WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Probably badly infected WIN XP [Solved]

Started by CoolCat , Jan 11 2014 12:33 AM

This topic is locked

41 replies to this topic

#1 CoolCat

Silver Member

Authentic Member
498 posts

Posted 11 January 2014 - 12:33 AM

Hey all,

This is my old computer with WIN XP that my son uses to go on gaming sites. I have good reason to suspect all kinds of infections may be on here so I just did a hijackthis log and am posting. Please review and let me know what you find that shouldn't be here.

Thanks!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:28:30 AM, on 1/11/2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\AOL\1147670399\ee\AOLSoftware.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe

C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

C:\Program Files\America Online 9.0a\aoltray.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sony\My Documents\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com

O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll

O2 - BHO: Avira SearchFree Toolbar plus Web Protection BHO - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O3 - Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147670399\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe

O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Sony\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: AOL 9.1 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html

O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll

O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll

O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebo...toUploader5.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...t/PCPitStop.CAB

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab

O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.co...ne_Inst_Win.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll

O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} (Auctiva Image Uploader Control) - http://www.auctiva.c...eUploader55.cab

O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.spri...loadControl.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/b...lineScanner.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onec...lscbase6662.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1200816483562

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab

O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara....018140OneCC.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1200816457015

O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.w...ler/install.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab

O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) - http://www.rockyou.c...ageUploader.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe

O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: Spyro Portal Service (SpyroService) - Unknown owner - C:\Program Files\FS\Spyro Portal\FlashPortal.exe (file missing)

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

End of file - 14987 bytes

Advertisements

Register to Remove

#2 OCD

SuperHelper

Malware Team
5,574 posts

Posted 13 January 2014 - 03:08 PM

Hi CoolCat,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

aswMBR

Download aswMBR.exe and save it to your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

OTL

Download OTL to your desktop.

Make sure all other windows are closed and to let it run uninterrupted.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Under Custom Scan paste this in

%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
consrv.dll
services.*
/md5stop
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
dir "%systemdrive%\*" /S /A:L /C
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
BASESERVICES
DRIVES
CREATERESTOREPOINT
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
- You may need two posts to fit them both in.

=========================

In your next post please provide the following:

checkup.txt
aswMBR.txt
attach MBR.zip
OTL.txt
Extras.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days

If you are satisfied with the help you have received, please consider making a donation.

#3 CoolCat

Silver Member

Authentic Member
498 posts

Posted 13 January 2014 - 11:20 PM

MBR has been scanning for hours and still not done!

#4 CoolCat

Silver Member

Authentic Member
498 posts

Posted 14 January 2014 - 01:23 AM

I hope that's the right MBR file I am attaching. The folder part will not attach.

Here we go!

Results of screen317's Security Check version 0.99.78

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Avira AntiVir Personal - Free Antivirus

Avira SearchFree Toolbar plus Web Protection

SonicStage Mastering Studio Audio Filter Custom Preset

`````````Anti-malware/Other Utilities Check:`````````

SpyroDriver

SpyroPortalDriver

Malwarebytes Anti-Malware version 1.75.0.1300

CCleaner (remove only)

Java 7 Update 45

Adobe Flash Player 11.9.900.170

Adobe Reader 10.1.8 Adobe Reader out of Date!

Mozilla Firefox (26.0)

Google Chrome 31.0.1650.57

Google Chrome 31.0.1650.63

````````Process Check: objlist.exe by Laurent````````

America Online 9.0a aoltray.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 4%

````````````````````End of Log``````````````````````

--------------------------------------------------------------------------------------

OTL logfile created on: 1/14/2014 12:50:29 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sony\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.30% Memory free

3.83 Gb Paging File | 3.34 Gb Available in Paging File | 87.19% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 180.30 Gb Total Space | 53.00 Gb Free Space | 29.40% Space Free | Partition Type: NTFS

Drive E: | 326.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: INNUENDOES | User Name: Sony | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30

Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Sony\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)

PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC)

PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe (AOL LLC)

PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

(Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony

Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony

Corporation)

PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

PRC - C:\Program Files\America Online 9.0a\aoltray.exe (America Online, Inc.)

PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()

MOD - C:\WINDOWS\system32\msjetoledb40.dll ()

MOD - C:\Program Files\Sonic\RecordNow!\shlext.dll ()

========== Services (SafeList) ==========

SRV - (SpyroService) -- C:\Program Files\FS\Spyro Portal\FlashPortal.exe File not found

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

(Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32

\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (APNMCP) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)

SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

(Seagate Technology LLC)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated

Server\VMISrv.exe (Sony Corporation)

SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image

Converter 2\IcVzMon.exe (Sony Corporation)

SRV - (VAIO Entertainment Task Scheduler) -- C:\Program Files\Sony\vaio

entertainment\VzTaskScheduler.exe (Sony Corporation)

SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment

Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

(Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony

Shared\VAIO Entertainment

Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment

Platform\VCSW\VCSW.exe (Sony Corporation)

SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony

Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)

SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony

Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony

Corporation)

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)

SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated

Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated

Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated

Server\Platform\VmGateway.exe (Sony Corporation)

SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found

DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (Changer) -- File not found

DRV - (aswMBR) -- C:\DOCUME~1\Sony\LOCALS~1\Temp\aswMBR.sys File not found

DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor

Corp.)

DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK

provider)

DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)

DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

http://us.rd.yahoo.c...rch/search.html

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =

http://us.rd.yahoo.c...rch/search.html

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =

http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" =

http://search.yahoo....ei=utf-8&fr=ysp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" =

http://searchservice...y={searchTerms}

&type=Web&orig=IMC-IE

IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" =

http://search.yahoo....ei=utf-8&fr=ysp

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32

\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7

\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7

\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1:

C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6:

C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft

Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5:

c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft

Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program

Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program

Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program

Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program

Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program

Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program

Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint

Experience Technology\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not

found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0

\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not

found

FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program

Files\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program

Files\Mozilla Firefox\plugins [2013/12/25 12:56:21 | 000,000,000 | ---D | M]

[2009/08/05 15:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and

Settings\Sony\Application Data\Mozilla\Extensions

[2013/09/30 12:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and

Settings\Sony\Application Data\Mozilla\Firefox\Profiles\vdvxu7xx.default\extensions

[2013/12/25 12:56:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla

Firefox\extensions

[2013/12/25 12:56:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla

Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2013/12/25 12:56:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla

Firefox\browser\extensions

[2013/12/25 12:57:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla

Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}

{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}

{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}

{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?

{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}

{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63

\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63

\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63

\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows

Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

CHR - plugin: Java™ Platform SE 6 U39 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program

Files\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6

\nprpjplug.dll

CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program

Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience

Technology\npViewpoint.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32

\Macromed\Flash\NPSWF32_11_6_602_171.dll

CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: Google Wallet = C:\Documents and Settings\Sony\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2011/05/09 19:09:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32

\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program

Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)

O2 - BHO: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.

O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program

Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.

O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID

value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID

value found.

O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} -

C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)

O4 - HKLM..\Run: [CreateCD_Reminder] C:\WINDOWS\SONYSYS\VAIO Recovery\Reminder.exe (Sony

Electronics, Inc)

O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32

\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)

O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe (AOL

LLC)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent

Status\StxMenuMgr.exe (Seagate LLC)

O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony

Corporation)

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo!

Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Gamma Loader.lnk

= C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\AOL 9.1 Tray Icon.lnk =

C:\Program Files\America Online 9.0a\aoltray.exe (America Online, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun =

67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun =

67108863

O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en

-us\local\search.html ()

O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2

\menu.htm ()

O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program

Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)

O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} -

C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab

(QuickTime Object)

O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB

(VaioInfo.CMClass)

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}

http://upload.facebo...toUploader5.cab (Facebook Photo

Uploader 5 Control)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB

(PCPitstop Utility)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}

http://download.macr...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://download.ewido.net/ewidoOnlineScan.cab

(ewidoOnlineScan Control)

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A}

http://housecall65.t...ivex/hcImpl.cab (Trend

Micro ActiveX Scan Agent 6.6)

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE}

http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)

O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}

http://forms.real.co.../download.html?

f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab (Reg Error: Key error.)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!

\Common\Yinsthelper200711281.dll (Installation Support)

O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2}

http://www.auctiva.c...eUploader55.cab (Auctiva Image Uploader Control)

O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9}

http://pictures.spri...loadControl.cab (LightSurfUploadCtl Class)

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B}

http://www.eset.eu/b...lineScanner.cab (Reg Error: Key error.)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}

http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}

http://cdn.scan.onec...lscbase6662.cab (Windows Live Safety

Center Base Module)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}

http://www.update.mi...wuweb_site.cab?

1200816483562 (WUWebControl Class)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}

http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)

O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} https://as00.estara....proxyhttps.php?

a=downloads.estara.com./&hash=038ec32bd2ef1a2195536b9b7c312624&url=http%3A%2F%

2Fd.64.69.14.190.downloads.estara.com.%2Fas%

2FOneCCDM.php&template=107051&sessionid=486528149_64.69.14.190_53802&=&req=1265066018140One

CC.cab (OneCCCtl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

http://www.update.mi...muweb_site.cab?

1200816457015 (MUWebControl Class)

O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C}

http://mediaplayer.w...ler/install.cab (Reg Error: Key error.)

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}

http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab

(HouseCall Control)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}

http://download.eset...lineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}

http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel

Class)

O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F}

http://www.rockyou.c...ageUploader.cab (RockYou Image Uploader Control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}

http://download.macr...ash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}

http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6085DEC8-6031-4484-BB3A-

A6E668A7E818}: DhcpNameServer = 97.64.183.164 97.64.209.37

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32

\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI

Technologies Inc.)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel

Corporation)

O24 - Desktop WallPaper: C:\Documents and Settings\Sony\Application Data\Microsoft\Internet

Explorer\Internet Explorer Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sony\Application Data\Microsoft\Internet

Explorer\Internet Explorer Wallpaper.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/03/02 18:57:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O35 - HKCU\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte

Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/14 00:48:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and

Settings\Sony\Desktop\OTL.exe

[2014/01/13 20:23:14 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and

Settings\Sony\Desktop\aswMBR.exe

[2014/01/02 16:11:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sony\IECompatCache

[2013/12/30 09:37:39 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2013/12/30 09:37:39 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2013/12/30 09:37:23 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2013/12/30 09:37:23 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2013/12/30 09:37:23 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32

\WindowsAccessBridge.dll

[2013/12/30 09:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start

Menu\Programs\Java

[2013/12/25 12:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/12/19 15:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application

Data\Viewpoint

[2013/12/19 15:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint

[2009/08/05 15:22:03 | 008,050,536 | ---- | C] (Mozilla) -- C:\Program Files\Firefox+Setup+3[2].5.2.exe

[2006/05/24 17:29:33 | 037,311,488 | ---- | C] (Apple Computer, Inc. ) --

C:\Program Files\iTunesSetup.exe

[2006/02/19 22:11:35 | 001,931,216 | ---- | C] (Sony Corporation ) -- C:\Program

Files\SetupSonyDownloadTaxi.exe

[2006/02/15 22:17:34 | 010,420,936 | ---- | C] (Microsoft Corporation) -- C:\Program Files\xlviewer.exe

[2006/02/15 22:04:58 | 012,307,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wdviewer.exe

[2006/02/15 22:01:34 | 001,951,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ppviewer.exe

[2006/02/15 21:55:41 | 002,817,536 | ---- | C] (Citrix Systems, Inc.) -- C:\Program Files\ica32t.exe

[2006/02/15 21:54:50 | 007,789,851 | ---- | C] (Xstream Software Inc. ) --

C:\Program Files\rpv40plgIEu.exe

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Sony\Desktop\CAMX7RDS.

File not found -- C:\Documents and Settings\Sony\Desktop\CAKUKLW1.

File not found -- C:\Documents and Settings\Sony\Desktop\CAK9EN0L.

File not found -- C:\Documents and Settings\Sony\Desktop\CAGFQ5EN.

File not found -- C:\Documents and Settings\Sony\Desktop\CAC16RCP.

File not found -- C:\Documents and Settings\Sony\Desktop\CAADYT81.

[2014/01/14 00:48:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and

Settings\Sony\Desktop\OTL.exe

[2014/01/14 00:47:58 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\MBR.zip

[2014/01/14 00:44:29 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\MBR.dat

[2014/01/14 00:38:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2014/01/14 00:22:53 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2014/01/13 20:23:30 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and

Settings\Sony\Desktop\aswMBR.exe

[2014/01/13 20:17:43 | 000,987,410 | ---- | M] () -- C:\Documents and

Settings\Sony\Desktop\SecurityCheck.exe

[2014/01/13 18:28:10 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2014/01/13 18:27:36 | 000,000,878 | ---- | M] () --

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2014/01/13 18:27:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2014/01/02 16:19:43 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\Sony\My Documents\Meds I

Take-new.rtx

[2013/12/17 13:29:36 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/12/16 21:38:59 | 000,051,294 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\Untitled-1

copy.jpg

[2013/12/16 21:38:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32

\FlashPlayerApp.exe

[2013/12/16 21:38:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32

\FlashPlayerCPLApp.cpl

[2013/12/16 21:35:30 | 000,269,447 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\package

pickup.jpg

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Sony\Desktop\CAMX7RDS.

File not found -- C:\Documents and Settings\Sony\Desktop\CAKUKLW1.

File not found -- C:\Documents and Settings\Sony\Desktop\CAK9EN0L.

File not found -- C:\Documents and Settings\Sony\Desktop\CAGFQ5EN.

File not found -- C:\Documents and Settings\Sony\Desktop\CAC16RCP.

File not found -- C:\Documents and Settings\Sony\Desktop\CAADYT81.

[2014/01/14 00:47:57 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\MBR.zip

[2014/01/14 00:44:29 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\MBR.dat

[2014/01/13 20:17:41 | 000,987,410 | ---- | C] () -- C:\Documents and

Settings\Sony\Desktop\SecurityCheck.exe

[2013/12/16 21:36:31 | 000,051,294 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\Untitled-1

copy.jpg

[2013/12/16 21:35:25 | 000,269,447 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\package

pickup.jpg

[2012/02/17 19:04:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/04/25 17:36:15 | 000,013,436 | -HS- | C] () -- C:\Documents and Settings\Sony\Local

Settings\Application Data\728d8r8641b7v7slg6xd5614lw38o

[2011/04/25 17:36:15 | 000,013,436 | -HS- | C] () -- C:\Documents and Settings\All Users\Application

Data\728d8r8641b7v7slg6xd5614lw38o

[2011/03/29 21:33:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sony\Application

Data\protectionwin.ini

[2010/06/07 09:06:00 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local

Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/21 03:41:29 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local

Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/11/24 14:46:20 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application

Data\QTSBandwidthCache

[2007/05/28 09:42:17 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Sony\presets.ini

[2006/06/05 19:58:32 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application

Data\addr_file.html

[2006/02/18 01:33:56 | 000,058,368 | ---- | C] () -- C:\Program Files\MFInstall.exe

[2006/01/28 20:30:32 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\Sony\Local

Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005/07/28 18:25:54 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Sony\Application

Data\PFP120JPR.{PB

[2005/07/28 18:25:54 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Sony\Application

Data\PFP120JCM.{PB

========== ZeroAccess Check ==========

[2005/03/02 20:32:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}

\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}

\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}

\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2013/07/31 22:17:51 | 001,510,400 | ---- | M] (Microsoft

Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}

\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M]

(Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}

\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M]

(Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/21 22:30:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\AskPartnerNetwork

[2008/03/06 01:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\Grisoft

[2010/08/24 11:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\magicJack

[2008/01/15 00:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\PCPitstop

[2009/11/06 09:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\Seagate

[2009/01/27 03:57:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\TEMP

[2008/05/25 23:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\Uniblue

[2013/12/19 15:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application

Data\Viewpoint

[2006/07/08 16:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\BitTorrent

[2010/07/09 00:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\BitZipper

[2009/01/21 19:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\DeepBurner

[2006/09/23 22:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\ICAClient

[2006/03/21 12:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application Data\Image

Zone Express

[2005/03/07 18:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\InterMute

[2006/08/04 21:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\Leadertech

[2012/03/03 04:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\mjusbsp

[2008/05/25 23:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\Uniblue

[2008/05/21 06:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application Data\W

Photo Studio Viewer

[2006/06/04 22:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sony\Application

Data\WholeSecurity

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.EX_ >

[2004/08/04 06:00:00 | 000,359,533 | ---- | M] () MD5=4F061B12F3D5457315A0314954E7EF46 --

C:\WINDOWS\I386\EXPLORER.EX_

< MD5 for: EXPLORER.EXE >

[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)

MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe

[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)

MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe

[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)

MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[2007/06/13 05:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation)

MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828

\SP2QFE\explorer.exe

[2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation)

MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2004/08/04 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation)

MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: EXPLORER.REG >

[1996/04/10 08:45:36 | 000,000,125 | ---- | M] () MD5=47C84EB676785FB5F2AB9AAB82A7B924 --

C:\Documents and Settings\Sony\My Documents\Aptiva D drive\Program

Files\NETSCAPE\Navigator\PROGRAM\EXPLORER.REG

[1996/04/10 08:45:36 | 000,000,125 | ---- | M] () MD5=47C84EB676785FB5F2AB9AAB82A7B924 --

C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My Documents\Aptiva D drive\Program

Files\NETSCAPE\Navigator\PROGRAM\EXPLORER.REG

< MD5 for: EXPLORER.SC_ >

[2004/08/04 06:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 --

C:\WINDOWS\I386\EXPLORER.SC_

< MD5 for: EXPLORER.SCF >

[2004/08/04 06:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 --

C:\WINDOWS\explorer.scf

< MD5 for: IEXPLORE.CH_ >

[2004/08/04 06:00:00 | 000,199,077 | ---- | M] () MD5=5F64795662F162CCD8B30969B6682029 --

C:\WINDOWS\I386\IEXPLORE.CH_

< MD5 for: IEXPLORE.CHM >

[2009/02/21 00:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D --

C:\WINDOWS\Help\iexplore.chm

[2004/08/04 06:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE --

C:\WINDOWS\ie8\iexplore.chm

< MD5 for: IEXPLORE.EX_ >

[2004/08/04 06:00:00 | 000,037,895 | ---- | M] () MD5=F83009589844F0C30801CC2221F06AB9 --

C:\WINDOWS\I386\IEXPLORE.EX_

< MD5 for: IEXPLORE.EXE >

[2008/04/13 18:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation)

MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ERDNT\cache\iexplore.exe

[2008/04/13 18:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation)

MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ie8\iexplore.exe

[2008/04/13 18:12:22 | 000,093,184 | ---- | M] (Microsoft Corporation)

MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe

[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC --

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe

[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe

[2003/06/26 03:22:36 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=DCC58E2629A734DE06CACA3B6E119F6A -- C:\Documents and Settings\Sony\My Documents\Aptiva D

drive\Program Files\Internet Explorer\IEXPLORE.EXE

[2003/06/26 03:22:36 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=DCC58E2629A734DE06CACA3B6E119F6A -- C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My

Documents\Aptiva D drive\Program Files\Internet Explorer\IEXPLORE.EXE

[2004/08/04 06:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)

MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >

[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation)

MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-

US\iexplore.exe.mui

[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation)

MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui

< MD5 for: IEXPLORE.HL_ >

[2004/08/04 06:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 --

C:\WINDOWS\I386\IEXPLORE.HL_

< MD5 for: IEXPLORE.HLP >

[2004/08/04 06:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 --

C:\WINDOWS\Help\iexplore.hlp

< MD5 for: IEXPLORE.LNK >

[2003/10/28 20:42:28 | 000,000,422 | ---- | M] () MD5=15A14D015D5733EDB776B555407BF5E5 --

C:\Documents and Settings\Sony\My Documents\Aptiva D drive\D2\My Documents\Iexplore.lnk

[2003/10/28 20:42:28 | 000,000,422 | ---- | M] () MD5=15A14D015D5733EDB776B555407BF5E5 --

C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My Documents\Aptiva D drive\D2\My Documents\Iexplore.lnk

< MD5 for: IEXPLORE.RB0 >

[2003/06/05 23:32:34 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=2176C911434405C1876C4E944673EC0B -- C:\Documents and Settings\Sony\My Documents\Aptiva D

drive\Program Files\Internet Explorer\IEXPLORE.RB0

[2003/06/05 23:32:34 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=2176C911434405C1876C4E944673EC0B -- C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My

Documents\Aptiva D drive\Program Files\Internet Explorer\IEXPLORE.RB0

< MD5 for: IEXPLORE.RB1 >

[2003/06/05 23:32:38 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=EE87DF664CC9E76530AEBC827D26BE4D -- C:\Documents and Settings\Sony\My Documents\Aptiva D

drive\Program Files\Internet Explorer\IEXPLORE.RB1

[2003/06/05 23:32:38 | 000,077,824 | ---- | M] (Microsoft Corporation)

MD5=EE87DF664CC9E76530AEBC827D26BE4D -- C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My

Documents\Aptiva D drive\Program Files\Internet Explorer\IEXPLORE.RB1

< MD5 for: SERVICES >

[2004/08/04 06:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A --

C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >

[2004/08/04 06:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 --

C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.BMP >

[2001/03/13 20:14:56 | 000,005,030 | ---- | M] () MD5=FDBB222415C2E2A4129C60B3133C2E0E --

C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Hpbiz\services.bmp

< MD5 for: SERVICES.CFG >

[2013/09/03 07:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B --

C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg

[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E --

C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0

\services.cfg

< MD5 for: SERVICES.EX_ >

[2004/08/04 06:00:00 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 --

C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >

[2009/02/06 05:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572

\SP3QFE\services.exe

[2008/04/13 18:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation)

MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

[2008/04/13 18:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation)

MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

[2009/02/06 11:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

[2009/02/06 04:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572

\SP2QFE\services.exe

[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572

\SP3GDR\services.exe

[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe

[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe

[2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation)

MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

[2004/08/04 06:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation)

MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SERVICES.LNK >

[2008/01/15 01:26:47 | 000,001,602 | ---- | M] () MD5=2CFBE09464C644DE3913D8B78D45587B --

C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MS_ >

[2004/08/04 06:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 --

C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >

[2004/08/04 06:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 --

C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.SBS >

[2009/04/21 07:31:26 | 000,030,071 | ---- | M] () MD5=9854E774E85E3F84A2E7A74675697632 --

C:\Documents and Settings\Sony\My Documents\Anti-Virus & Ant iSpyware\Spybot - Search &

Destroy\Includes\Services.sbs

[2009/04/21 07:31:26 | 000,030,071 | ---- | M] () MD5=9854E774E85E3F84A2E7A74675697632 --

C:\HelpAsst_backup\C\DOCUME~1\HELPAS~1\My Documents\Anti-Virus & Ant iSpyware\Spybot - Search &

Destroy\Includes\Services.sbs

[2008/09/01 08:32:32 | 000,069,189 | ---- | M] () MD5=E9D50DBAC63DBED9C6CD2AA4812C0B66 --

C:\AntiVirus&AntiSpyware\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: WINLOGON.EX_ >

[2004/08/04 06:00:00 | 000,261,115 | ---- | M] () MD5=F41C4F5745589D0BB8268C02B71594CA --

C:\WINDOWS\I386\WINLOGON.EX_

< MD5 for: WINLOGON.EXE >

[2004/08/04 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation)

MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC --

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)

MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe

[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)

MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation)

MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %SYSTEMDRIVE%\*.* >

[2005/12/27 14:13:16 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe

[2005/12/27 14:13:16 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt

[2005/03/02 18:57:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2008/05/25 22:53:54 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/02/03 16:55:23 | 000,000,281 | RHS- | M] () -- C:\boot.ini

[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr

[2005/03/02 18:57:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2006/06/11 22:23:45 | 000,000,127 | ---- | M] () -- C:\CountCyclesWMVDecLog.txt

[2007/11/05 02:00:51 | 000,023,450 | ---- | M] () -- C:\drwtsn32.log

[2009/01/11 14:53:17 | 000,000,462 | ---- | M] () -- C:\FileLook.txt

[2011/05/03 20:14:06 | 000,004,900 | ---- | M] () -- C:\HelpAsst.log

[2007/07/01 23:45:17 | 000,000,164 | ---- | M] () -- C:\install.dat

[2006/06/11 01:49:26 | 000,000,441 | ---- | M] () -- C:\INSTALL.LOG

[2009/10/03 14:31:55 | 001,962,544 | ---- | M] (Adobe Systems Incorporated) --

C:\install_flash_player_ax.exe

[2005/03/02 18:57:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/01/15 01:57:33 | 000,007,292 | ---- | M] () -- C:\JavaRa.log

[2009/11/05 12:57:11 | 000,714,528 | ---- | M] (Sun Microsystems, Inc.) -- C:\JavaSetup6u17-rv.exe

[2010/06/08 04:10:19 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt

[2005/03/02 18:57:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2009/07/11 09:51:26 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2009/05/07 08:12:46 | 000,262,144 | ---- | M] () -- C:\ntuser.dat

[2009/05/07 08:12:46 | 000,001,024 | -H-- | M] () -- C:\ntuser.dat.LOG

[2014/01/13 18:27:10 | 2137,759,744 | -HS- | M] () -- C:\pagefile.sys

[2007/01/07 22:23:27 | 000,587,808 | ---- | M] () -- C:\sweb_install.log

[2009/01/21 09:55:38 | 000,087,040 | ---- | M] () -- C:\VETlog.dmp

[2009/01/21 09:55:38 | 000,087,375 | ---- | M] () -- C:\VETlog.txt

[2009/01/21 22:48:11 | 000,016,299 | ---- | M] () -- C:\WMIDIAG-

V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03-REPORT.TXT

[2009/01/21 22:48:11 | 000,000,567 | ---- | M] () -- C:\WMIDIAG-

V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03-STATISTICS.CSV

[2009/01/21 23:29:18 | 001,518,791 | ---- | M] () -- C:\WMIDIAG-

V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03.LOG

[2009/01/21 23:27:04 | 000,148,002 | ---- | M] () -- C:\WMIDIAG-

V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03.zip

[2006/12/02 21:00:12 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2005/03/02 18:56:41 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32

\spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2005/04/08 19:43:36 | 000,067,072 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32

\spool\prtprocs\w32x86\hpzpp3xu.dll

[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32

\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2009/08/05 15:24:07 | 008,050,536 | ---- | M] (Mozilla) -- C:\Program Files\Firefox+Setup+3[2].5.2.exe

[2006/02/15 21:55:41 | 002,817,536 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\ica32t.exe

[2006/05/24 17:29:38 | 037,311,488 | ---- | M] (Apple Computer, Inc. ) --

C:\Program Files\iTunesSetup.exe

[2006/02/18 01:33:56 | 000,058,368 | ---- | M] () -- C:\Program Files\MFInstall.exe

[2006/02/15 22:02:12 | 001,951,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\ppviewer.exe

[2006/02/15 21:54:50 | 007,789,851 | ---- | M] (Xstream Software Inc. ) --

C:\Program Files\rpv40plgIEu.exe

[2006/02/19 22:11:45 | 001,931,216 | ---- | M] (Sony Corporation ) --

C:\Program Files\SetupSonyDownloadTaxi.exe

[2006/02/15 22:05:05 | 012,307,656 | ---- | M] (Microsoft Corporation) -- C:\Program Files\wdviewer.exe

[2006/02/15 22:17:34 | 010,420,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files\xlviewer.exe

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >

Volume in drive C has no label.

Volume Serial Number is 647A-403C

Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices

10/14/2013 06:29 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a

0 File(s) 0 bytes

Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote

10/14/2013 06:28 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a

0 File(s) 0 bytes

Total Files Listed:

0 File(s) 0 bytes

2 Dir(s) 56,877,867,008 bytes free

< %systemroot%\System32\config\*.sav >

[2005/03/02 10:49:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2005/03/02 10:49:28 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2005/03/02 10:49:28 | 000,909,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

[2009/07/11 10:02:31 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start

Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2009/07/11 10:59:51 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Sony\Application

Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

[2009/07/11 10:59:51 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Sony\Application

Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

[2014/01/13 20:23:30 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and

Settings\Sony\Desktop\aswMBR.exe

[2013/09/22 19:03:54 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and

Settings\Sony\Desktop\IE8-WindowsXP-x86-ENU.exe

[2013/09/22 04:02:53 | 001,030,038 | ---- | M] (Thisisu) -- C:\Documents and

Settings\Sony\Desktop\JRT.exe

[2014/01/14 00:48:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and

Settings\Sony\Desktop\OTL.exe

[2014/01/13 20:17:43 | 000,987,410 | ---- | M] () -- C:\Documents and

Settings\Sony\Desktop\SecurityCheck.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto

Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto

Update\Results\Install\\LastSuccessTime: 2014-01-12 19:58:55

========== Base Services ==========

SRV - [2008/04/13 18:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\alg.exe -- (ALG)

SRV - [2008/04/13 18:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)

SRV - [2008/04/13 18:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\qmgr.dll -- (BITS)

SRV - [2012/07/06 07:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] --

C:\WINDOWS\system32\browser.dll -- (Browser)

SRV - [2008/04/13 18:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)

SRV - [2008/04/13 18:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)

SRV - [2009/04/20 11:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)

SRV - [2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\services.exe -- (Eventlog)

SRV - [2008/04/13 18:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\eapsvc.dll -- (EapHost)

SRV - [2009/07/27 17:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)

SRV - [2008/04/13 18:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)

SRV - [2008/04/13 18:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\hidserv.dll -- (HidServ)

SRV - [2008/04/13 18:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\imapi.exe -- (ImapiService)

SRV - [2008/04/13 18:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)

SRV - [2008/04/13 18:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] --

C:\WINDOWS\system32\dmserver.dll -- (dmserver)

SRV - [2008/04/13 18:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand |

Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)

SRV - [2008/04/13 18:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\System32\dllhost.exe -- (SwPrv)

SRV - [2008/04/13 18:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\lsass.exe -- (Netlogon)

SRV - [2008/04/13 18:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\netman.dll -- (Netman)

SRV - [2008/06/20 10:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\mswsock.dll -- (Nla)

SRV - [2009/02/06 05:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\services.exe -- (PlugPlay)

SRV - [2010/08/17 07:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\spoolsv.exe -- (Spooler)

SRV - [2008/04/13 18:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)

SRV - [2008/04/13 18:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\rasauto.dll -- (RasAuto)

SRV - [2008/04/13 18:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\rasmans.dll -- (RasMan)

SRV - [2009/02/09 06:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\rpcss.dll -- (RpcSs)

SRV - [2008/04/13 18:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)

SRV - [2008/04/13 18:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\seclogon.dll -- (seclogon)

SRV - [2008/04/13 18:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\lsass.exe -- (SamSs)

SRV - [2008/04/13 18:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)

SRV - [2010/08/26 23:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)

SRV - [2009/07/27 17:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)

SRV - [2008/04/13 18:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\srsvc.dll -- (srservice)

SRV - [2008/04/13 18:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\schedsvc.dll -- (Schedule)

SRV - [2008/04/13 18:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)

SRV - [2008/04/13 18:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] --

C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)

SRV - [2008/04/13 18:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\termsrv.dll -- (TermService)

SRV - [2009/07/27 17:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\shsvcs.dll -- (Themes)

SRV - [2008/04/13 18:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\vssvc.exe -- (VSS)

SRV - [2008/04/13 18:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)

SRV - [2008/04/13 18:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)

SRV - [2008/04/13 18:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wiaservc.dll -- (stisvc)

SRV - [2008/04/13 18:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\System32\msiexec.exe -- (MSIServer)

SRV - [2008/04/13 18:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)

No service found with a name of Wmi

SRV - [2008/04/13 18:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] --

C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)

SRV - [2008/04/13 18:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)

SRV - [2009/06/10 00:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] --

C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)

========== Drive Information ==========

Physical Drives

---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media

Interface type: IDE

Media Type: Fixed\thard disk media

Model: ST3200822AS

Partitions: 2

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -

Interface type: USB

Media Type:

Model: Sony MS Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -

Interface type: USB

Media Type:

Model: Sony CF Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -

Interface type: USB

Media Type:

Model: Sony SM/xD Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -

Interface type: USB

Media Type:

Model: Sony SD/MMC Reader USB Device

Partitions: 0

Status: OK

Status Info: 0

Partitions

---------------

DeviceID: Disk #0, Partition #0

PartitionType: Unknown

Bootable: False

BootPartition: False

PrimaryPartition: True

Size: 6.00GB

Starting Offset: 32256

Hidden sectors: 0

DeviceID: Disk #0, Partition #1

PartitionType: Installable File System

Bootable: True

BootPartition: True

PrimaryPartition: True

Size: 180.00GB

Starting Offset: 6448619520

Hidden sectors: 0

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WMIDIAG-

V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03.LOG:SummaryInformation

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My

Documents\terriffic.rtx:SummaryInformation

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My Documents\Running scandisk

etc.rtf:SummaryInformation

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My

Documents\DisableAOLDSL.exe:SummaryInformation

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application

Data\TEMP:5C321E34

< End of report >

MBR.zip 513bytes 188 downloads

#5 CoolCat

Silver Member

Authentic Member
498 posts

Posted 14 January 2014 - 01:24 AM

OTL logfile created on: 1/14/2014 12:50:29 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Sony\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 69.30% Memory free

3.83 Gb Paging File | 3.34 Gb Available in Paging File | 87.19% Paging File free

Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 180.30 Gb Total Space | 53.00 Gb Free Space | 29.40% Space Free | Partition Type: NTFS

Drive E: | 326.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: INNUENDOES | User Name: Sony | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Sony\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)

PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC)

PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe (AOL LLC)

PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

PRC - C:\Program Files\America Online 9.0a\aoltray.exe (America Online, Inc.)

PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()

MOD - C:\WINDOWS\system32\msjetoledb40.dll ()

MOD - C:\Program Files\Sonic\RecordNow!\shlext.dll ()

========== Services (SafeList) ==========

SRV - (SpyroService) -- C:\Program Files\FS\Spyro Portal\FlashPortal.exe File not found

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (APNMCP) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APN LLC.)

SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)

SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)

SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)

SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)

SRV - (VAIO Entertainment Task Scheduler) -- C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe (Sony Corporation)

SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)

SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)

SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)

SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)

SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)

SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)

SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)

SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)

SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)

SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)

SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found

DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys File not found

DRV - (PDRFRAME) -- File not found

DRV - (PDRELI) -- File not found

DRV - (PDFRAME) -- File not found

DRV - (PDCOMP) -- File not found

DRV - (PCIDump) -- File not found

DRV - (lbrtfdc) -- File not found

DRV - (i2omgmt) -- File not found

DRV - (Changer) -- File not found

DRV - (aswMBR) -- C:\DOCUME~1\Sony\LOCALS~1\Temp\aswMBR.sys File not found

DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)

DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)

DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\SearchScopes,DefaultScope =

IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice...Web&orig=IMC-IE

IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: File not found

FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/12/25 12:56:21 | 000,000,000 | ---D | M]

[2009/08/05 15:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sony\Application Data\Mozilla\Extensions

[2013/09/30 12:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sony\Application Data\Mozilla\Firefox\Profiles\vdvxu7xx.default\extensions

[2013/12/25 12:56:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/12/25 12:56:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2013/12/25 12:56:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013/12/25 12:57:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll