Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Daughter's Laptop - slow - malware probably [Closed]

Started by briz_dad , Jan 17 2014 08:09 PM

  • This topic is locked This topic is locked

#1
briz_dad
Posted 17 January 2014 - 08:09 PM

briz_dad

    Member

  • Member
  • PipPipPip
  • 251 posts
Hello GTG Volunteers,

I am back again with my daughter's laptop.

She complained yesterday that it was "shutting down" suddenly and had been taking a long time to open and run programs.

After confirming that it was painflly slow - even had trouble opening and running task manager - I started with running MS Security Essentials. After running for about ten minutes, it reported there was suspect programs found, and recommend to keep letting it run.

This evening (having forgoten that I was on maintenance duty :blush:) I came and saw the blue screen of death. Upon restarting the laptop, Microsoft Security Essentials didn't open (as it is supposed to on start-up). Also, I thought I'd uninstall some of the programs I know she doesn't use like Skype & Firefox - I wasn't able to... or didn't have the patience; it was taking a very long time.

Lastly, I am noticing that the computer is freezing up while I'm typing this - and windows exlporer has crashed a few times in the last 24 hours.

OTL report coming...

FYI,
Greg

(I wanted to get this topic started in case things really get bad - as though they could get worse... but they always can, right? :rolleyes:)

:help:
  • 0

Advertisements

#2
briz_dad
Posted 17 January 2014 - 10:08 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
OTL logfile created on: 1/17/2014 5:57:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.02% Memory free
3.94 Gb Paging File | 1.94 Gb Available in Paging File | 49.26% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 69.40 Gb Free Space | 49.05% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/17 17:56:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
PRC - [2014/01/17 14:03:14 | 001,132,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.165.1993.0.exe
PRC - [2013/11/19 02:21:30 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
PRC - [2013/10/23 15:01:10 | 000,300,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/09 10:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/31 05:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/07/24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/07/24 18:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/06/28 07:53:04 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2007/06/28 07:53:02 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007/06/28 07:53:00 | 000,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007/06/28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/06/25 13:41:08 | 004,489,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/20 14:35:06 | 002,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
PRC - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
PRC - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
PRC - [2007/06/15 11:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/06/14 07:40:46 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/06/07 13:30:30 | 005,742,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007/06/05 06:49:30 | 003,682,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
PRC - [2007/05/31 08:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/01/10 15:51:06 | 000,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
PRC - [2007/01/04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2006/11/02 01:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvr32.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/17 17:43:52 | 000,130,560 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\temp\117bc5f2a6ee400f8c5f8c58e02bdace\http.dll
MOD - [2014/01/17 17:43:30 | 000,155,648 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\temp\117bc5f2a6ee400f8c5f8c58e02bdace\filesys.dll
MOD - [2014/01/08 17:20:51 | 000,812,032 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\GPNsoft\PsdTexture.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV - [2013/12/10 19:31:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/09 10:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2008/01/18 23:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/31 05:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/07/13 09:55:56 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/07/05 16:43:04 | 000,079,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007/06/28 07:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 07:53:02 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/06/28 07:53:00 | 000,188,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/06/28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/20 14:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/06/20 14:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/01/10 15:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\point32k.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/01/16 16:57:20 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A447A0EF-FF33-4023-90FF-3F7102D86052}\MpKslce2aff26.sys -- (MpKslce2aff26)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009/08/14 05:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 05:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/01/04 20:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/12/04 16:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/09/26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/09/01 10:06:13 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/07/31 05:04:34 | 000,328,704 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/27 18:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/06/15 08:28:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/14 11:02:13 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/14 11:02:13 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/05 04:17:29 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/24 16:36:21 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/19 05:07:14 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/04/19 05:07:14 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/05 23:09:26 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{5B58F4CF-2D74-4EBB-AD8C-1DDAA576FA7D}: "URL" = http://search.aol.co...onType=sny_ie7;
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{B428C76D-8FFC-4BB2-A2B9-D373B17575D3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 08:29:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/07 06:14:20 | 000,000,000 | ---D | M]

[2013/07/16 20:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/22 21:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/22 21:29:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/07/29 20:13:15 | 000,002,236 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\askcom.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://blekkosearch....=homepage&v=1_2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: SEOquake = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.18_0\
CHR - Extension: Angry Birds = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Web Developer = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.5_0\
CHR - Extension: YouTube = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PageRank Status = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\8.6.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/07/16 06:16:45 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [GPNsoft Update] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (Reg Error: Key error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...5/uploader2.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Reg Error: Key error.)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (Reg Error: Key error.)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img28.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img28.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/17 17:56:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
[2014/01/16 22:16:34 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Roaming\Mozilla
[2014/01/15 16:16:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2014/01/08 17:11:32 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Local\GPNsoft

========== Files - Modified Within 30 Days ==========

[2014/01/17 18:31:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/17 18:16:07 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006UA.job
[2014/01/17 18:09:07 | 000,000,680 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\d3d9caps.dat
[2014/01/17 17:56:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
[2014/01/17 17:42:53 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/17 17:42:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 17:41:09 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2014/01/17 17:27:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 17:27:48 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 17:27:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/17 17:27:22 | 279,079,754 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/16 16:59:11 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006Core.job
[2014/01/13 16:06:39 | 000,002,627 | ---- | M] () -- C:\Users\Robyn Bri\Desktop\Microsoft Office Word 2007.lnk
[2014/01/11 17:56:13 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2013/12/20 14:24:52 | 000,406,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2014/01/17 18:09:06 | 000,000,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\d3d9caps.dat
[2013/02/08 12:38:33 | 000,007,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 09:38:50 | 000,005,689 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\My Profile.xml
[2013/01/16 09:51:25 | 000,047,403 | ---- | C] () -- C:\Users\Robyn Bri\domain names.pdf
[2013/01/15 20:35:13 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/01/15 20:35:10 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2012/12/11 13:17:28 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2011/02/13 21:03:27 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/14 15:47:01 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Blackboard
[2013/07/14 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Canon
[2013/01/18 08:53:45 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\OverDrive

========== Purity Check ==========



< End of report >
  • 0

#3
briz_dad
Posted 17 January 2014 - 10:09 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
EXTRAS

OTL Extras logfile created on: 1/17/2014 5:57:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.02% Memory free
3.94 Gb Paging File | 1.94 Gb Available in Paging File | 49.26% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 69.40 Gb Free Space | 49.05% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-291611602-1755704891-1640183286-1002]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-291611602-1755704891-1640183286-1003]
"EnableNotifications" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C9E7D7-DFAF-4D56-9681-3EE594217AF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04FC9E22-717F-466C-A0C7-33A996239956}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{0A2ED3DA-C315-4158-A957-847A0EC3D3A7}" = lport=5358 | protocol=6 | dir=in | app=system |
"{3C0487AA-2CFA-4442-9442-35C7CCF95976}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{45DE8512-A5EB-4FD6-9302-2DC8B8615A3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{559F2100-BB2B-49F3-B142-15E036459272}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E3EC6BD-AF14-4930-B0B7-657D90DD3CDA}" = rport=5357 | protocol=6 | dir=out | app=system |
"{68B222DF-3E3E-413D-9F9F-1AA558AFA73B}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{6C803307-E296-471F-84EC-67E5B76B66DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7AF4F026-44DC-4D9E-8D09-F8742907930B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{854CF5D0-C5A2-42D5-995C-AFE9C657A943}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{873D97F5-A2E2-4766-9DA0-B512893248C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9005202C-B5C0-4194-BB84-40CAEDCA3870}" = rport=5358 | protocol=6 | dir=out | app=system |
"{B8B6742B-A1B7-455A-8C78-F142F14C4B23}" = lport=5357 | protocol=6 | dir=in | app=system |
"{BAD3D1DE-B2E8-43C3-967C-46E86F193980}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF49ED2C-8758-4CA5-AFA4-C61567557D53}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D0578ECD-DC5A-4E78-8D22-D35325C89A28}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D0E6D7AF-A9B2-4D16-9E00-A92E50831368}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D48C7C79-6B4C-43CF-B402-652F85B4B76F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE90B3EE-2DC9-4164-A479-7DA465018B03}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EF398C0C-0A76-4BC3-AC1F-6F79621B33F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6FBCE7C-4F14-4982-AD38-1FEA1BEA8689}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF5E3D06-4FA2-400C-9787-F6F8B81662F6}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002DA5AA-4414-46E1-A79D-5AF4A5FA6D9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00857C61-38B9-4A87-806A-673B4DC1338E}" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\dropbox\bin\dropbox.exe |
"{01D4C938-9FA9-408A-9616-7F44D161D8BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0253229D-69F8-4A46-A40B-EAF7644F0265}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02A83549-574C-4184-A238-2FC41533FC9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02B2598A-F531-4E95-B95C-D0CE4A1A2F06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{040188DF-D24E-474B-8EAE-9A0F1B7EA6A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{044E4176-66BF-47D8-AFF3-E6B79F54003F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05016AD8-0DD6-49A8-9F3B-CB2F031255A6}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{050463D9-306B-4AFE-8B2A-B9F1ADBA5D76}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\upnpframework.exe |
"{0589E8A4-F5AA-40A2-931A-16DD93BD57C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{076BCFAF-065B-4ABB-98BB-3B4D863B2A98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0799696B-0A49-42C1-B1DB-186F42C886F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08F20107-A881-4DED-92DB-CDAE4962BB47}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08FDFBC6-3791-4965-929C-A021F6BBBD15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{096612F5-D8D0-4C13-9F64-670EEDB2A894}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09C4B4A1-8935-4F93-B310-7DE95B17C1CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A5DC849-9FD1-4D02-95A1-BF6F7C22DFD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AF10003-47DC-4D13-BBDA-3C9B7F5DB0DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B323195-6EA9-4653-89B5-EE09EF2CF3A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C575B90-3FEA-4CF7-BDE1-3ED87D9F5755}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D7A99B1-B455-4F41-BB81-A37D0C456A80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E054D81-53D0-4993-89E4-939BA9634451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E4569E4-2949-440F-A838-7136B3FA8935}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F425C74-2BBB-4BCF-9D90-550D451AA787}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{135F2789-B02E-417B-9077-00D07D0670F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{137468D9-E374-4078-8ABE-64B09FEC3DF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{137EEB24-1278-4467-8BD3-B188EC05A205}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13FFCA74-A8BA-4560-A766-4E23DACB644B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14AE5D15-6D58-4AAC-9AB8-5CDA56318802}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\vmisrv.exe |
"{14CAE6D6-3F59-4EC6-AB6A-40612616B077}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{168697FD-B93F-46DE-B121-DD71D67107C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{189D1217-DB26-4BFA-8113-FD303B323614}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1981C37A-12C7-461D-A54A-8BB79EC5F86A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19867DC5-2B4F-44C4-B54C-C8AC2C9BEBAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1989C500-0EEA-4375-B167-97B170DB075D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{199BFD45-05A3-433A-A091-458DAB29DC01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D153F21-FF0F-417D-BDB5-8DA7D0468C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D2882ED-B501-475D-A63D-9B896DAE00B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D520F30-1AF5-4BE1-B5E5-54E9D0C04BA2}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\vmisrv.exe |
"{1D686CD5-753D-45FC-812E-A1952AA89DBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EA8E554-8618-4DA8-B575-36EDD4615BCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F56E411-72B9-4E27-8A19-B6998D1587A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FBFF506-187E-44F4-9B0D-909D9D52786A}" = protocol=6 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{1FD111E1-E1F3-461A-9BEB-A2FA9AB66100}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20541E04-0185-4725-9763-37A5761F2EA2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{2080ABD4-6A24-4A28-AE6D-CC40DC38DF70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20CA0061-F470-4B5A-A314-0809C3830ACF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21069343-9B2F-492E-90FC-79051D69C693}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21ACC26A-B10D-44C1-BBC5-77E28E26F941}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22553FDF-1B21-4D18-A1E1-BEE7B3AFAA68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{225CB4E8-8137-4EDE-A374-9C50EC90B539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22765E14-B593-49C9-9FF0-859E707DC6F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2301AAA9-07E0-4BAF-A697-FF8149C47EC5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23351BB1-9B03-401A-99A1-A6CC6673E2B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23533C37-78A3-4C1D-B7E7-FF7CC4CDF6F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23617030-9A6E-4B51-9389-5C6C7233E8BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24073274-5031-4DF4-816F-BED00A18FB7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24C3DF40-ED07-4A52-8425-50BD53BC97C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24CFFEB2-0033-4025-B5C9-4F1EAB344F56}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2507BE7A-31E0-4388-BFD3-E70C9C484BAA}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{25273EE6-F493-4F6A-9627-085A94F617A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2545788A-6E65-47D5-80EB-1E840F653C89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25873AA9-5254-475F-8CB8-2BE8CE15B8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25C66D49-EC2C-47B8-ABE1-305A171818D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25EC9745-65F2-4E23-B501-B01993B70831}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2613B7CA-3618-458A-907B-C1A385868B90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{270DE519-E2F0-4636-A67E-76355BF24BC8}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\vmserversettings.exe |
"{289E7FFA-93DE-40AD-992E-32203964A9B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29584AB5-FC96-4E3E-B220-E5B4E0F784D8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A15EC5C-48E8-444E-AB8B-A68227401023}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A678BCE-E7D8-414F-B38E-0056E9DE0ED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A83A922-FC3C-41DC-99B4-E2152B1B0FC1}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{2A8C2443-B3DD-451C-8B22-378BC79731F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B0AAC86-3FC8-4042-823A-D78E6586089F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B0B7AC6-DCEE-4BEA-9EC2-F619FF307591}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B146C91-36CC-420B-B136-279DFC659EA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B73BC27-1D71-4C0C-A727-70213D93309E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C41FE12-6454-44F6-AD40-64E69735FBAD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D13EAE1-6892-41BB-AF2A-A8411C58E531}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D362CFD-B521-4697-BB11-013D58ECCBF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E0F3EEE-DDFD-4A8C-881F-4FB7487A6201}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FBFF472-D896-4D6A-80B1-1F5F52E7F5D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30350731-90F0-41F7-AB6A-19A74BFD6F03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30B63962-E89B-4A45-A850-491C317D194A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30D89FCA-8470-4566-899B-640CACC15982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316BF870-5C87-486E-B6FD-DCAF9076786D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{344DE48E-C6FC-435F-BAD2-25FB43E3373C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34879526-6069-49A0-908E-0D475FB6C956}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{34FF1961-557F-46D9-B136-7FB24ABA7476}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{354BEC55-0F20-4B4E-A1FB-32F0C9680786}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35588560-BF3F-4992-A333-63929BAC44E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{356984C6-BD47-450F-9334-5A706F22092B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{366C4D28-6338-4E4F-BFCA-39E90859FDCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36D9885D-C77B-4A49-ABD8-9316A447741E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3743477C-80E8-4688-8E4F-83ED6D50E055}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{376EEF95-A6EC-45C0-AEE9-62084E706BD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38A24AC8-4FE8-4720-B9B0-0D3155749358}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38EB1EEA-4BDD-42E4-BD0E-41688F2BD2CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A5C13EB-4956-4B69-AE1C-1A7A2A5DBE0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B35015B-2B35-4983-A8BC-649A4484101E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B93749C-B2FA-492F-9EBA-EAF8EAA653A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3BFFE67B-F6B5-44F3-AECA-785C2C775719}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C359487-0215-49AC-8520-80A9D1B31DF1}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{3C5AC019-FABE-4C31-9DDD-81E27A491D5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C68DA5C-903F-43D1-B36F-AF47CD583AB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D72E3FD-748A-465E-9CE0-91E48A7BDC62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E3052ED-3EF2-4D65-9D9A-9A04AF90DE85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EB35496-9EC7-4A80-8CD0-9F2A3BC461DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{403816AB-EE09-40D9-A31D-4FC141F7BA13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{425A90AB-ACFF-46F6-8190-30B256488376}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{426DED9C-97E7-4E1E-B689-3507DD77FFC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{448F7E64-B8D4-4AE2-BE9B-ADF446E29E98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{449A8996-B44A-4A91-9DC4-5BF2C637C641}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44B263FB-A3EA-4EA8-BA9D-02D3F405778F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45DE6C72-5760-4E65-B40D-586633C9A115}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{466C7EF6-A287-4EC8-9322-525BF87986CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4697C91F-3C73-42F2-A39A-74FE6DC89B92}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\upnpframework.exe |
"{46A52E8E-B43F-4521-A481-ABBE63C8EA7A}" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\dropbox\bin\dropbox.exe |
"{477EEB07-1ECB-4C23-A302-3526519EA865}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47BD5B62-B5FF-4EA9-8FC5-823DCADAA537}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47F0B769-A48E-4537-8930-08B834531C22}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48D393A6-7AB3-41B0-B22B-A7B01D912A5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{497A1597-29B2-4E39-B7AF-86FBBE7E49BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{499881AD-6245-4D57-865F-BCE69CC13181}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B1A92A9-DEFB-466B-92F9-81FB5A7F2A5C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4BFE0C11-0A77-4AAC-904D-1B63E05B80AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4CD98FCA-DE22-4AA5-92A4-B13DD5448D85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4CFB2AAF-59C2-45B4-B2B7-4C5E143D1A90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DFC2C86-692F-48C4-A2F7-828448E2133F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E4A2945-BB12-49C7-8E5E-EB9F8274A5CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E8B7A6C-1F1D-4415-9F47-BC6E2BCAB1CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E957A44-08CE-429B-A5FF-9ECB8216628F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F081042-8808-42DC-AAC6-863A7DA52044}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F0AE481-B809-4C7E-A242-6BEC9E20C960}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50524621-358D-434C-B164-15F486219242}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5099AF05-966A-4531-BDA8-E3C132E452D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52414530-341E-4BBF-8104-55698224AD80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52979125-2589-4A6B-A420-7A590D58F193}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{532011EC-0363-4ED8-BBC4-D3FFEDC8A22A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{534EFAB8-1D27-4E6E-B39B-AFD82575D1E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{535D0B35-503C-474E-8A12-9E9ACFF34CB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53790C5D-9894-4A68-8960-74E017E698FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53B4491A-5E35-43C6-A594-D606CCB6B124}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53E1D729-B414-4CBF-802C-20CA7F3D80A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{549D0803-7FE9-4BE2-A73A-6694FF545B1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5526266E-D1B7-4F3E-B584-F604772972F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{553385A3-988E-4825-BA32-7DEF7EC3D335}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{554D47F2-98AC-46CB-A166-AD1F535EFB77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{55512D9D-0049-4580-92A7-70FDE204C137}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{561563C0-D15F-4451-9B23-DF37CFA618C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{56782806-EDB9-4DF4-97CA-639E716DAC26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5713414B-2A7E-42BC-BE1E-08FA7E5BD351}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5816CC37-3420-47E9-A00D-21691FD7F860}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5892985A-E95B-45C9-8629-3D20DA4EEF3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{596425E5-A777-4256-86E1-210AE4333451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{597601A7-4C64-41F3-988B-5A5494B1B0AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A194268-E470-473A-BAD4-927EB0252FB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A5892B0-59C9-43FD-B742-14E454FECF97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A627656-952E-4700-9E0B-1AA45921EE76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A6E959A-3AD8-4BAA-AB30-C3BABDA514E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AD18142-D3C1-4CB8-B579-D910598DECEC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AF7B3B6-1AEE-4EA3-BCEC-13F2FD6B3C1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C6FAFD3-435B-41A6-8262-1D20FCF1556D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D4E30F8-B035-406C-B1A1-A55684664292}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D62B815-E368-472B-8F0C-13DFACBCD93C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E400E2C-E766-45FE-BCD1-A75FC13567F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EC22196-4032-4DC6-9BCE-65B41C7313F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EF7FD0E-8995-4F87-A37F-2392A74994B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F0468AB-16D0-43AD-B791-42454677B7CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{601598C8-34C7-4A9C-9DF0-70D7FA1162EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60EBD5EE-CC32-4E07-91B1-A67BF792B4FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60F157EB-479F-4A54-BEAA-EBBE40EAEBE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61146153-DD4D-4E31-9AC2-12E2C1147CBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61259DF6-842D-4F0B-9B41-532253AA9FB4}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe |
"{613B5EF9-E498-4EAA-8B90-FF726623CA6D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61B9D9C3-8D38-4112-8AA9-D93F85105632}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62B20125-4B9E-44A9-B6D7-EEE6B97A4FD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62E82591-6AE6-477B-B9CE-9A92919B42F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63CA7EAB-B359-4097-A416-EF093BB1E6CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63D413AB-73D1-4BE1-8C0C-B1ED5B70574A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{641167F6-AE75-4D38-A673-E5E4D6CC42CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64911C09-9C95-4F50-A7D3-487A4038FA2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64954490-F479-45BA-9781-F76E6D4714B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64B62D39-5A69-457C-B2DC-C7175DEA403D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65711B4D-9D99-4C51-8E21-6B55E594B6D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65ECEB8E-2D8B-4847-8151-6A23BEA4D9E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66B292CA-4D87-4085-B0AC-679C39869359}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67567ED4-DBAB-4315-A87E-A660D18BDD8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{675E6F2B-A0F5-4643-AA3F-498FDD0B5C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{677ACEEC-D187-42AC-BC43-66B678B2B49A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{682A610C-4D8E-402E-997E-2A46A6B5E99A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6946A01D-6DB4-4DE6-BE99-A79B8FB2E5C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6C3515D5-642C-4F94-95EA-F7CED9BFE176}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CA9C3C3-D6FE-400D-A7DE-3CD83F07F737}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CCC81FB-4693-4212-B592-57352DF449D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6EBB14FA-D497-486D-9786-4DF6E26AC4A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7016AC2F-57C5-4F14-9C22-8AF7A3ECE322}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{704CED88-5033-4F9D-B0CB-10521CBAE004}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7052EEB8-F7CC-494F-B04F-0DE6C4D18F99}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70E78E42-6952-4AE8-ABA0-0624EE9C0902}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{723F079B-F809-4A6E-9046-93DAB4C4D1B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{736A95BC-9950-483F-9EB6-D920AD4E68FF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{74015E84-F69F-4611-888B-9DEBACA95F2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{750A6A5D-FDEE-4108-B809-DCD0CD1A0268}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75AB3156-6483-4B8A-8575-2F0DE5145F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77160E57-787E-4967-BC35-E10C33DE3321}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78C6E88E-FF43-4B29-B147-DCEA7DC1030B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{791910D9-B3E7-4A26-A1E3-2FCD8237B34D}" = protocol=6 | dir=in | app=c:\program files\common files\apple\windows migration assistant\migrationassistant.exe |
"{797E646D-27A1-44E3-8CED-BF11ED10B776}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{79D2AF59-51BC-4AF7-A1A1-AEF84BF508B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A0F1881-B301-4CD1-8E07-C547DADD207B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A4BDABD-B1C2-46A4-A668-A99CFF1CAE4A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D7B750C-784E-4CC2-943A-AB4C5A32101A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F22AA85-E0A3-44BD-8E2E-69065EDCF7C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FB7DCCB-FC7C-4AFC-B94E-EDEEB120C650}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80545567-DE66-4EAA-9339-DB7C345D7032}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{834372F8-2AB2-469C-8AB5-C33A906887A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83564858-DFEA-4DAA-84E1-1082F8EA7855}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8531BD37-AC52-4416-8CB0-221797651712}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85610DEC-744F-4FBA-94A9-8111EF377B1B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85AAB168-D939-4628-8777-43DA4FCF3B43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85AC5D86-38BA-46D7-AD4A-0B2A88992DD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85F5466A-31B6-461D-B9A7-86938CE6F07D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{863ADFCA-5722-4031-B017-C933343C9DCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{868CCF95-C2F2-4FED-A356-7659483B6B4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86955877-2515-4788-8743-1910FA8469A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86B8540D-F889-4AD8-8C1F-8A163A1E1E6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{874C482F-8126-40BD-9D60-A31282ABEBF8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87DEFF74-3CED-4E3E-9D60-9C3B6D9D32C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8807BC82-5B89-42D4-B6D9-63C1D0181ECF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{884BC007-90D2-4D93-937C-51CEB99C604D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89B65D10-20F4-4AEF-9C9E-4289FE7F5596}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AEE29DB-AAB6-473F-A4CF-45A764E362B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B50B8D1-E3CE-41B2-8636-E2FF0FB64345}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{8B6B8E1C-F352-4924-B826-660207709157}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C6C0145-7A0A-4C5B-8452-2443D4EC3866}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CDA122C-146E-4027-8873-5ED0953C9C9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D633862-A8D9-4CF3-A7C6-F973E32C0EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DDEFBB9-7C5B-4CC1-B209-2DE81DE4C49F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DEC5335-B07F-4005-AB95-D520DCDEC1FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E5DC454-3E52-4036-A38A-A3D8B2CDAE4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F97B141-C5FE-4F76-BA97-31A8DB629863}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FD70E70-2C58-4645-ABB7-CB5762C4DA21}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FFF1735-F3ED-4CEA-A7EC-34C0E76F0374}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90F06714-99F3-495A-9443-3EBE9D4328CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{915CF28C-896F-44AE-80EE-94E564649E18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9162F8E5-55E8-4D65-986A-20D5F17FD801}" = protocol=17 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{93D9CCE5-76CF-4E56-96A0-2EBBA359E830}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{947B85CC-664F-477E-B2BE-BC6FD72A44AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{95663875-BC79-4651-B41B-C5F325C8B0A9}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\vmserversettings.exe |
"{963B9170-2D38-4B79-9BB3-B54D6BF96F94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{963C8A2E-72D6-44DD-8CA1-14650A131E2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96DB8348-1BF8-456B-89DB-2335FCB4D028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96ECFA3A-3C16-435A-8FBA-4C4979BDDADF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96F93C13-4C9E-40FF-92F5-547B7747525B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97CF0E01-866C-4D8F-A344-3055D6922787}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98338FC5-AAFB-4CDD-9E08-2C39F20D611A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{98AD96E6-3134-46E8-AB2B-6AECB3A64A69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98B5E420-55DE-4F64-B6BD-701DE67CB31B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98DE839C-20CA-4374-9CF5-A0CC0918CBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98EDAE31-B5C3-4DA3-A8B9-B740E90F77F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9956C8DF-9BDC-46A6-88A2-8C59F283466A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{997EAA1C-8E80-475D-8C26-E14F03552A3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99DB1307-1F34-4512-808C-46138162F34C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99E4AD2B-48DB-4AD1-BE81-8477CC3A1F4A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C90F89E-4F1D-4F08-BD3A-4EF82C78ADA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CA3E6A8-E70C-4E8D-96C0-6BB627F339AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D2FAAD4-53B0-430E-923A-F4F1221A9D27}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DC553AF-26C9-4314-9AAA-1D9332B5E50E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DF62FA2-DDFB-4BA5-BBA8-96EE287415D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9F217709-6744-4145-A5E6-DFEFE6E66C37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FB5088B-DDA5-400E-876B-EC27362F68AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A01EB853-9F2C-4954-A872-AB8B5665512A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1153A64-D540-4AE5-B1CC-589A46EF403C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1AC00E2-F6A2-42BB-85EA-CA416F151A06}" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"{A1D88D39-AAFE-4493-A4D8-F7C48937549E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1FB1EBB-B084-4402-8570-8727F3F59B8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2040ECB-7AB9-4BF3-8CD8-0FC663F4DA91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2C35B83-311F-4427-B564-3C47E297C382}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3326FD9-6669-4F38-8497-FA4158F0D460}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3ACA81F-EEE5-431F-8506-AB6B7E018F00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3C219D9-D80B-4B26-A9ED-22AE4FD83D4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A441694B-38C5-45FF-A68B-785CB1ECDAD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4AB51F2-86BA-4E41-B878-C72267F62B62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A65CB35C-A7A2-426C-B7C7-C46B9EB98865}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6A89556-B032-4F4D-9262-E62599B0DFEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A719E400-C3AC-4F6F-8A46-60817168E4C0}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe |
"{A76223DB-4AD0-477C-9CCE-B1DB8C22749C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A767F820-1C19-4C6F-A457-BEE2FCBC6884}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A80C6565-D011-4278-AAFF-1D99326D4D48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8595428-C586-4903-B3E4-62694BEBAF16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8AC0295-6C0A-4543-9ABE-057AF44F8AAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABF4E7D1-6873-4EB3-B303-7BF6483F7A15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC5633D7-21CB-448A-AA8B-95379192E9C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ADB79513-1F25-45E6-AF7A-F879036B965E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE9B1145-BCD8-4C42-BBC7-8F0B495ACD18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEEEE84D-A1B2-4EA9-8DE2-822492F03C7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFAD49D8-88F0-4957-9615-B99AB186CEAC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B00317D4-27AC-4496-8496-847BBF8E5498}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B05E56FA-E821-4ED6-AD42-4324FD4626B7}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{B1306FEC-11AA-4D31-B8F9-04470CDE7105}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1804808-318E-447A-B654-C0839DFD4A54}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B38037DB-C8D9-4651-80D8-3DEA546C1DCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3A340C6-BF0E-413B-A73B-5CA97A6B8A7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B426C20C-3A0D-43DA-BC2B-AA1C5E24466E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4F2B320-5545-4350-A6E7-3771889298A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5CA8994-DD23-4980-B970-F24E8CF552A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F88205-9A75-4328-9A26-DA980CB19028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B788062A-5296-4DD9-8F5E-C4A473163700}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7A447E2-BD89-4F40-AD58-AD9C0B3B93DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7D825BE-1658-46DA-A6DB-460923933499}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8599257-8D0C-4CBE-96AA-13B4963BC92D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9435974-9CA6-4BD8-BFE8-DFFCC58FD7B2}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{BAD3C94D-5E13-48F6-AB73-73AFA2BD7F1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAEEF6CD-A359-4331-810A-9BE206EF5808}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB4C3CC1-C0CB-4ACE-A26D-6DDB9D976274}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB8FCA82-DCE7-4129-8F43-C812BA798101}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC0B2004-623A-4797-9F8F-DDB2F3AA5DB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BCA3AAF7-2BFF-40A4-8A10-927C1371B2D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD0DBE56-C1DF-452A-81B9-7BECD88C1F1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD13ACDC-E50A-4C9E-BE42-E7F61CFA900F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD610C9F-8EA6-4FC9-BDF2-EC1F93AFA052}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDD8F81F-B58B-4B47-94F0-360DBF1CA8AA}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{BE6834FE-7801-408E-9B94-E55D432C519F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF52A310-23F2-4F97-A51B-932E866F808D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFD7F24B-8D2E-429A-9357-44C0F9E693D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFD832B7-CAC4-4DDB-AE7A-DB2A97D4F39E}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\ucls.exe |
"{C08F8F75-2C88-47C9-82CE-CD4E746554EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0C95EEE-7F10-4027-83EF-4D42DC32A0A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C177BCE0-4012-43B9-8408-7B434367B765}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1BEE2FE-DAEB-44C3-A572-835FF11008F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C23480D6-AD14-444F-A47D-BEFC6F192DC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2ABDCE2-7172-4494-8848-962E28E0F3AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C35D487B-BBE3-43F4-B08A-F5AEED5C1E3C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{C370C539-F4A8-43D9-A0C8-7099F7C2408F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38EB82B-DFEF-4658-A1DF-349127DF6D7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3BA32A0-386D-4B69-8B76-A937E6FB3179}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3E44B70-9C51-491F-AE38-F073D5C77D69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4395DB1-DF50-4A22-84F2-58DAD2B8681A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4E00BAC-7EBE-4940-AE6A-617E1F3D3813}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C581321A-9369-4D8F-BBCB-7699FC7F509A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5CAF73E-C61F-480E-B89C-DD8A9E472468}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7DA12DF-92AA-4AB7-ABAD-CFC1A4A04D4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7DFB761-48B9-4F17-B177-85D141ACA928}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8D0CB4A-F992-4EF4-ABC4-412B4C7FFBCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C95D1894-EA1E-4CC5-8DEF-68A07EDCB6E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA1FFD5F-40C6-40A4-907D-708EB03D717A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA5F466F-7AE0-440F-9133-D270DAF4655B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAAB57CE-4397-4A25-A8C9-9B23F6366600}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAF094B9-D95A-4426-ABE5-D7BDC32CEBD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB5CAFDD-A515-4C4F-8FC9-B8BA73B02EF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB79DB47-D5F5-446C-B138-0AA9BFA41BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD6E4F91-64FD-4A5C-952D-EA313A17A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD94B1E0-B418-4C07-B60E-C2B4A69738F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDB9AF94-EB54-4782-A698-98F9408EF2AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDDE4600-EEB4-452C-95CF-92D126A9C332}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDFA4A08-2BED-477A-BA1C-A085E0EEB374}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE5BC25A-05B8-492B-BFFC-8A3DB7B58795}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF95C6EC-23B4-4AAA-B0F7-353F36AC6669}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFA0618E-D95A-4254-83F3-1B5E7F5B9EB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFF5C040-1D51-418F-97DD-D4FEF35AE18B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D04EA2C4-EE5C-48FE-BE91-EABA8E318556}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D0E0EBCD-D163-4817-8406-9288E45960F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D128960A-6057-41A7-8E68-BCE28D62D9A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D15DCB79-D736-4457-BCB0-6C9CA0F88843}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D16E2DC6-5487-4F18-8AB7-DC03CC1DCDBB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1E6F236-B88A-45A4-B1E8-DB208265FF82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2CD9897-2B10-41E8-9AC5-A3D88C5066DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D42AB8A2-32AC-4EB2-8D05-CDBC5D4B09CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D508800F-5CFB-4E8A-9BDB-34FEC8570AD9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D56B5A06-7C3A-4D0B-B190-DE1B1809C834}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5CB0F80-5CAD-4A42-AB49-343C45DBC356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D681E0B0-0945-43ED-8D9B-58435266B3E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D806B0B8-C833-4F99-871E-1CF0810B8462}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8B23CAA-6F0F-42A6-AC13-828A82D60FB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8CC2FCA-A610-4784-8A5D-2A907AA6D938}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8CFF4CC-045A-43F4-A4B3-C71D0E872E34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9527A8E-F199-4C6A-8C3A-97FF514C9593}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA1852A8-E463-4F59-8FD8-8BF2E0A7AEFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA74F812-C0C8-4BA4-953A-6CC2821BADE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAAB3778-7A60-45E4-8A9E-643C729E10DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DADBC5DF-D11B-4A46-BB9C-A0ED698D63C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDA5EF7C-2F02-48EB-B7D9-BF929CBCF5EE}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\ucls.exe |
"{DE700876-3C51-4426-9357-A3E272643F11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEFAE66A-3969-4730-967A-B3EA7390FA20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF7E7B21-54E8-4586-9AE5-946BD25FED64}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E124F955-731F-42EE-BB9F-E5F1EDC4DAEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1EAC0C8-6106-4CC8-ABDD-F8E7281F39A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E26C40B5-93DA-4125-B5D7-094756E75041}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E2CE1E22-5F1C-4C7C-8580-6A19C371BA6F}" = protocol=6 | dir=out | app=system |
"{E376A77C-ACC1-465E-945C-6421848EC674}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E3E5307F-61AF-4828-B2A3-F5DF35EEDE9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E49FF7CD-9A3D-4B03-91CD-E67E3B472D3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4A4BC87-D07E-41BB-AF3B-300728C6A176}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4B4ED7C-990C-4F7C-9D75-57F466D19414}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E59693C1-24AD-472C-A4E0-D64AB2C3CF43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5D7D52E-2356-469C-AAB5-027553C2C00C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6797EF4-6732-4F31-8573-74AA48547EDC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E695E8F7-5E25-4D5F-AF9E-53FBC22F04A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6B841EA-680F-4A62-BD6D-D3C9AFC31CDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7010406-3752-4511-B1F6-A430A5D8CD49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E749D57B-C4B9-4202-A857-6B48866DD3EF}" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"{E74A602C-20BE-4E70-8A63-C148DB4C30B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E766DDF4-1F48-4652-916A-1CAB8A83D0F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8AE9326-17A4-478D-8FEA-84AFD210B762}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EBDBD535-1664-4A56-ABD7-E6DEDCA1DA82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECD608E9-9649-49B2-8918-D70273067E46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED3C8BE8-5D8C-4276-8954-A644A57FF6DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE01E1F9-4BB1-424F-9442-0E3243FE0201}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F054BD78-DCC2-49F0-B4B1-394E9F9741A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2D04F0F-978B-4C91-B459-3007EB5A0195}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F35AC377-2CFB-4ACA-B324-0611F12C0274}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3D8736C-FFDE-41EF-AA5E-0FD9EF91E65F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3FC728C-8FE4-4517-BC8C-7885FCD36605}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F448342A-D906-4D25-974C-B5B5E013E956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4A67D6F-019D-4608-A61B-0A2C4B86209B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F5F76CA9-2373-4F5B-BBE4-5BA32DA87C23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6203682-4599-4EB8-8DEE-8EF4FF9A3CD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F71F8420-E58B-4E53-BEDF-113A2FC64782}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F737A532-5C7D-40FC-9459-66318EAC0CB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8C94589-87AA-4AE6-9E0C-6329FA3C5AF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9DD9715-6D6D-41BC-A7D8-FCFC66B9339D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA0C506A-807C-4151-84D9-36D8D11C9C60}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FACB2F03-B312-427C-A349-4444BADB8493}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAEA6FC9-87F9-43A2-BA04-14EAEEB13906}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB73D532-D187-4560-B70E-A9662DBB80BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB8B1310-24BE-48FC-8F56-1444C127DB3B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB97F1F7-09D0-4944-A9F1-0468DB78097F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FBCD2614-A995-43F9-85E3-323972CB058D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC0BA4E4-F068-49B4-809E-01E6C8B196B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC13183A-A712-4B27-8208-82F9572EFD13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDE2B0F8-F449-461F-BC25-3391FDA40AD2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE57256F-2E23-4962-977F-E8C2BD8B8198}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE9F0717-8AB6-4C6A-95E4-2FA169926B45}" = protocol=17 | dir=in | app=c:\program files\common files\apple\windows migration assistant\migrationassistant.exe |
"{FF0D69CF-1978-4746-8D2D-FE73DCF01714}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF59DCE9-F870-40CB-BF9E-8A9B955CF4CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF6A6E3A-78C6-46FA-AC3D-1A9202628A89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{39484996-6755-4028-8A69-A0F1A892B513}C:\program files\2x\client\appserverclient.exe" = protocol=6 | dir=in | app=c:\program files\2x\client\appserverclient.exe |
"TCP Query User{6E336955-1192-453E-BC17-1620EE2B7FA6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9E80B56E-206A-4F32-99DA-85BE1F9E2948}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{B0CBCB38-5552-4086-B760-85BA8577F4D7}C:\Program Files\Java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C1A788DE-3271-46F2-A38A-978F2A607FC7}C:\users\bby\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{F25646DD-AEF1-49DE-899B-218ACEFD4835}G:\bin\ia\core\mdm_util.exe" = protocol=6 | dir=in | app=g:\bin\ia\core\mdm_util.exe |
"UDP Query User{2F7D69B8-F7AE-4C50-BFF6-21989696C4A9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{46A99CAB-2BB0-49A1-9E6B-4C25542294DD}C:\users\bby\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{787A7FFF-F58C-4FAE-B880-5EA6768782BB}G:\bin\ia\core\mdm_util.exe" = protocol=17 | dir=in | app=g:\bin\ia\core\mdm_util.exe |
"UDP Query User{8C6C72CA-42DF-4737-8F5C-4503F17BA54E}C:\Program Files\Java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8DFCEC92-B670-4D18-8C2E-7C801ED4F3B1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F4B18090-958B-4414-B541-A5F2899E73FF}C:\program files\2x\client\appserverclient.exe" = protocol=17 | dir=in | app=c:\program files\2x\client\appserverclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.1205
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{09A84598-E18A-4E7B-A49A-E19BB8D5C648}" = AppMon Utility
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{359DF682-BC8F-429D-AB6D-3C8002099F38}" = VAIO Content Metadata Intelligent Analyzing Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FC19392-E4A5-4CCB-B45A-AB7E8126D3C9}" = Microsoft Easy Assist
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5F12E9D1-402C-4672-86D7-52E86A3A1411}" = VAIO Content Importer VAIO Content Exporter
"{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}" = VAIO Content Metadata XML Interface Library
"{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Content Importer / VAIO Content Exporter
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{84031A18-BA9A-4156-A74F-E05B52DDFCE2}" = DING!
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC56444-161D-43B4-A662-F18F2E4A2A32}" = VAIO Content Metadata Manager Setting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{92F8615C-43B7-4925-8457-B6D004E8D478}" = VAIO Content Metadata XML Interface Library
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5B48A19-F319-6BFB-82DE-A18ED1087221}" = Acrobat.com
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BABC878D-BB64-4688-9A88-1D9E88F339A9}" = VAIO Productivity Center
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO PC Wireless LAN Wizard
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C299F969-AE3D-4679-ADF5-682A186CE62E}" = VAIO Center Access Bar
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CA8444DB-540C-3A6B-9B81-202C79C92BDC}" = Google Talk Plugin
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D36E4755-83B9-4B10-BE51-0AC5B9F43C1F}" = VAIO Media
"{D6651810-8439-4F25-BACC-5FB66D4B1A63}" = VAIO Media Registration Tool
"{D8BC400A-9D14-468B-A674-1D76A987AAFC}" = Windows Migration Assistant
"{D937DD80-3928-4617-876F-538A25AECB17}" = LocationFree Player
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E58AB36F-9D50-4969-9228-AC24270741BF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E74F7423-77CB-4F6A-A44D-604E1010FE50}" = VAIO Entertainment Center
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EBE55E74-AF94-47BB-849B-C79F236C65F4}" = VAIO Movie Story
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}" = VAIO Content Metadata Intelligent Analyzing Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATT-PRT22" = ATT-PRT22
"ATT-RC" = ATT-RC Self Support Tool
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EuroTalk Talk Now Plus!" = EuroTalk Talk Now Plus!
"Google Chrome" = Google Chrome
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.20)" = Mozilla Firefox (3.6.20)
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"RC_Vista.exe" = RC_Vista.exe
"ST6UNST #1" = Outlook Express Quick Backup
"STANDARDR" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Service Utility" = VAIO Service Utility

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/14/2014 10:00:39 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27,
exception code 0xc0000005, fault offset 0x0004690e, process id 0xa68, application
start time 0x01cf11953cf006e1.

Error - 1/15/2014 7:38:02 PM | Computer Name = Margie | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 1/15/2014 9:46:05 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module Flash32_11_9_900_170.ocx, version 11.9.900.170, time
stamp 0x529b7962, exception code 0xc0000005, fault offset 0x001b5600, process id
0xcec, application start time 0x01cf125ca3ecdc30.

Error - 1/16/2014 7:43:36 PM | Computer Name = Margie | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 1/16/2014 8:29:39 PM | Computer Name = Margie | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16526 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 25fc Start Time: 01cf1319c8527d12 Termination Time: 163

Error - 1/16/2014 9:59:14 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x00000000, process id 0xf1c, application start time
0x01cf1314f8f7c995.

Error - 1/17/2014 9:28:24 PM | Computer Name = Margie | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 1/17/2014 9:56:45 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27,
exception code 0xc0000005, fault offset 0x00066609, process id 0x11a8, application
start time 0x01cf13ee194e350a.

Error - 1/17/2014 10:35:57 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module Flash32_11_9_900_170.ocx, version 11.9.900.170, time
stamp 0x529b7962, exception code 0xc0000005, fault offset 0x000f54b2, process id
0x22d0, application start time 0x01cf13f5100e7c0a.

Error - 1/17/2014 10:39:53 PM | Computer Name = Margie | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module Flash32_11_9_900_170.ocx, version 11.9.900.170, time
stamp 0x529b7962, exception code 0xc0000005, fault offset 0x001b55db, process id
0x25f4, application start time 0x01cf13f665e6ff2a.

[ OSession Events ]
Error - 3/21/2013 10:41:36 PM | Computer Name = Margie | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 1145 seconds with 540 seconds of active time. This session ended with a
crash.

Error - 4/2/2013 6:00:34 PM | Computer Name = Margie | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 67036 seconds with 1020 seconds of active time. This session ended with
a crash.

Error - 8/21/2013 8:22:44 PM | Computer Name = Margie | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4317
seconds with 2760 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:26:53 PM | Computer Name = Margie | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/17/2014 9:27:36 PM | Computer Name = Margie | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:38:52 AM on 1/17/2014 was unexpected.

Error - 1/17/2014 9:28:48 PM | Computer Name = Margie | Source = Service Control Manager | ID = 7000
Description =

Error - 1/17/2014 9:29:30 PM | Computer Name = MARGIE | Source = Microsoft Antimalware | ID = 1119
Description = %%860 has encountered a critical error when taking action on malware
or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/CeeInject.gen!KK&threatid=2147683524

Name:
VirTool:Win32/CeeInject.gen!KK ID: 2147683524 Severity: Severe Category: Tool Path:
containerfile:_C:\Users\Robyn Bri\AppData\Local\temp\175322.exe;containerfile:_C:\Users\Robyn
Bri\AppData\Local\temp\vxile.exe;file:_C:\Users\Robyn Bri\AppData\Local\temp\175322.exe->[CeeInject_KK_DynExe];file:_C:\Users\Robyn
Bri\AppData\Local\temp\vxile.exe->[CeeInject_KK_DynExe] Detection Origin: %%845 Detection
Type: %%823 Detection Source: %%820 User: NT AUTHORITY\SYSTEM Process Name: Unknown

Action:
%%809 Action Status: No additional actions required Error Code: 0x80070021 Error
description: The process cannot access the file because another process has locked
a portion of the file. Signature Version: AV: 1.165.1993.0, AS: 1.165.1993.0, NIS:
109.61.0.0 Engine Version: AM: 1.1.10201.0, NIS: 2.1.10003.0

Error - 1/17/2014 10:21:36 PM | Computer Name = Margie | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.


< End of report >
  • 0

#4
Essexboy
Posted 18 January 2014 - 10:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, this could be either quick or drawn out.. Lets hope for the quick option

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:OTL
O4 - HKCU..\Run: [GPNsoft Update] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
[2014/01/08 17:11:32 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Local\GPNsoft

:FilesC:\Users\Robyn Bri\AppData\Local\temp\117bc5f2a6ee400f8c5f8c58e02bdace
C:\Users\Robyn Bri\AppData\Local\temp\175322.exe
C:\Users\Robyn Bri\AppData\Local\temp\vxile.exe

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

  • Download RogueKiller and save it on your desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
    Posted Image
  • The report has been created on the desktop.

Please attach: All RKreport.txt text files located on your desktop.
  • 0

#5
briz_dad
Posted 18 January 2014 - 04:47 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
Here's the next OTL report - running Rogue Killer now and will post results next. (RK Reports are now attached)


OTL logfile created on: 1/18/2014 10:36:29 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.18% Memory free
3.94 Gb Paging File | 2.80 Gb Available in Paging File | 71.25% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 70.37 Gb Free Space | 49.74% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/17 17:56:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/09/03 05:54:00 | 000,040,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/07/31 05:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/07/24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/07/24 18:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/06/28 07:53:04 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2007/06/28 07:53:02 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007/06/28 07:53:00 | 000,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007/06/28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/06/25 13:41:08 | 004,489,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/20 14:35:06 | 002,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
PRC - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
PRC - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
PRC - [2007/06/15 11:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/06/14 07:40:46 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/06/07 13:30:30 | 005,742,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007/06/05 06:49:30 | 003,682,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
PRC - [2007/05/31 08:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/01/10 15:51:06 | 000,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
PRC - [2007/01/04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/18 10:35:33 | 000,130,560 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\temp\611dcb9e9cae4595bb446bff48c5dea6\http.dll
MOD - [2014/01/18 10:34:40 | 000,155,648 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\temp\611dcb9e9cae4595bb446bff48c5dea6\filesys.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV - [2013/12/10 19:31:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/09 10:18:06 | 001,060,864 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 10:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 10:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2008/01/18 23:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/31 05:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/07/13 09:55:56 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/07/05 16:43:04 | 000,079,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007/06/28 07:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 07:53:02 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/06/28 07:53:00 | 000,188,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/06/28 07:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/20 14:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/06/20 14:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007/06/20 14:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007/06/20 14:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007/02/12 12:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/01/10 15:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 01:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 01:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 00:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\point32k.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009/08/14 05:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 05:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/01/04 20:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/12/04 16:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/09/26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/09/01 10:06:13 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/07/31 05:04:34 | 000,328,704 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/27 18:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/06/15 08:28:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/14 11:02:13 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/14 11:02:13 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/05 04:17:29 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/24 16:36:21 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/19 05:07:14 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/04/19 05:07:14 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/05 23:09:26 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{5B58F4CF-2D74-4EBB-AD8C-1DDAA576FA7D}: "URL" = http://search.aol.co...onType=sny_ie7;
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{B428C76D-8FFC-4BB2-A2B9-D373B17575D3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 08:29:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/07 06:14:20 | 000,000,000 | ---D | M]

[2013/07/16 20:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/22 21:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/22 21:29:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/07/29 20:13:15 | 000,002,236 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\askcom.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://blekkosearch....=homepage&v=1_2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: SEOquake = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.18_0\
CHR - Extension: Angry Birds = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Web Developer = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.5_0\
CHR - Extension: YouTube = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PageRank Status = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\8.6.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/01/18 09:26:08 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - Startup: C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (Reg Error: Key error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...5/uploader2.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Reg Error: Key error.)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (Reg Error: Key error.)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img28.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img28.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/18 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Desktop\fix
[2014/01/18 09:24:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/17 17:56:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
[2014/01/16 22:16:34 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Roaming\Mozilla
[2014/01/15 16:16:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore

========== Files - Modified Within 30 Days ==========

[2014/01/18 11:16:17 | 000,000,680 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\d3d9caps.dat
[2014/01/18 11:15:21 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006UA.job
[2014/01/18 10:42:10 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/18 10:35:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/18 10:34:43 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2014/01/18 10:33:39 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 10:33:39 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 10:33:37 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/18 10:33:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/18 10:21:48 | 003,809,280 | ---- | M] () -- C:\Users\Robyn Bri\Desktop\RogueKiller.exe
[2014/01/18 09:26:08 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/01/17 17:56:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\OTL.exe
[2014/01/17 17:27:22 | 279,079,754 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/16 16:59:11 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006Core.job
[2014/01/13 16:06:39 | 000,002,627 | ---- | M] () -- C:\Users\Robyn Bri\Desktop\Microsoft Office Word 2007.lnk
[2014/01/11 17:56:13 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2013/12/20 14:24:52 | 000,406,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2014/01/18 10:21:48 | 003,809,280 | ---- | C] () -- C:\Users\Robyn Bri\Desktop\RogueKiller.exe
[2014/01/17 18:09:06 | 000,000,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\d3d9caps.dat
[2013/02/08 12:38:33 | 000,007,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 09:38:50 | 000,005,689 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\My Profile.xml
[2013/01/16 09:51:25 | 000,047,403 | ---- | C] () -- C:\Users\Robyn Bri\domain names.pdf
[2013/01/15 20:35:13 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/01/15 20:35:10 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2012/12/11 13:17:28 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2011/02/13 21:03:27 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/14 15:47:01 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Blackboard
[2013/07/14 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Canon
[2013/01/18 08:53:45 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\OverDrive

========== Purity Check ==========



< End of report >

Attached Files


Edited by briz_dad, 18 January 2014 - 04:58 PM.

  • 0

#6
Essexboy
Posted 19 January 2014 - 04:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Roguekiller showed an element that needs a deeper investigation

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    [img width=426 height=293]http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png[/img]

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#7
briz_dad
Posted 19 January 2014 - 03:44 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
ComboFix 14-01-16.03 - Robyn Bri 01/19/2014 9:53.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.1006 [GMT -8:00]
Running from: c:\users\Robyn Bri\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Robyn Bri\AppData\Local\Temp\95d406143b5a4f83a8aa3a2f883184de\filesys.dll
c:\users\Robyn Bri\AppData\Local\temp\95d406143b5a4f83a8aa3a2f883184de\http.dll
c:\users\ROBYNB~1\AppData\Local\Temp\95d406143b5a4f83a8aa3a2f883184de\filesys.dll
c:\users\ROBYNB~1\AppData\Local\Temp\95d406143b5a4f83a8aa3a2f883184de\http.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-12-19 to 2014-01-19 )))))))))))))))))))))))))))))))
.
.
2014-01-19 18:03 . 2014-01-19 20:25 -------- d-----w- c:\users\Robyn Bri\AppData\Local\temp
2014-01-19 18:03 . 2014-01-19 18:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-19 18:03 . 2014-01-19 18:03 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-01-19 18:03 . 2014-01-19 18:03 -------- d-----w- c:\users\Experience\AppData\Local\temp
2014-01-19 18:03 . 2014-01-19 18:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-19 16:49 . 2014-01-19 18:07 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4641B19-51F3-4ABB-9EED-C24E4C6F7EF8}\offreg.dll
2014-01-19 16:35 . 2014-01-19 18:05 -------- d-----w- c:\users\Robyn Bri\AppData\Local\CrashDumps
2014-01-19 16:30 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4641B19-51F3-4ABB-9EED-C24E4C6F7EF8}\mpengine.dll
2014-01-18 22:59 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-18 17:24 . 2014-01-18 17:24 -------- d-----w- C:\_OTL
2014-01-16 00:16 . 2014-01-16 01:23 -------- d-----w- c:\windows\system32\MpEngineStore
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:32 . 2009-10-05 16:04 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-11 03:31 . 2013-01-15 01:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 03:31 . 2011-07-26 03:36 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-14 22:50 . 2013-12-11 04:52 1806848 ----a-w- c:\windows\system32\jscript9.dll
2013-11-14 22:42 . 2013-12-11 04:52 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-11-14 22:42 . 2013-12-11 04:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-14 22:38 . 2013-12-11 04:52 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-14 22:38 . 2013-12-11 04:52 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-11-14 22:35 . 2013-12-11 04:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-30 02:13 . 2006-11-02 10:25 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2013-10-30 02:12 . 2013-12-11 00:56 335360 ----a-w- c:\windows\system32\SysFxUI.dll
2013-10-30 01:43 . 2013-12-11 00:56 130048 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-10-30 00:43 . 2013-12-11 00:56 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-10-30 00:35 . 2013-12-11 00:56 2050560 ----a-w- c:\windows\system32\win32k.sys
2013-10-22 07:19 . 2013-12-11 00:56 158208 ----a-w- c:\windows\system32\imagehlp.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-10-02 20472992]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-25 4489216]
"Skytel"="Skytel.exe" [2007-06-25 1826816]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-01 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-01 8478720]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-01 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
.
c:\users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - c:\program files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2007-9-12 5742136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-7-3 739880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-07-25 02:26 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^bby^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^2X Client.lnk]
path=c:\users\bby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2X Client.lnk
backup=c:\windows\pss\2X Client.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^bby^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Click to DVD Automatic Mode Launcher.lnk]
path=c:\users\bby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Click to DVD Automatic Mode Launcher.lnk
backup=c:\windows\pss\Click to DVD Automatic Mode Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppMon Utility]
2007-07-12 22:39 534392 ----a-w- c:\program files\Sony\AppMonUtil\AppMonUtility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-22 04:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-02-12 20:37 174872 ----a-w- c:\program files\intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2007-06-12 01:27 317560 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-11-02 08:29 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-09-01 18:03 8478720 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-09-01 18:03 81920 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-09-01 18:06 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-06-25 21:41 4489216 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-06-25 21:41 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Center Access Bar]
2007-06-21 23:54 53248 ----a-w- c:\program files\Sony\VAIO Center Access Bar\VCAB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VWLASU]
2007-07-12 18:31 45056 ----a-w- c:\program files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-291611602-1755704891-1640183286-1002]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-17 00:45 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-15 03:31]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-20 05:56]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-20 05:56]
.
2013-07-18 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED\QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-19 12:25
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4676)
c:\windows\system32\btncopy.dll
.
- - - - - - - > 'Explorer.exe'(5484)
c:\windows\system32\nvd3dum.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\stacsv.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Sony\VAIO Media Integrated Server\VMISrv.exe
c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe
c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2014-01-19 12:28:59 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-19 20:28
.
Pre-Run: 74,826,100,736 bytes free
Post-Run: 75,322,945,536 bytes free
.
- - End Of File - - 7C68F530426333F204869F8E15BEA8F9
5C616939100B85E558DA92B899A0FC36

Attached Files


  • 0

#8
Essexboy
Posted 19 January 2014 - 04:23 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That looks better, how is the computer behaving now ?
  • 0

#9
briz_dad
Posted 19 January 2014 - 05:44 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
It is an improvement on what its response time was before this work. However, I still notice the following:

  • attempting to uninstall Firefox & Skype still taking a long time
  • delay time with this forum page loading

Also, I should note that there are two sites that appear in her IE history for the past few days that I am fairly (99%) confident were never visted from this computer:

  • platform.twitter.com
  • wtfunnyphoto.com

Lastly, she says that when she opens MS Word it goes through an "install" process each time - even though she believes it is installed as part of the MS Office package she has.

Do you have some deeper work that can be continued to really bring this "up to speed"? Or do you see anything in the logs that might point to areas needed clean-up?

It is a big improvement from what it was...
  • 0

#10
Essexboy
Posted 20 January 2014 - 07:37 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For the two sites has she used twitter and looked at some photos on instagram ... They may be links from facebook, have you used that ?

What version of MSWord/office is it

You will need to change the home page in Chrome manually as it is still set to Blekko (not nice) Details here https://support.goog.../95314?hl=en-GB

Have you managed to uninstall Firefox and Skype ?

Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

  • 0

Advertisements

#11
briz_dad
Posted 20 January 2014 - 07:06 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

For the two sites has she used twitter and looked at some photos on instagram ... They may be links from facebook, have you used that ?

What version of MSWord/office is it

Have you managed to uninstall Firefox and Skype ?


She says she hasn't used instagram on here - she has used Facebook; but not the last few days.

It is MS Word 2007 - i think it wasn't installed correctly. It doesn't show up in the programs list. I'll look into this more...

I got rid of Skype - not Firefox yet.

I'm running the recent instructions now...
  • 0

#12
briz_dad
Posted 20 January 2014 - 07:10 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
still a delayed reaction for tabs/links to open, downloads and menu actions with IE
  • 0

#13
briz_dad
Posted 20 January 2014 - 10:29 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
OK. Ran TFC and things are much better now... I'm going to attempt to uninstall Firefox again. I'll let you know what happens. But, boy - huge improvement!
  • 0

#14
briz_dad
Posted 20 January 2014 - 10:35 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
still unsuccessful removing/uninstalling Firefox. Response time though is greatly improved!
  • 0

#15
briz_dad
Posted 20 January 2014 - 10:43 PM

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
i just got this error when i attempted to uninstall Coral Photo Painter (something or other). Attempted to uninstall a few programs without success.

ERROR

Problem signature:
Problem Event Name: APPCRASH
Application Name: Explorer.EXE
Application Version: 6.0.6002.18005
Application Timestamp: 49e01da5
Fault Module Name: ntdll.dll
Fault Module Version: 6.0.6002.18881
Fault Module Timestamp: 51da3e27
Exception Code: c0000005
Exception Offset: 0004690e
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033
Additional Information 1: 6496
Additional Information 2: 4486375a69f7271a3c965ef645a27e65
Additional Information 3: 2cf6
Additional Information 4: 16667c5d9d19c362bf1f79e8d9320773

Read our privacy statement:
http://go.microsoft....63&clcid=0x0409
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP