Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help with slow vaio

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help with slow vaio

Unread postby syil8 » September 23rd, 2010, 6:23 pm

Hi
here is the hijack log and uninstal log
thanks


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:46, on 23/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Tall Emu\Online Armor\OAui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\winhlp32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VAIO Update 5] "C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Martina\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsup ... gctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3641972203
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 13972 bytes


and the uninstal log


32 Bit HP CIO Components Installer
AcusticaAudio Nebula3
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Photoshop Elements 3.0
Adobe Reader 7.0.9
Adobe Shockwave Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.4
Autorun Eater v2.3
avast! Free Antivirus
BBC iPlayer Download Manager
Blue Cat's Digital Peak Meter Pro - VST (Demo)
Bonjour
BroadJump Client Foundation
cladDVD .NET v3.5.6
Click to DVD 2.0.03 Menu Data
Click to DVD 2.5.32
Comcast Desktop Software (v1.2.0.9)
Critical Update for Windows Media Player 11 (KB959772)
DFX 8 for Winamp
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DVgate Plus
Emagic Logic Audio Platinum 5.5.1
eMule
FabFilter Volcano 2.02
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Handbrake 0.9.4
HDAUDIO SoftV92 Data Fax Modem with SmartCP
High Definition Audio Driver Package - KB835221
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
iLok Client Helper x32
iLok Client Helper x32
Image Converter 2
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD for VAIO
InterVideo WinDVDX
iPhone Configuration Utility
iTunes
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 21
LAN-Express AS IEEE 802.11 Wireless LAN
Live 8.0.1
livebox
mCore
MD_Editor
mDriver
Memory Stick Formatter
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Professional
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (VAIO_VEDB)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mMHouse
MobileMe Control Panel
MoodLogic
Mozilla Firefox (3.6.4)
Mozilla Thunderbird (2.0.0.24)
mPfMgr
mProSafe
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Visualizer Library 1.4.00
mWlsSafe
mXML
Native Instruments FM8
Native Instruments Massive
Native Instruments Service Center
Neuro-Programmer 2.5.3
NI Service Center
NVIDIA Drivers
Ohm Force - Mobilohm VST2
Ohm Force - Ohmicide VST
OhmForce Hematohm VST2
OhmForce Predatohm DX
OhmForce Predatohm VST2
Online Armor 4.0
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
PACE Anti-Piracy mergemodule for the x32 iLok USB Driver on x32 OS
PACE Anti-Piracy mergemodule for x32 TPkd for x32 OS
Panda ActiveScan 2.0
PictureGear Studio 2.0
PixVue
QuickTime
Rapport
Rapport
RealPlayer
Realtek High Definition Audio Driver
ReCycle 2.1.2
Renoise 2.5.0
rgc:audio z3ta+ 1.5
Roxio DigitalMedia Audio
Roxio DigitalMedia Copy
Roxio DigitalMedia Data
Safari
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Setting Utility Series
Skype 1.3
Sonic Foundry Sound Forge 6.0
SonicStage 4.3
SonicStage Mastering Studio 1.4
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sonnox Oxford Inflator Native VST v1.5.1
Sonnox Oxford Limiter Native VST v1.1.1
Sonnox Oxford R3 Dynamics Native VST v1.3.1
Sonnox Oxford R3 EQ Native VST v1.6.1
Sonnox Oxford Reverb Native VST v1.0
Sonnox Oxford TransMod Native VST v1.3.1
Sony MP4 Shared Library
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
SPL Attacker Native 1.1
SPL Transient Designer Native 1.0.1
Spybot - Search & Destroy
SpywareBlaster 4.2
SSL LMC-1 v1.0
SSL X-ISM v1.1
SSL X-ORCISM v1.1
TBS WMP Plug-in
UltraISO Premium V9.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URS Classic Console Strip Pro VST RTAS v1.0
VAIO Control Center
VAIO Edit Components
VAIO Entertainment Platform
VAIO Event Service
VAIO Launcher
VAIO Light Flo Wallpaper
VAIO Long Battery Life Wallpaper
VAIO Media 4.0
VAIO Media AC3 Decoder 1.0
VAIO Media Integrated Server 4.2
VAIO Media Redistribution 4.0
VAIO Media Registration Tool 4.0
VAIO Online Registration (English)
VAIO Original Screen Saver
VAIO Original Screen Saver VAIO Motion HD Normal Contents
VAIO Original Screen Saver VAIO Motion HD Wide Contents
VAIO Original Screen Saver VAIO Motion SD Normal Contents
VAIO Original Screen Saver VAIO Motion SD Wide Contents
VAIO Original Screen Saver VAIO Scene HD Normal Contents
VAIO Original Screen Saver VAIO Scene HD Wide Contents
VAIO Original Screen Saver VAIO Scene SD Normal Contents
VAIO Original Screen Saver VAIO Scene SD Wide Contents
VAIO Power Management
VAIO Product Survey
VAIO Update
VAIO Zone
VideoLAN VLC media player 0.8.6f
Winamp
Windows Defender
Windows Driver Package - PACE Anti-Piracy, Inc. (iLokDrvr) Dongles (6/5/2008 5.8.3.3162)
Windows Essentials Media Codec Pack 1.0
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Wireless LAN Starter
WOWDemo
Xvid 1.1.3 final uninstall
Zero-X BeatQuantizer Demo
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm
Advertisement
Register to Remove

Re: Help with slow vaio

Unread postby deltalima » September 27th, 2010, 3:20 am

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby deltalima » September 27th, 2010, 3:38 am

Hi syil8,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your computer problems.

The logs can take some time to research, so please be patient with me.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will be working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Remove P2P Programs

  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    eMule


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

Upload a File to Virustotal

Please go to Virustotal

Copy/paste this file and path into the white box at the top:
C:\WINDOWS\winhlp32.exe

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 27th, 2010, 12:26 pm

hi


VT Community Sign in ▼ My account ▼ Sign out Signing out... Languages ▼
VirusTotal's website has changed, we need new translations, do you feel like helping the community?
info@virustotal.com
Sign in to VT Community

Safety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
email
password
Keep me logged in

Sign in
Signing in, please wait...
Login failed, please try again
Forgot your password? Create an account
Edit my profile
View my profile
Inbox
Virus Total
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
winhlp32.exe
Submission date:
2010-09-27 16:20:11 (UTC)
Current status:
finished
Result:
0 /43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.09.27.01 2010.09.27 -
AntiVir 7.10.12.53 2010.09.27 -
Antiy-AVL 2.0.3.7 2010.09.27 -
Authentium 5.2.0.5 2010.09.27 -
Avast 4.8.1351.0 2010.09.27 -
Avast5 5.0.594.0 2010.09.27 -
AVG 9.0.0.851 2010.09.27 -
BitDefender 7.2 2010.09.27 -
CAT-QuickHeal 11.00 2010.09.27 -
ClamAV 0.96.2.0-git 2010.09.27 -
Comodo 6214 2010.09.27 -
DrWeb 5.0.2.03300 2010.09.27 -
Emsisoft 5.0.0.37 2010.09.27 -
eSafe 7.0.17.0 2010.09.26 -
eTrust-Vet 36.1.7878 2010.09.27 -
F-Prot 4.6.2.117 2010.09.27 -
F-Secure 9.0.15370.0 2010.09.27 -
Fortinet 4.1.143.0 2010.09.26 -
GData 21 2010.09.27 -
Ikarus T3.1.1.90.0 2010.09.27 -
Jiangmin 13.0.900 2010.09.27 -
K7AntiVirus 9.63.2618 2010.09.27 -
Kaspersky 7.0.0.125 2010.09.27 -
McAfee 5.400.0.1158 2010.09.27 -
McAfee-GW-Edition 2010.1C 2010.09.27 -
Microsoft 1.6201 2010.09.27 -
NOD32 5484 2010.09.27 -
Norman 6.06.06 2010.09.27 -
nProtect 2010-09-27.03 2010.09.27 -
Panda 10.0.2.7 2010.09.27 -
PCTools 7.0.3.5 2010.09.27 -
Prevx 3.0 2010.09.27 -
Rising 22.66.06.01 2010.09.27 -
Sophos 4.58.0 2010.09.27 -
Sunbelt 6934 2010.09.27 -
SUPERAntiSpyware 4.40.0.1006 2010.09.27 -
Symantec 20101.1.1.7 2010.09.27 -
TheHacker 6.7.0.0.035 2010.09.27 -
TrendMicro 9.120.0.1004 2010.09.27 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.27 -
VBA32 3.12.14.1 2010.09.27 -
ViRobot 2010.8.31.4017 2010.09.27 -
VirusBuster 12.66.2.0 2010.09.27 -
Additional information
Show all
MD5 : 65a9495a436f5402bc1c467e1b926c27
SHA1 : 587f7e2ed04dca2f4dbe84d90afd0c223f52b1cd
SHA256: f697d5b221ddfd2ffbecaf8cca252701ab976cf8cbb74ce0238ef336093327a8
ssdeep: 6144:3zIhO6fuw24+LhiW+cK3k7UcfPGdNK8eC6El8yihVBZ:jL6SLh63/cXG3lg
File size : 283648 bytes
First seen: 2009-04-27 20:34:44
Last seen : 2010-09-27 16:20:11
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID:
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Microsoft_ Help
original name: WINHLP32.EXE
internal name: WINHLP32.EXE
file version.: 5.1.2600.5512 (xpsp.080413-0852)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x37D71
timedatestamp....: 0x480251FB (Sun Apr 13 18:33:31 2008)
machinetype......: 0x14C (Intel I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x38BE4, 0x38C00, 6.58, 3183f5a4042cb82bfc70d273ba0f245e
.data, 0x3A000, 0x3A08, 0x1400, 4.22, fdc397d910db86b93a63b1893e06bd36
.rsrc, 0x3E000, 0xAEF0, 0xB000, 4.31, db19fd0b7d859b91eaf0dd5d16c364bd

[[ 6 import(s) ]]
advapi32.dll: RegSetValueExA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegCreateKeyExA
gdi32.dll: EnumFontFamiliesExA, GetTextAlign, SetTextAlign, GetTextColor, GetBkColor, Escape, SetAbortProc, StartDocA, EndDoc, CreateDCA, StartPage, EndPage, GetSystemPaletteEntries, CreatePen, IntersectClipRect, UnrealizeObject, SetBrushOrgEx, CreatePatternBrush, GetTextExtentPoint32A, CreateFontA, CreateRectRgn, SetRectRgn, CombineRgn, InvertRgn, PatBlt, ExtTextOutA, GetTextExtentPointW, GetTextExtentPointA, SetBkMode, TextOutW, TextOutA, GetTextCharset, GetTextMetricsA, MoveToEx, LineTo, Rectangle, GetStockObject, SetPixel, CreateCompatibleBitmap, GetTextFaceA, SetROP2, TranslateCharsetInfo, GetObjectA, DeleteObject, GetNearestColor, CreateCompatibleDC, SelectObject, SetTextColor, SetBkColor, SetViewportOrgEx, SetWindowExtEx, SetViewportExtEx, PlayMetaFile, DeleteDC, CreateDiscardableBitmap, CreateSolidBrush, BitBlt, SetStretchBltMode, StretchBlt, CreateICA, GetDeviceCaps, CreatePalette, SaveDC, SetMapMode, SetWindowOrgEx, LPtoDP, RestoreDC, SetMetaFileBitsEx, CreateBitmap, SetDIBits, CreateDIBitmap, SelectPalette, RealizePalette, DeleteMetaFile, CreateFontIndirectA
kernel32.dll: MultiByteToWideChar, GlobalFree, GlobalUnlock, GlobalLock, GetProfileStringA, GetSystemDefaultLangID, GlobalReAlloc, GlobalAlloc, GetTimeZoneInformation, FindClose, FindFirstFileA, GetFileInformationByHandle, _llseek, GetSystemDirectoryA, GetModuleHandleW, GetProfileIntA, CloseHandle, GetVersionExA, GetStartupInfoA, MapViewOfFile, CreateFileMappingA, GetCurrentThread, GetModuleFileNameA, IsValidLocale, GlobalSize, VirtualAlloc, VirtualFree, _lclose, _lcreat, _lwrite, _lread, GetLastError, _lopen, SetEndOfFile, SetFilePointer, DeleteFileA, FindNextFileA, GetTickCount, SetCurrentDirectoryA, CopyFileA, MoveFileA, SetFileAttributesA, FileTimeToLocalFileTime, SystemTimeToFileTime, GetSystemTime, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetUserDefaultUILanguage, GetSystemDefaultUILanguage, ExpandEnvironmentStringsA, SearchPathA, GetPrivateProfileStringA, GetTempPathA, GetTempFileNameA, CreateDirectoryA, GetCurrentDirectoryA, GetSystemWindowsDirectoryA, GetWindowsDirectoryA, lstrcmpiA, GetFileAttributesA, GetModuleHandleA, SetErrorMode, LoadLibraryA, GetBinaryTypeA, FreeLibrary, Sleep, GetProcAddress, WinExec, GetUserDefaultLCID, CompareStringA, MulDiv, LocalSize, lstrcpynA, IsDBCSLeadByte, lstrcpyA, lstrlenA, LocalAlloc, LocalReAlloc, LocalFree, GetLocaleInfoA
msvcrt.dll: isalpha, strtol, strtoul, _strcmpi, strstr, strncpy, strchr, _stricmp, atoi, _fullpath, _except_handler3, strrchr, atol, tolower, _exit, _strnicmp, strncmp, __3@YAXPAX@Z, __2@YAPAXI@Z, remove, _itoa, toupper, isspace, _chdrive, _c_exit, _XcptFilter, _cexit, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _controlfp, isdigit, memmove
shell32.dll: SHGetSpecialFolderPathA
user32.dll: CheckDlgButton, EnumWindows, RegisterClassA, UnregisterClassA, DrawFocusRect, GetAsyncKeyState, ValidateRect, EnumChildWindows, GetWindowDC, CopyRect, CreateDialogParamA, IsDialogMessageA, ScrollWindow, SetScrollRange, GetScrollPos, SetScrollPos, ReleaseCapture, GetClassNameA, EnumThreadWindows, DialogBoxParamA, OffsetRect, KillTimer, GetFocus, PeekMessageA, GetSysColorBrush, BeginPaint, EndPaint, ChildWindowFromPoint, GetMessagePos, MonitorFromPoint, GetMonitorInfoA, SetWindowPos, SetCursor, ClientToScreen, FrameRect, InflateRect, SetCapture, SetMessageQueue, GetMessageA, TranslateAcceleratorA, wsprintfA, CallWindowProcA, PostMessageA, GetParent, GetClientRect, SetDlgItemTextA, GetWindowLongA, GetDlgItemTextA, GetWindowTextLengthA, IsWindowEnabled, EndDialog, SetWindowLongA, SetFocus, EnableWindow, IsClipboardFormatAvailable, GetDlgItem, SendDlgItemMessageA, CharNextA, CharPrevA, WinHelpA, CharLowerA, GetSysColor, InvertRect, SetRect, GetActiveWindow, IsWindow, FillRect, SetTimer, ShowWindow, IsWindowVisible, SetActiveWindow, InvalidateRect, SendMessageA, GetWindowRect, SetForegroundWindow, IsIconic, FindWindowA, CreatePopupMenu, AppendMenuA, GetKeyState, DrawMenuBar, GetMenu, DeleteMenu, EnableMenuItem, CheckMenuItem, DestroyWindow, SetWindowTextA, VkKeyScanA, GetWindow, GetSystemMetrics, TranslateMessage, IsDlgButtonChecked, MoveWindow, DestroyMenu, InsertMenuA, CreateMenu, GetWindowTextA, CreateWindowExA, TrackPopupMenu, GetCursorPos, GetMenuItemCount, GetSubMenu, SetMenu, LoadMenuA, LoadStringA, CharUpperA, GetDesktopWindow, MessageBoxA, LoadBitmapA, PtInRect, ShowScrollBar, InvalidateRgn, UpdateWindow, ReleaseDC, GetDC, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, CharNextW, RegisterClassExA, LoadIconA, LoadImageA, IsRectEmpty, SetRectEmpty, SystemParametersInfoA, EqualRect, IsZoomed, RegisterWindowMessageA, SetProcessDefaultLayout, GetProcessDefaultLayout, LoadCursorA, LoadAcceleratorsA, PostQuitMessage, DefWindowProcA, DispatchMessageA
ThreatExpert:
http://www.threatexpert.com/report.aspx ... 7e1b926c27
Symantec reputation:Suspicious.Insight

VT Community

0

This file has never been reviewed by any VT Community member. Be the first one to comment on it!

VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:

text -- bold
text -- italics
text -- underline
text -- strikethrough
Code: Select all
text
- preformatted text

You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.

Goodware
Malware
Spam attachment/link

P2P download
Propagating via IM
Network worm

Drive-by-download


Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview comment Edit comment
Post comment
Posting comment...
Comment successfully posted




ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - Terms of Service & Privacy Policy
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby deltalima » September 27th, 2010, 12:32 pm

Hi syil8,

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 27th, 2010, 12:54 pm

OTL logfile created on: 27/09/2010 12:40:44 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Martina\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 53.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.60 Gb Total Space | 6.39 Gb Free Space | 19.60% Space Free | Partition Type: NTFS
Drive D: | 34.94 Gb Total Space | 6.89 Gb Free Space | 19.72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARTINA-VAIO
Current User Name: Martina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Martina\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Tall Emu\Online Armor\oahlp.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oaui.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
PRC - C:\Program Files\Tall Emu\Online Armor\oacat.exe (Tall Emu)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe (PixVue.Com)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Martina\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll (Trusteer Ltd.)
MOD - C:\Program Files\Tall Emu\Online Armor\oawatch.dll (Tall Emu)
MOD - C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV - (SvcOnlineArmor) -- C:\Program Files\Tall Emu\Online Armor\oasrv.exe (Tall Emu)
SRV - (OAcat) -- C:\Program Files\Tall Emu\Online Armor\OAcat.exe (Tall Emu)
SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (PixVue) -- C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe (PixVue.Com)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (VAIO Entertainment Task Scheduler) -- C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation)
SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (VCI) -- C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor) -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()


========== Driver Services (SafeList) ==========

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys (Trusteer Ltd.)
DRV - (OAmon) -- C:\WINDOWS\system32\drivers\OAmon.sys (Tall Emu)
DRV - (OAnet) -- C:\WINDOWS\system32\drivers\OAnet.sys (Tall Emu Pty Ltd)
DRV - (OADevice) -- C:\WINDOWS\system32\drivers\OADriver.sys (Tall Emu)
DRV - (tmcomm) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (iLokDrvr) -- C:\WINDOWS\system32\drivers\iLokDrvr.sys (PACE Anti-Piracy, Inc.)
DRV - (TPkd) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (SONYTVC) -- C:\WINDOWS\system32\drivers\SONYTVC.sys (Sony Corporation)
DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NETMDUSB) -- C:\WINDOWS\system32\drivers\NETMDUSB.sys (Sony Corporation)
DRV - (usbcm) -- C:\WINDOWS\system32\drivers\usbcm.sys (Microsystems Corp)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/en/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.club-vaio.com/en/
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=http://www-cache.wanadoo.co.uk:8080;ftp=http://www-cache.wanadoo.co.uk:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=en"
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1
FF - prefs.js..extensions.enabledItems: artur.dubovoy@gmail.com:2.0.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.3.2
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.0.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.ftp: "www-cache.wanadoo.co.uk"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "www-cache.wanadoo.co.uk"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/23 22:17:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/23 22:17:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/03/17 21:49:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/09/13 18:02:08 | 000,000,000 | ---D | M]

[2009/05/12 13:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Extensions
[2009/05/12 13:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/09/27 12:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions
[2010/09/23 14:17:02 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/23 14:17:03 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/09/23 14:17:04 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/09/23 14:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/09/23 14:17:01 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/06/01 10:40:38 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/09/23 14:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\artur.dubovoy@gmail.com
[2008/03/30 11:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2010/04/09 17:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\isreaditlater@ideashower.com
[2010/09/23 14:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martina\Application Data\Mozilla\Firefox\Profiles\0kvpo92b.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010/09/27 12:21:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/06 12:22:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/22 22:36:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/10/31 09:47:32 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2010/03/13 22:28:59 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/13 22:28:59 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/13 22:28:59 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/13 22:28:59 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/15 16:31:51 | 000,306,450 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10574 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Tall Emu\Online Armor\OAui.exe (Tall Emu)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VAIO Update 5] C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} https://www-secure.symantec.com/techsup ... mAData.cab (ActiveDataInfo Class)
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsup ... gctlsi.cab (Symantec SmartIssue)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsup ... gctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3641972203 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx (Get_ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsup ... mAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/fl ... wflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PixVue: DllName - C:\Program Files\PixVue.Com\PixVue\bin\WinLogon.DLL - C:\Program Files\PixVue.Com\PixVue\bin\WinLogon.dll (PixVue.Com)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Martina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Martina\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/11 09:04:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/27 12:37:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martina\Desktop\OTL.exe
[2010/09/23 22:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/09/23 16:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/23 15:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/09/22 22:40:13 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/22 22:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/09/22 22:36:47 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/09/22 22:36:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/09/22 22:36:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/09/22 22:33:22 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010/09/05 14:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2006/02/19 18:45:17 | 007,775,744 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PixVue.exe
[5 C:\Documents and Settings\Martina\Desktop\*.tmp files -> C:\Documents and Settings\Martina\Desktop\*.tmp -> ]
[381 C:\Documents and Settings\Martina\My Documents\*.tmp files -> C:\Documents and Settings\Martina\My Documents\*.tmp -> ]
[144 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[132 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/27 12:38:10 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Martina\Desktop\cy8w4kfw.exe
[2010/09/27 12:24:04 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/27 12:08:45 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\Martina\My Documents\Contemporary Resume.doc
[2010/09/27 12:05:23 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2630728093-908478267-753119046-1006UA.job
[2010/09/27 12:02:09 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/09/27 11:59:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/27 11:58:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/27 11:58:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/27 11:58:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/27 11:58:18 | 526,897,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/26 00:12:01 | 000,002,304 | ---- | M] () -- C:\Documents and Settings\Martina\Desktop\Google Chrome.lnk
[2010/09/26 00:12:01 | 000,002,282 | ---- | M] () -- C:\Documents and Settings\Martina\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/23 23:15:21 | 013,369,344 | ---- | M] () -- C:\Documents and Settings\Martina\ntuser.dat
[2010/09/23 23:15:05 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Martina\ntuser.ini
[2010/09/23 16:09:02 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Martina\Desktop\HiJackThis.msi
[2010/09/23 03:02:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/09/22 23:06:27 | 000,336,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/22 22:59:21 | 000,511,654 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/09/22 22:59:21 | 000,448,202 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/09/22 22:59:21 | 000,074,678 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/09/22 22:40:42 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/09/21 09:19:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martina\Desktop\OTL.exe
[2010/09/07 11:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/09/07 11:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/09/07 10:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/09/07 10:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/09/07 10:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[5 C:\Documents and Settings\Martina\Desktop\*.tmp files -> C:\Documents and Settings\Martina\Desktop\*.tmp -> ]
[381 C:\Documents and Settings\Martina\My Documents\*.tmp files -> C:\Documents and Settings\Martina\My Documents\*.tmp -> ]
[144 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[132 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/27 12:38:12 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Martina\Desktop\cy8w4kfw.exe
[2010/09/27 12:08:34 | 000,025,600 | ---- | C] () -- C:\Documents and Settings\Martina\My Documents\Contemporary Resume.doc
[2010/09/23 16:08:48 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Martina\Desktop\HiJackThis.msi
[2009/09/12 16:41:43 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Martina\Local Settings\Application Data\fusioncache.dat
[2009/05/10 01:23:07 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2008/11/21 17:47:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/11/21 17:45:16 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/11/21 17:44:16 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/08/10 08:40:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008/06/18 02:21:00 | 000,000,122 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2008/02/19 16:07:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PlgEnabler2a.INI
[2007/12/15 17:34:14 | 000,013,318 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/11/21 18:23:21 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3i.DLL
[2007/10/12 19:28:28 | 000,000,150 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/10/02 06:50:14 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FxShared.dll
[2007/10/02 06:50:12 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\com.fxpansion.fxshared.dll
[2007/06/06 18:04:39 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/04/20 12:09:43 | 000,000,167 | ---- | C] () -- C:\WINDOWS\MD4_userTri.ini
[2006/11/24 15:26:18 | 000,002,658 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2006/11/24 15:16:24 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2006/08/14 16:48:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CalendarPlus.INI
[2006/05/12 12:17:47 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006/04/10 07:35:13 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/04/10 07:35:12 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/04/03 07:46:39 | 000,000,070 | ---- | C] () -- C:\WINDOWS\FB0E28DC.ini
[2005/12/16 17:29:41 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Martina\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/16 08:57:55 | 000,037,196 | ---- | C] () -- C:\Documents and Settings\Martina\Application Data\Comma Separated Values (Windows).ADR
[2005/12/10 15:25:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2005/08/27 12:00:23 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/27 11:44:06 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/08/27 11:42:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2005/07/11 13:36:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/07/11 12:33:01 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/07/11 12:33:01 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/07/11 12:33:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/07/11 12:33:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/07/11 12:33:01 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/07/11 12:33:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/07/11 12:30:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005/07/11 12:25:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/07/11 10:22:18 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\WLANDLL.DLL
[2005/07/11 00:49:16 | 000,001,910 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/06/15 03:59:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[1998/10/10 21:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 994 bytes -> C:\Program Files\Outlook Express:5g4W4pAb4DhKNOTZwdg59vI
@Alternate Data Stream - 252 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F87C192A
@Alternate Data Stream - 1280 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:yPFkUWxmmKh0BYzjXh1h
@Alternate Data Stream - 1255 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:pg1lqnps2iMOTQ9ClLPHCz5a
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 1236 bytes -> C:\Documents and Settings\Martina\Cookies:06WWrQFOACAecV7s1ml59rUx
@Alternate Data Stream - 1214 bytes -> C:\Documents and Settings\Martina\Cookies:sdjjNTXhxA3KfgO5lYHf
@Alternate Data Stream - 1145 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:72gMA1FbdMca6mKrFx44cH
@Alternate Data Stream - 1128 bytes -> C:\Program Files\Common Files\Microsoft Shared:UFnVCTBdIHV1HtEKCMx6tzQ4s5C
@Alternate Data Stream - 1106 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:nrseMIUYt5ZLk7kNl5Twp1D2dExL
@Alternate Data Stream - 1100 bytes -> C:\Program Files\Outlook Express:JTP0NAFxlxFMoIImRsHs6aX8
@Alternate Data Stream - 1097 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:lB0mVZQgHUyAj8dQZFHu
@Alternate Data Stream - 1086 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:XS1CPjnOMpU3jgQQgPTWlE
@Alternate Data Stream - 1059 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:N5aNu2zFf1eo7Vrds4Xre3N
@Alternate Data Stream - 1056 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:ECbjMN2rFNJ0yE9fc37uTwyVt
@Alternate Data Stream - 1037 bytes -> C:\Program Files\Common Files\Microsoft Shared:pPxnnM4NtTlwp11kmft6AID
< End of report >



OTL Extras logfile created on: 27/09/2010 12:40:44 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\Martina\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.00 Mb Total Physical Memory | 53.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.60 Gb Total Space | 6.39 Gb Free Space | 19.60% Space Free | Partition Type: NTFS
Drive D: | 34.94 Gb Total Space | 6.89 Gb Free Space | 19.72% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARTINA-VAIO
Current User Name: Martina
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3689:TCP" = 3689:TCP:*:Enabled:shared itunes

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kontiki\KService.exe" = C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service -- (Kontiki Inc.)
"C:\Program Files\Real\RealPlayer\trueplay.exe" = C:\Program Files\Real\RealPlayer\trueplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Documents and Settings\Martina\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Martina\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Sony\VAIO Media 4.0\Vc.exe" = C:\Program Files\Sony\VAIO Media 4.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media -- (Sony Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 21
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}" = Music Visualizer Library 1.4.00
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{62FC357F-022B-4F90-9376-7A0DF9FBE7A1}" = Sonic Foundry Sound Forge 6.0
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{A4870F16-380A-47D5-B30F-45A99FED3403}" = Click to DVD 2.4.12
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BC5E5F8F-0BA2-480A-94C4-0E65D4FA8238}" = Click to DVD 2.4.12
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C15B5C81-EBDF-44D6-896B-877B077276FC}" = PACE Anti-Piracy mergemodule for the x32 iLok USB Driver on x32 OS
"{CC9F419B-1E64-49BB-8A13-9608EBF985D7}" = PixVue
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}" = iLok Client Helper x32
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.5.32
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FE17ABC2-0B33-4B96-9B7B-FBE30F7829E4}" = PACE Anti-Piracy mergemodule for x32 TPkd for x32 OS
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"80E5581805E14DD17EDB025EB86D820E06128E18" = Windows Driver Package - PACE Anti-Piracy, Inc. (iLokDrvr) Dongles (6/5/2008 5.8.3.3162)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Audacity_is1" = Audacity 1.2.4
"Autorun Eater_is1" = Autorun Eater v2.3
"avast5" = avast! Free Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DFX for Winamp" = DFX 8 for Winamp
"Emagic Logic Audio Platinum 5.5.1" = Emagic Logic Audio Platinum 5.5.1
"FabFilter Volcano 2.02" = FabFilter Volcano 2.02
"HandBrake" = Handbrake 0.9.4
"Hematohm VST2" = OhmForce Hematohm VST2
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO Online Registration (English)
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{DEA491FB-48BC-4B6B-8902-FCD4BAB069BE}" = iLok Client Helper x32
"Live 8.0.1" = Live 8.0.1
"MD_Editor" = MD_Editor
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobilohm VST2" = Ohm Force - Mobilohm VST2
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Service Center" = Native Instruments Service Center
"Nebula3" = AcusticaAudio Nebula3
"Neuro-Programmer 2_is1" = Neuro-Programmer 2.5.3
"NI Service Center" = NI Service Center
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Ohmicide VST" = Ohm Force - Ohmicide VST
"OnlineArmor_is1" = Online Armor 4.0
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Predatohm DX" = OhmForce Predatohm DX
"Predatohm VST2" = OhmForce Predatohm VST2
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Rapport_msi" = Rapport
"RealPlayer 6.0" = RealPlayer
"ReCycle_is1" = ReCycle 2.1.2
"Renoise 2.5.0_is1" = Renoise 2.5.0
"Skype_is1" = Skype 1.3
"Sonnox Oxford Inflator Native VST_is1" = Sonnox Oxford Inflator Native VST v1.5.1
"Sonnox Oxford Limiter Native VST_is1" = Sonnox Oxford Limiter Native VST v1.1.1
"Sonnox Oxford R3 Dynamics Native VST_is1" = Sonnox Oxford R3 Dynamics Native VST v1.3.1
"Sonnox Oxford R3 EQ Native VST_is1" = Sonnox Oxford R3 EQ Native VST v1.6.1
"Sonnox Oxford Reverb Native VST_is1" = Sonnox Oxford Reverb Native VST v1.0
"Sonnox Oxford TransMod Native VST_is1" = Sonnox Oxford TransMod Native VST v1.3.1
"SPL Attacker Native_is1" = SPL Attacker Native 1.1
"SPL Transient Designer Native_is1" = SPL Transient Designer Native 1.0.1
"SSL LMC-1" = SSL LMC-1 v1.0
"SSL X-ISM" = SSL X-ISM v1.1
"SSL X-ORCISM" = SSL X-ORCISM v1.1
"UltraISO_is1" = UltraISO Premium V9.2
"URS Classic Console Strip Pro VST RTAS_is1" = URS Classic Console Strip Pro VST RTAS v1.0
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Winamp" = Winamp
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 1.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
"z3ta+_x86_is1" = rgc:audio z3ta+ 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2630728093-908478267-753119046-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12/08/2008 07:59:12 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 01/09/2008 10:04:24 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 01/09/2008 10:05:05 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 11/09/2009 09:33:52 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 11/09/2009 09:33:52 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 11/09/2009 09:33:58 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

Error - 05/09/2010 14:15:02 | Computer Name = MARTINA-VAIO | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 23/09/2010 07:24:06 | Computer Name = MARTINA-VAIO | Source = Google Update | ID = 20
Description =

Error - 23/09/2010 12:09:55 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

Error - 23/09/2010 18:14:14 | Computer Name = MARTINA-VAIO | Source = Application Error | ID = 1000
Description = Faulting application KService.exe, version 5.12.707.160, faulting
module KService.exe, version 5.12.707.160, fault address 0x0021215a.

Error - 23/09/2010 21:53:17 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

Error - 23/09/2010 22:19:01 | Computer Name = MARTINA-VAIO | Source = Application Error | ID = 1000
Description = Faulting application KService.exe, version 5.12.707.160, faulting
module KService.exe, version 5.12.707.160, fault address 0x002a70f4.

Error - 23/09/2010 22:37:15 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

Error - 23/09/2010 22:43:36 | Computer Name = MARTINA-VAIO | Source = Application Error | ID = 1000
Description = Faulting application KService.exe, version 5.12.707.160, faulting
module KService.exe, version 5.12.707.160, fault address 0x0002a7d3.

Error - 23/09/2010 23:13:04 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

Error - 24/09/2010 00:55:23 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

Error - 27/09/2010 12:01:34 | Computer Name = MARTINA-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {F508055A-CDBF-4D4D-BC8F-4D8E0D9B9E81})(Error
code = 0x80004005)

[ System Events ]
Error - 26/09/2010 00:19:48 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:20:18 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:20:48 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:21:20 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:21:55 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:22:25 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:22:56 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 26/09/2010 00:23:26 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Vcsw service.

Error - 27/09/2010 12:00:58 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7022
Description = The KService service hung on starting.

Error - 27/09/2010 12:00:58 | Computer Name = MARTINA-VAIO | Source = Service Control Manager | ID = 7022
Description = The VAIO Entertainment File Import Service service hung on starting.


< End of report >
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby deltalima » September 27th, 2010, 1:17 pm

Hi syil8,

502.00 Mb Total Physical Memory


That is a small amount of RAM to run Windows and is a reason for your computer running slowly. You need to upgrade to at least 1G of RAM.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :otl
    O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
    O3 - HKU\S-1-5-21-2630728093-908478267-753119046-1006\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O4 - HKLM..\Run: [UserFaultCheck] File not found
    :commands
    [EMPTYTEMP]
    [REBOOT]
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Malwarebytes Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and select then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please post that log in your next reply.
The log can also be found here:
  1. Launch Malwarebytes' Anti-Malware
  2. Click on the Logs radio tab.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Please post the GMER log when complete, if you are having problems running GMER the please run this alternative scan.

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
  • Copy the entire contents of the report and paste it in a reply here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 27th, 2010, 9:36 pm

Hi
I did the otl, it rebooted but there was no txt file????
thanks
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby deltalima » September 28th, 2010, 3:31 am

Please check in the folder c:\_otl\Moved Files, there should be log files named in the form 09282010_082628.log where the name is date_time.log.

Please post the most recent log file then run Malwarebytes then RKU
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 28th, 2010, 1:16 pm

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-2630728093-908478267-753119046-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 201624 bytes
->Flash cache emptied: 300 bytes

User: Martina
->Temp folder emptied: 436710416 bytes
->Temporary Internet Files folder emptied: 4780283 bytes
->Java cache emptied: 57815475 bytes
->FireFox cache emptied: 56765217 bytes
->Google Chrome cache emptied: 45175822 bytes
->Apple Safari cache emptied: 14336 bytes
->Flash cache emptied: 1096287 bytes

User: NetworkService
->Temp folder emptied: 70078 bytes
->Temporary Internet Files folder emptied: 32902 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 70604933 bytes
%systemroot%\System32\dllcache .tmp files removed: 68713752 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94418874 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 21311476 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 87061 bytes

Total Files Cleaned = 818.00 mb


OTL by OldTimer - Version 3.2.14.1 log created on 09282010_130443

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_8c8.dat not found!

Registry entries deleted on Reboot...
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby syil8 » September 28th, 2010, 1:43 pm

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4712

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/09/2010 13:38:15
mbam-log-2010-09-28 (13-38-15).txt

Scan type: Quick scan
Objects scanned: 137034
Time elapsed: 10 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby deltalima » September 28th, 2010, 2:12 pm

Please post the RKU log when complete.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 28th, 2010, 2:42 pm

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xAA49D000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 3289088 bytes (Realtek Semiconductor Corp., Realtek(r) High Definition Audio Function Driver)
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2066816 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2066816 bytes
0x804D7000 RAW 2066816 bytes
0x804D7000 WMIxWDM 2066816 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF6D73000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 1052672 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xAA350000 C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys 1036288 bytes (Conexant Systems, Inc., HSF_DP driver)
0xBF073000 C:\WINDOWS\System32\ialmdd5.DLL 909312 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
0xAA2A1000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 716800 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF832B000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF6C85000 C:\WINDOWS\system32\DRIVERS\ExpasAG.sys 458752 bytes (Atheros Communications, Inc., Driver for Atheros AR5001 Wireless Network Adapter)
0xA9FCE000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6BAF000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xAA1ED000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA93FA000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xAA03E000 C:\WINDOWS\system32\drivers\OADriver.sys 303104 bytes (Tall Emu, OA Helper Driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xBF042000 C:\WINDOWS\System32\ialmdev5.DLL 200704 bytes (Intel Corporation, Component GHAL Driver)
0xF8485000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xA9786000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF82FE000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xAA44D000 C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys 180224 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0xAA0D8000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF6D37000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xAA125000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xAA088000 C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys 163840 bytes (Trusteer Ltd., RapportPG)
0xA9F6B000 C:\WINDOWS\System32\Drivers\aswSP.SYS 159744 bytes (AVAST Software, avast! self protection module)
0xF6C5E000 C:\WINDOWS\system32\DRIVERS\e100b325.sys 159744 bytes (Intel Corporation, Intel(R) PRO/100 Adapter NDIS 5.1 driver)
0xA9F92000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xAA479000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6D13000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6C24000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xAA103000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 139264 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0x806D0000 ACPI_HAL 131840 bytes
0x806D0000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF83FF000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF8437000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF8456000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF6CF5000 C:\WINDOWS\system32\drivers\tifmsony.sys 122880 bytes (Texas Instruments, tifmsony.sys)
0xF83CF000 TPkd.sys 122880 bytes (PACE Anti-Piracy, Inc., InterLok system file)
0xF82E4000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF841F000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xA9EFA000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xA927A000 C:\WINDOWS\system32\drivers\tmcomm.sys 98304 bytes (Trend Micro Inc., TrendMicro Common Module)
0xF6C47000 C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 94208 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0xA9993000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF83B8000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6C0D000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA9FB8000 C:\Program Files\UltraISO\drivers\ISODrive.sys 90112 bytes (EZB Systems, Inc., ISO DVD/CD-ROM Device Driver)
0xA9749000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6D5F000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xAA246000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF83ED000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF8474000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF79D4000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF8674000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF85C4000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF8724000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF8684000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xA9B72000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF8744000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF85D4000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF87A4000 C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys 57344 bytes (Trusteer Ltd., RapportKE)
0xF8614000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7944000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF8694000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF85F4000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF86B4000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF87B4000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF8664000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF85E4000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF86A4000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF8634000 sbp2port.sys 45056 bytes (Microsoft Corporation, SBP-2 Protocol Driver)
0xF8784000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xF85B4000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF86E4000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF86C4000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF8604000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF7954000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF8774000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF8794000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA9C62000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF8764000 C:\WINDOWS\system32\drivers\OAnet.sys 36864 bytes (Tall Emu Pty Ltd, OA Helper Driver)
0xF8624000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF87C4000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF894C000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF897C000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF8984000 C:\WINDOWS\system32\drivers\OAmon.sys 32768 bytes (Tall Emu, TDI Helper Driver)
0xF88F4000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF8834000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF8994000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF8914000 C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF8904000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF890C000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF88FC000 C:\WINDOWS\System32\Drivers\SonyNC.sys 24576 bytes (Sony Corporation, Sony Notebook Control driver)
0xF88EC000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF896C000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF895C000 C:\WINDOWS\system32\DRIVERS\AegisP.sys 20480 bytes (Meetinghouse Data Communications, IEEE 802.1X Protocol Driver)
0xF898C000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF8974000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF883C000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF8924000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF892C000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF891C000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF886C000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF89CC000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF8A90000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF8AA4000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xA9DB2000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xA9D6E000 C:\WINDOWS\system32\DRIVERS\s24trans.sys 16384 bytes (Intel Corporation, Intel WLAN Packet Driver)
0xF89D0000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xF89E4000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF89C4000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF89C8000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xAA28D000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xA955D000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER)
0xF8A9C000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF8A64000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF8AF0000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF8B10000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF8AEE000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF8AB8000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF8AB4000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF8AF2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF8AF4000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF8AE2000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF8AEC000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF8AB6000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF8C0B000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF8CEE000 C:\WINDOWS\system32\DRIVERS\DMICall.sys 4096 bytes (Sony Corporation, Windows 2000 DMI Call Kernel Driver)
0xF8BC8000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF8CD5000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF8B7D000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF8B7C000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
!-->[Hidden] C:\:MJOZ4C6MEnhD3bS2UHDVN:$DATA
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x0002AC00, Type: Inline - RelativeJump 0x80501C00-->80501BAE [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002AC90, Type: Inline - RelativeJump 0x80501C90-->80501D06 [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002ACA0, Type: Inline - RelativeJump 0x80501CA0-->80501CAC [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002AEDC, Type: Inline - RelativeCall 0x80501EDC-->E2E4AA05 [unknown_code_page]
ntkrnlpa.exe+0x0006AA9A, Type: Inline - RelativeJump 0x80541A9A-->80541AA1 [ntkrnlpa.exe]
ntkrnlpa.exe-->KeFindConfigurationEntry, Type: Inline - RelativeCall 0x806906DA-->866A61BE [unknown_code_page]
ntkrnlpa.exe-->ObInsertObject, Type: Inline - RelativeJump 0x805B8B58-->A9F7DFFA [aswSP.SYS]
ntkrnlpa.exe-->ObMakeTemporaryObject, Type: Inline - RelativeJump 0x805B1CE0-->A9F7C5D4 [aswSP.SYS]
tcpip.sys-->ndis.sys-->NdisCloseAdapter, Type: IAT modification 0xAA22C428-->F8767300 [OAnet.sys]
tcpip.sys-->ndis.sys-->NdisOpenAdapter, Type: IAT modification 0xAA22C454-->F8767360 [OAnet.sys]
tcpip.sys-->ndis.sys-->NdisRegisterProtocol, Type: IAT modification 0xAA22C460-->F8767610 [OAnet.sys]
wanarp.sys-->ndis.sys-->NdisCloseAdapter, Type: IAT modification 0xF87C9B4C-->F8767300 [OAnet.sys]
wanarp.sys-->ndis.sys-->NdisDeregisterProtocol, Type: IAT modification 0xF87C9B1C-->F8767650 [OAnet.sys]
wanarp.sys-->ndis.sys-->NdisOpenAdapter, Type: IAT modification 0xF87C9B3C-->F8767360 [OAnet.sys]
wanarp.sys-->ndis.sys-->NdisRegisterProtocol, Type: IAT modification 0xF87C9B28-->F8767610 [OAnet.sys]
[1072]explorer.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[1072]explorer.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[1072]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [shimeng.dll]
[1072]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [shimeng.dll]
[1072]explorer.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[1072]explorer.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[1072]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->00000000 [shimeng.dll]
[1072]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [shimeng.dll]
[1072]explorer.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[1072]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [shimeng.dll]
[1072]explorer.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x3D9314B0-->00000000 [shimeng.dll]
[1072]explorer.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x71AB109C-->00000000 [shimeng.dll]
[1160]oaui.exe-->user32.dll-->LoadStringA, Type: Inline - DirectJump 0x7E42C908-->00000000 [unknown_code_page]
[1160]oaui.exe-->user32.dll-->LoadStringW, Type: Inline - DirectJump 0x7E419E36-->00000000 [unknown_code_page]
[1416]oasrv.exe-->user32.dll-->LoadStringA, Type: Inline - DirectJump 0x7E42C908-->00000000 [unknown_code_page]
[1416]oasrv.exe-->user32.dll-->LoadStringW, Type: Inline - DirectJump 0x7E419E36-->00000000 [unknown_code_page]
[1456]iTunesHelper.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[1456]iTunesHelper.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[1456]iTunesHelper.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[1456]iTunesHelper.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[1456]iTunesHelper.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[1640]AvastSvc.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Inline - PushRet 0x7C84495D-->00000000 [unknown_code_page]
[1948]VAIOUpdt.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[1948]VAIOUpdt.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[1948]VAIOUpdt.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[1948]VAIOUpdt.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[1948]VAIOUpdt.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[2032]jusched.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[2032]jusched.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[2032]jusched.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[2032]jusched.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[2032]jusched.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[2184]AvastUI.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[2184]AvastUI.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[2184]AvastUI.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[2184]AvastUI.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[2184]AvastUI.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[2640]oahlp.exe-->user32.dll-->LoadStringA, Type: Inline - DirectJump 0x7E42C908-->00000000 [unknown_code_page]
[2640]oahlp.exe-->user32.dll-->LoadStringW, Type: Inline - DirectJump 0x7E419E36-->00000000 [unknown_code_page]
[3008]ctfmon.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[3008]ctfmon.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[3008]ctfmon.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[3008]ctfmon.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[3008]ctfmon.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[332]SPMgr.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[332]SPMgr.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[332]SPMgr.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[332]SPMgr.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[332]SPMgr.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[3404]ico.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[3404]ico.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[3404]ico.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[3404]ico.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[3404]ico.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[3640]ApntEx.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[3640]ApntEx.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[3640]ApntEx.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[3640]ApntEx.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[3640]ApntEx.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[3664]Apoint.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[3664]Apoint.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[3664]Apoint.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[3664]Apoint.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[3664]Apoint.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[3904]hkcmd.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[3904]hkcmd.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[3904]hkcmd.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[3904]hkcmd.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[3904]hkcmd.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[4040]igfxpers.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[4040]igfxpers.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[4040]igfxpers.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[4040]igfxpers.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[4040]igfxpers.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[472]services.exe-->advapi32.dll-->CreateProcessAsUserW, Type: IAT modification 0x01001094-->00000000 [unknown_code_page]
[472]services.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x01001114-->00000000 [unknown_code_page]
[592]ISBMgr.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[592]ISBMgr.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[592]ISBMgr.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[592]ISBMgr.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[592]ISBMgr.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
[884]wuauclt.exe-->advapi32.dll-->CreateServiceA, Type: Inline - DirectJump 0x77E37211-->00000000 [unknown_code_page]
[884]wuauclt.exe-->advapi32.dll-->CreateServiceW, Type: Inline - DirectJump 0x77E373A9-->00000000 [unknown_code_page]
[884]wuauclt.exe-->kernel32.dll-->CreateProcessA, Type: Inline - DirectJump 0x7C80236B-->00000000 [unknown_code_page]
[884]wuauclt.exe-->kernel32.dll-->CreateProcessW, Type: Inline - DirectJump 0x7C802336-->00000000 [unknown_code_page]
[884]wuauclt.exe-->user32.dll-->ExitWindowsEx, Type: Inline - DirectJump 0x7E45A275-->00000000 [unknown_code_page]
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm

Re: Help with slow vaio

Unread postby deltalima » September 28th, 2010, 2:52 pm

Hi syil8,

  • Click Start, point to Settings, and then click Control Panel.
  • In Control Panel, double-click Add or Remove Programs.
  • In Add or Remove Programs,
    highlight J2SE Runtime Environment 5.0 Update 3
    click Remove
  • Close the Add or Remove Programs and the Control Panel windows.

You should Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 9.3 are vulnerable.
  • Go HERE, UNCHECK any Free Add-Ons, and click Download to install the latest version of Adobe Acrobat Reader.
  • After it completes the Installation, close the Download Manager.

MBRCheck

Please download MBRCheck.exe to your desktop.
  • Double-click on MBRCheck.exe to run it.
  • It will show a Black screen with some information.
  • if an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.ss should appear on your desktop.
  • Please post the contents of that file in you're next reply.

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help with slow vaio

Unread postby syil8 » September 28th, 2010, 3:50 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 138):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D0000 \WINDOWS\system32\hal.dll
0xF8AB4000 \WINDOWS\system32\KDCOM.DLL
0xF89C4000 \WINDOWS\system32\BOOTVID.dll
0xF8485000 ACPI.sys
0xF8AB6000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF8474000 pci.sys
0xF85B4000 isapnp.sys
0xF85C4000 ohci1394.sys
0xF85D4000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF89C8000 compbatt.sys
0xF89CC000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF8B7C000 pciide.sys
0xF8834000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF8AB8000 intelide.sys
0xF8456000 pcmcia.sys
0xF85E4000 MountMgr.sys
0xF8437000 ftdisk.sys
0xF89D0000 ACPIEC.sys
0xF8B7D000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF883C000 PartMgr.sys
0xF85F4000 VolSnap.sys
0xF841F000 atapi.sys
0xF8604000 disk.sys
0xF8614000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF83FF000 fltmgr.sys
0xF83ED000 sr.sys
0xF8624000 PxHelp20.sys
0xF83CF000 TPkd.sys
0xF83B8000 KSecDD.sys
0xF832B000 Ntfs.sys
0xF82FE000 NDIS.sys
0xF8634000 sbp2port.sys
0xF82E4000 Mup.sys
0xF8694000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF8AA0000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF787A000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF7866000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF783E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF8904000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF781A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF890C000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF77FC000 \SystemRoot\system32\drivers\tifmsony.sys
0xF778C000 \SystemRoot\system32\DRIVERS\ExpasAG.sys
0xF7765000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF8914000 \SystemRoot\System32\Drivers\SonyNC.sys
0xF86A4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF891C000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF774E000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0xF8924000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF86B4000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF86C4000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF86D4000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF772B000 \SystemRoot\system32\DRIVERS\ks.sys
0xF892C000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF8B94000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF86E4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF8AAC000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF7714000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF86F4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF8704000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF8934000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF893C000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF8944000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF8714000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF8ADE000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF76B6000 \SystemRoot\system32\DRIVERS\update.sys
0xF82AF000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF8734000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA49D000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA479000 \SystemRoot\system32\drivers\portcls.sys
0xF8774000 \SystemRoot\system32\drivers\drmk.sys
0xAA44D000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xAA350000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xAA2A1000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF895C000 \SystemRoot\System32\Drivers\Modem.SYS
0xF8794000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8AEA000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF8AEC000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8C78000 \SystemRoot\System32\Drivers\Null.SYS
0xF8AEE000 \SystemRoot\System32\Drivers\Beep.SYS
0xF897C000 \SystemRoot\System32\drivers\vga.sys
0xF8AF0000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8AF2000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF8984000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF898C000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF797B000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF87B4000 \??\C:\WINDOWS\system32\drivers\OAnet.sys
0xAA246000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF87C4000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xAA1ED000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF8994000 \??\C:\WINDOWS\system32\drivers\OAmon.sys
0xF87D4000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xAA125000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAA103000 \SystemRoot\System32\drivers\afd.sys
0xF87E4000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA0D8000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA088000 \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
0xF87F4000 \??\C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys
0xAA03E000 \??\C:\WINDOWS\system32\drivers\OADriver.sys
0xA9FCE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA9FB8000 \??\C:\Program Files\UltraISO\drivers\ISODrive.sys
0xF8804000 \SystemRoot\System32\Drivers\Fips.SYS
0xA9F92000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF8814000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF8C86000 \SystemRoot\system32\DRIVERS\DMICall.sys
0xA9F6B000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF89AC000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF7612000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA9F53000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8B20000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA291000 \SystemRoot\System32\drivers\Dxapi.sys
0xF885C000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8CF8000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF042000 \SystemRoot\System32\ialmdev5.DLL
0xBF073000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA9E83000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF88B4000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xA9E27000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xA9CD7000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA99C4000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA97A7000 \SystemRoot\system32\drivers\wdmaud.sys
0xF8684000 \SystemRoot\system32\drivers\sysaudio.sys
0xA95BC000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA97CC000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA9425000 \SystemRoot\system32\DRIVERS\srv.sys
0xA92CD000 \??\C:\WINDOWS\system32\drivers\tmcomm.sys
0xF896C000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xF8B38000 \SystemRoot\system32\drivers\splitter.sys
0xA899A000 \SystemRoot\system32\drivers\aec.sys
0xA8A3D000 \SystemRoot\system32\drivers\swmidi.sys
0xA8A2D000 \SystemRoot\system32\drivers\DMusic.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 59):
0 System Idle Process
4 System
356 C:\WINDOWS\system32\smss.exe
404 csrss.exe
428 C:\WINDOWS\system32\winlogon.exe
472 C:\WINDOWS\system32\services.exe
484 C:\WINDOWS\system32\lsass.exe
636 C:\WINDOWS\system32\svchost.exe
680 svchost.exe
720 C:\Program Files\Windows Defender\MsMpEng.exe
760 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
848 C:\WINDOWS\system32\svchost.exe
928 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
1100 C:\WINDOWS\explorer.exe
1140 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
1204 svchost.exe
1244 svchost.exe
1336 C:\Program Files\Tall Emu\Online Armor\oacat.exe
1392 C:\Program Files\Tall Emu\Online Armor\oasrv.exe
1612 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1932 C:\WINDOWS\system32\spoolsv.exe
608 C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
600 svchost.exe
1020 C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
192 C:\Program Files\Java\jre6\bin\jqs.exe
2172 C:\Program Files\Kontiki\KService.exe
2344 C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
2484 C:\WINDOWS\system32\svchost.exe
2712 C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
2896 C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
3068 C:\WINDOWS\system32\svchost.exe
3204 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
3324 C:\WINDOWS\system32\svchost.exe
3520 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
3828 igfxext.exe
3896 igfxsrvc.exe
3928 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
400 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2112 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
2560 C:\WINDOWS\system32\wuauclt.exe
3556 C:\Program Files\Apoint\Apoint.exe
3592 C:\WINDOWS\system32\ico.exe
3692 C:\WINDOWS\system32\hkcmd.exe
3716 C:\WINDOWS\system32\igfxpers.exe
3748 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
4016 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
912 C:\Program Files\Tall Emu\Online Armor\oaui.exe
1032 C:\Program Files\iTunes\iTunesHelper.exe
1196 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
924 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
196 C:\WINDOWS\system32\wuauclt.exe
2132 C:\WINDOWS\system32\ctfmon.exe
3376 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
376 C:\Program Files\Apoint\ApntEx.exe
3816 C:\Program Files\Tall Emu\Online Armor\oahlp.exe
3352 alg.exe
3752 C:\Program Files\iPod\bin\iPodService.exe
1660 C:\Documents and Settings\Martina\Desktop\MBRCheck.exe
2232 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`bf1f2000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000009`e5b0de00 (NTFS)

PhysicalDrive0 Model Number: HTS421280H9AT00, Rev: HA3OA70G

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
syil8
Active Member
 
Posts: 10
Joined: September 23rd, 2010, 4:04 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 37 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware