 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2006-07-24 12:27 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2006-07-24 12:27 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-07-24 12:27 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-07-24 14:29 - 2005-05-20 19:42 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2006-07-24 12:27 - 2007-04-02 07:49 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
2010-10-26 01:07 - 2005-11-28 18:45 - 00040960 _____ () C:\Program Files\Sony\VAIO Camera Utility\VCULib.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 02452992 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtCore4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00375808 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtXml4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00322048 _____ () C:\Program Files\Intel\IntelAppStore\bin\log4cplus.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00013312 _____ () C:\Program Files\Intel\IntelAppStore\bin\featureController.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 01008640 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtNetwork4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00195584 _____ () C:\Program Files\Intel\IntelAppStore\bin\libgsoap.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00062464 _____ () C:\Program Files\Intel\IntelAppStore\bin\zlib1.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00400384 _____ () C:\Program Files\Intel\IntelAppStore\bin\sqlite3.dll
2011-03-21 15:58 - 2011-01-27 12:00 - 03622128 _____ () C:\Program Files\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-10-26 14:29 - 2013-07-15 12:29 - 00620718 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/06/2014 11:34:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32719


System errors:
=============
Error: (01/10/2014 10:21:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SI3132

Error: (01/05/2014 06:42:38 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.46 on the
Network Card with network address 0018DE087897.

Error: (12/16/2013 09:48:44 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0018DE087897. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (12/09/2013 06:32:40 PM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (12/03/2013 07:11:43 AM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (11/28/2013 11:03:01 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

Error: (11/28/2013 11:01:39 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.42 for the Network Card with network address 0018DE087897 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (11/27/2013 09:56:35 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (11/27/2013 09:56:35 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (11/27/2013 09:55:50 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.


Microsoft Office Sessions:
=========================
Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/06/2014 11:34:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32719


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 1014.11 MB
Available physical RAM: 463.27 MB
Total Pagefile: 2441.57 MB
Available Pagefile: 2018.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:104.79 GB) (Free:79.89 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 112 GB) (Disk ID: 0E0680D9)
Partition 1: (Not Active) - (Size=7 GB) - (Type=12)
Partition 2: (Active) - (Size=105 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello strew1221,

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
After that

Download and run TFC.exe (Vista and above users right click and run as Administrator).

You may be asked to reboot when it is finished. Please do so.

When you return please post
  • JRT.txt

  • 0

#5
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Stacey on Fri 01/10/2014 at 23:14:14.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B1D63494-F151-44ED-05FF-39F2940B4E3C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\gamingwonderlandei"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 23:19:28.59
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello strew1221,

There is a remnant of ComboFix that hasn't been properly uninstalled on your machine.

Please go here to download OTC.

Run this program to remove the leftover.

If you are asked to reboot the machine to finish the Cleanup process choose Yes.

After that

Please run FRST again and post the log it generates back here.
  • 0

#7
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-01-2014 01
Ran by Stacey at 2014-01-10 23:45:37
Running from C:\Documents and Settings\Stacey\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
7-Zip 4.65 (Version: - )
AC3Filter 2.6.0b (Version: 2.6.0b - Alexander Vigovsky)
Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (Version: 11.0.05 - Adobe Systems Incorporated)
AnswerWorks 5.0 English Runtime (Version: 5.0.7 - Vantage Software Technologies)
AOL Uninstaller (Choose which Products to Remove) (Version: - )
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.328 - Hewlett-Packard) Hidden
Catalina Savings Printer (Version: 1.0.0 - Catalina Marketing Corp)
Click to DVD 2.0.03 Menu Data (Version: 2.0.03 - Sony Corporation)
Click to DVD 2.5.30 (Version: 2.5.30 - Sony Corporation)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect DLC 5 Toolbar for IE (Version: 6.17.2.8 - Connect DLC 5) <==== ATTENTION
Copy (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (Version: 5.0.0.4 - Coupons.com Incorporated)
CouponPrinterPlugin (Version: 2.0.2.0 - Hopster)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Setup (Version: 2.6.1.44 - DivX, LLC)
DJ_AIO_05_F4400_Software_Min (Version: 120.0.235.000 - Hewlett-Packard) Hidden
DSD Direct (Version: 1.0.02 - Sony Corporation)
DSD Playback Plug-in 1.0 (Version: - )
DVgate Plus (Version: - )
ESET Online Scanner v3 (Version: - )
F4400 (Version: 120.0.235.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (Version: - )
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 12.0 (Version: 12.0 - HP)
HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5 (Version: 12.0 - HP)
HP Imaging Device Functions 12.0 (Version: 12.0 - HP)
HP LaserJet Professional P1100-P1560-P1600 Series (Version: - )
HP Photosmart 330,380,420,470,7800,8000,8200 Series (Version: 8.1 - HP)
HP Smart Web Printing (Version: 4.05 - HP)
HP Solution Center 12.0 (Version: 12.0 - HP)
HP Update (Version: 4.000.011.006 - Hewlett-Packard)
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Image Converter 2 Plus (Version: 2.2.06 - Sony Corporation)
ImageStation (Version: 1.0.0 - Sony)
Intel AppUp(SM) center (Version: 19079 - Intel)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4543 - )
Intel® PRO Network Connections Drivers (Version: - )
Intel® PROSet/Wireless Software (Version: - Intel Corporation)
InterVideo WinDVD for VAIO (Version: 5.0-B11.795 - InterVideo Inc.)
iSkysoft PDF Editor(Build 2.0.1) (Version: 2.0.1.28 - iSkysoft Studio)
ISScript (Version: 3.00.185 - InstallShield Software Corp.) Hidden
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 21 (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
KeyScrambler (Version: 3.2.0.3 - QFX Software Corporation)
LAN Setting Utility (Version: - )
Macromedia Flash Player 8 (Version: 8.0.24.0 - Macromedia)
Macromedia Flash Player 8 Plugin (Version: 8.0.24.0 - Macromedia)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
mCore (Version: 5.40.0000 - Intel Corporation) Hidden
mDriver (Version: 5.40.0000 - Intel) Hidden
Memory Stick Formatter (Version: - )
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Data Access Components KB870669 (Version: - Microsoft Corporation)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Starter Edition 2006 (Version: 11.0.0422 - Microsoft Corporation)
Microsoft Digital Image Starter Edition 2006 Editor (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Digital Image Starter Edition 2006 Library (Version: 11.0.0422 - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (Version: 8.00.761 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 08.05.0818 - Microsoft Corporation)
mMHouse (Version: 5.40.0000 - Intel Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
mPfMgr (Version: 5.40.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.40.0000 - Intel Corporation) Hidden
NVIDIA Drivers (Version: - )
Office 2003 Trial Assistant (Version: 1.0.0 - Microsoft)
OpenMG AAC Add-on Module 1.0.00 (Version: 1.0.00.04270 - Sony Corporation)
OpenMG AAC Add-on Module 1.0.00 (Version: 1.0.00.04270 - Sony Corporation) Hidden
OpenMG Limited Patch 4.5-06-05-12-01 (Version: - )
OpenMG Metadata Extractor for Windows Media Player (Version: 1.0.02.03110 - )
OpenMG Secure Module 4.5.01 (Version: 4.5.01.04270 - Sony Corporation)
OpenMG Secure Module 4.5.01 (Version: 4.5.01.04270 - Sony Corporation) Hidden
Password Depot 5 (Version: 5.3.1 - AceBIT GmbH)
PS8200 (Version: 8.01.0000 - HP) Hidden
PSPrinters08 (Version: 8.01.0000 - HP) Hidden
PSTAPlugin (Version: 8.01.0000 - Hewlett-Packard) Hidden
Quicken 2010 (Version: 19.1.1.27 - Intuit)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Roxio DigitalMedia Audio (Version: 2.0.4 - Roxio)
Roxio DigitalMedia Copy (Version: 2.0.4 - Roxio)
Roxio DigitalMedia Data (Version: 2.0.4 - Roxio)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Setting Utility Series (Version: - )
SigmaTel Audio (Version: 5.10.4811.0 - SigmaTel)
Skype Click to Call (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Sonic Encoders (Version: 1.00 - Sonic Solutions)
SonicStage 4.0 (Version: 4.0 - Sony Corporation)
SonicStage Mastering Studio 2.2 (Version: - )
SonicStage Mastering Studio Audio Filter (Version: - )
SonicStage Mastering Studio Audio Filter Custom Preset (Version: - )
SonicStage Mastering Studio Plugins (Version: - )
Sony Certificate PCH (Version: - )
Sony MP4 Shared Library (Version: 2.0 - Sony Corporation)
Sony USB Mouse (Version: - )
Sony Utilities DLL (Version: - )
Sony Video Shared Library (Version: 2.0.01 - Sony Corporation)
Speccy (Version: 1.22 - Piriform)
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB913800) (Version: - Microsoft Corporation)
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (Version: - Microsoft Corporation)
VAIO Backup Utility (Version: 1.00.7246 - Sony)
VAIO Breeze Wallpaper (Version: 1.0.01.13200 - Sony Corporation)
VAIO Camera Utility (Version: - )
VAIO Central (Version: 1.1.02.032706 - Sony Corporation)
VAIO Entertainment Platform (Version: 1.3.32.06120 - Sony Corporation)
VAIO Event Service (Version: 2.3.00.05310 - Sony Corporation)
VAIO Hardware Diagnostics (Version: - )
VAIO Light Flo Wallpaper (Version: - )
VAIO Media 5.0 (Version: 5.0.20 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (Version: - )
VAIO Media Integrated Server 5.0 (Version: - Sony Corporation)
VAIO Media Redistribution 5.0 (Version: 5.0.20 - Sony Corporation)
VAIO Media Registration Tool 5.0 (Version: 5.0.00 - Sony Corporation)
VAIO Original Screen Saver (Version: - )
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents (Version: - )
VAIO Power Management (Version: - )
VAIO Registration (Version: 17.1.1 - Sony Electronics)
VAIO Registration (Version: 17.1.1 - Sony Electronics) Hidden
VAIO Security Center (Version: 2.02.0320 - Sony)
VAIO Support Central (Version: 1.1.0.060412 - Sony Corporation)
VAIO Update 2 (Version: - )
VAIO Wireless LAN Setup Utility (Version: - )
VAIOSurveySA (Version: 4.02 - Sony Electronics)
VAIOSurveySA (Version: 4.02 - Sony Electronics) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (Version: 1.1.11 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Connect (Version: - )
Windows Media Connect (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 10 Hotfix [See KB886612 for more information] (Version: - Microsoft Corporation) Hidden
Windows XP Media Center Edition 2005 KB2502898 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908250 (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (Version: 28.1.2013.0 - BillP Studios)
WinPatrol (Version: 29.1.2013 - BillP Studios)
Wireless Switch Setting Utility (Version: - )
Yahoo! Software Update (Version: - )

==================== Restore Points =========================

11-10-2013 10:32:28 Software Distribution Service 3.0
12-10-2013 20:12:02 Software Distribution Service 3.0
14-10-2013 01:47:16 Software Distribution Service 3.0
14-10-2013 01:57:41 Software Distribution Service 3.0
15-10-2013 02:01:23 Software Distribution Service 3.0
16-10-2013 02:02:05 Software Distribution Service 3.0
17-10-2013 02:08:07 Software Distribution Service 3.0
17-10-2013 02:23:04 Software Distribution Service 3.0
18-10-2013 02:37:22 Software Distribution Service 3.0
21-10-2013 00:16:24 Software Distribution Service 3.0
22-10-2013 00:48:41 Software Distribution Service 3.0
22-10-2013 02:30:18 Software Distribution Service 3.0
23-10-2013 03:28:52 System Checkpoint
23-10-2013 22:59:40 Software Distribution Service 3.0
24-10-2013 02:36:40 Software Distribution Service 3.0
25-10-2013 02:36:22 Software Distribution Service 3.0
26-10-2013 19:19:56 Software Distribution Service 3.0
28-10-2013 01:41:20 Software Distribution Service 3.0
28-10-2013 02:22:42 Software Distribution Service 3.0
29-10-2013 02:32:58 Software Distribution Service 3.0
30-10-2013 02:25:06 Software Distribution Service 3.0
31-10-2013 23:47:20 System Checkpoint
31-10-2013 23:57:54 Software Distribution Service 3.0
02-11-2013 01:52:47 Software Distribution Service 3.0
03-11-2013 01:57:29 Software Distribution Service 3.0
05-11-2013 01:16:09 Software Distribution Service 3.0
05-11-2013 02:50:57 Software Distribution Service 3.0
06-11-2013 03:00:29 Software Distribution Service 3.0
07-11-2013 02:51:11 Software Distribution Service 3.0
08-11-2013 04:21:29 Software Distribution Service 3.0
10-11-2013 03:02:45 Software Distribution Service 3.0
11-11-2013 02:42:37 Software Distribution Service 3.0
13-11-2013 00:49:33 Software Distribution Service 3.0
13-11-2013 03:01:36 Software Distribution Service 3.0
14-11-2013 00:24:17 Installed CouponPrinterPlugin
14-11-2013 04:10:22 Software Distribution Service 3.0
15-11-2013 02:38:53 Software Distribution Service 3.0
16-11-2013 03:27:40 Software Distribution Service 3.0
16-11-2013 22:00:25 Software Distribution Service 3.0
17-11-2013 02:59:08 Software Distribution Service 3.0
18-11-2013 23:08:54 Software Distribution Service 3.0
20-11-2013 02:06:34 Software Distribution Service 3.0
20-11-2013 02:24:33 Software Distribution Service 3.0
20-11-2013 11:42:52 Removed ooVoo
21-11-2013 02:55:10 Software Distribution Service 3.0
21-11-2013 03:27:54 Software Distribution Service 3.0
25-11-2013 01:58:51 Software Distribution Service 3.0
25-11-2013 03:46:38 Software Distribution Service 3.0
26-11-2013 03:26:25 Software Distribution Service 3.0
28-11-2013 03:44:27 Software Distribution Service 3.0
29-11-2013 21:29:05 Software Distribution Service 3.0
30-11-2013 14:44:51 Software Distribution Service 3.0
01-12-2013 15:17:47 Software Distribution Service 3.0
03-12-2013 00:10:29 Software Distribution Service 3.0
03-12-2013 03:03:04 Software Distribution Service 3.0
04-12-2013 03:23:27 Software Distribution Service 3.0
05-12-2013 03:26:57 Software Distribution Service 3.0
06-12-2013 03:13:11 Software Distribution Service 3.0
07-12-2013 03:32:50 Software Distribution Service 3.0
08-12-2013 13:45:20 System Checkpoint
08-12-2013 13:53:23 Software Distribution Service 3.0
08-12-2013 22:01:23 Installed Windows XP Wudf01000.
08-12-2013 22:01:49 Installed Samsung Kies
08-12-2013 22:27:59 Installed Samsung Kies3
08-12-2013 22:51:57 Removed Samsung Kies
08-12-2013 23:08:59 Removed Samsung Kies3
09-12-2013 03:34:36 Software Distribution Service 3.0
09-12-2013 23:33:34 Software Distribution Service 3.0
10-12-2013 03:29:24 Software Distribution Service 3.0
10-12-2013 23:55:47 Software Distribution Service 3.0
11-12-2013 04:13:28 Software Distribution Service 3.0
12-12-2013 01:57:45 Software Distribution Service 3.0
12-12-2013 03:56:35 Software Distribution Service 3.0
13-12-2013 12:03:03 Software Distribution Service 3.0
14-12-2013 02:00:34 Software Distribution Service 3.0
14-12-2013 04:17:22 Software Distribution Service 3.0
14-12-2013 22:04:58 Software Distribution Service 3.0
14-12-2013 22:19:09 Software Distribution Service 3.0
14-12-2013 22:34:17 Removed DIRECTV Player.
15-12-2013 03:50:24 Software Distribution Service 3.0
16-12-2013 03:32:15 Software Distribution Service 3.0
17-12-2013 03:35:06 Software Distribution Service 3.0
18-12-2013 03:47:53 Software Distribution Service 3.0
19-12-2013 02:49:31 Software Distribution Service 3.0
20-12-2013 02:36:04 Software Distribution Service 3.0
21-12-2013 15:15:39 Software Distribution Service 3.0
22-12-2013 03:01:27 Software Distribution Service 3.0
23-12-2013 03:03:48 Software Distribution Service 3.0
24-12-2013 02:57:57 Software Distribution Service 3.0
25-12-2013 03:19:00 System Checkpoint
26-12-2013 15:33:32 Software Distribution Service 3.0
27-12-2013 03:03:15 Software Distribution Service 3.0
28-12-2013 02:57:55 Software Distribution Service 3.0
29-12-2013 21:02:45 Software Distribution Service 3.0
30-12-2013 02:53:35 Software Distribution Service 3.0
31-12-2013 17:51:28 Software Distribution Service 3.0
06-01-2014 00:02:27 Software Distribution Service 3.0
07-01-2014 00:49:19 Software Distribution Service 3.0
07-01-2014 02:53:59 Software Distribution Service 3.0
08-01-2014 03:27:32 System Checkpoint
08-01-2014 04:46:49 Installed Microsoft Download Manager
08-01-2014 04:57:00 Installed Compatibility Pack for the 2007 Office system
08-01-2014 13:40:14 Software Distribution Service 3.0
09-01-2014 02:54:23 Software Distribution Service 3.0
10-01-2014 01:25:08 Software Distribution Service 3.0
10-01-2014 02:55:45 Software Distribution Service 3.0
11-01-2014 01:23:20 Software Distribution Service 3.0
11-01-2014 02:56:52 Software Distribution Service 3.0
11-01-2014 04:23:57 Removed Microsoft Download Manager

==================== Hosts content: ==========================

2006-07-24 12:27 - 2013-06-29 18:16 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Registration reminder 1.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 2.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registration reminder 3.job => C:\WINDOWS\system32\OOBE\oobebaln.exe

==================== Loaded Modules (whitelisted) =============

2005-11-28 13:59 - 2005-11-28 13:59 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-11-28 13:59 - 2005-11-28 13:59 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-11-28 13:59 - 2005-11-28 13:59 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2011-01-30 19:12 - 2010-03-04 16:55 - 00147456 _____ () C:\WINDOWS\system32\HP1100LM.DLL
2011-01-30 19:12 - 2010-03-04 16:55 - 00069632 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-07-24 12:27 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2006-07-24 12:27 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2006-07-24 12:27 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-07-24 12:27 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-07-24 14:29 - 2005-05-20 19:42 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2006-07-24 12:27 - 2007-04-02 07:49 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
2010-10-26 01:07 - 2005-11-28 18:45 - 00040960 _____ () C:\Program Files\Sony\VAIO Camera Utility\VCULib.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 02452992 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtCore4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00375808 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtXml4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00322048 _____ () C:\Program Files\Intel\IntelAppStore\bin\log4cplus.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00013312 _____ () C:\Program Files\Intel\IntelAppStore\bin\featureController.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 01008640 _____ () C:\Program Files\Intel\IntelAppStore\bin\QtNetwork4.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00195584 _____ () C:\Program Files\Intel\IntelAppStore\bin\libgsoap.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00062464 _____ () C:\Program Files\Intel\IntelAppStore\bin\zlib1.dll
2011-03-21 15:58 - 2010-12-01 09:26 - 00400384 _____ () C:\Program Files\Intel\IntelAppStore\bin\sqlite3.dll
2011-03-21 15:58 - 2011-01-27 12:00 - 03622128 _____ () C:\Program Files\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-10-26 14:29 - 2013-07-15 12:29 - 00620718 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2014 11:09:10 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.4.304.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/10/2014 11:14:43 PM) (Source: Service Control Manager) (User: )
Description: The Skype Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (01/10/2014 10:21:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SI3132

Error: (01/05/2014 06:42:38 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.46 on the
Network Card with network address 0018DE087897.

Error: (12/16/2013 09:48:44 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0018DE087897. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (12/09/2013 06:32:40 PM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (12/03/2013 07:11:43 AM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (11/28/2013 11:03:01 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.


Microsoft Office Sessions:
=========================
Error: (01/10/2014 11:09:10 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

Error: (01/09/2014 11:19:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16563

Error: (01/08/2014 08:44:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29992672

Error: (01/08/2014 08:25:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 1014.11 MB
Available physical RAM: 427.13 MB
Total Pagefile: 2441.64 MB
Available Pagefile: 1940.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:104.79 GB) (Free:79.77 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 112 GB) (Disk ID: 0E0680D9)
Partition 1: (Not Active) - (Size=7 GB) - (Type=12)
Partition 2: (Active) - (Size=105 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#8
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Sorry I think I posted the addition, here is the frst one:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-01-2014 01
Ran by Stacey (administrator) on SONYLAPTOP on 10-01-2014 23:44:48
Running from C:\Documents and Settings\Stacey\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(HP) C:\WINDOWS\system32\HPSIsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
(America Online, Inc.) C:\Program Files\Common Files\AOL\1288073631\ee\aolsoftware.exe
(Primax Electronics Ltd.) C:\WINDOWS\system32\ico.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Program Files\Intel\IntelAppStore\bin\serviceManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(FileHippo.com) C:\Program Files\FileHippo.com\UpdateChecker.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2004-11-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-04-05] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-04-05] (Intel Corporation)
HKLM\...\Run: [VAIO Recovery] - C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe [28672 2003-04-19] (Sony Electronics Inc)
HKLM\...\Run: [SonyPowerCfg] - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [217088 2006-06-27] (Sony Corporation)
HKLM\...\Run: [VAIO Update 2] - C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [151552 2005-10-11] (Sony Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Switcher.exe] - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [176128 2006-02-14] (Sony Corporation)
HKLM\...\Run: [VAIOCameraUtility] - C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [69632 2005-12-27] (Sony Corporation)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\AOL\1288073631\ee\aolsoftware.exe [50792 2006-04-13] (America Online, Inc.)
HKLM\...\Run: [PartSeal] - C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe [28672 2003-04-19] (Sony Electronics Inc)
HKLM\...\Run: [Mouse Suite 98 Daemon] - C:\WINDOWS\system32\ico.exe [45056 2002-03-14] (Primax Electronics Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [HPHUPD08] - C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2006-07-11] (Hewlett-Packard)
HKLM\...\Run: [Intel AppUp(SM) center] - C:\Program Files\Intel\IntelAppStore\bin\serviceManager.lnk [933 2011-03-21] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [KeyScrambler] - C:\Program Files\KeyScrambler\KeyScrambler.exe [508048 2013-07-13] (QFX Software Corporation)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [455232 2013-12-01] (BillP Studios)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {B1D63494-F151-44ED-05FF-39F2940B4E3C} URL =
SearchScopes: HKCU - {BAAEA39D-8867-4144-B687-D5484383CE23} URL = http://search.yahoo....0309,6900,0,6,0
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Password Depot 5 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files\AceBIT\Password Depot 5\pdIEAddOn.dll (AceBIT)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1288064784980
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.micr...loadManager.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D95E6A15-5462-4948-A065-E33B972A359C}: [NameServer]192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703
FF Homepage: www.yahoo.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\DOCUME~1\Stacey\APPLIC~1\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: hopster.com/CouponPrinterPlugin - C:\Documents and Settings\Stacey\Application Data\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll (Hopster)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgrameFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Safe Preview - C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\Extensions\[email protected]
FF Extension: NoScript - C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AceBIT\Password Depot 5\Firefox\
FF Extension: Password Depot Extension - C:\Program Files\AceBIT\Password Depot 5\Firefox\
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

========================== Services (Whitelisted) =================

S3 Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [32768 2005-07-14] (Sony Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation)
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation )
R2 SonicStageMonitoring; C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe [135168 2005-03-11] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2006-04-27] (Sony Corporation)
S3 SQLAgent$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-05-08] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2005-11-25] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [176128 2006-04-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2084864 2006-06-13] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [770048 2006-05-18] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-04-04] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [167936 2005-11-28] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2005-11-28] (Sony Corporation)
S3 WmcCds; c:\program files\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Program Files\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2006-07-24] (Meetinghouse Data Communications)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-13] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-13] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2009-08-26] (HP)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [202112 2005-10-18] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [998656 2005-10-18] (Conexant Systems, Inc.)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [209016 2013-05-31] (QFX Software Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [17251 2002-06-28] (Primax Electronics Ltd.)
S3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [7520 2001-07-24] (Primax Electronics Ltd.)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation)
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [67456 2005-09-21] (Silicon Image, Inc.)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [5248 2005-09-20] (Silicon Image, Inc.)
R3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [30080 2006-03-06] (Sony Corporation)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1177032 2006-05-26] (SigmaTel, Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [226304 2006-02-21] (Texas Instruments)
R3 usbvm321; C:\Windows\System32\Drivers\usbvm321.sys [234496 2005-12-29] (Vimicro Corporation)
R3 w39n51; C:\Windows\System32\DRIVERS\w39n51.sys [1428096 2005-12-05] (Intel® Corporation)
S4 IntelIde; No ImagePath
S1 MpKsl819cdbde; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4A5C5189-B8DF-4F13-93D9-523D2F3CBD49}\MpKsl819cdbde.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-01-10 23:44 - 2014-01-10 23:45 - 00019972 _____ C:\Documents and Settings\Stacey\Desktop\FRST.txt
2014-01-10 23:44 - 2014-01-10 23:44 - 00000000 ____D C:\FRST
2014-01-10 23:19 - 2014-01-10 23:19 - 00001182 _____ C:\Documents and Settings\Stacey\Desktop\JRT.txt
2014-01-10 23:11 - 2014-01-10 23:11 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-10 23:09 - 2014-01-10 23:09 - 01037068 _____ (Thisisu) C:\Documents and Settings\Stacey\Desktop\JRT.exe
2014-01-10 22:43 - 2014-01-10 22:43 - 00031258 _____ C:\Documents and Settings\Stacey\Desktop\Addition.txt
2014-01-10 22:34 - 2014-01-10 22:34 - 01220096 _____ (Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe
2014-01-10 20:44 - 2014-01-10 20:45 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-08 19:19 - 2014-01-08 19:19 - 02633042 _____ C:\Documents and Settings\Stacey\Desktop\MCShield-Setup.exe
2014-01-08 00:01 - 2014-01-08 00:01 - 00010851 _____ C:\Documents and Settings\Stacey\Desktop\s-2.xlsx
2014-01-07 23:56 - 2014-01-07 23:56 - 00000000 ____D C:\Program Files\MSECache
2014-01-07 23:43 - 2014-01-07 23:43 - 00010707 _____ C:\Documents and Settings\Stacey\Desktop\s.xlsx
2013-12-14 17:42 - 2013-12-14 17:42 - 01226802 _____ C:\Documents and Settings\Stacey\Desktop\adwcleaner(1).exe
2013-12-14 17:32 - 2013-12-14 17:33 - 00000000 ____D C:\Click to DVD 2
2013-12-14 17:08 - 2013-12-14 17:08 - 00102608 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-12-13 21:10 - 2013-12-13 21:10 - 00019495 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00011777 _____ C:\WINDOWS\KB2904266.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-12 20:56 - 2013-12-13 21:09 - 00023795 _____ C:\WINDOWS\KB2898715.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00023125 _____ C:\WINDOWS\KB2893984.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00022629 _____ C:\WINDOWS\KB2893294.log
2013-12-12 20:56 - 2013-12-13 21:03 - 00022046 _____ C:\WINDOWS\KB2892075.log

==================== One Month Modified Files and Folders =======

2014-01-10 23:45 - 2014-01-10 23:44 - 00019972 _____ C:\Documents and Settings\Stacey\Desktop\FRST.txt
2014-01-10 23:44 - 2014-01-10 23:44 - 00000000 ____D C:\FRST
2014-01-10 23:42 - 2006-07-24 12:43 - 01497759 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-10 23:39 - 2006-07-25 18:01 - 00039936 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-10 23:39 - 2006-07-24 12:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-10 23:39 - 2006-07-24 12:41 - 00000000 ____D C:\WINDOWS\Registration
2014-01-10 23:39 - 2006-07-24 05:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-10 23:39 - 2006-07-24 05:38 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-10 23:39 - 2006-07-24 05:34 - 00188200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-10 23:38 - 2010-10-26 01:26 - 00000178 ___SH C:\Documents and Settings\Stacey\ntuser.ini
2014-01-10 23:38 - 2006-07-24 12:49 - 00032460 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-10 23:24 - 2013-11-19 21:20 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-01-10 23:19 - 2014-01-10 23:19 - 00001182 _____ C:\Documents and Settings\Stacey\Desktop\JRT.txt
2014-01-10 23:11 - 2014-01-10 23:11 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-10 23:09 - 2014-01-10 23:09 - 01037068 _____ (Thisisu) C:\Documents and Settings\Stacey\Desktop\JRT.exe
2014-01-10 23:07 - 2013-12-03 21:05 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-10 22:43 - 2014-01-10 22:43 - 00031258 _____ C:\Documents and Settings\Stacey\Desktop\Addition.txt
2014-01-10 22:34 - 2014-01-10 22:34 - 01220096 _____ (Farbar) C:\Documents and Settings\Stacey\Desktop\FRST(1).exe
2014-01-10 22:20 - 2006-07-24 14:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB888795$
2014-01-10 22:18 - 2010-10-26 01:26 - 00000000 ____D C:\Documents and Settings\Stacey
2014-01-10 22:17 - 2010-12-12 21:36 - 00000000 ____D C:\Documents and Settings\Stacey\Application Data\Skype
2014-01-10 21:54 - 2013-12-10 20:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-10 20:45 - 2014-01-10 20:44 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-08 19:19 - 2014-01-08 19:19 - 02633042 _____ C:\Documents and Settings\Stacey\Desktop\MCShield-Setup.exe
2014-01-08 00:01 - 2014-01-08 00:01 - 00010851 _____ C:\Documents and Settings\Stacey\Desktop\s-2.xlsx
2014-01-07 23:57 - 2010-10-26 00:59 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-07 23:57 - 2006-07-24 05:35 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-07 23:56 - 2014-01-07 23:56 - 00000000 ____D C:\Program Files\MSECache
2014-01-07 23:47 - 2013-06-29 21:41 - 00433770 _____ C:\WINDOWS\setupapi.log
2014-01-07 23:43 - 2014-01-07 23:43 - 00010707 _____ C:\Documents and Settings\Stacey\Desktop\s.xlsx
2013-12-31 23:55 - 2013-02-03 10:37 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-12-24 21:06 - 2010-12-12 21:36 - 00000000 ___RD C:\Program Files\Skype
2013-12-24 21:06 - 2010-12-12 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-12-23 19:29 - 2013-05-19 23:07 - 00000000 ____D C:\Documents and Settings\Stacey\Desktop\Landon Pics
2013-12-17 22:21 - 2013-09-16 22:11 - 00000000 ____D C:\AdwCleaner
2013-12-17 21:50 - 2011-01-24 00:26 - 00000000 ____D C:\Documents and Settings\Stacey\Local Settings\Application Data\Adobe
2013-12-17 21:49 - 2013-12-03 21:05 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-17 21:49 - 2013-12-03 21:05 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-14 17:42 - 2013-12-14 17:42 - 01226802 _____ C:\Documents and Settings\Stacey\Desktop\adwcleaner(1).exe
2013-12-14 17:33 - 2013-12-14 17:32 - 00000000 ____D C:\Click to DVD 2
2013-12-14 17:32 - 2010-10-26 01:26 - 00000000 ____D C:\Documents and Settings\Stacey\Application Data\Sony Corporation
2013-12-14 17:20 - 2010-10-25 23:10 - 00081359 _____ C:\WINDOWS\KB941569.log
2013-12-14 17:19 - 2010-10-25 23:25 - 00093440 _____ C:\WINDOWS\KB978695.log
2013-12-14 17:19 - 2010-10-25 23:21 - 00128228 _____ C:\WINDOWS\KB952069.log
2013-12-14 17:16 - 2006-07-24 13:33 - 00190322 _____ C:\WINDOWS\spupdsvc.log
2013-12-14 17:08 - 2013-12-14 17:08 - 00102608 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-12-14 17:08 - 2006-07-24 05:30 - 00000000 ____D C:\WINDOWS\security
2013-12-13 21:10 - 2013-12-13 21:10 - 00019495 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-13 21:10 - 2010-10-25 23:53 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-13 21:10 - 2006-07-24 13:12 - 00289511 _____ C:\WINDOWS\updspapi.log
2013-12-13 21:10 - 2006-07-24 05:35 - 02657817 _____ C:\WINDOWS\FaxSetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 01273529 _____ C:\WINDOWS\ocgen.log
2013-12-13 21:10 - 2006-07-24 05:35 - 01224072 _____ C:\WINDOWS\tsoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00907887 _____ C:\WINDOWS\iis6.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00821318 _____ C:\WINDOWS\msmqinst.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00782230 _____ C:\WINDOWS\comsetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00479030 _____ C:\WINDOWS\netfxocm.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00471777 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00298878 _____ C:\WINDOWS\plusoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00268302 _____ C:\WINDOWS\MedCtrOC.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00143872 _____ C:\WINDOWS\ehOCGen.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00134558 _____ C:\WINDOWS\tabletoc.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00132967 _____ C:\WINDOWS\msgsocm.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00127884 _____ C:\WINDOWS\ocmsn.log
2013-12-13 21:10 - 2006-07-24 05:35 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00011777 _____ C:\WINDOWS\KB2904266.log
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-13 21:09 - 2013-12-13 21:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-13 21:09 - 2013-12-12 20:56 - 00023795 _____ C:\WINDOWS\KB2898715.log
2013-12-13 21:09 - 2010-10-25 23:25 - 00046592 _____ C:\WINDOWS\system32\TZLog.log
2013-12-13 21:09 - 2006-07-24 05:35 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-13 21:08 - 2013-07-13 16:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-13 21:04 - 2010-10-25 23:18 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-13 21:03 - 2013-12-13 21:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-13 21:03 - 2013-12-12 20:56 - 00023125 _____ C:\WINDOWS\KB2893984.log
2013-12-13 21:03 - 2013-12-12 20:56 - 00022629 _____ C:\WINDOWS\KB2893294.log
2013-12-13 21:03 - 2013-12-12 20:56 - 00022046 _____ C:\WINDOWS\KB2892075.log
2013-12-11 20:59 - 2012-07-19 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Documents and Settings\Stacey\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\wpsetup.exe
C:\Documents and Settings\Stacey\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hmm... looks like some adware still there.

Let's do this:

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.
  • 0

#10
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
# AdwCleaner v3.016 - Report created 11/01/2014 at 00:05:14
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Stacey - SONYLAPTOP
# Running from : C:\Documents and Settings\Stacey\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\Description

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\prefs.js ]


*************************

AdwCleaner[R0].txt - [972 octets] - [16/09/2013 22:11:11]
AdwCleaner[R1].txt - [1092 octets] - [16/09/2013 22:15:33]
AdwCleaner[R2].txt - [970 octets] - [16/09/2013 22:25:58]
AdwCleaner[R3].txt - [6269 octets] - [30/11/2013 18:21:23]
AdwCleaner[R4].txt - [3368 octets] - [02/12/2013 20:54:31]
AdwCleaner[R5].txt - [1417 octets] - [02/12/2013 22:39:36]
AdwCleaner[R6].txt - [1977 octets] - [07/12/2013 10:00:29]
AdwCleaner[R7].txt - [2348 octets] - [14/12/2013 17:43:32]
AdwCleaner[R8].txt - [1763 octets] - [17/12/2013 22:18:44]
AdwCleaner[R9].txt - [1883 octets] - [11/01/2014 00:02:54]
AdwCleaner[S0].txt - [1036 octets] - [16/09/2013 22:12:52]
AdwCleaner[S1].txt - [914 octets] - [16/09/2013 22:20:51]
AdwCleaner[S2].txt - [6304 octets] - [30/11/2013 19:42:43]
AdwCleaner[S3].txt - [3493 octets] - [02/12/2013 21:00:38]
AdwCleaner[S4].txt - [1480 octets] - [02/12/2013 22:40:41]
AdwCleaner[S5].txt - [2048 octets] - [07/12/2013 10:02:05]
AdwCleaner[S6].txt - [2435 octets] - [14/12/2013 17:44:53]
AdwCleaner[S7].txt - [1826 octets] - [17/12/2013 22:21:02]
AdwCleaner[S8].txt - [1806 octets] - [11/01/2014 00:05:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [1866 octets] ##########
  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello strew1221,

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  • Double click zoek.zip
  • Double click on zoek.exe to run.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  • Copy the text below and paste it into the large window in the zoek tool:

AutoClean;

  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.
Note: It will also create a log in the C:\ directory named "zoek-results.log"
  • 0

#12
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Zoek.exe v5.0.0.0 Updated 09-Januari-2014
Tool run by Stacey on Sat 01/11/2014 at 0:24:00.06.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Stacey\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1/11/2014 12:25:34 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2534324054-1425205581-4263345725-1005\Software\Microsoft\Internet Explorer\SearchScopes\{BAAEA39D-8867-4144-B687-D5484383CE23} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Application Data\{CC181458-DF98-49F8-879F-4BC769D8FA3F} deleted
C:\Program Files\Yahoo! deleted
C:\Documents and Settings\Stacey\Application Data\Catalina – Print Savings deleted
C:\Documents and Settings\Stacey\Application Data\Yahoo! deleted
C:\Documents and Settings\All Users\Application Data\Yahoo! deleted
C:\Documents and Settings\All Users\Application Data\InstallMate deleted
C:\Documents and Settings\Stacey\Local Settings\Application Data\BcsKtYcHW.dll deleted
C:\WINDOWS\System32\InstallUtil.InstallLog deleted
C:\WINDOWS\System32\SET1EB.tmp deleted
C:\WINDOWS\System32\SET1F7.tmp deleted
C:\WINDOWS\System32\SET200.tmp deleted
C:\WINDOWS\System32\SET201.tmp deleted
C:\WINDOWS\System32\SET202.tmp deleted
C:\WINDOWS\System32\SET203.tmp deleted
C:\WINDOWS\System32\SET204.tmp deleted
C:\WINDOWS\System32\SET205.tmp deleted
C:\WINDOWS\System32\SET212.tmp deleted
C:\WINDOWS\System32\SET214.tmp deleted
C:\WINDOWS\System32\SET21B.tmp deleted
C:\DOCUME~1\Stacey\LOCALS~1\Temp\wpsetup.exe deleted
"C:\Documents and Settings\Stacey\Application Data\Samsung" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\AceBIT\Password Depot 5\Firefox" [11/10/2013 11:14 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2" [01/19/2011 10:20 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703
- Safe Preview - %ProfilePath%\extensions\[email protected]
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Stacey\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703
F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash
69AA47F09AA281C7D3C7716CA7E283B4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
380F9A643A149B9030142E7171EFA91B - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
A5FFA90A0CD5F08CDDDF7C4A4D1B4D9C - C:\Program Files\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll - Coupons Inc., Coupon Printer
EEEB86077BB4682B3FCFEDA5AED3E396 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
BADFB0DCCD9B7E9F2F6EB7954D24EED1 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
1153F58FACBC9731AF6CDF313F76DF29 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
9E4F520270BF7301CC24E8FA67791C22 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
E50A1DB5DE70D656287511297B42F9F2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player
8F24103AB984847AA2939F58F19CCC98 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java™ Platform SE 7 U21
ADC539F67D3198679F480974EE203678 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
1FFDEA3D309253A9A3D6C68AE210E3FA - C:\Documents and Settings\Stacey\Application Data\Hopster\CouponPrinterPlugin\2.0.2.0\npCouponPrinterPlugin.dll - CouponPrinterPlugin
B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
FA77C368D108519B3C77AE043846DAC9 - C:\Documents and Settings\Stacey\Application Data\Hopster\CouponPrinterPlugin\2.0.2.0\npPrintUtil.dll - Coupon Printer Plugin
B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/09/2013 10:59 AM]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[05/06/2013 03:12 AM]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/...s}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.co...ge={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2534324054-1425205581-4263345725-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9} deleted successfully
HKEY_USERS\S-1-5-21-2534324054-1425205581-4263345725-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9F79B165-70F7-4C46-B1A5-8828E2FF21F9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{84481A87-2316-4923-8FAB-3BA8CA29323D} deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Stacey\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Stacey\Local Settings\Application Data\Mozilla\Firefox\Profiles\3oyk5e3y.default-1379469582703\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=5 10553334 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully
C:\Documents and Settings\Stacey\Local Settings\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Stacey\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\Stacey\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on Sat 01/11/2014 at 0:39:48.89 ======================
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
Hello again strew1221,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

  • 0

#14
strew1221

strew1221

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c1797a5ae99aff4f828f4b44fda79806
# engine=16610
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-11 07:37:36
# local_time=2014-01-11 02:37:36 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 3594494 14391507 0 0
# scanned=78497
# found=27
# cleaned=27
# scan_time=4208
sh=50433197412217B98F96972F49007183F4BF25F2 ft=1 fh=ffa63240e4f3939f vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\bin\ChromeModule.dll.vir"
sh=9AD04A7058AC026D71A9DBBB65D3405A0FE1F966 ft=1 fh=27fad6d8e176ad34 vn="a variant of Win32/Conduit.SearchProtect.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\bin\cltmng.exe.vir"
sh=6AFFAC1058EC89B360D9523A5522518AC6CC345B ft=1 fh=6432fa134192634c vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\bin\FirefoxModule.dll.vir"
sh=901D125118A5846E5CA9596978714EFA017A93A3 ft=1 fh=e61e1100b2240fc7 vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\bin\InternetExplorerModule.dll.vir"
sh=FD8B92580C2FF70E2A7B56756ECB5FD6B921FCF2 ft=1 fh=faefea65a273ead1 vn="a variant of Win32/Conduit.SearchProtect.D application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\bin\SPRunner.exe.vir"
sh=77801D0E0DC02E8C50CDC73562F4D7F13FC1C18B ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\ffprotect\application.js.vir"
sh=170ACC25B35BA845064591DF61F2D52142823738 ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Application Data\Searchprotect\ffprotect\nsprotector.js.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Local Settings\Application Data\Connect_DLC_5\ldrtbConn.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Local Settings\Application Data\Connect_DLC_5\tbConn.dll.vir"
sh=7BF70FFDBF340B6B0E1A8B65DB98AB11C3232AE0 ft=1 fh=b836bf4dac5fef99 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Documents and Settings\Stacey\Local Settings\Temp\CT3306061\ieLogic.exe.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\ldrtbConn.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Connect_DLC_5\tbConn.dll.vir"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Mozilla Firefox\browser\nsprotector.js.vir"
sh=50433197412217B98F96972F49007183F4BF25F2 ft=1 fh=ffa63240e4f3939f vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\ChromeModule.dll.vir"
sh=9AD04A7058AC026D71A9DBBB65D3405A0FE1F966 ft=1 fh=27fad6d8e176ad34 vn="a variant of Win32/Conduit.SearchProtect.B application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\cltmng.exe.vir"
sh=6AFFAC1058EC89B360D9523A5522518AC6CC345B ft=1 fh=6432fa134192634c vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\FirefoxModule.dll.vir"
sh=901D125118A5846E5CA9596978714EFA017A93A3 ft=1 fh=e61e1100b2240fc7 vn="probably a variant of Win32/Conduit.SearchProtect.C application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\InternetExplorerModule.dll.vir"
sh=FD8B92580C2FF70E2A7B56756ECB5FD6B921FCF2 ft=1 fh=faefea65a273ead1 vn="a variant of Win32/Conduit.SearchProtect.D application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\bin\SPRunner.exe.vir"
sh=77801D0E0DC02E8C50CDC73562F4D7F13FC1C18B ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\ffprotect\application.js.vir"
sh=170ACC25B35BA845064591DF61F2D52142823738 ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Searchprotect\ffprotect\nsprotector.js.vir"
sh=832BF5093617711948105FF65094819FB6830C79 ft=1 fh=d853b354b0134743 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Stacey\My Documents\Downloads\ac3filter_2_6_0b.exe"
sh=E0C5E31B4A4DAA88C64BB4CA1E304C4D70481F1F ft=1 fh=626d7421e12db363 vn="a variant of Win32/CNETInstaller.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Stacey\My Documents\Downloads\cbsidlm-cbsi145-AdwCleaner-SEO-75851221(1).exe"
sh=E0C5E31B4A4DAA88C64BB4CA1E304C4D70481F1F ft=1 fh=626d7421e12db363 vn="a variant of Win32/CNETInstaller.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Stacey\My Documents\Downloads\cbsidlm-cbsi145-AdwCleaner-SEO-75851221.exe"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP129\A0003827.dll"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP129\A0003829.dll"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP129\A0003834.dll"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP129\A0003835.dll"


It appears to be working much better. No hanging like before.

Edited by strew1221, 11 January 2014 - 01:43 AM.

  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

It appears to be working much better. No hanging like before.


Good news. :thumbsup:

I think your machines is good to go now.

We have a couple of last steps to perform and then you're all set.Posted Image

Please go here to download OTC again.

Run this program to remove most of the tools we have been using.

If you are asked to reboot the machine to finish the Cleanup process choose Yes.

Step 2

Right click on Start > Explore and navigate to C:\_zoek and delete all folders/files you find with zoek in the name.

Step 3

To remove AdwCleaner double click on adwcleaner.exe to run the tool.
Click on Uninstall, then confirm with yes to remove AdwCleaner from your computer.

Any remaining tools may be deleted.

Step 4

Next, we need to clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.
-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
----------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP