PDA

View Full Version : Windows important updates keep failing computer freezes



reform
2013-05-05, 11:37
Hi hope you can help
recently had a virus on my computer causing slow operation freezing i have used quite a few anti virus programs including super spyware, adware malware bytes and spybot 2 search and destroy to clean these viruses off the computer but i still think the computer is infected .The following viruses have been found trojan Repack ,PUP.Ibyte and Trojan -Proprat .When i run malware bytes and adware now they don't show any results but spy bot 2 is still finding results which i am finding hard to interpret a few of these are registry at level 5 .I have tried to update two important service packs from windows KB2813170 and KB976932
but they keep failing.
Any help appreciated
Please find dds report and asw.MBR below
10583


DS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.4.1
Run by Olivene at 19:43:38 on 2013-04-23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3758.1433 [GMT 1:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files (x86)\Citrix\ICA Client\WFCRUN32.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Internet Explorer, optimized for Bing and MSN
uProxyOverride = <local>;*.local
mSearchAssistant = about:blank
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coieplg.dll
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [TRUUpdater] "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
mRun: [AirCardEnabler] <no file>
StartupFolder: C:\Users\Olivene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ONLINE~1.LNK - C:\Windows\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\244524573796E6563737845726D2131303 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\244565F4951474542523039313D21473 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\35B4950323236353 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\35B4950383732303 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\35B4952303137383 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\35B4955333435323 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}\37865616D697 : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Olivene\AppData\Roaming\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Olivene\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2011-12-5 236248]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0604010.00E\symds64.sys [2013-2-9 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0604010.00E\symefa64.sys [2013-2-9 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-13 1390680]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\0604010.00E\ccsetx64.sys [2013-2-9 167072]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2010-7-14 87600]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20130420.001\IDSviA64.sys [2013-4-23 513184]
R1 RapportCerberus_51755;RapportCerberus_51755;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys [2013-3-24 586072]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-4-2 228600]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-4-2 357272]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0604010.00E\ironx64.sys [2013-2-9 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0604010.00E\symnets.sys [2013-2-9 405624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-12 13336]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccsvchst.exe [2013-2-9 138272]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-4-2 1124184]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-7-12 94208]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-7-12 78848]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-24 259192]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-20 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-20 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-20 168384]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-11-30 19968]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-9 138912]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-4 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-27 317440]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]
R3 swivsp;AC8xx Virtual Serial Port;C:\Windows\System32\drivers\swivspnt.sys [2007-3-26 23552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-11-30 342056]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-11-30 39464]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-3-17 37344]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-20 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-20 67952]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);C:\Windows\System32\drivers\swnc8u80.sys [2008-5-20 199168]
S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);C:\Windows\System32\drivers\swumx80.sys [2008-5-20 192256]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-7-12 402720]
.
=============== Created Last 30 ================
.
2013-04-22 19:09:58 -------- d-----w- C:\Users\Olivene\AppData\Roaming\SUPERAntiSpyware.com
2013-04-22 18:52:32 -------- d-----w- C:\ProgramData\HitmanPro
2013-04-22 02:04:53 -------- d-----w- C:\Windows\System32\SPReview
2013-04-21 18:45:23 -------- d-----w- C:\Users\Olivene\AppData\Roaming\Malwarebytes
2013-04-21 18:44:44 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-21 18:44:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-21 17:57:21 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-20 18:18:28 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-04-20 18:18:20 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-11 15:21:14 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-11 15:10:16 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-11 15:10:15 2691072 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-11 15:10:14 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-11 15:10:14 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-11 15:10:14 158208 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-11 15:10:14 131072 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-11 15:09:54 3150848 ----a-w- C:\Windows\System32\win32k.sys
2013-04-11 15:09:52 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-09 20:09:16 -------- d-----w- C:\Users\Olivene\AppData\Local\Evernote
2013-04-01 18:50:25 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-04-01 18:50:25 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
.
==================== Find3M ====================
.
2013-04-02 12:16:10 236248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-03-14 19:35:06 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 19:35:06 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-12 14:02:22 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-02-06 07:42:10 203544 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2013-02-06 07:42:08 102936 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2013-02-05 08:54:40 37344 ----a-w- C:\Windows\SysWow64\FsUsbExDisk.Sys
2013-02-05 08:54:40 233472 ----a-w- C:\Windows\SysWow64\FsUsbExService.Exe
.
============= FINISH: 19:49:02.79 ===============



swMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-23 19:58:17
-----------------------------
19:58:17.671 OS Version: Windows x64 6.1.7600
19:58:17.671 Number of processors: 2 586 0x2505
19:58:17.686 ComputerName: OLIVENE-VAIO UserName: Olivene
19:58:38.764 Initialize success
20:04:52.906 AVAST engine defs: 13042300
20:47:27.697 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:47:27.697 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
20:47:27.869 Disk 0 MBR read successfully
20:47:27.869 Disk 0 MBR scan
20:47:27.993 Disk 0 Windows 7 default MBR code
20:47:28.009 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10641 MB offset 2048
20:47:28.056 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 21794816
20:47:28.087 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466197 MB offset 21999616
20:47:28.274 Disk 0 scanning C:\Windows\system32\drivers
20:47:49.338 Service scanning
20:48:49.792 Modules scanning
20:48:49.808 Disk 0 trace - called modules:
20:48:49.839 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:48:49.870 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044f2410]
20:48:49.870 3 CLASSPNP.SYS[fffff88001c9e43f] -> nt!IofCallDriver -> [0xfffffa80043178a0]
20:48:49.886 5 ACPI.sys[fffff88000f13781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800431d050]
20:48:51.807 AVAST engine scan C:\Windows
20:48:55.553 AVAST engine scan C:\Windows\system32
20:56:35.100 AVAST engine scan C:\Windows\system32\drivers
20:57:25.914 AVAST engine scan C:\Users\Olivene
21:16:00.996 AVAST engine scan C:\ProgramData
21:27:10.987 Scan finished successfully
21:34:12.519 Disk 0 MBR has been saved successfully to "C:\Users\Olivene\Documents\anti-virus scans\MBR.dat"
21:34:12.534 The log file has been saved successfully to "C:\Users\Olivene\Documents\anti-virus scans\aswMBR.txt

ken545
2013-05-11, 21:28
Welcome to the forum

Sorry for the delay, Logs basically look ok, lets run a few more scans.


ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.





OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

reform
2013-05-13, 21:08
Hi Ken 545
Thanks for reply please find attached the
Eset scan first no found items or viruses


ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=70ba74c1a19f564694b98c3e68d706b4
# engine=13813
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-13 02:52:47
# local_time=2013-05-13 03:52:47 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3592 16777213 100 91 1544578 119076063 0 0
# compatibility_mode=5893 16776574 66 85 77297198 120878617 0 0
# scanned=206839
# found=0
# cleaned=0
# scan_time=33170


Next Old timer results
OTL Log

OTL logfile created on: 13/05/2013 06:43:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olivene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.67 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 45.71% Memory free
7.34 Gb Paging File | 5.07 Gb Available in Paging File | 69.06% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.27 Gb Total Space | 252.47 Gb Free Space | 55.46% Space Free | Partition Type: NTFS

Computer Name: OLIVENE-VAIO | User Name: Olivene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Olivene\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()


========== Services (SafeList) ==========

SRV:[b]64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (Trusteer Ltd.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (swmsflt) -- C:\Windows\SysNative\drivers\swmsflt.sys ()
DRV:64bit: - (SWUMX80) -- C:\Windows\SysNative\drivers\swumx80.sys (Sierra Wireless Inc.)
DRV:64bit: - (SWNC8U80) -- C:\Windows\SysNative\drivers\swnc8u80.sys (Sierra Wireless Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (swivsp) -- C:\Windows\SysNative\drivers\swivspnt.sys (Sierra Wireless Inc.)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130510.001\IDSviA64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130512.003\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130512.003\eng64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130502.001\BHDrvx64.sys (Symantec Corporation)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (Trusteer Ltd.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (Trusteer Ltd.)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (RapportCerberus_51755) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_51755.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENGB/110
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes\{24FBCFF8-F6D9-4E93-8A67-86509603C660}: "URL" = http://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes\{4CD6FBC6-8F35-4D6A-A87B-EC200B25ED7D}: "URL" = http://uk.shopping.com/?linkin_id=8056359
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes\{627D4510-6893-47E2-AFC8-352AC6673184}: "URL" = http://rover.ebay.com/rover/1/710-42480-16445-15/4?satitle={searchTerms}
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes\{88278DE6-4F59-4977-B812-7C05A5EE7310}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\SearchScopes\{C0D2A2B4-FA14-4BDE-971E-A9B5FBB66467}: "URL" = http://search.avg.com/route/?d=4d22df68&v=6.11.25.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Olivene\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\ [2013/05/12 18:18:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\ [2013/04/25 06:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/13 17:26:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/13 17:26:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/13 17:26:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/13 17:26:31 | 000,000,000 | ---D | M]

[2011/12/28 17:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivene\AppData\Roaming\Mozilla\Extensions
[2011/12/28 17:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olivene\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013/04/13 17:26:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/13 17:26:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/13 17:26:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/12 17:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 17:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 17:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/10/12 17:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/12 19:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/10/12 17:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2013/01/16 21:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/12 18:34:29 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1511563395-3383351959-1421908777-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AirCardEnabler] File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [TRUUpdater] C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe (Sierra Wireless, Inc.)
O4 - HKLM..\Run: [WatcherHelper] C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\WaHelper.exe (Sierra Wireless Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1181098d-9aa7-11e0-b561-18f46afa57d6}\Shell - "" = AutoRun
O33 - MountPoints2\{1181098d-9aa7-11e0-b561-18f46afa57d6}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{71ed2d1a-eccb-11e0-b18e-18f46afa57d6}\Shell - "" = AutoRun
O33 - MountPoints2\{71ed2d1a-eccb-11e0-b18e-18f46afa57d6}\Shell\AutoRun\command - "" = D:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/13 06:40:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Olivene\Desktop\OTL.exe
[2013/05/12 18:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/04/25 06:48:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013/04/24 07:48:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/04/23 19:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/04/23 19:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/04/22 20:09:58 | 000,000,000 | ---D | C] -- C:\Users\Olivene\AppData\Roaming\SUPERAntiSpyware.com
[2013/04/22 19:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/04/21 19:45:23 | 000,000,000 | ---D | C] -- C:\Users\Olivene\AppData\Roaming\Malwarebytes
[2013/04/21 19:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/21 19:44:44 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/21 19:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/21 18:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/21 18:26:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/04/21 11:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/04/21 10:14:29 | 000,000,000 | ---D | C] -- C:\Users\Olivene\Documents\ProcAlyzer Dumps
[2013/04/21 08:12:44 | 000,000,000 | ---D | C] -- C:\Users\Olivene\Documents\anti-virus scans
[2013/04/21 08:10:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/04/20 19:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/04/20 19:18:28 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/04/20 19:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/04/13 17:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/13 06:40:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olivene\Desktop\OTL.exe
[2013/05/13 06:34:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/12 18:23:14 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/12 18:23:14 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/12 18:22:46 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/12 18:22:46 | 000,628,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/12 18:22:46 | 000,111,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/12 18:15:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/12 18:15:01 | 2955,493,376 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/05 09:35:35 | 000,014,736 | ---- | M] () -- C:\Users\Olivene\Desktop\attach - Shortcut.lnk
[2013/04/25 06:48:17 | 000,002,319 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2013/04/25 06:47:55 | 002,214,329 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/04/25 06:47:10 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\VT20130115.021
[2013/04/25 06:43:56 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/04/25 06:43:56 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/04/25 06:43:56 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/04/23 19:50:24 | 000,003,861 | ---- | M] () -- C:\Users\Olivene\Desktop\attach.zip
[2013/04/23 19:40:58 | 000,000,909 | ---- | M] () -- C:\Users\Olivene\Desktop\ERUNT.lnk
[2013/04/22 20:00:12 | 000,000,312 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2013/04/21 19:44:48 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/21 11:13:31 | 000,014,964 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2013/04/20 19:18:44 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/05 09:35:35 | 000,014,736 | ---- | C] () -- C:\Users\Olivene\Desktop\attach - Shortcut.lnk
[2013/04/23 19:50:24 | 000,003,861 | ---- | C] () -- C:\Users\Olivene\Desktop\attach.zip
[2013/04/23 19:40:58 | 000,000,909 | ---- | C] () -- C:\Users\Olivene\Desktop\ERUNT.lnk
[2013/04/22 20:00:12 | 000,000,312 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2013/04/21 19:44:48 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/20 19:18:44 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/04/20 19:18:41 | 000,002,177 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/03/17 11:30:15 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013/03/17 11:30:15 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2012/12/27 07:17:12 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/12/27 07:17:06 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012/12/27 07:17:04 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/12/27 07:17:04 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/11/28 15:17:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/11/28 15:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/11/28 15:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/11/28 15:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/11/28 15:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/07/29 14:45:18 | 000,000,000 | ---- | C] () -- C:\Users\Olivene\AppData\Local\{A172E71E-4A12-4D6F-B63B-36F0CCD16AA9}
[2011/05/20 20:33:20 | 000,001,940 | ---- | C] () -- C:\Users\Olivene\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/30 18:36:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/01/04 09:51:41 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\AVG10
[2011/09/28 21:09:02 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\com.w3i.fliptoast
[2012/03/26 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\DriverCure
[2011/01/04 09:39:15 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\ICAClient
[2012/05/19 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\ooVoo Details
[2012/12/26 19:10:49 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\Samsung
[2011/01/04 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\Sierra Wireless
[2012/03/26 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\SpeedyPC Software
[2011/12/28 17:58:14 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\TomTom
[2011/09/28 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Olivene\AppData\Roaming\W3i, LLC

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:8C35AEA7

< End of report >

reform
2013-05-13, 21:11
Hi Ken 545
Second log from Old Timer
Extra Log

OTL Extras logfile created on: 13/05/2013 06:43:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Olivene\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.67 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 45.71% Memory free
7.34 Gb Paging File | 5.07 Gb Available in Paging File | 69.06% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.27 Gb Total Space | 252.47 Gb Free Space | 55.46% Space Free | Partition Type: NTFS

Computer Name: OLIVENE-VAIO | User Name: Olivene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ALDI Print Software] -- "C:\Program Files (x86)\ALDI\ALDI Print Software\ALDI Print Software.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ALDI Print Software] -- "C:\Program Files (x86)\ALDI\ALDI Print Software\ALDI Print Software.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
"C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
"" =
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
"C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
"" =
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3DC01A67-980F-4390-A124-A93DA3315996}" = rport=138 | protocol=17 | dir=out | app=system |
"{51D395E2-6F82-426B-ACCD-00F12AC4ECB5}" = rport=445 | protocol=6 | dir=out | app=system |
"{5719DBBF-C7B5-4678-AB81-592E79D5F186}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{582B2A51-01A1-4BD6-A43A-3AE2B0340691}" = lport=139 | protocol=6 | dir=in | app=system |
"{67221316-4C6F-4B2B-A832-52650A7C2083}" = rport=137 | protocol=17 | dir=out | app=system |
"{6885E8B0-A13B-4EBE-BA09-424D34FD4D5F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{785ABCC4-12BE-4410-9C1E-1F9135E728A4}" = lport=445 | protocol=6 | dir=in | app=system |
"{810DEE0F-C9B2-423A-A3CF-CE775949D752}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8620A420-80DE-4CA1-B26E-C5D2C7D73463}" = lport=2869 | protocol=6 | dir=in | app=system |
"{92BD08A8-85CF-4178-A7F3-BBD1442E113D}" = lport=138 | protocol=17 | dir=in | app=system |
"{A4DB5006-DA12-48DA-9935-EB646AFF1DD9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A9B2CD75-BD06-40EE-8E78-6E55BE51F614}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA15BE78-1B1F-442B-BE9C-76ECCB7A66FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0CD5932-4EF4-46EE-88A1-4B5B78DF7332}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B4926304-C6EE-4EAA-9FA8-EEC790E0B70A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6440BE0-2719-4132-B697-E05604080CC8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B6664993-F64A-4C96-A713-8D9FF06C5654}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFDD0C45-BF39-46DD-A32E-1204EDA4C5F2}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6350EF7-D090-4AAB-9024-988452402F47}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CD1B9B90-A13F-4002-9070-84FF8FCE9751}" = lport=137 | protocol=17 | dir=in | app=system |
"{D0A4C362-B1E2-4FBF-AEC3-FD17F4F13AD3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DAECF51E-CDAC-4CFB-8626-A83002ED6A7A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDB27EB0-24B7-4798-B79C-C4FAD1C4EFFC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4BB2361-188E-4D37-8BFE-180A97BB0B0C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EFF29F1B-2193-4F84-8F6F-D9D7CE3C0198}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F252AB9B-D034-43CA-90EE-E188D349E613}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EC265A-B2A3-4FFD-A27E-010BA66E39C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09814078-5C09-4F15-843C-B3178FC1A61E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0D2825EE-BE2D-4405-81CC-A447390F0883}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{13DF14E9-3034-40B5-8A1D-29F58B00DF2B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{232E7760-401C-4E78-ABC2-F806EA18E30F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25E4E043-3AEB-4ED4-8C6E-B59918FC76D7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2790204E-6A21-4EEA-BCEB-64A6FCF5496F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{29B3EA07-940F-4712-A826-36D603731E89}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2AA19253-C184-4BAD-8730-BA3A3DB01D0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF72657-8CC6-45C7-A20B-7AC7768543A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5072E34C-103F-4039-8444-564AD56C3CD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{58C83EBE-5D23-4047-B08B-70010D0B7E1C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{59BAD4DA-3145-4CD3-BF6A-B1D1F312F9C3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{66C5DD3F-50C8-4913-842D-0D460E351A9E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{673E314C-868E-43F5-AED1-49705C08184D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{67BF62C3-D8D6-4BA6-BBD7-6DDF521197A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6ADC8207-4952-469E-AEE3-0BF4FA1C879A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{6CD0C74C-41C7-4613-A85D-37009AEA52D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{747CA7ED-15F0-4D92-A413-E76162CFFC13}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{82E678D8-B288-41EE-8F28-E21AE0AF1DA6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{8C921068-58D2-44C5-B79C-E65A953148C1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{8D9B706B-8DDD-44EC-9ACD-DDE94D8DA917}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{916011D4-2AA3-46E5-B04B-90CE6D5DCE77}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9657C1B1-A8BB-46C8-B044-2F073AA72B1E}" = protocol=6 | dir=out | app=system |
"{9BD1A32D-FFEB-4051-8B12-79E1BE7052F9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A29D4021-E535-4C25-A55E-39183ED3E6A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A9132CBE-C314-47BC-863C-1894AB9C12C7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BCC07395-712F-43A8-9DDC-A49234350AB7}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BE820EEC-8B22-4905-83D9-0D6DC140F172}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C6956AF9-E18B-43AF-88D8-71A6F0744103}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3D0FC56-0215-479B-AEBA-A4269D61FDB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF5D23F1-2294-4B83-9F42-5283F9B2C8E9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E44A56F3-2C7B-427A-905A-4B19556E2A58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7695450-72BA-4C4B-9C12-A21EB9A7DB42}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E85DDFB1-0231-4EE3-B83E-0719E6C108EF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EEE21C6A-5661-4DA4-BE96-CA5436471E96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F200DEB2-CD3B-44B7-BBF1-2BF9E37FA68E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4E5E72D-3EA3-4153-BA1C-2DE902FFF06A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FCAE0843-BCE2-4821-9AFB-379E4621481C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play with PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F1F7A90-E71B-4E45-A066-2891619F22E1}" = Citrix online plug-in (PNA)
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix online plug-in (Web)
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2CF4F553-5E00-42DC-85AB-9A1A29C7D9D2}" = Citrix online plug-in (SSON)
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3ECCB578-504E-4F7A-A8B4-CF4F3B939B44}" = Citrix online plug-in (USB)
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5E74E22D-57C3-4B43-8F4F-AF35E9F6E17F}" = Sierra Wireless 3G Watcher
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65B138AE-F636-4D4C-BA5D-A06E21E47C53}" = Remote Keyboard with PlayStation 3
"{678094A1-6250-476B-9AFF-4376E48F135C}" = Citrix online plug-in (DV)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}" = Remote Play with PlayStation 3
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88D68A69-D247-466B-90DD-575F6BE16230}_is1" = CardRecovery 5.30
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B25D67C4-E885-43F8-8085-B532F6261529}" = Fliptoast
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E083F623-22A7-D8FF-483F-9B4312B51706}" = BBC iPlayer Desktop
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA365307-1963-4D16-BD44-113C8F037AAD}" = Citrix online plug-in (HDX)
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALDI Print Software" = ALDI Print Software
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CitrixOnlinePluginFull" = Citrix online plug-in
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"HaaliMkx" = Haali Media Splitter
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Intelli-studio" = SAMSUNG Intelli-studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Matroska Pack" = Matroska Pack
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Rapport_msi" = Rapport
"splashtop" = VAIO Quick Web Access
"TeamViewer 6" = TeamViewer 6
"TomTom HOME" = TomTom HOME 2.8.3.2499
"VAIO Help and Support" =
"VAIO screensaver" = VAIO screensaver
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25/03/2012 14:40:51 | Computer Name = Olivene-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4805782

Error - 25/03/2012 14:40:51 | Computer Name = Olivene-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4805782

Error - 25/03/2012 14:40:53 | Computer Name = Olivene-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25/03/2012 14:40:53 | Computer Name = Olivene-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4807732

Error - 25/03/2012 14:40:53 | Computer Name = Olivene-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4807732

Error - 25/03/2012 14:43:17 | Computer Name = Olivene-VAIO | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3508.1109,
time stamp: 0x4cda70dd Faulting module name: igdumd32.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4c44e898 Exception code: 0xc0000005 Fault offset: 0x03c00315 Faulting
process id: 0x724 Faulting application start time: 0x01cd0ab70d642527 Faulting application
path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting
module path: igdumd32.dll Report Id: 62686eb0-76aa-11e1-ac92-18f46afa57d6

Error - 25/03/2012 14:48:36 | Computer Name = Olivene-VAIO | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3508.1109,
time stamp: 0x4cda70dd Faulting module name: ntdll.dll, version: 6.1.7600.16915,
time stamp: 0x4ec49d10 Exception code: 0xc0000374 Fault offset: 0x000ce903 Faulting
process id: 0x1164 Faulting application start time: 0x01cd0ab74b2cc8df Faulting application
path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 2089429f-76ab-11e1-ac92-18f46afa57d6

Error - 25/03/2012 15:07:13 | Computer Name = Olivene-VAIO | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3508.1109,
time stamp: 0x4cda70dd Faulting module name: ntdll.dll, version: 6.1.7600.16915,
time stamp: 0x4ec49d10 Exception code: 0xc0000374 Fault offset: 0x000ce903 Faulting
process id: 0x1498 Faulting application start time: 0x01cd0ab813eb82ca Faulting application
path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: ba29a1b0-76ad-11e1-ac92-18f46afa57d6

Error - 25/03/2012 15:42:22 | Computer Name = Olivene-VAIO | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3508.1109,
time stamp: 0x4cda70dd Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0xb70c8d97 Faulting process id:
0x16d8 Faulting application start time: 0x01cd0abab67b9c5a Faulting application path:
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting module
path: unknown Report Id: a38769bb-76b2-11e1-ac92-18f46afa57d6

Error - 25/03/2012 15:46:13 | Computer Name = Olivene-VAIO | Source = Application Error | ID = 1000
Description = Faulting application name: WLXPhotoGallery.exe, version: 15.4.3508.1109,
time stamp: 0x4cda70dd Faulting module name: Strato9.dll, version: 9.0.0.3000, time
stamp: 0x4d8a4c7c Exception code: 0xc0000005 Fault offset: 0x00014437 Faulting process
id: 0x1b78 Faulting application start time: 0x01cd0abf7e618cc1 Faulting application
path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Faulting
module path: C:\Program Files (x86)\Nikon\NEFCodec\Strato9.dll Report Id: 2d4ff804-76b3-11e1-ac92-18f46afa57d6

[ Media Center Events ]
Error - 29/09/2011 12:58:26 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 17:58:26 - Error connecting to the internet. 17:58:26 - Unable
to contact server..

Error - 29/09/2011 12:58:37 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 17:58:31 - Error connecting to the internet. 17:58:31 - Unable
to contact server..

Error - 20/11/2011 23:38:17 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 03:38:17 - Error connecting to the internet. 03:38:17 - Unable
to contact server..

Error - 20/11/2011 23:38:27 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 03:38:22 - Error connecting to the internet. 03:38:22 - Unable
to contact server..

Error - 21/11/2011 00:38:32 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 04:38:32 - Error connecting to the internet. 04:38:32 - Unable
to contact server..

Error - 21/11/2011 00:38:38 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 04:38:37 - Error connecting to the internet. 04:38:37 - Unable
to contact server..

Error - 21/11/2011 01:38:43 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 05:38:43 - Error connecting to the internet. 05:38:43 - Unable
to contact server..

Error - 21/11/2011 01:38:49 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 05:38:48 - Error connecting to the internet. 05:38:48 - Unable
to contact server..

Error - 21/11/2011 02:38:54 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 06:38:54 - Error connecting to the internet. 06:38:54 - Unable
to contact server..

Error - 21/11/2011 02:39:00 | Computer Name = Olivene-VAIO | Source = MCUpdate | ID = 0
Description = 06:38:59 - Error connecting to the internet. 06:38:59 - Unable
to contact server..

[ Spybot - Search and Destroy Events ]
Error - 20/04/2013 16:23:36 | Computer Name = Olivene-VAIO | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 22/04/2013 14:51:54 | Computer Name = Olivene-VAIO | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 10/05/2013 16:24:03 | Computer Name = Olivene-VAIO | Source = DCOM | ID = 10010
Description =

Error - 10/05/2013 16:24:13 | Computer Name = Olivene-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2813170).

Error - 11/05/2013 11:00:13 | Computer Name = Olivene-VAIO | Source = EventLog | ID = 6008
Description = The previous system shutdown at 15:00:39 on ?11/?05/?2013 was unexpected.

Error - 11/05/2013 11:12:41 | Computer Name = Olivene-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2813170).

Error - 11/05/2013 13:43:37 | Computer Name = Olivene-VAIO | Source = bowser | ID = 8003
Description =

Error - 11/05/2013 13:54:22 | Computer Name = Olivene-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2813170).

Error - 12/05/2013 12:10:24 | Computer Name = Olivene-VAIO | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 12/05/2013 12:44:29 | Computer Name = Olivene-VAIO | Source = bowser | ID = 8003
Description =

Error - 12/05/2013 13:01:25 | Computer Name = Olivene-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2813170).

Error - 12/05/2013 22:01:54 | Computer Name = Olivene-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2813170).


< End of report >

ken545
2013-05-13, 22:25
Hi,

ESET came back clean and OTL looks fine, no malware that I can see.

Run a Scan with Spybot and post the log and let me see what its finding


Lets see if this fixes your Windows Update Problem

Go to Microsoft Fix It (http://support.microsoft.com/fixit/)

1. Click on Windows
2. Fix Performance Errors and Crashes
3. Fix the problem with Microsoft Windows Update thats not working
4. It will download the program to your desktop
5. Run it and see if it fixes Windows Updates

reform
2013-05-14, 00:58
Hi Ken 545
Spybot scan results


Search results from Spybot - Search & Destroy

13/05/2013 22:50:32
Scan took 00:39:05.
38 items found.

ShoppingSidekick: [SBI $906A459F] Program directory (Directory, nothing done)
C:\Users\Olivene\AppData\Local\Shopping Sidekick Plugin\

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\cdnbakmi.kaltura.com\com.conviva.livePass.sol
Properties.size=224
Properties.md5=B45D0B328D7E3F744D17FFC347AA3C5C
Properties.filedate=1368120810
Properties.filedatetext=2013-05-09 18:33:30

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\cfiles.5min.com\5minSessionTracker_www.huffingtonpost.com.sol
Properties.size=132
Properties.md5=A6712826107AE56D0C952EE1A1124C7A
Properties.filedate=1368120585
Properties.filedatetext=2013-05-09 18:29:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\cfiles.5min.com\analytics.sol
Properties.size=440
Properties.md5=47210079AD3F8F495DD0D972D8C47504
Properties.filedate=1368120595
Properties.filedatetext=2013-05-09 18:29:55

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\cfiles.5min.com\Storage5minCookie.sol
Properties.size=62
Properties.md5=DBB41EFDB5B20D52D2DE6C160DA1AD56
Properties.filedate=1368120454
Properties.filedatetext=2013-05-09 18:27:34

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\images-na.ssl-images-amazon.com\mercury.sol
Properties.size=69
Properties.md5=BB919E8D0785E0ECBE03987D8076BD46
Properties.filedate=1368216922
Properties.filedatetext=2013-05-10 21:15:21

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\login.yahoo.com\loginCache.sol
Properties.size=79
Properties.md5=33F3DD906BD3CE5E825C965FCCF82579
Properties.filedate=1368033087
Properties.filedatetext=2013-05-08 18:11:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\s.ytimg.com\videostats.sol
Properties.size=104
Properties.md5=5C741FAFFEC77686C5E7081A911EBD6E
Properties.filedate=1368033407
Properties.filedatetext=2013-05-08 18:16:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\static.discoverymedia.com\com.conviva.livePass.sol
Properties.size=224
Properties.md5=BB0283D96C5BF898E33F45A0C8805972
Properties.filedate=1368120626
Properties.filedatetext=2013-05-09 18:30:26

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=76
Properties.md5=38666C03688527DD59CC2B0DC9E69993
Properties.filedate=1367940912
Properties.filedatetext=2013-05-07 16:35:11

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Users\Olivene\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\FCQR44QC\skype.com\#ui\preferences.sol
Properties.size=219
Properties.md5=3CABA960449FDB0076D13557B1989429
Properties.filedate=1368479249
Properties.filedatetext=2013-05-13 22:07:29

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


FastClick: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


BurstMedia: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: Olivene (default-1359237618833)) (Browser: Cookie, nothing done)


Log: [SBI $8E73A7FB] Install: setupact.log (File, nothing done)
C:\Windows\setupact.log
Properties.size=728
Properties.md5=80A65C0A7B55981E3B2C32662184E589
Properties.filedate=1368478574
Properties.filedatetext=2013-05-13 21:56:14

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1511563395-3383351959-1421908777-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (5) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (101) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (13) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (433) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-04-20 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDECon64.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-12-18 Includes\Adware.sbi (*)
2013-05-08 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-05-08 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-05-08 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2013-04-09 Includes\Spyware.sbi (*)
2013-05-08 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-03-19 Includes\TrojansC-02.sbi (*)
2013-05-08 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)

ken545
2013-05-14, 01:25
Hi,

Did you run Fix It for your window update problems ?

Looks like you have some adware installed like shopping sidekick, lets do this

You have Malwarebytes installed, open it, check for updates (important) and then run the Quick Scan and post the log unless no threats were found, let me know.



Go here (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and download AdwCleaner to your desktop


Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


http://i24.photobucket.com/albums/c30/ken545/AdwareCleaner.jpg

reform
2013-05-14, 22:51
Hi Ken 545
Have tried windows fix it
but same to important updates continually fail either on shut down or when downloaded from windows update KB976932 and KB281370

No threat found on malwarebytes search

and log for adware pasted below


# AdwCleaner v2.300 - Logfile created 05/14/2013 at 06:36:16
# Updated 28/04/2013 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Olivene - OLIVENE-VAIO
# Boot Mode : Normal
# Running from : C:\Users\Olivene\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Olivene\AppData\Roaming\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Olivene\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3683 octets] - [21/04/2013 18:05:33]
AdwCleaner[R2].txt - [1105 octets] - [22/04/2013 18:22:37]
AdwCleaner[R3].txt - [1184 octets] - [14/05/2013 06:36:16]
AdwCleaner[S1].txt - [3158 octets] - [21/04/2013 18:09:33]
AdwCleaner[S2].txt - [1166 octets] - [22/04/2013 18:24:10]

########## EOF - C:\AdwCleaner[R3].txt - [1364 octets] ##########

ken545
2013-05-14, 23:22
Hi,

Lets do this and then when were done I can link you to a windows forum that can help you with your windows updates


Open OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL




:OTL



:Services

:Reg

:Files
C:\Users\Olivene\AppData\Local\Shopping Sidekick Plugin
ipconfig /flushdns /c


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces

reform
2013-05-15, 00:16
Hi ken 545
OTL
log

All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Users\Olivene\AppData\Local\Shopping Sidekick Plugin folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Olivene\Desktop\cmd.bat deleted successfully.
C:\Users\Olivene\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Olivene
->Temp folder emptied: 50492971 bytes
->Temporary Internet Files folder emptied: 6249518 bytes
->Java cache emptied: 348017 bytes
->FireFox cache emptied: 5370987 bytes
->Google Chrome cache emptied: 7190484 bytes
->Flash cache emptied: 59478 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2912 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 944579 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 67.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05142013_214840

Files\Folders moved on Reboot...
C:\Users\Olivene\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF08BA956AE6455DA8.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF09672CD14DAEA847.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF0A0C6E873C8FE6D4.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF18F80EF74F74760A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF19618C30A222A6BA.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF1B368F8BE0BB9834.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF1E26AC97BD2E578D.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF24C1C17C594E4B9F.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF24FBABAB4DF0B02D.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF259636482D60229A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF2A74A7FF979F0CDC.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF302A16F27B69F60D.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF30650831BD11C019.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF3166732B212BB5D4.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF330B3E89E80911E8.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF3A6C558C1AE67675.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF3F7EBF39B04B0F09.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF44DE54F5FF041CF5.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF473874990D09C68B.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF48E2576871BA5B91.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF53468AE5EE67CBBD.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF57611A9455E95F30.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF5A22DB448FCB27BE.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF5BDC573105086E2A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF62502938A4FF4DC4.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF6B8A696E6AD4AAC6.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF6C3A651E46098B64.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF70CF44D8F770D9E2.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF738050E32DA2E4DF.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF7F5E4AAA10BA15B3.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF82C31FD10B5B05DF.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF8F1722E09B6F4CD8.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF8F4BAC572FAAB182.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF945E43E9802AA893.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF968EA0902B986F16.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF9798880BA9B228E6.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF9D2596D2EA421E10.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DF9FAA120A69C765AD.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFA2E105195ABBBF1E.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFAD18D78A70C21C4E.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFAF0A40895510DC37.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFAFB2112243B54434.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFB13E791E6ABCE5B7.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFB2D4A896F1E1E2A8.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFB4F1998489A3BDF4.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFB6BCD316978F5099.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFB9422FDA86CF37BA.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFBEBD31869A4125E1.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFC26B9151884DB0E6.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFC3237926182B3E94.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFC84F24EBBD4C2C26.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFCD35AB5862A8A50C.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFCD70C49B948C8285.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFD0A7FDC5C55D0B19.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFD91C4A497CA8A3BB.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFD9B0B1DA9969FDCD.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFD9E1A275551EB083.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFDA789821BBFEE49A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFDE0D6DD6D322F915.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFDE4444275B804677.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE19F6B0F23E6A77A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE23F18779D8D97A2.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE48D8F929EAE2DE6.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE499997BF864838C.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE84121CF16C70027.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFE8EA8C4E37178129.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFEA1D9CBC41E90A65.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFEB5FCBED3B5C2891.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFEC1EEC54D4FFA373.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFF4862955ED7DE720.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFF92F540436B4500A.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFFA43E1B83308B0AE.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFFB443A975FC84FC7.TMP not found!
File\Folder C:\Users\Olivene\AppData\Local\Temp\~DFFB902406694B1447.TMP not found!
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\startupCache\startupCache.4.little moved successfully.
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\Cache\_CACHE_001_ moved successfully.
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\Cache\_CACHE_002_ moved successfully.
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\Cache\_CACHE_003_ moved successfully.
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Olivene\AppData\Local\Mozilla\Firefox\Profiles\tnh026l8.default-1359237618833\_CACHE_CLEAN_ moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

ken545
2013-05-15, 00:41
Now that we removed a bunch of garbage, give windows updates another shot .

reform
2013-05-15, 21:37
Hi Ken
many thanks for your help
gave windows another shot ,unfortunately same two windows service packs will not update will

ken545
2013-05-16, 02:11
Hi,

I would like you to go over to the PIT and ask for help with your Windows Update issue as things like this is what they do on a daily basis, the forum your on now at Safer is just for malware removal.


Go here and register and create an account, just like Safer Networking its free.
http://www.pcpitstop.com/pcpitstop/


Then post here in the User to User forum
http://forums.pcpitstop.com/index.php?/forum/3-user-to-user-help/

You can link them to this thread if you wish so they can see what we have done, they wont need any logs from the scans, just tell them that you may have had a virus but when you posted all we really seen was some adware and we removed it but your having problems downloading and installing Windows Updates


Use your same user name that your using here so that I can find you and offer any assistance they may need.

Its possible that the failed updates and windows freezing time to time could be working hand in hand.

Ken :)

reform
2013-05-16, 21:05
Many thanks again ken545 for your help
will follow link as suggested
Kind Regards
Sorat:bigthumb:

ken545
2013-05-16, 23:04
:bigthumb:

I will look for you over there