Jump to content

Dre9872

Honorary Members
  • Posts

    37
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Well thank you very much for your help, its very much appreciated.
  2. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found. Registry key HKEY_USERS\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found. Registry key HKEY_USERS\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found. Registry key HKEY_USERS\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A531D99C-5A22-449b-83DA-872725C6D0ED}\ not found. Registry key HKEY_USERS\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found. Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: "Ask.com" removed from browser.search.selectedEngine Prefs.js: "http://www.searchqu.com/406" removed from browser.startup.homepage File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found. File C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. File C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found. File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. File C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dll not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Laptop ->Temp folder emptied: 9510107 bytes ->Temporary Internet Files folder emptied: 3797204 bytes ->Java cache emptied: 16822810 bytes ->FireFox cache emptied: 366117709 bytes ->Google Chrome cache emptied: 24702374 bytes ->Flash cache emptied: 86974 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 28831430 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 146590 bytes RecycleBin emptied: 84740856 bytes Total Files Cleaned = 510.00 mb Restore point Set: OTL Restore Point C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.42.3 log created on 05102012_141217 Files\Folders moved on Reboot... C:\Users\Laptop\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot...
  3. OTL Extras logfile created on: 09/05/2012 20:51:14 - Run 1 OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Laptop\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.67 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 52.64% Memory free 7.34 Gb Paging File | 5.45 Gb Available in Paging File | 74.22% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455.32 Gb Total Space | 335.50 Gb Free Space | 73.69% Space Free | Partition Type: NTFS Drive G: | 1.87 Gb Total Space | 1.83 Gb Free Space | 97.92% Space Free | Partition Type: NTFS Computer Name: LAPTOP-VAIO | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3441979112-359041978-734528698-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02866DF5-4F9B-43EC-A136-3CAD3ABA3B0F}" = lport=10243 | protocol=6 | dir=in | app=system | "{04F601BB-B686-469D-9765-1AB96C54253B}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{09709C18-C243-4FCB-B399-9086852BFBF8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{0A967E0B-16B8-4EE3-A899-87F3D313F61A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1755EBA8-13ED-4460-80D3-8A77B001BED5}" = rport=137 | protocol=17 | dir=out | app=system | "{1DAFE9F6-0FFC-493E-9F91-BDC1290F0BF0}" = lport=138 | protocol=17 | dir=in | app=system | "{230BCB2E-36A8-4E91-BD56-DA59ECFEB15F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{27313D6F-0D43-436E-B00B-A408CBB962A6}" = lport=2869 | protocol=6 | dir=in | app=system | "{328B0BAC-BB06-418A-875E-11827E780A19}" = lport=2869 | protocol=6 | dir=in | app=system | "{395CD694-937C-45ED-980C-A62764155C5C}" = rport=139 | protocol=6 | dir=out | app=system | "{4AC14498-812A-425E-84C1-DB2259BF64B3}" = lport=139 | protocol=6 | dir=in | app=system | "{5335EBA7-BB07-4B23-9214-D1C6CF70B61C}" = rport=10243 | protocol=6 | dir=out | app=system | "{575B16B4-D32A-41B9-8C72-F56C0CC68540}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5F4DC789-A6FB-4CCA-AC1F-A8EA6B6398BC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{71AC89A5-5B16-45CB-B035-DABCB655CB0F}" = rport=445 | protocol=6 | dir=out | app=system | "{90FEE4D7-C64D-46B4-859E-66E7665396C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9583B403-2AAF-413D-B9E8-0C539713E0E5}" = lport=445 | protocol=6 | dir=in | app=system | "{A05B51BD-5C00-4E63-8E13-83B3BA97C2AC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A38588AD-4305-44EB-8066-E69A048E086F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AF6260C0-EA10-492A-AB9F-F75D0BB6D168}" = lport=137 | protocol=17 | dir=in | app=system | "{C40AD665-0307-4F86-B79C-8D9133650A02}" = rport=138 | protocol=17 | dir=out | app=system | "{D6D344FF-ECAC-422E-9CCD-9D5B5BDFD870}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D6EF3C44-C7A0-469A-9764-7FD76A41F820}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DE50BB86-499C-4CB1-A6F3-223509C0A825}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DFE5AB38-F157-4792-8838-B9A90972F533}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E8B9ED60-8142-4AD2-B018-C1E8609A655E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FB6BED38-58B9-475B-888F-B47B6768700B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{009A1662-2F93-4BB9-B097-E9F4666CC6BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{02F0CDDF-43EE-4915-96C3-53A601E95605}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{03B78636-1B10-4E35-A739-68B4D846B675}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{11743FDC-B076-4FDC-A48B-447A9766268B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1386DCFF-E5E8-4580-B187-F84661ED1890}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{36853996-3B66-4EBC-9CFC-E5E39AA0CF48}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3C04128B-83CF-4121-9A7C-257F037C2272}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{42C45C34-87A7-4AE9-99C3-3CF8E11EF2F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{42FA78F6-280F-4822-8743-502E08F3B428}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | "{533FED46-BD8F-431D-91CC-E789FA6012F4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5390DD9A-929B-4FF8-B698-E821D45C4194}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5EC92288-6CF1-4717-BE6D-9B45051DFF6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6BFA2DDA-74B0-4A63-A492-978C84574373}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6C7A7D38-7A83-4FD1-8B7D-A4BBD2C6FE89}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{751AE7BE-E664-4ED0-B00A-56A2CC1C9FC4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{78819315-468C-46B5-A1A6-4DF361CF81F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7D7CDDFB-2B12-4FD1-9040-9A0DE78693F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8105872F-9898-4E92-BC75-529DA8F55996}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{837F2B27-F681-4BB2-A6F7-E9901F5C4BD1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{9CABFEA7-7996-49E2-BECE-DC43B8B33A95}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{9CC4F5DB-C817-4BCC-B556-C52AF940DC68}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{9DAED463-054F-44B1-8B4F-DD429ED28BA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A7C672E6-6D8F-4876-A02B-6774AEAC9691}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{AB22CC4D-0520-45F3-A385-CE3FF98592AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC39DD60-5940-4BAE-AC7D-C4BED32864B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B4A559AB-E5E2-4012-A9C4-2EFE26D2096C}" = dir=in | app=c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe | "{B6C66039-B829-42BC-B354-FF8CA89875DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BA8A2EBB-DA52-4536-A7E8-BEDAC73FDF2D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C3B63560-B70E-4834-8169-63480E458036}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C4117C91-916C-4BDE-988D-69163A3BB806}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{C8A42231-DE18-4398-A47D-1C4D7F5E28EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CEB3EA13-854B-447A-A371-A4BB9D945856}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\toolbar\dtuser.exe | "{D7800C81-59D5-4D2F-8B3A-50C7C5AD6CF0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{D7CB7982-528D-49D8-8C57-CB5E315DDD11}" = dir=in | app=c:\users\laptop\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{E10FFE61-DD4A-4F16-8DC4-DFD92B99CD1F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E3BA13CB-E9B5-42E0-AC00-AE428161C8A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F4F27636-00FF-4AA5-A385-84AE316C5166}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{F529386C-8AE3-41EC-8EA6-BB3148805292}" = protocol=6 | dir=out | app=system | "{FDBD2729-DBDF-4B65-9557-B4A7698197A3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java 6 Update 16 (64-bit) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety "{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "PC Optimizer Pro" = PC Optimizer Pro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure "{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager "{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16 "{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5 "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = MFL-Pro Suite "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite "{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform "{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library "{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics "{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager "{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation "{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4 "{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "FreeFileViewer_is1" = Free File Viewer 2011 "Google Chrome" = Google Chrome "iLivid" = iLivid "InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "Mahjong Escape - Ancient Japan" = Mahjong Escape - Ancient Japan "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400 "MarketingTools" = VAIO Marketing Tools "Mozilla Firefox 10.0.2 (x86 en-GB)" = Mozilla Firefox 10.0.2 (x86 en-GB) "N360" = Norton 360 "Office14.SingleImage" = Microsoft Office Home and Business 2010 "PriceGong" = PriceGong 2.1.0 "Searchqu 406 MediaBar" = Windows iLivid Toolbar "splashtop" = VAIO Quick Web Access "Trusted Software Assistant_is1" = File Type Assistant "VAIO Help and Support" = "VAIO Premium Partners" = VAIO Premium Partners "VAIO screensaver" = VAIO screensaver "VLC media player" = VideoLAN VLC media player 0.8.6f "WinLiveSuite_Wave3" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 17/04/2012 22:05:22 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15596340 Error - 17/04/2012 22:05:23 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 17/04/2012 22:05:23 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15597338 Error - 17/04/2012 22:05:23 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15597338 Error - 17/04/2012 22:05:24 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 17/04/2012 22:05:24 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15598352 Error - 17/04/2012 22:05:24 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15598352 Error - 17/04/2012 22:05:25 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 17/04/2012 22:05:25 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 15599351 Error - 17/04/2012 22:05:25 | Computer Name = Laptop-VAIO | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 15599351 [ System Events ] Error - 04/11/2011 10:47:46 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error - 09/11/2011 23:22:19 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error - 14/11/2011 14:22:47 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error - 15/11/2011 23:25:07 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error - 17/11/2011 15:59:36 | Computer Name = Laptop-VAIO | Source = DCOM | ID = 10016 Description = Error - 23/11/2011 11:58:58 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error - 23/11/2011 11:59:54 | Computer Name = Laptop-VAIO | Source = DCOM | ID = 10005 Description = Error - 23/11/2011 11:59:54 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error - 23/11/2011 11:59:54 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7000 Description = The Windows Search service failed to start due to the following error: %%1053 Error - 29/11/2011 08:13:19 | Computer Name = Laptop-VAIO | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. < End of report >
  4. OTL logfile created on: 09/05/2012 20:51:14 - Run 1 OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Laptop\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.67 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 52.64% Memory free 7.34 Gb Paging File | 5.45 Gb Available in Paging File | 74.22% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455.32 Gb Total Space | 335.50 Gb Free Space | 73.69% Space Free | Partition Type: NTFS Drive G: | 1.87 Gb Total Space | 1.83 Gb Free Space | 97.92% Space Free | Partition Type: NTFS Computer Name: LAPTOP-VAIO | User Name: Laptop | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/05/09 20:44:15 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe PRC - [2011/08/04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe PRC - [2011/03/29 07:48:10 | 000,408,576 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe PRC - [2011/03/29 07:47:46 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe PRC - [2011/03/24 13:30:12 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe PRC - [2010/06/28 21:57:28 | 003,982,616 | ---- | M] (ParetoLogic) -- C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe PRC - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2010/01/23 03:33:33 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe PRC - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2009/12/01 23:03:52 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe PRC - [2009/12/01 23:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe PRC - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009/11/21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe PRC - [2009/10/24 04:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe PRC - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009/08/26 20:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe ========== Modules (No Company Name) ========== MOD - [2012/04/15 17:41:36 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll MOD - [2012/04/15 17:33:56 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll MOD - [2012/04/15 17:33:25 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll MOD - [2012/04/15 17:33:10 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll MOD - [2012/04/15 17:32:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll MOD - [2012/04/15 17:32:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9859a6e0562f64eacfb8ad76f260a2d6\Accessibility.ni.dll MOD - [2012/04/15 17:32:45 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll MOD - [2012/04/15 17:32:32 | 010,580,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\52873358b397c328168f0a5be7f3b9ae\System.Design.ni.dll MOD - [2012/04/15 17:32:14 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\02d5be8209f0eac6f7725f8d83b87df6\System.Web.Services.ni.dll MOD - [2012/04/15 17:32:10 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll MOD - [2012/04/15 17:32:10 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll MOD - [2012/04/15 17:32:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll MOD - [2012/04/15 17:31:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll MOD - [2012/04/15 17:31:47 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\d9a485330ec2708456134e4a9712a4ab\System.Security.ni.dll MOD - [2012/04/15 17:31:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll MOD - [2012/04/15 17:31:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll MOD - [2012/04/15 17:31:39 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll MOD - [2012/04/15 17:31:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/29 07:48:06 | 000,308,736 | ---- | M] () -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/06/28 21:57:28 | 000,526,336 | ---- | M] () -- C:\Program Files (x86)\ParetoLogic\DriverCure\7ZipDLL.dll MOD - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/02/12 11:38:38 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009/11/30 20:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV:64bit: - [2009/11/25 20:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV:64bit: - [2009/10/30 10:50:40 | 001,165,680 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent) SRV:64bit: - [2009/09/17 00:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) Intel® SRV:64bit: - [2009/09/16 14:27:12 | 000,480,624 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV:64bit: - [2009/09/08 19:09:20 | 000,110,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV:64bit: - [2009/09/04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009/09/01 22:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/02/12 11:38:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/08/04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360) SRV - [2011/03/29 07:47:46 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel® SRV - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel® SRV - [2009/12/01 23:03:52 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel® SRV - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009/10/15 17:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009/10/15 17:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009/10/15 17:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009/10/15 17:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009/10/15 17:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009/09/14 20:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009/08/31 02:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009/08/31 02:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/08/22 03:53:36 | 000,451,704 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symtdiv.sys -- (SYMTDIv) DRV:64bit: - [2011/08/22 03:53:35 | 000,221,304 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.sys -- (SymEFA) DRV:64bit: - [2011/08/04 05:19:26 | 000,593,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.sys -- (ccHP) DRV:64bit: - [2011/03/24 08:53:02 | 000,413,696 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2011/03/24 08:53:02 | 000,219,008 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2011/03/24 08:53:02 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:64bit: - [2011/03/24 08:53:02 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:64bit: - [2011/03/24 08:53:00 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/06/24 18:38:32 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2010/04/29 06:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\ironx64.sys -- (SymIRON) DRV:64bit: - [2010/04/22 03:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.sys -- (SRTSP) DRV:64bit: - [2010/04/22 03:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2009/12/24 21:06:08 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/12/16 21:03:59 | 000,244,736 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel® DRV:64bit: - [2009/12/16 21:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/12/14 21:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel® DRV:64bit: - [2009/11/21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/11/18 05:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009/11/18 05:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009/11/18 05:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009/11/18 05:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009/11/18 05:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009/11/13 21:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/11/12 21:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/11/12 21:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/11/06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2009/11/04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009/10/15 04:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.sys -- (SymDS) DRV:64bit: - [2009/09/15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2009/08/19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009/05/20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/05/18 23:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2007/06/20 23:35:38 | 000,010,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCharger.sys -- (UCharger) DRV - [2012/05/01 17:00:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120508.002\IDSviA64.sys -- (IDSVia64) DRV - [2012/04/25 15:30:52 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120508.035\EX64.SYS -- (NAVEX15) DRV - [2012/04/25 15:30:52 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20120508.035\ENG64.SYS -- (NAVENG) DRV - [2012/04/03 00:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2012/02/04 17:23:53 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012/02/04 17:23:53 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{16425197-B669-4E32-8AA8-EB609A9ACADD}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=LMW2&o=16046&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=OE&apn_dtid=VIN005YYGB&apn_uid=EA7629D0-1A25-4AF9-985F-BA8CFF827A60&apn_sauid=D61FBA66-CD5C-4181-903C-5E9E87E6DC9E IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{64D9C5F4-264E-4EDD-9CDE-E77DE54A889D}: "URL" = http://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms} IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{6C70E583-7297-4171-A2F0-FF380FF6A96A}: "URL" = http://uk.shopping.com/?linkin_id=8056359 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms} IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.com/web?q={searchTerms} IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://uk.ask.com/web?q={SEARCHTERMS}&o=15528&l=dis IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\SearchScopes\{B6591CAA-4CCC-4D3B-BF5E-64D0FC334042}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_enGB386 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3441979112-359041978-734528698-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Laptop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011/08/20 18:57:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/05/09 20:45:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/21 22:33:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011/02/09 11:06:00 | 000,000,000 | ---D | M] [2010/07/17 22:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Extensions [2010/07/17 22:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2012/05/09 09:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\ix2dpz59.default\extensions [2012/02/12 10:25:44 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\ix2dpz59.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012/05/09 09:30:07 | 000,000,000 | ---D | M] (Roomy Bookmarks Toolbar) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\ix2dpz59.default\extensions\ALone-live@ya.ru [2012/04/15 00:24:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/04/15 00:24:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/02/12 10:25:44 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IX2DPZ59.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI [2012/02/21 22:33:33 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/02/08 18:50:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2012/02/08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/02/08 18:50:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml [2012/02/08 18:50:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml [2012/02/08 18:50:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java Platform SE 6 U16 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Laptop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Skype Click to Call = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: Poppit = C:\Users\Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\ O1 HOSTS File: ([2012/05/09 09:28:20 | 000,442,885 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15214 more lines... O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dll () O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-3441979112-359041978-734528698-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PC Optimizer Pro] C:\Program Files\PC Optimizer Pro\StartApps.exe (Tweaking Tools) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3441979112-359041978-734528698-1000..\Run: [DriverCure] C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe (ParetoLogic) O4 - HKU\S-1-5-21-3441979112-359041978-734528698-1000..\Run: [Facebook Update] C:\Users\Laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3441979112-359041978-734528698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx (SpinTop DRM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DD0B22D-C026-4940-9700-1362E8BA5673}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C135485B-04F2-416A-B891-395BE9582694}: NameServer = 88.82.13.60 88.82.13.60 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Discordia, LTD) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD) O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Discordia, LTD) O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Discordia, LTD) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{7c696cd1-865a-11e1-9943-544249129339}\Shell - "" = AutoRun O33 - MountPoints2\{7c696cd1-865a-11e1-9943-544249129339}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{90c8f561-8717-11e1-9055-544249129339}\Shell - "" = AutoRun O33 - MountPoints2\{90c8f561-8717-11e1-9055-544249129339}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{d54d79fa-5916-11e1-9c75-544249129339}\Shell - "" = AutoRun O33 - MountPoints2\{d54d79fa-5916-11e1-9c75-544249129339}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{d54d7a4f-5916-11e1-9c75-544249129339}\Shell - "" = AutoRun O33 - MountPoints2\{d54d7a4f-5916-11e1-9c75-544249129339}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/05/09 20:44:14 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/05/09 09:55:28 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Laptop\Desktop\dds.com [2012/05/09 09:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012/05/09 09:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/05/09 09:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012/05/09 08:03:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes [2012/05/09 08:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/09 08:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/09 08:03:13 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/05/09 08:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/05/09 07:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone [2012/05/09 07:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone [2012/04/25 15:23:58 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\Apps [2012/04/24 16:46:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Tific [2012/04/24 16:46:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\Symantec [2012/04/15 00:35:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012/04/15 00:34:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012/04/15 00:23:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/04/15 00:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/04/14 19:05:25 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\FLEXnet [2012/04/14 10:10:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Vodafone [2012/04/14 10:10:12 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys [2012/04/14 10:10:11 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys [2012/04/14 10:10:10 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys [2012/04/14 10:10:06 | 000,219,008 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2012/04/14 10:10:05 | 000,413,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys [2012/04/14 10:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone [2012/04/14 10:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2012/04/14 10:08:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Laptop\Documents\*.tmp files -> C:\Users\Laptop\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/05/09 20:54:58 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/09 20:54:58 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/09 20:46:23 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2012/05/09 20:45:41 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/05/09 20:45:33 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job [2012/05/09 20:45:19 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012/05/09 20:45:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/09 20:44:56 | 2955,485,184 | -HS- | M] () -- C:\hiberfil.sys [2012/05/09 20:44:15 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe [2012/05/09 10:24:14 | 000,742,708 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/05/09 10:24:14 | 000,623,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/05/09 10:24:14 | 000,109,410 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/05/09 10:18:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/05/09 10:15:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3441979112-359041978-734528698-1000UA.job [2012/05/09 10:15:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3441979112-359041978-734528698-1000Core.job [2012/05/09 09:55:31 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Laptop\Desktop\dds.com [2012/05/09 09:28:20 | 000,442,885 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/05/09 09:21:48 | 000,000,121 | ---- | M] () -- C:\Windows\wininit.ini [2012/05/09 09:05:13 | 000,001,282 | ---- | M] () -- C:\Users\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012/05/09 09:05:13 | 000,001,258 | ---- | M] () -- C:\Users\Laptop\Desktop\Spybot - Search & Destroy.lnk [2012/05/09 08:19:36 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012/05/09 08:03:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/09 07:53:19 | 000,002,747 | ---- | M] () -- C:\Users\Public\Desktop\SMS.lnk [2012/05/09 07:53:19 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk [2012/05/09 07:43:04 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\DriverCure.job [2012/05/09 07:43:02 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2012/05/09 07:43:02 | 000,000,468 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job [2012/05/03 17:13:29 | 000,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job [2012/04/25 14:19:32 | 000,000,857 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120509-092820.backup [2012/04/17 21:21:45 | 000,001,327 | ---- | M] () -- C:\Users\Laptop\Documents\mem bell run.lnk [2012/04/17 21:14:40 | 003,055,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/04/16 22:35:41 | 000,001,437 | ---- | M] () -- C:\Users\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/04/15 00:23:56 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012/04/14 19:30:28 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/04/14 19:30:25 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/04/14 10:10:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Laptop\Documents\*.tmp files -> C:\Users\Laptop\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/05/09 09:21:48 | 000,000,121 | ---- | C] () -- C:\Windows\wininit.ini [2012/05/09 09:05:13 | 000,001,282 | ---- | C] () -- C:\Users\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2012/05/09 09:05:13 | 000,001,258 | ---- | C] () -- C:\Users\Laptop\Desktop\Spybot - Search & Destroy.lnk [2012/05/09 08:03:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/09 07:53:19 | 000,002,747 | ---- | C] () -- C:\Users\Public\Desktop\SMS.lnk [2012/05/09 07:53:19 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk [2012/04/25 14:29:49 | 000,000,494 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2012/04/17 21:51:43 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl [2012/04/14 22:58:49 | 001,534,568 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2359.JPG [2012/04/14 22:58:49 | 001,471,551 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2364.JPG [2012/04/14 22:58:49 | 001,396,896 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2352.JPG [2012/04/14 22:58:49 | 001,359,941 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2350.JPG [2012/04/14 22:58:49 | 001,329,753 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2387.JPG [2012/04/14 22:58:49 | 001,285,961 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2366.JPG [2012/04/14 22:58:49 | 001,259,799 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2353.JPG [2012/04/14 22:58:49 | 001,257,662 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2354.JPG [2012/04/14 22:58:49 | 001,248,569 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2356.JPG [2012/04/14 22:58:49 | 001,176,032 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2360.JPG [2012/04/14 22:58:49 | 001,162,772 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2351.JPG [2012/04/14 22:58:49 | 001,071,290 | ---- | C] () -- C:\Users\Laptop\Documents\IMG_2362.JPG [2012/04/14 22:58:49 | 000,060,368 | ---- | C] () -- C:\Users\Laptop\Documents\jay and al.jpg [2012/04/14 22:58:49 | 000,053,898 | ---- | C] () -- C:\Users\Laptop\Documents\jay.jpg [2012/04/14 22:58:49 | 000,051,393 | ---- | C] () -- C:\Users\Laptop\Documents\jay and al 2.jpg [2012/04/14 22:58:49 | 000,001,327 | ---- | C] () -- C:\Users\Laptop\Documents\mem bell run.lnk [2012/04/14 19:30:28 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/04/14 19:30:25 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/04/14 10:10:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2012/02/12 12:44:26 | 000,741,424 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/19 10:04:08 | 000,001,940 | ---- | C] () -- C:\Users\Laptop\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011/03/24 08:50:52 | 000,226,366 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010/11/13 15:11:18 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml [2010/10/08 17:37:35 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010/10/08 16:46:55 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini ========== LOP Check ========== [2011/05/18 11:30:58 | 000,000,000 | -HSD | M] -- C:\Users\Laptop\AppData\Roaming\.# [2010/10/28 17:29:55 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\DriverCure [2012/04/22 17:32:16 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\FreeFileViewer [2010/10/31 20:54:03 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\ScanSoft [2011/02/10 19:27:17 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\SpinTop [2012/04/24 16:46:22 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Tific [2012/04/14 10:10:32 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Vodafone [2010/10/31 20:54:16 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Zeon [2012/05/09 07:43:04 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job [2012/05/09 10:15:00 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3441979112-359041978-734528698-1000Core.job [2012/05/09 10:15:01 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3441979112-359041978-734528698-1000UA.job [2012/05/09 20:45:33 | 000,000,404 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job [2012/05/09 07:43:02 | 000,000,468 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job [2012/05/09 07:43:02 | 000,000,470 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job [2012/05/03 17:13:29 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job [2012/05/09 20:46:23 | 000,000,494 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job [2011/02/08 15:55:24 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:DA18FD1D @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:211ED887 < End of report >
  5. Hi I have a laptop that has been browser hijacked by searchnu. DDS.TXT . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Laptop at 10:00:04 on 2012-05-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3758.1874 [GMT 1:00] . AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VAIO Smart Network\VSNService.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Sony\VAIO Care\VAIOCareService.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Apoint\Apvfb.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe C:\Program Files\PC Optimizer Pro\PCOptimizerPro.exe C:\Users\Laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Sony\VAIO Update 5\VUAgent.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe C:\ProgramData\FLEXnet\Connect\11\agent.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\IPSBHO.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coIEPlg.dll TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [DriverCure] C:\Program Files (x86)\ParetoLogic\DriverCure\DriverCure.exe -scan uRun: [Facebook Update] "C:\Users\Laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRunOnce: [spybotDeletingB7570] command.com /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" uRunOnce: [spybotDeletingD2399] cmd.exe /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" mRun: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce: [spybotDeletingA2852] command.com /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" mRunOnce: [spybotDeletingC9314] cmd.exe /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{6DD0B22D-C026-4940-9700-1362E8BA5673} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{C135485B-04F2-416A-B891-395BE9582694} : NameServer = 88.82.13.60 88.82.13.60 TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\35B4952363039363 : NameServer = 192.168.22.22,192.168.22.23 TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\35B4952363039363 : DhcpNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Notify: VESWinlogon - VESWinlogon.dll AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO-X64: 0x1 - No File BHO-X64: PriceGongBHO Class: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll BHO-X64: PriceGong - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coIEPlg.dll BHO-X64: Symantec NCO BHO - No File BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\IPSBHO.DLL BHO-X64: Symantec Intrusion Prevention - No File BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll BHO-X64: Searchqu Toolbar - No File BHO-X64: UrlHelper Class: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coIEPlg.dll TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\ToolBar\searchqudtx.dll TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" mRun-x64: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" mRun-x64: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" mRun-x64: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mRunOnce-x64: [spybotDeletingA2852] command.com /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" mRunOnce-x64: [spybotDeletingC9314] cmd.exe /c del "C:\Program Files (x86)\Free Offers from Freeze.com\control.txt" IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm AppInit_DLLs-X64: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\ix2dpz59.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Laptop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-9 1160824] R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys --> C:\Windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20120508.002\IDSviA64.sys [2012-5-9 488568] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS [?] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-25 13336] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe [2011-10-13 126400] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-25 2320920] R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416] R2 VmbService;Vodafone Mobile Broadband Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-3-29 9216] R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-23 821760] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-12 138360] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-23 571248] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-1-23 1165680] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-23 133104] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-5-9 1153368] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-23 104960] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?] S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-2-12 1038088] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-8-5 704864] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-23 133104] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2010-1-23 167424] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-23 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-23 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-23 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-23 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-23 91432] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 UCharger;Usb Charger Driver;C:\Windows\system32\Drivers\UCharger.sys --> C:\Windows\system32\Drivers\UCharger.sys [?] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-1-23 480624] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-23 361840] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-1-23 110960] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-05-09 08:05:09 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-05-09 08:05:09 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-05-09 07:03:18 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Malwarebytes 2012-05-09 07:03:14 -------- d-----w- C:\ProgramData\Malwarebytes 2012-05-09 07:03:13 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-05-09 07:03:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-05-09 06:52:54 -------- d-----w- C:\Program Files (x86)\Vodafone 2012-04-25 14:23:58 -------- d-----w- C:\Users\Laptop\AppData\Local\Apps 2012-04-24 15:46:22 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Tific 2012-04-24 15:46:20 -------- d-----w- C:\Users\Laptop\AppData\Local\Symantec 2012-04-16 21:44:31 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-16 21:44:31 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-16 21:44:31 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-16 21:44:30 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-16 21:44:30 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-16 21:44:30 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-16 21:44:30 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-15 08:53:01 3145728 ----a-w- C:\Windows\System32\win32k.sys 2012-04-15 08:53:00 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-04-15 08:53:00 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-04-15 08:42:35 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-04-15 08:42:35 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-04-15 08:42:35 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-15 08:42:35 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-04-15 08:41:52 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-15 08:41:52 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-15 08:41:52 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-14 23:35:12 -------- d-----w- C:\Windows\System32\SPReview 2012-04-14 23:34:00 -------- d-----w- C:\Windows\System32\EventProviders 2012-04-14 18:05:25 -------- d-----w- C:\Users\Laptop\AppData\Roaming\FLEXnet 2012-04-14 09:10:32 -------- d-----w- C:\Users\Laptop\AppData\Roaming\Vodafone 2012-04-14 09:10:12 85504 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys 2012-04-14 09:10:11 117248 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys 2012-04-14 09:10:10 13952 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys 2012-04-14 09:10:06 219008 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys 2012-04-14 09:10:05 413696 ----a-w- C:\Windows\System32\drivers\ewusbnet.sys 2012-04-14 09:09:30 -------- d-----w- C:\ProgramData\Vodafone 2012-04-14 09:08:31 -------- d-----w- C:\Users\Laptop\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE} . ==================== Find3M ==================== . 2012-04-15 08:13:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-04-15 08:13:11 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-03-06 06:53:37 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-06 05:59:47 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-06 05:59:41 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-14 11:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-12 12:04:55 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl . ============= FINISH: 10:00:59.42 =============== Attach.TXT . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 24/06/2010 18:20:42 System Uptime: 09/05/2012 07:16:05 (3 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core i3 CPU M 330 @ 2.13GHz | N/A | 2133/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 455 GiB total, 335.943 GiB free. D: is Removable E: is Removable F: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP115: 16/04/2012 15:28:34 - ##IDS_ERROR_1717## RP116: 16/04/2012 22:38:54 - Windows Update RP117: 18/04/2012 03:00:22 - Windows Update RP118: 22/04/2012 17:24:38 - Restore Operation RP119: 25/04/2012 14:57:01 - VAIO Care Automatic Restore Point RP120: 25/04/2012 15:12:08 - Restore Operation RP121: 04/05/2012 17:59:22 - Removed VAIO Data Restore Tool RP122: 04/05/2012 18:00:21 - ##IDS_ERROR_1717## RP123: 09/05/2012 07:52:26 - ##IDS_ERROR_1715## . ==== Installed Programs ====================== . . Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles CS CS4 Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash Player 10 ActiveX Adobe Fonts All Adobe Linguistics CS4 Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 Support Adobe Reader 9.4.4 Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Type Support CS4 Adobe Update Manager CS4 Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Apple Application Support Apple Software Update ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 3 Compatibility Pack for the 2007 Office system Connect Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Evernote Facebook Video Calling 1.2.0.159 File Type Assistant Free File Viewer 2011 Google Chrome Google Earth Google Update Helper iLivid Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Rapid Storage Technology Intel® Turbo Boost Technology Driver Java 6 Update 16 Junk Mail filter update kuler Mahjong Escape - Ancient Japan Malwarebytes Anti-Malware version 1.61.0.1400 Media Gallery MFL-Pro Suite Microsoft Choice Guard Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft XML Parser Mozilla Firefox 10.0.2 (x86 en-GB) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MusicStation Norton 360 Norton Online Backup ParetoLogic DriverCure PDF Settings CS4 Photoshop Camera Raw PMB PMB VAIO Edition Guide PMB VAIO Edition plug-in (Click to Disc) PMB VAIO Edition plug-in (VAIO Image Optimizer) PMB VAIO Edition plug-in (VAIO Movie Story) PriceGong 2.1.0 QuickTime Realtek High Definition Audio Driver Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy Media Creator 10 LJ Roxio Easy Media Creator Home ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Setting Utility Series Skype Click to Call Skype™ 5.8 Sony Home Network Library Spybot - Search & Destroy Suite Shared Configuration CS4 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VAIO Care VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Intelligent Network Service Manager VAIO Content Metadata Manager Settings VAIO Content Metadata XML Interface Library VAIO Content Monitoring Settings VAIO Control Center VAIO DVD Menu Data VAIO Entertainment Platform VAIO Event Service VAIO Gate VAIO Gate Default VAIO Hardware Diagnostics VAIO Marketing Tools VAIO Media plus VAIO Media plus Opening Movie VAIO Movie Story Template Data VAIO Original Function Settings VAIO Personalization Manager VAIO Power Management VAIO Premium Partners VAIO Quick Web Access VAIO screensaver VAIO Smart Network VAIO Transfer Support VAIO Update 5 VAIO Wallpaper Contents VideoLAN VLC media player 0.8.6f Vodafone Mobile Broadband Lite Windows iLivid Toolbar Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 09/05/2012 09:56:49, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR5. 04/05/2012 17:40:14, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. . ==== End Of File ===========================
  6. Well I must thank you for your help, its been quite a long ride and you stuck it out to the end admirably. Many thanks. Dre...
  7. There is no DeFogger TXT file on the root of the C drive. I presume that means OTL did its job.
  8. ok I opened Task manager and went to end the OTL task and it said it couldn't end it as it was waiting for a response from me, so I exited and it was asking to reboot. Rebooted, and checked the file locations and its all deleted. I did run DeFogger in the begining, any way to check if it needs running of if OTL sorted it?
  9. Been stuck 15-20mins at least now.
  10. OK ran OTL, seemed to be stuck on: Processing [deleteself]...
  11. Already checked, there was no Log file.
  12. OK updated all the drivers, and then after a reboot ran ComboFix, result the same BSOD when it tried to delete files. Booted into Safe Mode, and ran ComboFix, because I didn't have networking I said not to install Recovery Console, (Even tho it should have been installed and is an option on boot) This time it deleted a load of files, rebooted and the ComboFix window popped up saying: Preparing Log report Do not run any programs until ComboFix has finished After about 5mins it said: ComboFix's log shall be located at C:ComboFix.txt Then BSOD BAD_POOL_HEADER) Rebooted PC. No log file.
  13. Should I update the drivers first, the out of date ones are: GFX, LAN, SATA, Chipset, Audio.
  14. Seems to be running ok, I have not installed AV yet, was just about to update some drivers, have only downloaded them so far.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.