Hanging in a simple thing!

[shahriar123]

hi

i have recently bought a new vaio core i7 laptop, It is just a month and i have not installed any heavy software but it hangs for event a simple task. sometimes when i just turn it on it can not do anything for like 15 min and the mouse courser just turns around.

what is wrong with my laptop?!

please help me with that

 

[johnb35]

Could be anything from being infected to a hardware issue. Try running the following and post the logs.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL

 

[shahriar123]

Could be anything from being infected to a hardware issue. Try running the following and post the logs.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to
  • Update Malwarebytes' Anti-Malware
  • and Launch Malwarebytes' Anti-Malware
• then click Finish.
• If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL

Does these harm my windows? my windows is 8 original

 

[johnb35]

No they do not.

 

[shahriar123]

the first one:

# AdwCleaner v3.022 - Report created 14/03/2014 at 16:59:15
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8 Single Language (64 bits)
# Username : Shahriar - VAIO
# Running from : C:\Users\Shahriar\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\ShopperPro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16843


-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\Shahriar\AppData\Roaming\Mozilla\Firefox\Profiles\v5ztfbca.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1385 octets] - [14/03/2014 16:58:16]
AdwCleaner[S0].txt - [1318 octets] - [14/03/2014 16:59:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1378 octets] ##########

 

[shahriar123]

the second one:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 Single Language x64
Ran by Shahriar on Fri 03/14/2014 at 17:08:19.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/14/2014 at 17:12:50.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[shahriar123]

the third one:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.14.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16843
Shahriar :: VAIO [administrator]

Protection: Enabled

3/14/2014 5:26:03 PM
mbam-log-2014-03-14 (17-26-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 247988
Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0 (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\Res (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.

Files Detected: 11
C:\Users\Shahriar\Downloads\Don+Baker+-_Shoeshine+Man.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
C:\Users\Shahriar\Downloads\Dxtr.S01E01_IFR.mkv.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\background.html (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\database1_0_0.json (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\manifest.json (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js\Background.js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js\helper.js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js\jquery-1.8.3.min.js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js\jquery.base64.min.js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\js\md5.js (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.
C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc\1.0.1.6_0\Res\logo128.png (PUP.Optional.ShopperPro.A) -> Quarantined and deleted successfully.

(end)

 

[shahriar123]

and the last one:

OTL logfile created on: 3/14/2014 5:41:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Shahriar\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16843)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.74 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 62.80% Memory free
4.37 Gb Paging File | 2.82 Gb Available in Paging File | 64.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 152.76 Gb Total Space | 82.44 Gb Free Space | 53.96% Space Free | Partition Type: NTFS
Drive D: | 293.87 Gb Total Space | 245.41 Gb Free Space | 83.51% Space Free | Partition Type: NTFS
Drive E: | 403.16 Gb Total Space | 378.48 Gb Free Space | 93.88% Space Free | Partition Type: NTFS

Computer Name: VAIO | User Name: Shahriar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Shahriar\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe (Sony Corporation)
PRC - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe (Pandora.TV)
PRC - C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe (PandoraTV)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - E:\vm\vmware-hostd.exe ()
PRC - E:\vm\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\HiDTV\SchHD.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Sony\VAIO Care\listener.exe ()
MOD - C:\Program Files (x86)\HiDTV\SchHD.exe ()
MOD - C:\Program Files (x86)\HiDTV\KBHookLib.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NitroDriverReadSpool9) -- C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nitro PDF Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Broadcom Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe ()
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe (Pandora.TV)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation)
SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMwareHostd) -- E:\vm\vmware-hostd.exe ()
SRV - (VMAuthdService) -- E:\vm\vmware-authd.exe (VMware, Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (IT9135BDA) -- C:\Windows\SysNative\Drivers\IT9135BDA.sys (ITE )
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\Drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (RTSPER) -- C:\Windows\SysNative\Drivers\RtsPer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\Drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (BTWPANFL) -- C:\Windows\SysNative\Drivers\btwpanfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\Drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\Drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\Drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\Drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\Drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\Drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\Drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\Drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\Drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (vsock) -- C:\Windows\SysNative\Drivers\vsock.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\Drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\Drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\Drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\Drivers\NARAx64\0403000.00E\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\Drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\Drivers\eamonm.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\Drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\Drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\Drivers\epfwwfp.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\Drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\Drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com/?pc=SAJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaio-online.sony.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony13.msn.com/?pc=SAJBhtt [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv?referid=160
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{AAE961F4-360F-4108-8D7F-6F4271702CDE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SAJB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8081;https=127.0.0.1:8081;socks=127.0.0.1:1080

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/12/17 14:18:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Shahriar\AppData\Roaming\IDM\idmmzcc5 [2013/12/24 13:55:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Shahriar\AppData\Roaming\IDM\idmmzcc5 [2013/12/24 13:55:00 | 000,000,000 | ---D | M]

[2014/02/05 12:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shahriar\AppData\Roaming\Mozilla\Extensions
[2014/02/05 15:17:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/05 15:17:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Shahriar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 08:56:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Bluetooth] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [****** EPM tray] C:\Program Files (x86)\******\****** Partition Master 9.2.2\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SchHD] C:\Program Files (x86)\HiDTV\SchHD.exe ()
O4 - HKLM..\Run: [vmware-tray.exe] E:\vm\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Shahriar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Viber] C:\Program Files (x86)\Viber\Viber.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD68EF56-551C-40F6-A850-523B6B59D0C0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6D5656A-A289-4349-BDEE-425A737E6210}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/03/14 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\Malwarebytes
[2014/03/14 17:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/03/14 17:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/14 17:18:56 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/14 17:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/03/14 17:18:13 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Local\Programs
[2014/03/14 17:08:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/14 16:58:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/14 16:52:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Shahriar\Desktop\OTL.exe
[2014/03/14 16:48:58 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Shahriar\Desktop\mbam-setup.exe
[2014/03/14 16:47:34 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Shahriar\Desktop\JRT.exe
[2014/03/04 10:33:57 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\Desktop\2240-PHD91-[www.konkur.in]
[2014/02/26 22:15:48 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\ViberPC
[2014/02/26 22:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viber
[2014/02/26 22:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viber
[2014/02/25 20:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeSoft
[2014/02/25 20:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2014/02/25 00:42:25 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Local\gtk-2.0
[2014/02/25 00:16:16 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\.purple
[2014/02/25 00:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2014/02/25 00:03:47 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Local\Viber
[2014/02/24 23:50:17 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\ooVoo Details
[2014/02/23 22:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2014/02/23 22:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/02/23 22:25:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2014/02/14 17:47:29 | 000,070,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2014/02/14 17:47:29 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2014/02/14 17:47:29 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2014/02/14 17:47:28 | 000,067,664 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/02/14 17:46:52 | 000,357,456 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/02/14 17:46:49 | 000,436,304 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/02/14 17:46:49 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/02/14 17:46:43 | 000,933,968 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/02/14 17:46:42 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2014/02/14 17:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/02/14 17:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2014/02/14 17:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2014/02/14 17:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2014/02/14 17:46:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2014/02/14 16:46:11 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Local\VMware
[2014/02/14 16:46:09 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\VMware
[2014/02/14 16:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/02/13 15:37:03 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Local\HiDTV
[2014/02/13 15:36:34 | 000,700,416 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\dtsdecoderdll.dll
[2014/02/13 15:36:34 | 000,580,352 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\DtsDec.dll
[2014/02/13 15:36:34 | 000,196,608 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\LbrDecoderDll.dll
[2014/02/13 15:36:34 | 000,139,264 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\BsacDec.dll
[2014/02/13 15:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDTV
[2014/02/13 15:36:33 | 001,003,520 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ASH264Vid.dll
[2014/02/13 15:36:33 | 000,516,167 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ASAudioHD.ax
[2014/02/13 15:36:33 | 000,434,237 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ASAudio.ax
[2014/02/13 15:36:33 | 000,352,256 | ---- | C] (ArcSoft Inc) -- C:\Windows\SysWow64\ASVC1Vid.dll
[2014/02/13 15:36:33 | 000,331,776 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\AdavAC3Dec.dll
[2014/02/13 15:36:33 | 000,293,632 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\AC3Dec.dll
[2014/02/13 15:36:33 | 000,285,184 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\AacPlusDec.dll
[2014/02/13 15:36:33 | 000,249,856 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\AacDecoderDll.dll
[2014/02/13 15:36:33 | 000,228,096 | ---- | C] (Arcsoft) -- C:\Windows\SysWow64\h263dec.ax
[2014/02/13 15:36:33 | 000,189,952 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\mpgvideo.ax
[2014/02/13 15:36:33 | 000,184,320 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ASMPEGVid.dll
[2014/02/13 15:36:33 | 000,154,368 | ---- | C] (ArcSoft) -- C:\Windows\SysWow64\AdavVideoDec.dll
[2014/02/13 15:36:33 | 000,133,888 | ---- | C] (Arcsoft (HZ)) -- C:\Windows\SysWow64\AudioDec.dll
[2014/02/13 15:36:33 | 000,106,496 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysWow64\ASDVSDVid.dll
[2014/02/13 15:36:33 | 000,090,112 | ---- | C] (Arcsoft) -- C:\Windows\SysWow64\Ac3HDDecoderDll.dll
[2014/02/13 15:36:33 | 000,068,352 | ---- | C] (Arcsoft) -- C:\Windows\SysWow64\LPCMParser.ax
[2014/02/13 15:36:33 | 000,061,440 | ---- | C] (ArcSoft (HZ)) -- C:\Windows\SysWow64\AdavAudioDec.dll
[2014/02/13 15:36:33 | 000,058,368 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\mpgaudio.ax
[2014/02/13 15:36:32 | 001,560,576 | ---- | C] ( InterVideo Inc.) -- C:\Windows\SysWow64\ivivideo.ax
[2014/02/13 15:36:32 | 001,216,512 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ASVid.ax
[2014/02/13 15:36:32 | 000,614,400 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\ArcDemux.ax
[2014/02/13 15:36:32 | 000,569,344 | ---- | C] (GENIATECH INC.LTD) -- C:\Windows\SysWow64\MP4AudioDec.ax
[2014/02/13 15:36:32 | 000,351,744 | ---- | C] (geniatech) -- C:\Windows\SysWow64\PsiParse.ax
[2014/02/13 15:36:32 | 000,263,168 | ---- | C] (ArcSoft Inc.) -- C:\Windows\SysWow64\AACDecode.ax
[2014/02/13 15:36:32 | 000,225,280 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysWow64\ArcSpl.ax
[2014/02/13 15:36:32 | 000,110,689 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysWow64\VBICodecFilter.ax
[2014/02/13 15:36:32 | 000,083,456 | ---- | C] (Honest Technology) -- C:\Windows\SysWow64\htmpeg2enc.ax
[2014/02/13 15:36:32 | 000,069,632 | ---- | C] (MyCompanyName) -- C:\Windows\SysWow64\ColorFormat.ax
[2014/02/13 15:36:32 | 000,069,632 | ---- | C] (GDCL http://www.gdcl.co.uk) -- C:\Windows\SysWow64\OvTool.dll
[2014/02/13 15:36:32 | 000,061,440 | ---- | C] (MyCompanyName) -- C:\Windows\SysWow64\TOP10Disp.ax
[2014/02/13 15:36:32 | 000,053,248 | ---- | C] (MyCompanyName) -- C:\Windows\SysWow64\snap.ax
[2014/02/13 15:36:31 | 001,462,368 | ---- | C] (InterVideo Inc.) -- C:\Windows\SysWow64\IVIVENC.ax
[2014/02/13 15:36:31 | 001,192,032 | ---- | C] (InterVideo Inc.) -- C:\Windows\SysWow64\iviaenc.ax
[2014/02/13 15:36:31 | 000,339,968 | ---- | C] (Honest Technology) -- C:\Windows\SysWow64\mpeg2enc.dll
[2014/02/13 15:36:31 | 000,159,838 | ---- | C] (InterVideo Inc.) -- C:\Windows\SysWow64\ivimux.ax
[2014/02/13 15:36:31 | 000,114,688 | ---- | C] (Honest Technology) -- C:\Windows\SysWow64\HTMpegTimeshift.ax
[2014/02/13 15:36:31 | 000,101,376 | ---- | C] (Honest Technology ) -- C:\Windows\SysWow64\HTMpegAD.ax
[2014/02/13 15:36:31 | 000,077,824 | ---- | C] (honest Technology) -- C:\Windows\SysWow64\htdeinterlacer.ax
[2014/02/13 15:36:31 | 000,053,248 | ---- | C] (Honest Technology) -- C:\Windows\SysWow64\HTFileAsync.ax
[2014/02/13 15:36:31 | 000,053,248 | ---- | C] (honest technology) -- C:\Windows\SysWow64\ht_invert.ax
[2014/02/13 15:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiDTV
[2014/02/13 15:00:25 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\Documents\ArcSoft ToGo
[2014/02/13 14:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2014/02/13 14:45:46 | 000,000,000 | ---D | C] -- C:\Users\Shahriar\AppData\Roaming\ArcSoft
[2014/02/13 14:45:41 | 000,022,784 | ---- | C] (Arcsoft, Inc.) -- C:\Windows\SysWow64\drivers\afc.sys
[2014/02/13 14:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2014/02/13 14:41:01 | 000,165,504 | ---- | C] (ITE ) -- C:\Windows\SysNative\drivers\IT9135BDA.sys

========== Files - Modified Within 30 Days ==========

[2014/03/14 17:37:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/14 17:36:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/14 17:35:29 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/14 17:35:26 | 3214,344,192 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/14 17:19:11 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/14 16:52:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Shahriar\Desktop\OTL.exe
[2014/03/14 16:52:15 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Shahriar\Desktop\mbam-setup.exe
[2014/03/14 16:51:21 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/14 16:48:05 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Shahriar\Desktop\JRT.exe
[2014/03/14 16:46:27 | 001,950,720 | ---- | M] () -- C:\Users\Shahriar\Desktop\AdwCleaner.exe
[2014/03/14 13:55:05 | 000,000,600 | ---- | M] () -- C:\Users\Shahriar\AppData\Local\PUTTY.RND
[2014/03/14 11:37:09 | 000,852,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/14 11:37:09 | 000,722,102 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/14 11:37:09 | 000,133,958 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/14 11:27:23 | 000,680,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/13 01:33:22 | 000,000,218 | ---- | M] () -- C:\Users\Shahriar\.recently-used.xbel
[2014/03/12 23:09:46 | 000,000,600 | ---- | M] () -- C:\Users\Shahriar\AppData\Roaming\PUTTY.RND
[2014/03/04 09:56:17 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/26 22:58:19 | 000,000,909 | ---- | M] () -- C:\Users\Shahriar\Desktop\Viber.lnk
[2014/02/25 00:46:57 | 000,063,238 | ---- | M] () -- C:\Users\Shahriar\Documents\Image1.jpg
[2014/02/25 00:43:03 | 000,053,173 | ---- | M] () -- C:\Users\Shahriar\Documents\Image.jpg
[2014/02/23 22:25:58 | 000,001,187 | ---- | M] () -- C:\Users\Shahriar\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/02/23 22:25:58 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2014/02/22 19:10:07 | 000,000,600 | ---- | M] () -- C:\Users\Shahriar\PUTTY.RND
[2014/02/14 17:47:32 | 000,000,488 | ---- | M] () -- C:\Users\Shahriar\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2014/02/14 17:46:37 | 000,866,452 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/14 17:46:37 | 000,001,491 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2014/02/14 16:35:21 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\%TMP%
[2014/02/13 15:36:34 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\HiDTV.lnk
[2014/02/13 15:28:31 | 452,715,116 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/13 14:41:01 | 000,165,504 | ---- | M] (ITE ) -- C:\Windows\SysNative\drivers\IT9135BDA.sys

========== Files Created - No Company Name ==========

[2014/03/14 17:19:11 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/14 16:45:28 | 001,950,720 | ---- | C] () -- C:\Users\Shahriar\Desktop\AdwCleaner.exe
[2014/03/14 11:27:23 | 000,680,928 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/13 01:33:22 | 000,000,218 | ---- | C] () -- C:\Users\Shahriar\.recently-used.xbel
[2014/02/26 22:15:45 | 000,000,909 | ---- | C] () -- C:\Users\Shahriar\Desktop\Viber.lnk
[2014/02/25 00:46:32 | 000,063,238 | ---- | C] () -- C:\Users\Shahriar\Documents\Image1.jpg
[2014/02/25 00:42:41 | 000,053,173 | ---- | C] () -- C:\Users\Shahriar\Documents\Image.jpg
[2014/02/25 00:15:29 | 000,000,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2014/02/23 22:25:58 | 000,001,187 | ---- | C] () -- C:\Users\Shahriar\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/02/23 22:25:58 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2014/02/22 19:10:07 | 000,000,600 | ---- | C] () -- C:\Users\Shahriar\PUTTY.RND
[2014/02/14 17:47:32 | 000,000,488 | ---- | C] () -- C:\Users\Shahriar\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk
[2014/02/14 17:46:37 | 000,001,491 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2014/02/14 16:35:21 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\%TMP%
[2014/02/14 16:35:14 | 000,866,452 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/13 17:25:18 | 000,385,614 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/02/13 15:36:34 | 000,109,456 | ---- | C] () -- C:\Windows\SysWow64\VideoAutoEnhanceDLL.dll
[2014/02/13 15:36:34 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\HiDTV.lnk
[2014/02/13 15:36:32 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\GTTunerCard.dll
[2014/02/13 15:36:32 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\TsReaderFilter.ax
[2014/02/13 15:36:32 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TsReader.ax
[2014/02/13 15:36:32 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\TsFileWriter.ax
[2014/02/13 15:36:32 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\wavdest.ax
[2014/02/13 14:41:10 | 000,000,238 | R--- | C] () -- C:\Windows\SysNative\AF15IRTBL.bin
[2014/01/10 12:30:35 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/12/19 18:12:52 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/12/19 16:36:17 | 000,000,600 | ---- | C] () -- C:\Users\Shahriar\AppData\Roaming\PUTTY.RND
[2013/12/18 13:51:00 | 000,000,600 | ---- | C] () -- C:\Users\Shahriar\AppData\Local\PUTTY.RND
[2013/12/17 15:44:40 | 002,498,216 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2013/12/17 15:44:40 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2013/12/17 15:44:40 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2013/12/17 15:44:40 | 000,013,896 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2013/12/17 15:44:40 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013/09/28 23:04:39 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013/06/29 01:22:13 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2013/06/29 01:22:13 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/06/29 01:22:13 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013/02/13 22:57:54 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012/07/26 11:43:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 11:43:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 10:51:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 04:47:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/26 00:07:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 23:58:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 18:01:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/12/16 19:58:48 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/07 10:06:58 | 019,751,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/07 08:45:36 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 06:35:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 06:48:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 06:37:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/03/14 01:24:37 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\.purple
[2013/12/17 16:52:37 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\Design Science
[2014/03/14 17:05:26 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\DMCache
[2013/12/28 17:10:11 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\Downloaded Installations
[2013/12/17 14:19:56 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\ESET
[2014/03/03 12:37:29 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\IDM
[2013/12/17 14:02:01 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\iolo
[2013/12/28 17:13:32 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\Nitro
[2014/02/12 17:11:51 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\Nitro PDF
[2014/01/12 00:24:50 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\oald8
[2014/02/24 23:50:17 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\ooVoo Details
[2013/12/16 19:26:00 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\PotPlayerMini
[2013/12/22 23:27:39 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\Schlumberger
[2013/12/19 18:16:39 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\uTorrent
[2014/02/26 22:59:03 | 000,000,000 | ---D | M] -- C:\Users\Shahriar\AppData\Roaming\ViberPC

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

< End of report >

 

[johnb35]

I have to leave for work now so will check the logs when I get home tonight. Let me know if the system is acting better or not.

 

[shahriar123]

No they do not.

Thanks till now for your help. what will be the next step?
I have posted the logs you said

 

[shahriar123]

I have to leave for work now so will check the logs when I get home tonight. Let me know if the system is acting better or not.

OK, i'll be waiting man, thanks

 

[johnb35]

You have some programs running at bootup that is most likely causing the issue.

O4 - HKLM..\Run: [****** EPM tray] C:\Program Files (x86)\******\****** Partition Master 9.2.2\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SchHD] C:\Program Files (x86)\HiDTV\SchHD.exe ()
O4 - HKLM..\Run: [vmware-tray.exe] E:\vm\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot File not found
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\Shahriar\AppData\Roaming\uTorrent\uTorren t.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Viber] C:\Program Files (x86)\Viber\Viber.exe ()

You can use the msconfig utility (well technically with windows 8 you have to use the startup tab within task manager) to stop these programs from running at bootup.

 

[shahriar123]

In my start up all of these apps are disabled. after the removing the adwares by the softwares you introduced, my system does a little better but not like a normal one!

Is there any other possibility that may cause this slow functionality of my system?!

 

[DMGrier]

I had a Vaio and the biggest problem is the bloatware Sony installs. It is very heavy and poorly written, however if I read right you have an i7 so I would maybe start to think hardware problem.

Something good to look at is the task manager, when it starts to hang is it your CPU, RAM or Disk that is maxing out?

 

[shahriar123]

I still have the problem

 

[johnb35]

So did the issue happen right after you bought it or was it fine and just now start having this issue?

There is one thing I need you to do.

Open OTL and copy and paste the following into the custom scan/fixes box at the bottom.

:OTL
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

Then click on the run fix button. Reboot and see if that changes anything.

 

[Okedokey]

John, with this, may be best to back up files and do a factory restore. Then remove bloatware and defrag.

 

[shahriar123]

No. It was fine at first. after a about a month it has been started.
this is the log:

========== OTL ==========
ADS C:\Windows:nlsPreferences deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03282014_032941

 

[shahriar123]

John, with this, may be best to back up files and do a factory restore. Then remove bloatware and defrag.

for using the refresh windows choise of windows 8, Do i need to creat a recovery media?

 

[Okedokey]

Most laptops have a recovery partition and method. For Vaios, you usually hold alt + F10 during boot. Just make sure you have a complete back up of your files as it will wipe everything and revert back to the day you bought it.