Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91600 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Probably badly infected WIN XP [Solved]


  • This topic is locked This topic is locked
41 replies to this topic

#31 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 05 February 2014 - 09:55 PM

Hi CoolCat,

You have to read the instructions that are presented within the Avast window.

For each item found, you need to select the action you would like to take, then click Apply.

The window you posted says the Automatic fix will try and repair the file first. If that is not possible, it proceeds to move the file to the Chest (quarantining it). If that fails as well, it deletes the file.

So if the item listed is malware you might want to see what other options the drop down arrow offers, and make you selection accordingly. If malware, I would suggest moving it to the Chest or deleting it outright.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

    Advertisements

Register to Remove


#32 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 08 February 2014 - 09:32 AM

Hi CoolCat,

Just checking in to see if you still need help?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#33 CoolCat

CoolCat

    Silver Member

  • Authentic Member
  • PipPipPip
  • 498 posts

Posted 09 February 2014 - 12:29 AM

I couldn't see anything in a drop-down menu.  Like I had said, that monitor's color is so faint, I can barely read anything on it and somehow my son has reset somethng to where I can't even see or find the task bar, but I can see the tops of a few icons in it so I know it's there.  I can't grab it or drag it back up and the sides are cut off and there's a black background behind the photo I used as the desktop.  

 

So, I just told Avast to go ahead and delete the malware or whatever it was because it said it was serious.   It had something to do with my AOL program, though, so that worries me.  I don't want to lose my software on there. 

 

Avast had me reboot the computer and when I went back in the room it was stalled, waiting on me with a big blue screen and odd messages on a DOS screen but I tried to copy via print screen but it didn't work as the computer was not fully booted up. So that's how it stands.

 

I got online with AOL and it seemed to work ok.  I have a desktop full of programs that were for diagnosing everything that I'd like to get rid of.  LOL!

 

Thanks!



#34 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 09 February 2014 - 01:15 AM

Hi CoolCat,
 

Avast had me reboot the computer and when I went back in the room it was stalled, waiting on me with a big blue screen and odd messages on a DOS screen but I tried to copy via print screen but it didn't work as the computer was not fully booted up.


If this issue occurs again, rather than try and get a screen shot, write down the error message and post in your next reply.
 

I have a desktop full of programs that were for diagnosing everything that I'd like to get rid of.


Are you referring to the tools I've had you download? If so, be assured we will remove them at the conclusion of the process.

=========================

bullseye_zpse9eaf36e.gif Re-run OTL (it should be located on your desktop).

Windows Vista and Windows 7 & 8 users Right Click and select "Run as Administrator" on the icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Uncheck the boxes beside LOP Check and Purity Check.
  • Under Extra Registry section, select Use SafeList <-- important
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.
=========================

In your next post please provide the following:
  • OTL.txt
  • Extras.txt
  • Answers to the questions asked.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#35 CoolCat

CoolCat

    Silver Member

  • Authentic Member
  • PipPipPip
  • 498 posts

Posted 10 February 2014 - 08:31 AM

OTL logfile created on: 2/9/2014 5:35:26 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Sony\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 66.67% Memory free
3.83 Gb Paging File | 3.28 Gb Available in Paging File | 85.50% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.30 Gb Total Space | 51.09 Gb Free Space | 28.33% Space Free | Partition Type: NTFS
Drive E: | 326.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: INNUENDOES | User Name: Sony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Sony\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
PRC - C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate LLC)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\America Online 9.0a\aoltray.exe (America Online, Inc.)
PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\AVAST Software\Avast\defs\14020902\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\14020800\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SpyroService) -- C:\Program Files\FS\Spyro Portal\FlashPortal.exe File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (FreeAgentGoNext Service) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VAIO Entertainment Task Scheduler) -- C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswmonflt.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows ® Server 2003 DDK provider)
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice...Web&orig=IMC-IE
IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/02 22:23:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/12/25 12:56:21 | 000,000,000 | ---D | M]
 
[2009/08/05 15:25:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sony\Application Data\Mozilla\Extensions
[2013/09/30 12:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sony\Application Data\Mozilla\Firefox\Profiles\vdvxu7xx.default\extensions
[2013/12/25 12:56:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/25 12:56:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/12/25 12:56:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/25 12:57:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U39 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: avast! Online Security = C:\Documents and Settings\Sony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Sony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
 
O1 HOSTS File: ([2011/05/09 19:09:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CreateCD_Reminder] C:\WINDOWS\SONYSYS\VAIO Recovery\Reminder.exe (Sony Electronics, Inc)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VAIO Update 3] C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\AOL 9.1 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe (America Online, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AOL Toolbar 5.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll (Yahoo! Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://download.ewid...oOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.t...ivex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} http://forms.real.co...ne_Inst_Win.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} http://www.auctiva.c...eUploader55.cab (Auctiva Image Uploader Control)
O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} http://pictures.spri...loadControl.cab (LightSurfUploadCtl Class)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6662.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1200816483562 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} https://as00.estara....018140OneCC.cab (OneCCCtl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1200816457015 (MUWebControl Class)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.w...ler/install.cab (Reg Error: Key error.)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai...all/xscan53.cab (HouseCall Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} http://www.rockyou.c...ageUploader.cab (RockYou Image Uploader Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6085DEC8-6031-4484-BB3A-A6E668A7E818}: DhcpNameServer = 97.64.183.164 97.64.209.37
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Sony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/03/02 18:57:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/02/08 23:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2014/02/08 23:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2014/02/02 22:26:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sony\Application Data\AVAST Software
[2014/02/02 22:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/02/02 22:23:32 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/02/02 22:23:30 | 000,775,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/02/02 22:23:29 | 000,410,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/02/02 22:23:26 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/02/02 22:23:25 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/02/02 22:23:19 | 000,270,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/02/02 22:23:07 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/02/02 22:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/02/02 22:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/01/29 01:16:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sony\Local Settings\Application Data\VS Revo Group
[2014/01/29 01:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2014/01/29 01:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS Revo Group
[2014/01/29 01:15:51 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2014/01/29 01:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/01/29 01:07:42 | 010,619,688 | ---- | C] (VS Revo Group                                               ) -- C:\Documents and Settings\Sony\Desktop\RevoUninProSetup.exe
[2014/01/26 01:54:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/01/26 01:53:47 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Sony\Desktop\esetsmartinstaller_enu.exe
[2014/01/26 01:27:29 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Sony\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/24 07:14:30 | 001,037,068 | ---- | C] (Thisisu) -- C:\Documents and Settings\Sony\Desktop\JRT (1).exe
[2014/01/24 04:42:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/14 01:48:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sony\PrivacIE
[2014/01/14 00:48:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sony\Desktop\OTL.exe
[2014/01/13 20:23:14 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Sony\Desktop\aswMBR.exe
[2009/08/05 15:22:03 | 008,050,536 | ---- | C] (Mozilla) -- C:\Program Files\Firefox+Setup+3[2].5.2.exe
[2006/05/24 17:29:33 | 037,311,488 | ---- | C] (Apple Computer, Inc.                                      ) -- C:\Program Files\iTunesSetup.exe
[2006/02/19 22:11:35 | 001,931,216 | ---- | C] (Sony Corporation                                            ) -- C:\Program Files\SetupSonyDownloadTaxi.exe
[2006/02/15 22:17:34 | 010,420,936 | ---- | C] (Microsoft Corporation) -- C:\Program Files\xlviewer.exe
[2006/02/15 22:04:58 | 012,307,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wdviewer.exe
[2006/02/15 22:01:34 | 001,951,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ppviewer.exe
[2006/02/15 21:55:41 | 002,817,536 | ---- | C] (Citrix Systems, Inc.) -- C:\Program Files\ica32t.exe
[2006/02/15 21:54:50 | 007,789,851 | ---- | C] (Xstream Software Inc.                                       ) -- C:\Program Files\rpv40plgIEu.exe
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Documents and Settings\Sony\Desktop\CAMX7RDS.
File not found -- C:\Documents and Settings\Sony\Desktop\CAKUKLW1.
File not found -- C:\Documents and Settings\Sony\Desktop\CAK9EN0L.
File not found -- C:\Documents and Settings\Sony\Desktop\CAGFQ5EN.
File not found -- C:\Documents and Settings\Sony\Desktop\CAC16RCP.
File not found -- C:\Documents and Settings\Sony\Desktop\CAADYT81.
[2014/02/09 17:38:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/09 17:26:33 | 000,000,360 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/02/09 17:23:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/09 17:22:49 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/09 17:22:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/08 21:22:44 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/05 21:43:26 | 000,114,717 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\virus maybe.jpg
[2014/02/05 10:24:00 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmonflt.sys
[2014/02/05 01:38:40 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/02/05 01:38:40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/02/03 21:29:59 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/02/02 22:24:57 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/02/02 22:23:14 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014/02/02 22:23:14 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/02 22:23:14 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/02/02 22:23:13 | 000,410,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014/02/02 22:23:13 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014/02/02 22:23:13 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/02/02 22:23:07 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/02/02 22:23:07 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/01/31 21:35:12 | 000,386,981 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\avira removal 2.jpg
[2014/01/31 21:33:43 | 000,142,644 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\avira removal 1.jpg
[2014/01/29 01:16:03 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2014/01/29 01:07:55 | 010,619,688 | ---- | M] (VS Revo Group                                               ) -- C:\Documents and Settings\Sony\Desktop\RevoUninProSetup.exe
[2014/01/26 01:54:04 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Sony\Desktop\esetsmartinstaller_enu.exe
[2014/01/26 01:29:05 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/26 01:27:39 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Sony\Desktop\mbam-setup-1.75.0.1300.exe
[2014/01/24 07:14:34 | 001,037,068 | ---- | M] (Thisisu) -- C:\Documents and Settings\Sony\Desktop\JRT (1).exe
[2014/01/24 06:31:08 | 001,236,282 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\AdwCleaner.exe
[2014/01/24 04:31:12 | 000,039,066 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\error.jpg
[2014/01/14 00:48:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sony\Desktop\OTL.exe
[2014/01/14 00:47:58 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\MBR.zip
[2014/01/14 00:44:29 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\MBR.dat
[2014/01/13 20:23:30 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Sony\Desktop\aswMBR.exe
[2014/01/13 20:17:43 | 000,987,410 | ---- | M] () -- C:\Documents and Settings\Sony\Desktop\SecurityCheck.exe
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Documents and Settings\Sony\Desktop\CAMX7RDS.
File not found -- C:\Documents and Settings\Sony\Desktop\CAKUKLW1.
File not found -- C:\Documents and Settings\Sony\Desktop\CAK9EN0L.
File not found -- C:\Documents and Settings\Sony\Desktop\CAGFQ5EN.
File not found -- C:\Documents and Settings\Sony\Desktop\CAC16RCP.
File not found -- C:\Documents and Settings\Sony\Desktop\CAADYT81.
[2014/02/05 21:43:19 | 000,114,717 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\virus maybe.jpg
[2014/02/02 22:24:57 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/02/02 22:24:26 | 000,000,360 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/02/02 22:23:31 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/02 22:23:27 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/01/31 21:35:10 | 000,386,981 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\avira removal 2.jpg
[2014/01/31 21:33:36 | 000,142,644 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\avira removal 1.jpg
[2014/01/29 01:16:03 | 000,000,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2014/01/24 06:31:04 | 001,236,282 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\AdwCleaner.exe
[2014/01/24 04:31:08 | 000,039,066 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\error.jpg
[2014/01/14 00:47:57 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\MBR.zip
[2014/01/14 00:44:29 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\MBR.dat
[2014/01/13 20:17:41 | 000,987,410 | ---- | C] () -- C:\Documents and Settings\Sony\Desktop\SecurityCheck.exe
[2012/02/17 19:04:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/04/25 17:36:15 | 000,013,436 | -HS- | C] () -- C:\Documents and Settings\Sony\Local Settings\Application Data\728d8r8641b7v7slg6xd5614lw38o
[2011/04/25 17:36:15 | 000,013,436 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\728d8r8641b7v7slg6xd5614lw38o
[2011/03/29 21:33:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Sony\Application Data\protectionwin.ini
[2010/06/07 09:06:00 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/21 03:41:29 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/24 14:46:20 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/28 09:42:17 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Sony\presets.ini
[2006/06/05 19:58:32 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2006/02/18 01:33:56 | 000,058,368 | ---- | C] () -- C:\Program Files\MFInstall.exe
[2006/01/28 20:30:32 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\Sony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/07/28 18:25:54 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Sony\Application Data\PFP120JPR.{PB
[2005/07/28 18:25:54 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Sony\Application Data\PFP120JCM.{PB
 
========== ZeroAccess Check ==========
 
[2005/03/02 20:32:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013/07/31 22:17:51 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WMIDIAG-V2.0_XP___.CLI.SP2.32_INNUENDOES_2009.01.21_22.46.03.LOG:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My Documents\terriffic.rtx:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My Documents\Running scandisk etc.rtf:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Sony\My Documents\DisableAOLDSL.exe:SummaryInformation
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
 
< End of report >
 -----------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 2/9/2014 5:35:27 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Sony\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 66.67% Memory free
3.83 Gb Paging File | 3.28 Gb Available in Paging File | 85.50% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.30 Gb Total Space | 51.09 Gb Free Space | 28.33% Space Free | Partition Type: NTFS
Drive E: | 326.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: INNUENDOES | User Name: Sony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\America Online 9.0a\waol.exe" = C:\Program Files\America Online 9.0a\waol.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player -- (Apple Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe" = C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL -- (Gteko Ltd.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1147670399\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\Program Files\Yahoo!\browser\ycommon.exe" = C:\Program Files\Yahoo!\browser\ycommon.exe:*:Disabled:YCommon Exe Module -- (Yahoo!, Inc.)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Documents and Settings\Sony\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Sony\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v4.0 ActiveX Control
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3819891A-030B-4a4e-98ED-B28A649E48AB}" = HP Deskjet 3900 series
"{42F6BED9-41DD-40F1-85A8-8E0350493626}" = HPDeskjet3900Series
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Control Center
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63104E84-532C-4011-A4F4-AD6EDF8CC214}" = SpyroDriver
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{71d6ce84-b7dc-4166-8e0d-56c1c37bfb5a}" = 
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.1
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}" = URGE
"{8BE56144-D053-4411-9B48-A481DFF9F5AA}" = Windows XP Start Something Demo
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{9155A84B-A94B-496E-9661-9978EB0CBC7C}" = Image Converter 2
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E158BB9-37B9-464B-837E-CC1D5766291B}" = VAIO Update 3
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{A4870F16-380A-47D5-B30F-45A99FED3403}" = Click to DVD 2.4.12
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B2B30EC0-FB6A-43BB-9B38-0C3B32D75B40}_is1" = Sony Download Taxi 1.5.0.0
"{B8C72ECE-87C6-4676-B949-519C1954F9F2}" = SpyroPortalDriver
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BC5E5F8F-0BA2-480A-94C4-0E65D4FA8238}" = Click to DVD 2.4.12
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E09E82C3-6C4D-45B0-8790-BBBEE39F1A3C}" = VAIO Zone Remote Commander
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E715FA41-46EB-4D3F-B4D9-A45973E76026}" = VAIO Structure Wallpaper
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.12
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"20,000 Recipes" = 20,000 Recipes
"AddressBook" = 
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"All ATI Software" = ATI - Software Uninstall Utility
"America Online us" = America Online (Choose which version to remove)
"AOL Setup" = AOL Setup
"AOL Toolbar" = AOL Toolbar 5.0
"AOL Toolbar 5.0" = 
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"AolCoach2_en" = AOL Coach Version 2.0(Build:20041026.5 en)
"AOLOCP_N" = 
"ATI Display Driver" = ATI Display Driver
"Avast" = avast! Free Antivirus
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CCleaner" = CCleaner (remove only)
"Connection Manager" = 
"DirectAnimation" = 
"DirectDrawEx" = 
"DXM_Runtime" = 
"ESET Online Scanner" = ESET Online Scanner v3
"FLVPlayer" = FLV Player 1.3.3
"Fontcore" = 
"Free CD Ripper_is1" = Free CD Ripper 3.1
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"HPExtendedCapabilities" = HP Extended Capabilities 5.0
"ICW" = 
"IE4Data" = 
"IE5BAKEX" = 
"ie8" = Windows Internet Explorer 8
"IEData" = 
"InstallShield Uninstall Information" = 
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Interactive Training" = 
"MobileOptionPack" = 
"MoodLogic" = MoodLogic
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" = 
"MSI30-Beta1" = 
"MSI30-Beta2" = 
"MSI30-KB884016" = 
"MSI30-RC1" = 
"MSI30-RC2" = 
"MSI31-Beta" = 
"MSI31-RC1" = 
"NetMeeting" = 
"Netscape Online Setup" = Netscape Internet Service Setup
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"OutlookExpress" = 
"PC Pitstop Driver Alert_is1" = PC Pitstop Driver Alert 1.0.0.13
"PCHealth" = 
"Port Magic" = Pure Networks Port Magic
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealJukebox 1.0" = 
"RealPlayer 6.0" = RealPlayer
"RecordNow.exe" = 
"SchedulingAgent" = 
"SecureRedirClient" = RUMBA SecureRedirector Client
"SereneScreen Marine Aquarium 2 + Time" = SereneScreen Marine Aquarium 2 + Time
"Shockwave" = 
"Shop for HP Supplies" = Shop for HP Supplies
"StreetPlugin" = Learn2 Player (Uninstall Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0200" = Microsoft WinUsb 2.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Applications" = AT&T Yahoo! Applications
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Confidence Online EE" = Confidence Online™ for Web Applications
"magicJack" = magicJack
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 1/29/2014 3:27:47 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 10005
Description = Product: Avira SearchFree Toolbar plus Web Protection -- Error 25001.
 The following applications must be closed before continuing the uninstall:   Google
 Chrome
 
Error - 1/29/2014 3:27:59 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 10005
Description = Product: Avira SearchFree Toolbar plus Web Protection -- Error 25001.
 The following applications must be closed before continuing the uninstall:   Google
 Chrome
 
Error - 1/29/2014 9:11:43 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
Error - 1/31/2014 11:43:31 PM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
Error - 2/1/2014 4:02:28 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
Error - 2/2/2014 5:02:09 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
Error - 2/9/2014 2:08:34 AM | Computer Name = INNUENDOES | Source = MsiInstaller | ID = 1024
Description = Product: Microsoft .NET Framework 1.1 - Update '{411EDCF7-755D-414E-A74B-3DCD6583F589}'
 could not be installed. Error code 1603. Windows Installer can create logs to help
 troubleshoot issues with installing software packages. Use the following link for
 instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
[ System Events ]
Error - 1/31/2014 11:43:40 PM | Computer Name = INNUENDOES | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 2/1/2014 3:52:49 AM | Computer Name = INNUENDOES | Source = Service Control Manager | ID = 7000
Description = The tmcomm service failed to start due to the following error:   %%2
 
Error - 2/1/2014 4:02:36 AM | Computer Name = INNUENDOES | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 2/1/2014 4:06:56 PM | Computer Name = INNUENDOES | Source = Service Control Manager | ID = 7000
Description = The tmcomm service failed to start due to the following error:   %%2
 
Error - 2/2/2014 5:03:50 AM | Computer Name = INNUENDOES | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 2/2/2014 8:34:12 PM | Computer Name = INNUENDOES | Source = Service Control Manager | ID = 7000
Description = The tmcomm service failed to start due to the following error:   %%2
 
Error - 2/9/2014 1:50:59 AM | Computer Name = INNUENDOES | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
 while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring
 the volume.
 
Error - 2/9/2014 1:51:50 AM | Computer Name = INNUENDOES | Source = Service Control Manager | ID = 7000
Description = The tmcomm service failed to start due to the following error:   %%2
 
Error - 2/9/2014 2:08:42 AM | Computer Name = INNUENDOES | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1.
 
Error - 2/9/2014 7:23:14 PM | Computer Name = INNUENDOES | Source = Service Control Manager | ID = 7000
Description = The tmcomm service failed to start due to the following error:   %%2
 
 
< End of report >
 
------------------------------------------------------------------------------------
 
I have not gotten the error on reboot anymore.  the reason I tried taking a screen shot was because it was very long, took up most of the screen and had series after series of symbols, etc. 
 
And,  yes, I was referring to the programs you've had me download to clean the computer.   There are others, many are the same programs that were downloaded in previous infection instances,  too.   Some have gone to places not on the desktop as my son changes the paths often.   :wall:


#36 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 10 February 2014 - 04:17 PM

Hi CoolCat,

Your logs look good. :thumbup:

Do you know what these files are?

C:\Documents and Settings\Sony\Desktop\CAMX7RDS.
C:\Documents and Settings\Sony\Desktop\CAKUKLW1.
C:\Documents and Settings\Sony\Desktop\CAK9EN0L.
C:\Documents and Settings\Sony\Desktop\CAGFQ5EN.
C:\Documents and Settings\Sony\Desktop\CAC16RCP.
C:\Documents and Settings\Sony\Desktop\CAADYT81.


=========================

In your next post please provide the following:

  • How is the computer running, any remaining issues?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#37 CoolCat

CoolCat

    Silver Member

  • Authentic Member
  • PipPipPip
  • 498 posts

Posted 12 February 2014 - 05:08 AM

The computer is running ok as far as it goes.  It's old and we have a massive dust problem here, possibly coming from the vent system in the house or the paint on the walls, even though the house is only 5 years old. It seems to have affected something in how it runs which means it runs rough.

 

My son does not recognize the name of those files or items and I can't seem to locate them, either manually or doing a search of the computer.  I am hesitant about removing them as they may be photos or movies he's loaded onto the computer.  You can't tell by the names what they might be?



#38 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 12 February 2014 - 09:21 AM

Hi CoolCat,
 

It's old and we have a massive dust problem here,

 

A can of compressed air can help alleviate some of the dust that collects around the vents and fans on a computer. This will also help with keeping the computer running cooler, and may aid in the computer's performance.

 


My son does not recognize the name of those files or items and I can't seem to locate them, either manually or doing a search of the computer. I am hesitant about removing them as they may be photos or movies he's loaded onto the computer. You can't tell by the names what they might be?

 

No, you cannot tell by the name what type of files they are. But the log also indicates that the file cannot be found. I was just curious because they showed in the log.

If you have no other questions or issues we haven't addressed I move onto the clean up and all clean speech and get you on your way.

 


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#39 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 15 February 2014 - 09:19 PM

Hi CoolCat,

Do you have any additional questions?
Are you ready to do a bit of housekeeping and get you on your way?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#40 CoolCat

CoolCat

    Silver Member

  • Authentic Member
  • PipPipPip
  • 498 posts

Posted 15 February 2014 - 10:11 PM

I think we are good to go for cleanup of the programs, now.  Also for this Vista laptop that has a gob of programs I downloaded in the past to clean this one up.  lol


    Advertisements

Register to Remove


#41 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 16 February 2014 - 02:29 AM

Hi CoolCat,

Before we get to the clean up, you need to Defrag the hard drive.

bullseye_zpse9eaf36e.gif Disk Defragmenter for XP
  • Open My Computer.
  • Right-click the local disk volume that you want to defragment, and then click Properties.
  • On the Tools tab, click Defragment Now.
  • Click Defragment.
=========================

Your log appears to be clean.
We have a few items to take care of before we get to the All Clean Speech.

=========================

bullseye_zpse9eaf36e.gif Clean up with OTL:
  • Right-click OTL.exe select "Run as Administrator" to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.
=========================

bullseye_zpse9eaf36e.gif Removing/Uninstalling AdwCleaner:
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
=========================

bullseye_zpse9eaf36e.gif You can now delete any tools and/or logs remaining on your desktop.

=========================

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • Java 7 Update 45
=========================

bullseye_zpse9eaf36e.gif Update Java
  • Get the current version of Java (Version 7 Update 51) by going to http://java.com/en/d...d/installed.jsp
  • Select the Verify Java Version button and follow the onscreen instructions to update if necessary.
=========================

bullseye_zpse9eaf36e.gif Disable Java in Web Browsers

There is a vulnerability with regards to Java and web browsers. Therefore, we recommend to disable java in web browsers.
More information can be found here: http://www.techsuppo...ers-683721.html
  • Click on the Start button and then click on the Control Panel option.
  • In the Control Panel Search enter Java Control Panel.
  • Click on the Java icon to open the Java Control Panel.
Disable Java through the Java Control Panel
  • In the Java Control Panel, click on the Security tab.
  • Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser.
  • Click Apply. When the Windows User Account Control (UAC) dialog appears, allow permissions to make the changes.
  • Click OK in the Java Plug-in confirmation window.
  • Restart the browser for changes to take effect.
=========================

bullseye_zpse9eaf36e.gif Delete All But the Most Recent Restore Point
  • Open Disk Cleanup by clicking the Start button start.jpg. In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
  • If prompted, select the drive that you want to clean up, and then click OK.
  • In the Disk Cleanup for (drive letter) dialog box, click Clean up system files. adminshield.jpg Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • If prompted, select the drive that you want to clean up, and then click OK.
  • Click the More Options tab, under System Restore and Shadow Copies, click Clean up.
  • In the Disk Cleanup dialog box, click Delete.
  • Click Delete Files, and then click OK.
=========================

With the above items taken care of let's move on to the All Clean part of the process.

The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

Free Anti-VirusFree Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here.Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#42 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 19 February 2014 - 09:47 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users