Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows OS crashed (vista) due to virus. [Solved]

Started by Monvishi , Jan 17 2014 01:52 PM

  • This topic is locked This topic is locked

#136
Monvishi
Posted 29 January 2014 - 12:54 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
The option of Use Other ways to activate does not show up. My third option is contact SONY to activate, which I did.
  • 0

Advertisements

#137
Monvishi
Posted 29 January 2014 - 04:53 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Is there any other way out here... SONY guys are selling their virus removal package to restore the Windows Vista. Reason being, they suspect corrupted system file and it needs to be resolved. Also the loss of sound they are linking to the same thing. Corrupted sound drive. May be the sound drivers needs to be cleared and re-installed.

These were the answers from their Support Desk.

Do you think this could be possible, if so, can we get it corrected thru this forum?

Please let me know.
  • 0

#138
Machiavelli
Posted 30 January 2014 - 09:12 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Do you think this could be possible

It could be everything. We will do now another OTL Scan. With that I like to see if the PC is clean or not.

OTL

  • Run OTL by double-clicking on it. (if you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the OTL icon and select Run as Administrator)
  • Click Quick Scan to start OTL.
  • When OTL finishes scanning, a logs, OTL.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

  • 0

#139
Monvishi
Posted 30 January 2014 - 10:33 AM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
OTL Scan in in progress now. I have a question here, on the OTL screen, on the right side in blue, there are 3 options, the second one is "Skip Microsoft Files"

Do you think we should uncheck that so may be the system corrupted file may show up, afterall we are looking for Microsoft related error here?

The sound is also gone yet, no output device installed.
  • 0

#140
Monvishi
Posted 30 January 2014 - 10:49 AM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
OTL logfile created on: 1/30/2014 9:29:33 AM - Run 10
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fry's Electronics\Desktop\Geekstogo
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.81 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 48.88% Memory free
9.41 Gb Paging File | 7.21 Gb Available in Paging File | 76.63% Paging File free
Paging file location(s): c:\pagefile.sys 5850 5850 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.93 Gb Total Space | 120.95 Gb Free Space | 26.53% Space Free | Partition Type: NTFS
Drive F: | 1.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: MONVISHI | User Name: Fry's Electronics | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/22 22:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/01/18 21:43:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fry's Electronics\Desktop\Geekstogo\OTL.exe
PRC - [2014/01/02 17:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/11/27 09:21:36 | 000,106,496 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2013/11/27 09:12:02 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2013/10/31 13:47:38 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/07/08 04:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/05 08:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/06/21 05:01:58 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/06/21 05:01:56 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2008/07/28 17:45:42 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/07/28 17:45:42 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/06/20 08:56:44 | 000,415,744 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008/06/19 08:55:48 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/05/22 14:23:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/05/20 13:48:32 | 000,024,576 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
PRC - [2008/03/25 14:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/29 05:27:54 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2014/01/29 05:27:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2014/01/29 05:26:53 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2014/01/29 05:26:45 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2014/01/22 22:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/22 22:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/22 22:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 17:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/18 16:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2008/07/28 17:45:44 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2013/04/17 16:09:14 | 007,982,368 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV:64bit: - [2008/08/06 18:06:48 | 000,407,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/06/11 23:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2008/06/11 23:10:46 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/01/05 09:53:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/27 09:12:02 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2013/07/08 04:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/21 05:01:58 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/28 17:45:42 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/07/11 04:51:19 | 000,133,120 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008/06/20 08:56:44 | 000,415,744 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008/06/19 08:55:48 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/05/22 14:23:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/05/22 14:21:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/05/20 19:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/05/20 19:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/05/20 19:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/05/20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008/05/20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008/05/20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008/03/25 14:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/21 18:53:00 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/24 23:01:12 | 000,107,048 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/09/24 23:00:36 | 000,077,184 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/09/24 23:00:00 | 000,173,504 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/02 13:58:38 | 000,105,744 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009/08/05 20:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/04/10 22:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2008/08/13 17:01:16 | 000,021,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/08/13 17:01:15 | 000,132,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/08/13 17:01:15 | 000,095,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/08/13 17:00:47 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/08/12 17:01:41 | 007,907,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/17 17:02:44 | 000,064,512 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/06/25 17:13:33 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/06/19 17:37:17 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2008/06/02 17:05:24 | 001,133,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/05/28 03:23:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/26 17:06:28 | 000,315,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/03/10 04:01:26 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/01/30 17:33:30 | 000,019,456 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/01/20 19:47:28 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV - [2008/09/19 08:28:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/09/19 08:28:43 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/07/11 16:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)
DRV - [2004/11/22 15:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 15:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMPR5.sys -- (MREMPR5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGNI_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2013/02/07 18:39:37 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2013/02/07 18:39:37 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Fry's Electronics\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Fry's Electronics\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=6: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=7: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/04 08:59:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension [2013/10/01 13:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/10/01 13:11:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2013/10/01 12:17:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/04 08:59:57 | 000,000,000 | ---D | M]

[2010/10/03 21:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fry's Electronics\AppData\Roaming\mozilla\Extensions
[2010/10/03 21:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fry's Electronics\AppData\Roaming\mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Wallet = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/23 08:48:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60978BA2-A574-416B-A2A2-FEEDA5DC83C9}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A97872AB-22A2-4BD1-8CFC-BD03A2683FFC}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\application/x-microsoft-rpmsg-message - No CLSID value found
O18 - Protocol\Filter\application/x-microsoft-rpmsg-message - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\wpdshserviceobj.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/06 19:51:58 | 000,000,140 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/29 03:13:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/28 10:44:11 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/28 10:34:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2014/01/28 10:02:11 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2014/01/28 09:48:04 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/01/28 09:28:12 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/01/27 20:10:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LeapFrog
[2014/01/26 11:27:26 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\Desktop\2014 Calendar
[2014/01/26 10:58:41 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2014/01/24 12:41:24 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\Desktop\iPad pics
[2014/01/24 12:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
[2014/01/24 12:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/01/24 12:07:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/01/24 12:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/01/24 12:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/01/24 09:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/01/23 08:54:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/23 08:48:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/22 15:35:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/22 15:35:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/22 15:35:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/22 15:35:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/22 14:57:07 | 005,173,757 | R--- | C] (Swearware) -- C:\Users\Fry's Electronics\Desktop\ComboFix.exe
[2014/01/22 07:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/21 07:40:30 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/21 07:07:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/20 15:35:43 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Local\Temp
[2014/01/20 15:18:55 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/01/20 14:48:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/18 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Roaming\WinRAR
[2014/01/18 22:23:46 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/18 22:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/18 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/01/18 21:18:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/17 15:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2014/01/14 09:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/01/08 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\Desktop\India trip 2013
[2014/01/05 09:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/01/05 09:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2014/01/05 09:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/01/05 09:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect
[2014/01/05 09:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Leapfrog
[2014/01/05 09:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeapFrog
[2010/05/15 17:26:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/01/30 09:25:29 | 000,723,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/30 09:25:29 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/30 09:25:29 | 000,104,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/30 09:24:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/30 09:20:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/30 09:19:56 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 09:19:56 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/29 18:53:00 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
[2014/01/29 18:26:23 | 000,000,976 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
[2014/01/29 18:26:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/29 18:26:15 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/29 11:53:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
[2014/01/29 11:41:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
[2014/01/29 05:17:01 | 000,406,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/28 10:36:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014/01/28 10:04:23 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2014/01/28 09:54:29 | 000,723,104 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/28 09:49:10 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-MONVISHI-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2014/01/23 08:48:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/22 14:57:32 | 005,173,757 | R--- | M] (Swearware) -- C:\Users\Fry's Electronics\Desktop\ComboFix.exe
[2014/01/22 12:06:27 | 000,002,049 | ---- | M] () -- C:\Users\Fry's Electronics\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/20 15:18:54 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/01/18 11:17:10 | 000,000,963 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/09 11:45:44 | 000,027,648 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/05 09:53:41 | 000,002,001 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/03 15:49:49 | 000,450,549 | ---- | M] () -- C:\Users\Fry's Electronics\Desktop\Retroactive_Mileage_Claim.pdf

========== Files Created - No Company Name ==========

[2014/01/28 19:18:41 | 000,217,074 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2014/01/28 09:49:10 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MONVISHI-Microsoft®-Windows-Vista™-Home-Premium-(64-bit).dat
[2014/01/22 15:35:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/22 15:35:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/22 15:35:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/22 15:35:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/22 15:35:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/22 07:12:35 | 000,002,049 | ---- | C] () -- C:\Users\Fry's Electronics\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/20 15:35:43 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/01/05 09:53:41 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/03 15:49:48 | 000,450,549 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\Retroactive_Mileage_Claim.pdf
[2013/07/15 14:14:28 | 000,000,680 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\d3d9caps.dat
[2013/07/15 12:09:41 | 000,000,732 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\d3d9caps64.dat
[2013/06/16 19:49:55 | 000,004,096 | -H-- | C] () -- C:\Users\Fry's Electronics\AppData\Local\keyfile3.drm
[2012/09/10 12:03:06 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/27 10:32:11 | 000,013,794 | ---- | C] () -- C:\Users\Fry's Electronics\bsnlrect.pdf
[2012/06/26 10:40:58 | 000,180,236 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/05/15 17:26:18 | 000,007,859 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.cat
[2010/05/15 17:26:18 | 000,001,167 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.inf
[2008/11/29 08:35:23 | 001,263,689 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\UserTile.png
[2008/11/29 08:34:49 | 000,000,000 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\wklnhst.dat
[2008/11/13 14:10:42 | 000,027,648 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = c:\windows\syswow64\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

========== LOP Check ==========

[2013/06/17 20:17:35 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Allvoi Softphone
[2013/06/22 21:06:00 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Azureus
[2014/01/30 09:24:52 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox
[2010/02/09 13:17:40 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Facebook
[2009/03/16 19:43:33 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\InterVideo
[2010/03/26 15:17:25 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\NCH Swift Sound
[2013/06/22 11:57:47 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Nico Mak Computing
[2013/07/16 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TeamViewer
[2008/11/29 16:07:12 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Template
[2010/05/12 15:17:02 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Tific
[2010/10/03 21:17:34 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TomTom
[2014/01/25 19:34:29 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TuneUpMedia
[2013/10/01 13:11:10 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\uTorrent
[2010/04/16 04:38:31 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\webex

========== Purity Check ==========



< End of report >
  • 0

#141
Machiavelli
Posted 30 January 2014 - 10:57 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Do you think we should uncheck that so may be the system corrupted file may show up, afterall we are looking for Microsoft related error here?

I would see if there is a corrupted file anyway.


I will come back with new instructions later.
  • 0

#142
Monvishi
Posted 30 January 2014 - 12:26 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Do you see anything? Is there still any presence of corrupted file in the system?
  • 0

#143
Machiavelli
Posted 30 January 2014 - 12:38 PM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Do you see anything?

No. It is clean.

Is there still any presence of corrupted file in the system?

I don't see any corrupted files until now.

Command Prompt

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

  • Click on the Start Posted Image button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • When command prompt opens, copy and paste the following commands into it, press enter after each (net stop slvc: it may ask you if you are sure, select yes)

    net stop slsvc
    cd %windir%\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing
    rename tokens.dat tokens.bar
    cd %windir%\system32
    net start slsvc
    cscript slmgr.vbs -rilc

  • Try to activate Windows.

  • 0

#144
Monvishi
Posted 30 January 2014 - 01:26 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Finally!

Original version of Vista is BACK! Did activation of Windows and restarted the system.

However, the sound part is still gone. Can we restore that too?
  • 0

#145
Machiavelli
Posted 30 January 2014 - 01:32 PM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Yayyyyyyyyyyy!!!! PARTY! We saved you from a complete reinstall of the system. I will search for a solution of the sound problem. :spoton: Can you tell me when the problem started and what exactly the problem is?
  • 0

Advertisements

#146
Monvishi
Posted 30 January 2014 - 01:36 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Posted ImagePosted ImagePosted Image

Thank you soooooo much!!!


Okay so with the sound, all was going well, all of a sudden yesterday morning the sound was GONE. The shortcut icon shows the MUTE sign and when we go to unmute it says "No Audio Output Device is Installed in the system"
  • 0

#147
Machiavelli
Posted 30 January 2014 - 01:56 PM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
  • Go to device manager (Go to Start and search for device manager)
  • Select sound, video, and game controllers from the list, and select high definition audio device when it drops down
  • New window will open. Select the driver tab. Click uninstall.
  • Then after it is uninstalled, go back to device manager window.
  • Select action, and THEN you will have the option of scanning for hardware changes.
  • Select this option and it will reinstall

A picture to that, which may helps:

Posted Image

Did that solved your problem?
  • 0

#148
Monvishi
Posted 30 January 2014 - 02:00 PM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Nope.

After "scanning for hardware changes" the "sound, video, and game controllers" is gone. The icon still shows Muted.
  • 0

#149
Machiavelli
Posted 31 January 2014 - 07:23 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Which system do you exactly have?
  • 0

#150
Monvishi
Posted 31 January 2014 - 08:13 AM

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Sony VAIO integrated desktop.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP