Jump to content

Recommended Posts

Hi,

I have uninstalled Malwarebytes using the designated removal tool and I am still having problems with pop ups. I have attached a copy of FRST and addition.

 

Canany one help me - this ereror is driving me nuts and impacting upon the functionality of my computer. I am running malwarebytes Pro ona Windows XP OS on a Sony Vaio VGN AR11M

 

Hope someone can help,

 

Many thanks

 

Simon Banks

 

Now I can not add the files - I receive an 'Upload skipped (Error IO)' message. Pasted them instead.

 

Many thanks

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014
Ran by Simon at 2014-10-02 22:25:53
Running from C:\Documents and Settings\Simon\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Webroot SecureAnywhere (Disabled - Up to date) {D486329C-1488-4CEB-9CC8-D662B732D904}
FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

µTorrent (HKLM\...\uTorrent) (Version: 3.1.3 - )
Adobe Acrobat  7.0 Elements (HKLM\...\Adobe Acrobat  7.0 Elements) (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat  7.0 Elements (Version: 7.0.0 - Adobe Systems) Hidden
Adobe Common File Installer (Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Center 2.0 (Version: 2.0.0 - Adobe Systems) Hidden
Adobe Photoshop Elements 4.0 (HKLM\...\Adobe Photoshop Elements 4) (Version: 4.0 - Adobe Systems Inc.)
Adobe Photoshop Elements 4.0 (Version: 4.0 - Adobe Systems Inc.) Hidden
Adobe Premiere Elements 2.0 (HKLM\...\PremElem20) (Version: 2.0.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 2.0 (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 5.7.5.30 - Your Company Name) Hidden
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
All My Books 3.9 (HKLM\...\{3A9FE5C3-799E-4E41-AF4E-943F9BC4C4BD}_is1) (Version: 3.9 - Bolide Software)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AppMon Utility (HKLM\...\InstallShield_{8C44C027-7B9F-46F1-8FD8-5767403A7CA5}) (Version: 1.0.00.03150 - Sony Corporation)
AppMon Utility (Version: 1.0.00.03150 - Sony Corporation) Hidden
AV Mode Button Utility (HKLM\...\{1C70BE80-35E0-46DA-B81D-5BF5652F8D80}) (Version: 1.1.00.03020 - Sony Corporation)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
BBC iPlayer Desktop (Version: 3.2.13 - British Broadcasting Corp.) Hidden
BlackBerry Desktop Software 6.0.1 (Version: 6.0.1.18 - Research In Motion Ltd.) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.31(SO) - )
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
Canon Auto Update Service (HKLM\...\Auto Update Service) (Version: 1.1.2.18 - Canon Inc.)
Canon Digital Camera USB WIA Driver (HKLM\...\Canon Digital Camera USB WIA Driver) (Version:  - )
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version:  - )
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.9.0.8 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon PhotoRecord (HKLM\...\PhotoRecord) (Version:  - )
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM\...\Canon PhotoStitch 3.1) (Version:  - )
Canon Utilities RAW Image Converter (HKLM\...\Canon Utilities RAW Image Converter) (Version:  - )
Canon Utilities RemoteCapture 2.2 (HKLM\...\RemoteCapture) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Click to DVD 2.0.03 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.03 - Sony Corporation)
Click to DVD 2.5.32 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.5.32 - Sony Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dashlane (HKCU\...\Dashlane) (Version: 2.4.1.63897 - Dashlane SAS)
DriverPack Solution Updater (HKCU\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DSD Direct (HKLM\...\{C27BF761-C499-488D-A964-A3718BC6EC3E}) (Version: 1.0.02 - Sony Corporation)
Elevated Installer (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
essentials (Version: 6.0.14.0 - Eastman Kodak Company) Hidden
Garmin Express (HKLM\...\{d6f59919-3fd4-48c5-8404-def6f92d8422}) (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google AFE (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Chrome Frame (HKLM\...\Google Chrome Frame) (Version: 32.0.1700.107 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003) (Version:  - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Memories Disc (HKLM\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Photo and Imaging 2.0 - Scanners (HKLM\...\{6CC93102-135E-49E2-99A4-C431E671C12A}) (Version: 2.0.0000 - {&Tahoma8}Hewlett-Packard)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
Image Converter 2 Plus (HKLM\...\{63B8FB69-A1B6-425D-B67D-5257B7A1F663}) (Version: 2.2.04 - Sony Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version:  - Intel Corporation)
InterVideo WinDVD for VAIO (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.784 - InterVideo Inc.)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 7.5.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.5.0 - )
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
LoiLoScope Download (HKLM\...\{C2A254F4-AC74-482F-8F09-DB2843AC2AAE}_is1) (Version: 2.0 - LoiLo inc)
Malwarebytes Anti-Exploit version 0.09.5.1000 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 0.09.5.1000 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MapSource - Atlantic BlueChart v4.00 (HKLM\...\{664BCF28-C038-4F06-8BF4-A0F2D24C44EE}) (Version:  - )
mCore (Version: 5.40.0000 - Intel Corporation) Hidden
mDriver (Version: 5.40.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM\...\{91130409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Desktop Engine (VAIO_VEDB) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
mMHouse (Version: 5.40.0000 - Intel Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
mPfMgr (Version: 5.40.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.40.0000 - Intel Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.54.32 - NVIDIA Corporation)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenCPN 3.2.2 (HKLM\...\OpenCPN 3.2.2) (Version: 3.2.2 - opencpn.org)
OpenMG Limited Patch 4.4-06-13-19-01 (HKLM\...\OpenMG HotFix4.4-05-12-06-01) (Version:  - )
OpenMG Secure Module 4.4.00 (HKLM\...\InstallShield_{CFB17307-B244-4EAD-AE8E-CDAF440477C2}) (Version: 4.4.00.11241 - Sony Corporation)
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241 - Sony Corporation) Hidden
PHOTOfunSTUDIO 9.3 PE (HKLM\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Rapport (Version: 3.5.1307.93 - Trusteer) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio DigitalMedia Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.7 - Roxio)
Roxio DigitalMedia Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.7 - Roxio)
Roxio DigitalMedia Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.7 - Roxio)
RulesMaster Pro (HKLM\...\RulesMaster Pro) (Version:  - )
Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version:  - )
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4802.0 - SigmaTel)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SonicStage 3.4 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 3.4 - Sony Corporation)
SonicStage Mastering Studio 2.2 (HKLM\...\{BF3B304B-8A18-452D-A19F-6012CA8418D7}) (Version:  - )
SonicStage Mastering Studio Audio Filter (HKLM\...\{AB467B85-4F52-48C2-AEED-0673D00417B0}) (Version:  - )
SonicStage Mastering Studio Audio Filter Custom Preset (HKLM\...\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}) (Version:  - )
SonicStage Mastering Studio Plugins (HKLM\...\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}) (Version:  - )
Sony MP4 Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 2.0 - Sony Corporation)
Sony USB Mouse (HKLM\...\MouseSuite98) (Version:  - )
Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version:  - )
Sony Video Shared Library (HKLM\...\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}) (Version: 2.0.01 - Sony Corporation)
SSH Secure Shell (HKLM\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version:  - )
Trend Micro RUBotted 2.0 Beta (HKLM\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1030 - Trend Micro, Inc.)
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1307.93 - Trusteer)
Ugrib RC1 (HKLM\...\Ugrib_is1) (Version: Release Candidate 0.2.4 - GRIB.US)
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB910393) (HKLM\...\KB910393) (Version:  - Microsoft Corporation)
Update for Windows Media Player 10 (KB913800) (HKLM\...\KB913800) (Version:  - Microsoft Corporation)
Update for Windows Media Player 10 (KB926251) (HKLM\...\KB926251) (Version:  - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
VAIO Camera Utility (HKLM\...\{1417F599-1DBD-4499-9375-B2813E9F890C}) (Version:  - )
VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version:  - )
VAIO Edit Components (Version: 6.6 - Sony Corporation) Hidden
VAIO Edit Components 6.6 (HKLM\...\{B7C03E84-AF46-42F4-809D-D4127D9086D0}) (Version: 6.6 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 1.3.30.11290 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 2.3.00.03300 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )
VAIO Information FLOW (HKLM\...\{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}) (Version: 1.2.00.13160 - Sony Corporation)
VAIO Media 5.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 5.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Integrated Server 5.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 5.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 5.0.10 - Sony Corporation)
VAIO Media Registration Tool 5.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 5.0.00 - Sony Corporation)
VAIO Online Registration (English) (HKLM\...\InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}) (Version: 4.6.0.0 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents (HKLM\...\{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}) (Version:  - )
VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 1.8.01.03310 - Sony Corporation)
VAIO Product Survey (HKLM\...\InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}) (Version: 1.1.2.1 - Sony Corporation)
VAIO Update (HKLM\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.6.1.02150 - Sony Corporation)
VAIO Update Merge Module x86 (Version: 5.6.10270 - Sony Corporation) Hidden
VAIO Update Merge Module x86 (Version: 5.7.13130 - Sony Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VOR (Version: 4.6.0.0 - Sony Corporation) Hidden
VPS (Version: 1.1.2.1 - Sony Corporation) Hidden
VU5x86 (Version: 1.0.0 - Sony Corporation ) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireless LAN Starter (HKLM\...\{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}) (Version:  - )
Wireless Switch Setting Utility (HKLM\...\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}) (Version:  - )
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version:  - ) <==== ATTENTION

==================== Restore Points  =========================

01-10-2014 18:34:44 System Checkpoint
02-10-2014 19:34:40 System Checkpoint
02-10-2014 20:14:48 avast! antivirus system restore point

==================== Hosts content: ==========================

2006-03-24 09:26 - 2013-10-20 18:27 - 00000019 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\DOCUME~1\Simon\APPLIC~1\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-391862387-3288958817-4000765809-1006Core.job => C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-391862387-3288958817-4000765809-1006UA.job => C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HubTask 0 {0E7C166E-2D2F-4269-9034-DE1898BF2B1A} 0~0.job => C:\Program Files\Common Files\Sonic Shared\Sonic Central\Main\Mediahub.exe
Task: C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-391862387-3288958817-4000765809-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-391862387-3288958817-4000765809-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2012-05-03 23:27 - 2014-06-30 19:23 - 01404120 _____ () C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2005-11-28 12:59 - 2005-11-28 12:59 - 00876544 ____N () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-11-28 12:59 - 2005-11-28 12:59 - 00053322 ____N () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-11-28 12:59 - 2005-11-28 12:59 - 00208965 ____N () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-10-02 17:29 - 2014-10-02 17:29 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070200\algo.dll
2014-10-02 21:24 - 2014-10-02 21:24 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070201\algo.dll
2004-07-20 17:04 - 2004-07-20 17:04 - 00094208 ____N () C:\WINDOWS\system32\TosBtHcrpAPI.dll
2005-09-09 03:24 - 2005-09-09 03:24 - 00102400 ____N () C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
2006-03-24 09:26 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2006-03-24 09:26 - 2013-01-02 07:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2006-03-24 09:26 - 2008-04-14 01:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-03-24 09:26 - 2008-04-14 01:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2005-08-05 14:05 - 2005-08-05 14:05 - 00064512 ____N () C:\WINDOWS\system32\MSNP.ax
2006-03-24 09:26 - 2005-08-05 14:06 - 00165376 _____ () C:\WINDOWS\system32\mpg2splt.ax
2005-08-05 15:02 - 2006-10-09 17:12 - 00224256 _____ () C:\WINDOWS\system32\PsisRndr.ax
2006-03-24 09:27 - 2005-08-05 15:01 - 00167936 _____ () C:\WINDOWS\system32\WSTPager.ax
2006-03-24 09:26 - 2005-08-05 15:01 - 00159744 _____ () C:\WINDOWS\system32\VBICodec.ax
2006-03-24 09:26 - 2011-10-14 18:38 - 00456192 _____ () C:\WINDOWS\system32\encdec.dll
2005-08-05 15:01 - 2006-10-09 17:12 - 00235008 _____ () C:\WINDOWS\system32\PsisDecd.dll
2006-03-24 09:26 - 2005-08-05 15:01 - 00062976 _____ () C:\WINDOWS\system32\Mpeg2Data.ax
2011-11-05 22:03 - 2011-07-22 09:00 - 03576320 ____N () C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
2011-11-05 22:03 - 2011-07-22 16:00 - 00736644 ____N () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-53.dll
2011-11-05 22:03 - 2011-07-22 16:00 - 05270754 ____N () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-53.dll
2011-11-05 22:03 - 2011-07-22 16:00 - 00213337 ____N () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-51.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2006-04-11 10:06 - 2005-05-20 17:42 - 00010752 ____N () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2006-03-24 09:26 - 2007-04-02 13:49 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
2010-07-14 08:26 - 2006-01-07 02:36 - 00081920 ____N () C:\Program Files\Sony\SonicStage\SSAAD.exe
2014-03-03 21:42 - 2014-03-03 21:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-02 20:09 - 2014-10-02 20:09 - 00043008 _____ () c:\Documents and Settings\Simon\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvoaehy.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Documents and Settings\Simon\Application Data\Dropbox\bin\libcef.dll
2014-05-09 22:02 - 2014-06-18 23:05 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-05-27 15:37 - 2014-05-27 15:37 - 00224952 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlanef_300.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 04805304 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 00423608 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 00255160 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 00363704 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 28239544 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 12154040 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 00263352 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.2.4.1.63897.dll
2014-05-27 15:38 - 2014-05-27 15:38 - 02041528 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.2.4.1.63897.dll
2013-10-13 21:39 - 2014-05-27 15:38 - 00219832 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\Dashlane.exe
2014-05-27 15:37 - 2014-05-27 15:37 - 04319416 _____ () C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.2.4.1.63897.dll
2002-04-17 10:49 - 2002-04-17 10:49 - 00024576 ____N () c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
2002-04-17 10:49 - 2002-04-17 10:49 - 00077824 ____N () c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============



HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BeoPlayer.lnk => C:\WINDOWS\pss\BeoPlayer.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Simon^Start Menu^Programs^Startup^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Simon^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Anti-phishing Domain Advisor => "C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint\Apoint.exe
MSCONFIG\startupreg: AppMon Utility => C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe @@@Start
MSCONFIG\startupreg: Beoplayertray => C:\Program Files\Bang & Olufsen\BeoPlayer\Beotray.exe
MSCONFIG\startupreg: chromium => C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DrvUpdater => C:\Documents and Settings\Simon\Application Data\DRPSu\DrvUpdater.exe
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: F44BE43CC11D91D3DC25D5C54CC07C7B74D7AEB3._service_run => "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: ISBMgr.exe => C:\Program Files\Sony\ISB Utility\ISBMgr.exe
MSCONFIG\startupreg: KernelFaultCheck =>
MSCONFIG\startupreg: Mouse Suite 98 Daemon => ICO.EXE
MSCONFIG\startupreg: NBAgent => "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PDService.exe => C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Share-to-Web Namespace Daemon => c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
MSCONFIG\startupreg: SonyPowerCfg => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
MSCONFIG\startupreg: SsAAD.exe => C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Switcher.exe => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: Trend Micro RUBotted V2.0 Beta => C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
MSCONFIG\startupreg: VAIO Update 5 => "C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
MSCONFIG\startupreg: VAIOCameraUtility => "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2014 10:24:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/02/2014 10:24:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/02/2014 08:07:59 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error code = 0x80040e14)

Error: (10/02/2014 08:07:42 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 07:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avastui.exe, version 9.0.2018.401, faulting module libcef.dll, version 1.1453.1255.0, fault address 0x00848379.
Processing media-specific event for [avastui.exe!ws!]

Error: (10/02/2014 07:38:17 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error code = 0x80040e14)

Error: (10/02/2014 07:38:00 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 05:26:29 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error code = 0x80040e14)

Error: (10/02/2014 05:26:14 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 08:33:33 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error code = 0x80040e14)


System errors:
=============
Error: (10/02/2014 09:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (10/02/2014 08:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (10/02/2014 08:08:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (10/02/2014 08:07:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193

Error: (10/02/2014 08:07:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Trend Micro RUBotted Service service failed to start due to the following error:
%%1053

Error: (10/02/2014 08:07:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Trend Micro RUBotted Service service to connect.

Error: (10/02/2014 07:57:00 PM) (Source: Schedule) (EventID: 7901) (User: )
Description: The At1.job command failed to start due to the following error:
%%2147942403

Error: (10/02/2014 07:38:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (10/02/2014 07:38:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XAudioService service failed to start due to the following error:
%%193

Error: (10/02/2014 07:38:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Trend Micro RUBotted Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (10/02/2014 10:24:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/02/2014 10:24:09 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/02/2014 08:07:59 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81}0x80040e14

Error: (10/02/2014 08:07:42 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 07:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avastui.exe9.0.2018.401libcef.dll1.1453.1255.000848379

Error: (10/02/2014 07:38:17 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81}0x80040e14

Error: (10/02/2014 07:38:00 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 05:26:29 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81}0x80040e14

Error: (10/02/2014 05:26:14 PM) (Source: STacSV) (EventID: 32767) (User: NT AUTHORITY)
Description: Connection to BassMgrHDA COM interface failed

Error: (10/02/2014 08:33:33 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81}0x80040e14


==================== Memory info ===========================

Percentage of memory in use: 83%
Total physical RAM: 2046.11 MB
Available physical RAM: 337.72 MB
Total Pagefile: 3935.82 MB
Available Pagefile: 2214.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.04 MB

==================== Drives ================================

Drive c: (VAIO) (Fixed) (Total:46.84 GB) (Free:15.18 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (VAIO) (Fixed) (Total:32.61 GB) (Free:17.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: F9FBF7AC)
Partition 1: (Not Active) - (Size=7 GB) - (Type=12)
Partition 2: (Active) - (Size=47 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=95 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014
Ran by Simon (administrator) on YOUR-187FDF43C9 on 02-10-2014 22:23:33
Running from C:\Documents and Settings\Simon\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
(CANON INC.) C:\WINDOWS\system32\CNAB4RPK.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\PROGRA~1\Sony\SONICS~1\SSAAD.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Dropbox, Inc.) C:\Documents and Settings\Simon\Application Data\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\DOCUME~1\Simon\APPLIC~1\Dashlane\Dashlane.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
() C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ssAAD.exe] => C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2006-01-07] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [13590528 2011-12-17] (NVIDIA Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [273544 2011-06-02] (RealNetworks, Inc.)
Winlogon\Notify\VESWinlogon: C:\WINDOWS\system32\VESWinlogon.dll (Sony Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Run: [GoogleChromeAutoLaunch_BB7E6CE705E9E15ABCB72D3060D30B1F] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-391862387-3288958817-4000765809-1006\...\Policies\Explorer: [NoInstrumentation] 0
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk
ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Documents and Settings\Simon\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Simon\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google AFE\GoogleAFE.dll (Google)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default
FF Homepage: https://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.652 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Simon\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Simon\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Simon\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\searchplugins\dogpile.xml
FF SearchPlugin: C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\searchplugins\mailru---.xml
FF Extension: British English Dictionary - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-07-29]
FF Extension: British English Dictionary (Updated) - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\en-gb@flyingtophat.co.uk [2014-03-14]
FF Extension: Autofill Forms - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\autofillForms@blueimp.net.xpi [2011-06-11]
FF Extension: FoxBleed - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\jid1-Ni8A2ixlGmYBiw@jetpack.xpi [2014-04-11]
FF Extension: English (GB) Language Pack - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2014-03-14]
FF Extension: Open Link in New Tab - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\openlinkintab@piro.sakura.ne.jp.xpi [2013-08-11]
FF Extension: New Tab Homepage - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2011-04-10]
FF Extension: Shorten URL (bit.ly) - C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\9s7ntazu.default\Extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi [2011-06-29]
FF Extension: avast! Ad Blocker - C:\Program Files\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2014-05-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-31]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-03]
FF HKCU\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}
FF Extension: Dashlane - C:\Documents and Settings\Simon\Application Data\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2014-05-30]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Dashlane) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\2.3.3.52783_0\npDashlane.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (BitCometAgent) - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll (BitComet)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Documents and Settings\Simon\Application Data\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Extension: (Google Docs) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-16]
CHR Extension: (Google Drive) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-16]
CHR Extension: (YouTube) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Google Search) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (MaskMe) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2013-10-07]
CHR Extension: (Dashlane) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2014-02-24]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14]
CHR Extension: (Gmail) - C:\Documents and Settings\Simon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-16]
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\Simon\LOCALS~1\Temp\crx40.tmp [2013-07-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]

========================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor4.0; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-23] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-11-28] (Intel Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [32768 2005-07-14] (Sony Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-11-28] (Intel Corporation) [File not signed]
S2 RUBotSrv; C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe [439632 2010-12-17] (Trend Micro Inc.)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation ) [File not signed]
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-11-24] (Sony Corporation) [File not signed]
S3 SQLAgent$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-01-06] (Sony Corporation) [File not signed]
R2 STacSV; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [86016 2006-03-31] (SigmaTel, Inc.) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2005-11-25] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [160256 2006-03-19] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2084864 2006-01-16] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [57344 2005-10-11] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [770048 2005-10-11] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [155648 2005-12-21] (Sony Corporation) [File not signed]
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [270336 2005-11-28] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [939624 2012-01-13] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [167936 2005-11-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2005-11-28] (Sony Corporation) [File not signed]
S2 XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [386560 2007-01-10] (Conexant Systems, Inc.) [File not signed]
S2 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-24] (Meetinghouse Data Communications) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-08] (Oak Technology Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-10-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414392 2014-10-02] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 AVerM115S; C:\WINDOWS\System32\DRIVERS\AVerM115S.sys [741376 2006-04-11] (AVerMedia Technologies, Inc.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [177376 2012-09-21] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys [44632 2014-01-16] ()
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [202112 2005-10-18] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSX_DPV.sys [986624 2007-01-10] (Conexant Systems, Inc.) [File not signed]
R3 HSXHWAZL; C:\WINDOWS\System32\DRIVERS\HSXHWAZL.sys [206848 2007-01-10] (Conexant Systems, Inc.) [File not signed]
R3 IrBus; C:\WINDOWS\System32\DRIVERS\IrBus.sys [46848 2013-07-17] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-02] (Malwarebytes Corporation)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2007-01-10] (Conexant) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 Mvc25U870_VID_1262&PID_25FD; C:\WINDOWS\System32\Drivers\Mvc25U870.sys [52992 2006-04-05] (Micro Vision Co.,Ltd)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [4221952 2009-10-26] (Intel Corporation)
R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
R3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [39264 2012-04-01] (VSO Software) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [45744 2011-10-04] (Rovi Corporation)
R1 RapportCerberus_69108; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_69108.sys [358040 2014-06-30] ()
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation) [File not signed]
R0 SI3132; C:\WINDOWS\System32\DRIVERS\SI3132.sys [67456 2005-09-21] (Silicon Image, Inc.)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [5248 2005-09-20] (Silicon Image, Inc.)
R3 SonyImgF; C:\WINDOWS\System32\DRIVERS\SonyImgF.sys [29184 2005-12-27] (Sony Corporation) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1155672 2006-03-31] (SigmaTel, Inc.)
R3 ti21sony; C:\WINDOWS\System32\drivers\ti21sony.sys [812544 2007-04-23] (Texas Instruments)
S3 toshidpt; C:\WINDOWS\System32\drivers\Toshidpt.sys [3712 2005-07-11] (TOSHIBA Corporation.) [File not signed]
R3 tosporte; C:\WINDOWS\System32\DRIVERS\tosporte.sys [47104 2005-11-24] (TOSHIBA Corporation) [File not signed]
R3 Tosrfbd; C:\WINDOWS\System32\Drivers\tosrfbd.sys [108928 2006-02-02] (TOSHIBA CORPORATION) [File not signed]
R3 Tosrfbnp; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [37632 2005-12-14] (TOSHIBA Corporation) [File not signed]
R3 Tosrfhid; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [62848 2006-02-08] (TOSHIBA Corporation.) [File not signed]
R3 tosrfnds; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\WINDOWS\System32\drivers\TosRfSnd.sys [52864 2005-11-11] (TOSHIBA Corporation) [File not signed]
R3 Tosrfusb; C:\WINDOWS\System32\Drivers\tosrfusb.sys [39808 2006-01-31] (TOSHIBA CORPORATION) [File not signed]
S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-05] (Intel® Corporation)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSX_CNXT.sys [659968 2007-01-10] (Conexant Systems, Inc.) [File not signed]
R2 XAudio; C:\WINDOWS\System32\DRIVERS\xaudio.sys [8192 2007-01-10] (Conexant Systems, Inc.) [File not signed]
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20101029.001\symidsco.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2014-10-02 22:23 - 2014-10-02 22:23 - 00000000 ____D () C:\FRST
2014-10-02 21:24 - 2014-10-02 21:24 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-10-02 21:23 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-02 21:23 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-02 21:15 - 2014-10-02 21:15 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-02 21:15 - 2014-10-02 21:15 - 00001737 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-10-02 19:28 - 2014-10-02 19:42 - 00001105 _____ () C:\WINDOWS\setupapi.log
2014-10-02 08:04 - 2014-10-02 08:04 - 00341832 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-02 07:59 - 2014-10-02 07:59 - 00081448 _____ () C:\Documents and Settings\Simon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-02 05:58 - 2014-10-02 05:58 - 00014912 _____ () C:\Documents and Settings\Simon\My Documents\cc_20141002_055823.reg

==================== One Month Modified Files and Folders =======

2014-10-02 22:24 - 2014-02-28 23:46 - 01440638 _____ () C:\WINDOWS\pfirewall.log
2014-10-02 22:24 - 2010-11-14 23:17 - 00000000 ____D () C:\Documents and Settings\Simon\Local Settings\Temp
2014-10-02 22:23 - 2014-10-02 22:23 - 00000000 ____D () C:\FRST
2014-10-02 22:21 - 2006-03-24 09:27 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-10-02 21:57 - 2013-10-13 20:57 - 00000414 _____ () C:\WINDOWS\Tasks\At1.job
2014-10-02 21:51 - 2014-02-01 22:03 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-02 21:24 - 2014-10-02 21:24 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-02 21:23 - 2014-10-02 21:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-10-02 21:15 - 2014-10-02 21:15 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-02 21:15 - 2014-10-02 21:15 - 00001737 _____ () C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-10-02 21:15 - 2014-04-23 22:19 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-02 21:15 - 2014-03-03 21:43 - 00000316 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-10-02 21:15 - 2014-03-03 21:42 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00414392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-02 21:15 - 2014-03-03 21:42 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-10-02 21:15 - 2014-03-03 21:42 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-02 20:10 - 2014-05-03 19:09 - 00000000 ____D () C:\Documents and Settings\Simon\Application Data\DropboxMaster
2014-10-02 20:10 - 2012-12-14 22:56 - 00000000 ___RD () C:\Documents and Settings\Simon\Desktop\Dropbox
2014-10-02 20:10 - 2011-06-08 22:07 - 00000000 ____D () C:\Documents and Settings\Simon\Application Data\Dropbox
2014-10-02 20:09 - 2006-04-26 03:38 - 00196974 _____ () C:\WINDOWS\system32\nvapps.xml
2014-10-02 20:09 - 2006-03-24 09:42 - 01095156 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-02 20:08 - 2014-03-04 20:37 - 00000470 _____ () C:\WINDOWS\Tasks\Malwarebytes Anti-Exploit.job
2014-10-02 20:08 - 2006-03-24 09:39 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-02 20:07 - 2013-03-04 23:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kodak
2014-10-02 20:07 - 2012-10-25 17:20 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-10-02 20:07 - 2012-10-25 17:20 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-10-02 20:07 - 2011-02-02 20:21 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-391862387-3288958817-4000765809-1006.job
2014-10-02 20:07 - 2006-03-24 09:48 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-02 20:04 - 2012-10-25 17:20 - 00032618 _____ () C:\WINDOWS\SchedLgU.Txt
2014-10-02 19:42 - 2014-10-02 19:28 - 00001105 _____ () C:\WINDOWS\setupapi.log
2014-10-02 08:30 - 2013-04-05 19:32 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-10-02 08:04 - 2014-10-02 08:04 - 00341832 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-02 07:59 - 2014-10-02 07:59 - 00081448 _____ () C:\Documents and Settings\Simon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-02 05:58 - 2014-10-02 05:58 - 00014912 _____ () C:\Documents and Settings\Simon\My Documents\cc_20141002_055823.reg
2014-10-02 05:57 - 2010-07-14 08:20 - 00000000 ____D () C:\Documents and Settings\Simon
2014-10-01 22:45 - 2014-02-28 23:46 - 03996133 _____ () C:\WINDOWS\pfirewall.log.old
2014-09-30 23:17 - 2012-04-01 23:52 - 00359642 ____C () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Documents and Settings\Simon\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvoaehy.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Link to post
Share on other sites

Hi:

 

I am a bit confused, because you say you have uninstalled MBAM, but your log shows that it is installed.

 

What "popups" are you seeing -- from malware/infection or from MBAM program notifications?

 

Do I understand you correctly that you think you might be infected?

 

If MBAM is installed on the computer, it would help to see the results of the other scanning tool, mbam-check.

So, I suggest that you please read this pinned topic and post back with log produced by mbam-check (checkresults.txt): Diagnostic Logs.

 

Once you can clarify the "popups" (malware/infection or notifications from MBAM) and can provide a complete set of logs, we will be better able to advise you.

 

ALSO: You have 2 anti-virus (AV) programs installed (Avast and Webroot). That's a bad idea -- having multiple AVs can cause system slowdowns, clashes, crashes, conflicts and reduced security.  I would suggest fully uninstalling one or the other -- using the vendor's removal tool, if available -- and rebooting.

 

Thanks,

Link to post
Share on other sites

Hi, Thanks for your help.

 

The error message in the popups reads ' The beta testing period has ended and Malwarebytes anti-exploit is not protecting you anymore. Please contact us to obtain a newer version.' The popup comes eveytime I attempt to open a new browser window, either Firefox or Chrome.

 

I have uninstalled WebRoot folder, although I was not aware that it was on the system and it did not appear to be running.

 

I am unable to attach the CheckFile as I get an 'upload skipped error'

 

Below is a copy

 

Many thanks

 

Zebracar

 

 

 

mbam-check result log version:     2.1.0.0002
========================================

User Account type:                 Administrator
OS:                                Windows XP Service Pack 3 Service Pack 3 32 bit Operating System
Current Build Number:              2600
Current Version Number:            5.1
Current CSDVersion:                Service Pack 3
OS Product Info: Professional

Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/10/02
Malware Database:                  2014.07.03.06
Rootkit Database:                  2014.07.03.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Premium
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/10/03 22:29:36
Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\WINDOWS\system32\svchost.exeREG_SZ        EnableNXShowUI
    C:\Program Files\Google\Chrome\Application\chrome.exeREG_SZ        EnableNXShowUI
    C:\WINDOWS\system32\spoolsv.exeREG_SZ        EnableNXShowUI
    C:\Documents and Settings\Simon\My Documents\Downloads\FRST.exeREG_SZ        EnableNXShowUI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers


Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\WINDOWS\system32\drivers\mbam.sys
File Size: 23256     BYTES    FileVersion: 0.1.13.0    MD5: [8683c1b450f4b3872839308d836e0f92]
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
File Size: 110296    BYTES    FileVersion: 0.1.7.0    MD5: [12e71da845d76665b56753ad149e32b3]
C:\WINDOWS\system32\drivers\mbamchameleon.sys
File Size: 53208     BYTES    FileVersion: 1.0.4.0    MD5: [aed25cdb09fb4e56f45daf6c9a1d3ed3]

--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A


Required Dependencies:
======================

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    Type                          REG_DWORD        2
    Start                         REG_DWORD        0
    ErrorControl                  REG_DWORD        1
    Tag                           REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    DisplayName                   REG_SZ        FltMgr
    Group                         REG_SZ        FSFilter Infrastructure
    Description                   REG_SZ        File System Filter Manager Driver
    AttachWhenLoaded              REG_DWORD        0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security
    Security                      REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1


C:\WINDOWS\system32\drivers\fltmgr.sys
File Size: 129792    BYTES    FileVersion: 5.1.2600.5512    MD5: [b2cf4b0786f8212cb92ed2b50c6db6b0]
C:\WINDOWS\system32\comctl32.ocx
File Size: 608448    BYTES    FileVersion: 6.0.81.5    MD5: [eb5f811c1f78005b3c147599a0cccf51]
C:\WINDOWS\system32\mscomctl.ocx
File Size: 1077336   BYTES    FileVersion: 6.1.95.45    MD5: [f7bbb7d79adb9e3adc13f3b3c33d3d4d]
C:\WINDOWS\system32\olepro32.dll
File Size: 84992     BYTES    FileVersion: 5.1.2600.5512    MD5: [5652f6ce1d9e9d8068b9d29bc21b5409]


MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    LimitedMode:                                               false
    StartSilentMode:                                           false
    StartupDelay:                                              0
ApplicationState:
    First-Run-After-Installation:                              false
General:
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          false
    SilentErrors:                                              false
Logging:
    ExportLog:                                                 true
Notification:
ProtectionTray:
    DisplayMilliseconds:                                       7000
ScanHistory:
    Duration_Driver:                                           0
    Duration_Filesystem:                                       96000
    Duration_Heuristics:                                       8000
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 0
    Duration_Memory:                                           40000
    Duration_PreScan:                                          44000
    Duration_Registry:                                         3000
    Duration_Sector:                                           0
    Duration_Startup:                                          7000
    ItemCount_Driver:                                          0
    ItemCount_Filesystem:                                      6890
    ItemCount_Heuristics:                                      108509
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                0
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        38948
    ItemCount_Sector:                                          0
    ItemCount_Startup:                                         447
    LastScanDateEpoch:                                         0
    LastScanType:                                              0 (No Previous Scans)
Update:
    LastUpdate:                                                2014-10-03T20:42:10
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    1
    ProxyPassword:                                              
    ProxyPort:                                                 0
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
--------------Account:--------------
  Account Status:                                              Premium
  Expiration Time:                                             2034/10/02 21:25:59
  Activation Time:                                             2014/10/02 21:25:59
  Trial Used:                                                  false
--------------Access Policies:--------------

Scheduler Queue:
================

tasks:
    10e681f4-8a7a-465e-a36d-7250db32e486:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             true
        TaskType:                                              3
      triggers:                                                 
        f78aed9d-47e1-429e-871e-92c0aa8de8e4:                   
          dateinterval:                                        0:0:0
          lastscheduled:                                       Fri, 03 Oct 2014 21:41:57.281250 +0100
          lasttriggered:                                       Fri, 03 Oct 2014 21:41:57.281250 +0100
          nextscheduled:                                       Fri, 03 Oct 2014 22:35:25.281250 +0100
          recovery:                                            00:00:00
          start:                                               Thu, 02 Oct 2014 21:51:59.250000 +0100
          timeinterval:                                        01:00:00
          type:                                                3
          uuid:                                                f78aed9d-47e1-429e-871e-92c0aa8de8e4
      type:                                                    update
      uuid:                                                    10e681f4-8a7a-465e-a36d-7250db32e486
    1ebe7331-af55-463d-bfab-176255db9fa7:                       
      parameters:                                               
        CheckForUpdatesBeforeScanStart:                        true
        ProcessLaunchedFromScheduler:                          true
        ScanConfig:                                             
          ExitWhenNoMalwareDetected:                           false
          ExportLog:                                           true
          FileSystemOption:                                    true
          RebootSystemWhenMalwareDetected:                     false
          RemoveMalwareAutomaticallyWhenScanEnds:              false
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        true
          ScanRootkits:                                        false
          ScanStartup:                                         true
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
          TerminateExplorerWhenMalwareIsRemoved:               false
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
      triggers:                                                 
        e7ce58f7-9b15-4c83-a777-d32dc454e522:                   
          dateinterval:                                        1:0:0
          lastscheduled:                                       Fri, 03 Oct 2014 19:12:56.343750 +0100
          lasttriggered:                                       Fri, 03 Oct 2014 19:12:56.343750 +0100
          nextscheduled:                                       Sat, 04 Oct 2014 19:08:41.343750 +0100
          recovery:                                            23:00:00
          start:                                               Fri, 03 Oct 2014 02:19:32 +0100
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                e7ce58f7-9b15-4c83-a777-d32dc454e522
      type:                                                    scan
      uuid:                                                    1ebe7331-af55-463d-bfab-176255db9fa7

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD        2
    Start                         REG_DWORD        3
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    \??\C:\WINDOWS\system32\drivers\mbam.sys
    Group                         REG_SZ        FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ    FltMgr

    DependOnGroup                 REG_DWORD        0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ        MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ        328800
    Flags                         REG_DWORD        0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ        mbampt.exe
    ProductPath                   REG_SZ        C:\Program Files\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Security
    Security                      REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
    0                             REG_SZ        Root\LEGACY_MBAMPROTECTOR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ    MBAMProtector

    DependOnGroup                 REG_DWORD        0
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Security
    Security                      REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Enum
    0                             REG_SZ        Root\LEGACY_MBAMSERVICE\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe"
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware scheduler
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler\Security
    Security                      REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler\Enum
    0                             REG_SZ        Root\LEGACY_MBAMSCHEDULER\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  4 (The service is running.) (State is stopped)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0


TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

LAN Settings:
=============

No Settings are Set        <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition    REG_SZ        \Device\HarddiskVolume2

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
        h:mm:ss tt
        AM
        PM
        :

Currently:
REG_SZ        HH:mm:ss
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:
===============================

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's startup Folder Exists.


Context Menu Entries:
=====================
















List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes Anti-Malware\
7z.dll                                      File Size: 920888    BYTES    FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                                 File Size: 2261      BYTES    FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                                 File Size: 39478     BYTES    FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                                 File Size: 1258      BYTES    FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                    File Size: 579896    BYTES    FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                    File Size: 6970168   BYTES    FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                                File Size: 1680696   BYTES    FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                                 File Size: 54072     BYTES    FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                                 File Size: 157496    BYTES    FileVersion:  3.0.4.0        MD5: [1be09650974c36d9b2a890eea0c338c3]
mbampt.exe                                  File Size: 39736     BYTES    FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                           File Size: 1809720   BYTES    FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                             File Size: 860472    BYTES    FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                                 File Size: 4437816   BYTES    FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                                File Size: 421688    BYTES    FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                                File Size: 774456    BYTES    FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                                 File Size: 2732856   BYTES    FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                                  File Size: 8575288   BYTES    FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                              File Size: 909112    BYTES    FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                                File Size: 22964     BYTES    FileVersion:  N/A            MD5: [ff8a99c79ae824ead47a5c402acb321e]
unins000.exe                                File Size: 718037    BYTES    FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                               File Size: 235882    BYTES    FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                          File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                             File Size: 1181496   BYTES    FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                                 File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                                File Size: 750392    BYTES    FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

C:\Program Files\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                   File Size: 32568     BYTES    FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]

C:\Program Files\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                                  File Size: 144048    BYTES    FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                                  File Size: 145523    BYTES    FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                                  File Size: 132254    BYTES    FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                                  File Size: 141243    BYTES    FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                                  File Size: 130101    BYTES    FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                                  File Size: 149462    BYTES    FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                                  File Size: 149912    BYTES    FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                                  File Size: 115961    BYTES    FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                                  File Size: 130487    BYTES    FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                                  File Size: 138126    BYTES    FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                                  File Size: 144256    BYTES    FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                                  File Size: 149253    BYTES    FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                                  File Size: 116101    BYTES    FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                                  File Size: 139841    BYTES    FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                                  File Size: 145621    BYTES    FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                                  File Size: 143102    BYTES    FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                                  File Size: 146851    BYTES    FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                                  File Size: 121282    BYTES    FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                                  File Size: 118033    BYTES    FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                                  File Size: 146325    BYTES    FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                                  File Size: 142918    BYTES    FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                                  File Size: 145434    BYTES    FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                               File Size: 131739    BYTES    FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                               File Size: 149128    BYTES    FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                                  File Size: 121166    BYTES    FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                                  File Size: 122186    BYTES    FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                                  File Size: 119827    BYTES    FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                                  File Size: 143191    BYTES    FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                                  File Size: 143261    BYTES    FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                                  File Size: 142525    BYTES    FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                                  File Size: 142194    BYTES    FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                                  File Size: 126874    BYTES    FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                               File Size: 110870    BYTES    FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                               File Size: 821560    BYTES    FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

C:\Documents and Settings\Simon\Application Data\Malwarebytes\Malwarebytes Anti-Malware

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                                 File Size: 314       BYTES    FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
exclusions.dat                              File Size: 0         BYTES    FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
rules.ref                                   File Size: 8706305   BYTES    FileVersion:  N/A            MD5: [2c0e83b10d2d38498ae31b5ea6887e2d]
swissarmy.ref                               File Size: 21891     BYTES    FileVersion:  N/A            MD5: [6213d4017bb6dc68b54e98dddd8ab5d5]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                                  File Size: 4543      BYTES    FileVersion:  N/A            MD5: [7170e911ab8425a826f58e0406107d84]
database.conf                               File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                             File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                                File Size: 578       BYTES    FileVersion:  N/A            MD5: [14d9308ff4ec5c6143a37fc37a10449c]
manifest.conf                               File Size: 2247      BYTES    FileVersion:  N/A            MD5: [027bdd2050c7a532edf3b2d82d7643bd]
marketing.conf                              File Size: 1434      BYTES    FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                    File Size: 6191      BYTES    FileVersion:  N/A            MD5: [bbb242ae1f86506305e00d8ead3d2c22]
notifications.conf                          File Size: 4         BYTES    FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                              File Size: 2279      BYTES    FileVersion:  N/A            MD5: [3cac031df87d0dc4a00956cf15796a85]
settings.conf                               File Size: 1938      BYTES    FileVersion:  N/A            MD5: [96f358cc3745eca902e8393c038aab11]
statistics.conf                             File Size: 385       BYTES    FileVersion:  N/A            MD5: [be7bf9d75ee8dc385bfb8568aa57956a]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs
protection-log-2014-10-02.xml               File Size: 3948      BYTES    FileVersion:  N/A            MD5: [bc8833168b16ccbb0a06fdcf22bd8a83]
protection-log-2014-10-03.xml               File Size: 8696      BYTES    FileVersion:  N/A            MD5: [303272e02749f1850e18969ee6c0d4e2]

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE
 

Link to post
Share on other sites

Hi:
 
You wrote:
 

The error message in the popups reads ' The beta testing period has ended and Malwarebytes anti-exploit is not protecting you anymore. Please contact us to obtain a newer version.' The popup comes eveytime I attempt to open a new browser window, either Firefox or Chrome.

That popup is for an expired beta version of a DIFFERENT Malwarebytes software product, Malwarebytes Anti-Exploit (MBAE), not for Malwarebytes Anti-Malware (MBAM). :)

 

MBAE is out of beta.

If you would like to continue to use the MBAE program, you'll want to upgrade to the latest release build.

That will stop the popups telling you that the MBAE beta version has expired. ;)

There is a Free version and a Premium, paid version.

 

MBAE has its own, dedicated area of the forum >>here<<.

There are instructions to assist with installing the latest version of MBAE >>here<<.

And more product information for MBAE here in the FAQ

Known issues for MBAE >>here<<

And here is the MBAE User Guide

If you need help with MBAE, please read the pinned topic >>here<< and then please start a new topic with the requested information in the MBAE support section >>here<<

 

Thanks,

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.