Jump to content


Photo
- - - - -

Computer failing to start


  • Please log in to reply
13 replies to this topic

#1 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 28 August 2009 - 05:31 PM

My computer has been unable to properly start up windows. when I had tried to start up windows and it failed I was given the option to either try and start windows anyways or to run a diagnostic test. after a few minutes of the diagnostic test running a window popped up saying that the problem could not be fixed automatically. the error signature was...

Event name: startup repair V2
signature 01: Auto failover
signature 02: 6.0.6000.16386.6.0.6001.18000
signature 03: 6
signature 04: 393221
signature 05: Bad Patch
signature 06: Bad Patch
signature 07: 0
signature 08: 3
signature 09 WrpRepair
signature 10: 0

OS Version: 6.0.6000.2.0.0.256.1
Locale ID: 1033


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:28:37 PM, on 26/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sony\SonicStage\SSAAD.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\MSN Messenger\htc.8.1.0178.00.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIOSurvey] C:\Program Files\Sony Corporation\VAIO Survey\Vista VAIO Survey.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Search - ?p=ZK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12540 bytes

#2 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 28 August 2009 - 09:53 PM

If I want to reformat my computer will I have to buy system restore disks?

#3 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 08:36 AM

If I want to reformat my computer will I have to buy system restore disks?

Nope, chances are you have a hidden recovery partition that you can boot into when starting the computer
This will have the option to Clean install
On another note, if your computer didn't come with Recovery CD's
You should have the oppurtunity to create a set yourself onetime

What's the exact Make/model of your computer?

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#4 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 09:18 AM

Sony Vaio VGN-FE870E

#5 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 10:01 AM

Go to START>>Programs
Do you have a Vaio Recovery Wizard
This will give you the option to create your own CD/DVD's so you have a backup of your recovery partition on disc
It is a good idea to have them
This usually takes either 2 blank DVD-R's or about 8 CD's
I would go with the DVD's in you have a DVD recorder on this laptop
Note: I've seen users have problems creating the discs if they insert the blank disc before being notified by the wizard to insert disc, keep that in mind

On another note, your startup problem may be due to a bad driver update from Windows updates possibly
Can you open Windows Updates thru Control Panel and view recent updates
Anything that updated recently? Before the startup problem

Take a look at the following link
http://esupport.sony...pl?mdl=PCGFRV25
Scroll down to How to create the Recovery Media Kit for the Sony® VAIO® computer

Edited by guestolo, 29 August 2009 - 10:04 AM.

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#6 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 10:48 AM

I cannot find Vaio recovery wizard so I guess I do not have it.


This computer was a hand me down from my brother and he had been having this problem for awhile before I ever got the computer and I doubt he would remember exactly when. But when I first got the computer in may I posted on this forum and you helped me work through the problem and I believe after I removed a faulty ricoh camera drive the problem disappeared. It was fine for a few months but then I started having the problem again soon after I downloaded the necessary software and stuff for soldier front an online game hosted by ijji.com. I dont know whether that is to blame or if it was some update I installed around the same time.

because the problem started along time ago and my bro didn't do anything about it I think it would be difficult to pinpoint the update that did it in. So I think maybe reformatting may be the best way to go its not a problem for me anyways as i have a independent hard drive I can put all my personal files and pictures on.

#7 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 11:26 AM

Just a double check to see if Recovery Wizard is installed or not
Go to Start>Control Panel
Do you see it in there?

In addition:
Download OTL.exe by OldTimer to your Desktop.
  • Close all windows and Right click OTL.exe and choose to "Run as Administrator"
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#8 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 11:42 AM

No I cant find it. and I dont have any extras.txt this happened last time I used OTL for some reason its not producing extras logs. I have ots.exe on my desktop should I use that too?

Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/11/29 09:57:20 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcycoms.exe
PRC - [2006/11/24 11:36:54 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/11/24 11:36:54 | 00,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/01/19 00:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2007/08/24 15:54:04 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/08/24 15:54:10 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/19 00:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/10/28 23:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/19 00:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/13 06:32:52 | 00,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/11/11 16:35:36 | 00,043,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2006/11/14 11:46:24 | 00,411,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2006/11/28 10:58:40 | 00,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2006/11/27 22:15:30 | 00,465,016 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/08/24 15:54:00 | 00,154,136 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007/08/24 15:54:08 | 00,129,560 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2006/12/10 20:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2009/07/21 13:52:47 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2005/07/15 14:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2007/01/11 11:57:20 | 00,291,760 | ---- | M] () -- C:\Program Files\Lexmark 3400 Series\lxcymon.exe
PRC - [2006/11/29 09:57:10 | 00,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/01/19 00:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2006/11/13 19:43:36 | 00,472,632 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2008/01/19 00:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2006/11/13 06:32:49 | 00,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2008/01/19 00:33:19 | 00,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007/08/22 05:06:52 | 00,167,368 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2009/06/26 15:56:32 | 25,604,904 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/03/25 20:10:55 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/19 00:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/08/24 15:54:10 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/19 00:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/01/19 00:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/03/02 19:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2006/11/13 06:32:52 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2009/06/26 15:56:32 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/26 17:28:51 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Display\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/07/21 13:52:47 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 11:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (CLTNetCnService [Auto | Stopped])
SRV - [2008/01/19 00:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 05:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 05:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/01/19 00:36:53 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/01/12 09:57:23 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/19 18:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/05/06 22:29:15 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/11/19 19:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Stopped])
SRV - [2005/04/03 20:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 18:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/29 09:57:20 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcycoms.exe -- (lxcy_device [Auto | Running])
SRV - [2006/10/04 19:25:00 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Stopped])
SRV - [2008/06/19 18:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/20 01:50:20 | 02,772,302 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/04 19:15:30 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2006/10/04 19:06:58 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2006/11/13 18:31:22 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV [On_Demand | Stopped])
SRV - [2008/01/18 17:25:34 | 00,306,432 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2007/01/19 08:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/12/20 07:41:56 | 00,029,440 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])
SRV - [2006/11/24 11:36:54 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service [Auto | Running])
SRV - [2006/10/24 11:32:08 | 02,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
SRV - [2006/10/09 12:02:50 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
SRV - [2006/10/11 16:52:44 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
SRV - [2006/08/28 22:38:04 | 00,491,520 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2006/10/11 19:36:02 | 00,741,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped])
SRV - [2006/10/09 12:02:50 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped])
SRV - [2006/10/11 16:52:44 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped])
SRV - [2008/01/19 00:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 00:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2006/11/13 20:07:45 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2006/11/02 02:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 02:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 02:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 02:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 02:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/13 06:32:52 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2006/11/02 02:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 02:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2006/11/02 01:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 01:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 01:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 01:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 01:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 01:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 02:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/10/18 12:56:30 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\DMICall.sys -- (DMICall [System | Running])
DRV - [2006/11/30 13:01:15 | 00,165,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2006/11/02 00:30:55 | 00,200,704 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\e1e6032.sys -- (e1express [On_Demand | Stopped])
DRV - [2006/11/02 00:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 02:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/11/02 02:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 00:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/11/02 00:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Running])
DRV - [2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2007/08/24 15:39:56 | 01,899,008 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 02:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 02:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 02:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/07/21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\kl1.sys -- (kl1 [System | Running])
DRV - [2009/02/10 03:39:49 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\Windows\system32\drivers\klbg.sys -- (klbg [Boot | Running])
DRV - [2009/02/10 03:39:49 | 00,239,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\klif.sys -- (KLIF [System | Running])
DRV - [2008/07/09 17:28:26 | 00,020,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\klim6.sys -- (KLIM6 [System | Running])
DRV - [2006/11/02 02:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 02:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 02:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 02:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 02:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/10 14:43:38 | 01,786,880 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Running])
DRV - [2006/11/02 02:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2005/01/02 14:43:08 | 00,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2 [On_Demand | Stopped])
DRV - [2006/11/02 00:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/12/13 20:35:15 | 04,456,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2006/11/02 02:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/11/30 20:13:46 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 02:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/28 18:58:06 | 00,072,704 | ---- | M] (Ricoh) -- C:\Windows\System32\Drivers\R5U870FLx86.sys -- (R5U870FLx86 [On_Demand | Running])
DRV - [2006/11/28 18:58:06 | 00,043,904 | ---- | M] (Ricoh) -- C:\Windows\System32\Drivers\R5U870FUx86.sys -- (R5U870FUx86 [On_Demand | Running])
DRV - [2006/06/30 12:10:56 | 00,026,752 | ---- | M] (Research in Motion Ltd) -- C:\Windows\System32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
DRV - [2008/01/18 22:57:15 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2009/05/21 20:31:08 | 00,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\SECDRV.SYS -- (SecDrv [Auto | Running])
DRV - [2006/11/20 11:57:47 | 00,074,672 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SI3132.sys -- (SI3132 [Disabled | Stopped])
DRV - [2006/11/20 11:57:47 | 00,017,328 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter [Boot | Running])
DRV - [2006/11/20 11:57:47 | 00,012,464 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil [Boot | Running])
DRV - [2006/11/02 02:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 02:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/06 01:09:26 | 00,027,520 | ---- | M] (Sony Corporation) -- C:\Windows\System32\Drivers\SonyNC.sys -- (SNC [On_Demand | Running])
DRV - [2006/11/08 06:00:13 | 00,030,976 | R--- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\SonyImgF.sys -- (SonyImgF [On_Demand | Running])
DRV - [2007/08/27 10:45:31 | 00,685,816 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/07/27 16:00:21 | 00,078,848 | ---- | M] () -- C:\Windows\System32\drivers\SSHDRV85.sys -- (SSHDRV85 [System | Running])
DRV - [2006/11/27 06:09:09 | 00,645,120 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA [On_Demand | Running])
DRV - [2006/11/02 02:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 02:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 02:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/10 14:50:53 | 00,227,328 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony [On_Demand | Running])
DRV - [2006/11/21 14:57:36 | 00,113,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\Windows\System32\DRIVERS\tosrfbd.sys -- (tosrfbd [On_Demand | Stopped])
DRV - [2006/10/05 17:07:46 | 00,073,600 | ---- | M] (TOSHIBA Corporation.) -- C:\Windows\System32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])
DRV - [2006/10/28 01:29:10 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Windows\System32\DRIVERS\tosrfusb.sys -- (tosrfusb [On_Demand | Stopped])
DRV - [2006/11/02 02:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 02:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2009/05/29 13:36:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2005/05/26 09:01:18 | 00,021,344 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
DRV - [2005/05/26 09:01:36 | 00,038,144 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
DRV - [2005/06/24 16:36:16 | 00,039,036 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
DRV - [2006/11/02 02:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 02:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/10/18 11:43:18 | 00,124,256 | R--- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])
DRV - [2006/11/02 00:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTCNXT3.SYS -- (winachsf [On_Demand | Running])
DRV - [2006/11/13 20:07:45 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudio [Auto | Stopped])
DRV - [2009/04/08 14:29:52 | 00,056,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\xusb21.sys -- (xusb21 [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/20 14:48:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/28 15:50:46 | 00,000,000 | ---D | M]

[2008/09/20 10:10:33 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Extensions
[2008/09/20 10:10:33 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/29 08:23:20 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions
[2009/04/21 20:58:30 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/10/20 07:18:56 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{4AB21F99-91C5-4a9d-813E-425841874FB1}
[2009/06/04 14:14:47 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009/06/04 14:14:47 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2009/01/08 23:28:22 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\[email protected]
[2008/02/14 21:22:17 | 00,000,274 | ---- | M] () -- C:\Users\Display\AppData\Roaming\Mozilla\FireFox\Profiles\qivqzqs5.default\searchplugins\search.xml
[2009/08/20 16:28:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/05/19 19:49:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/08/08 11:32:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/22 22:02:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/07 13:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2008/09/20 10:10:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/08/08 11:31:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/08 11:31:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/04/10 13:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/11/11 00:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/04/22 22:02:24 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2007/04/22 17:02:18 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/04/22 17:03:13 | 00,094,208 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/07/03 00:34:44 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/17 07:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/08 11:31:39 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/04 20:31:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/04 20:31:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[1 C:\Program Files\mozilla firefox\plugins\*.tmp files]
[2009/07/22 13:03:26 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/22 13:03:26 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/22 13:03:27 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/22 13:03:27 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/22 13:03:27 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/22 13:03:27 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/22 13:03:27 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (224705 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7886 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LXCYCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOSecurity] C:\Program Files\Sony\VAIO Security Center\VSC.exe ()
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony Corporation\VAIO Survey\Vista VAIO Survey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell - "" = AutoRun
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell\setup\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{f4563be1-06d5-11dc-9f43-001a8008d5c3}\Shell - "" = AutoRun
O33 - MountPoints2\{f4563be1-06d5-11dc-9f43-001a8008d5c3}\Shell\AutoRun\command - "" = F:\ONSPCLCK.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/28 18:59:09 | 00,075,264 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_holybeast_launching.dll
[2009/08/28 16:13:49 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/08/28 16:13:46 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/08/28 16:13:41 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/08/28 16:13:41 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/08/28 16:13:41 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/08/28 16:13:40 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/08/28 16:13:33 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/08/28 16:13:19 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/08/21 11:52:38 | 00,013,824 | ---- | C] () -- C:\Users\Display\Desktop\ticket info.wps
[2009/08/20 14:38:35 | 00,710,064 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe
[2009/08/20 14:38:35 | 00,208,384 | ---- | C] (<YNK Intractive>) -- C:\Windows\System32\uc_rohan_launching.dll
[2009/08/20 14:38:35 | 00,087,472 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\ijjiChannelingPlugin.dll
[2009/08/20 14:38:35 | 00,064,000 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_sfighters_launching.dll
[2009/08/20 14:38:35 | 00,061,440 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_atlantica_launching.dll
[2009/08/20 14:38:35 | 00,058,800 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe
[2009/08/20 14:38:35 | 00,058,800 | ---- | C] (NHN USA Corp.) -- C:\Windows\System32\ijjiPlugin2.dll
[2009/08/20 14:38:35 | 00,053,248 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_luminary_launching.dll
[2009/08/20 14:08:54 | 00,000,000 | ---D | C] -- C:\Program Files\ijji
[2009/08/16 03:04:11 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/08/16 03:04:05 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/08/16 03:04:03 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/08/16 03:03:42 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/08/16 03:03:30 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/08/14 19:02:13 | 00,009,878 | ---- | C] () -- C:\Users\Display\Documents\QH22QT.docx facebook message.docx
[2009/08/08 19:54:12 | 00,000,000 | ---D | C] -- C:\Users\Display\AppData\Roaming\Ventrilo
[2009/08/08 19:53:00 | 00,000,752 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2009/08/08 19:52:58 | 00,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2009/08/08 19:52:54 | 00,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/08/08 19:39:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2009/08/07 13:28:20 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/07 13:28:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/07 13:28:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/02 10:17:39 | 00,000,000 | ---D | C] -- C:\Users\Display\AppData\Roaming\FaxCtr
[2009/07/30 21:08:49 | 00,000,000 | ---D | C] -- C:\Program Files\lx_cats
[2009/07/30 21:07:57 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXPRMON.DLL
[2009/07/30 21:07:57 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXPMONUI.DLL
[2009/07/30 21:07:37 | 00,339,968 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMGMAN32.DLL
[2009/07/30 21:07:37 | 00,098,345 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMHOST32.DLL
[2009/07/30 21:07:37 | 00,098,304 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XPNG.DEL
[2009/07/30 21:07:37 | 00,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XTIF.DEL
[2009/07/30 21:07:37 | 00,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31IMG.DIL
[2009/07/30 21:07:37 | 00,012,288 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\LXPMONRC.DLL
[2009/07/30 21:07:36 | 00,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
[2009/07/30 21:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Fax Solutions
[2009/07/30 21:06:16 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2009/07/30 21:06:13 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 3400 Series
[2009/07/30 21:05:32 | 00,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2009/07/30 21:05:18 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcyhcp.dll
[2009/07/30 21:05:18 | 00,274,432 | ---- | C] () -- C:\Windows\System32\lxcyinst.dll
[2009/07/30 21:04:25 | 00,033,012 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2009/07/30 20:56:35 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxcycoin.dll
[2009/07/30 20:17:10 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/07/30 20:16:16 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/07/30 20:16:13 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/07/23 18:57:06 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/05/21 20:30:02 | 00,000,248 | ---- | C] () -- C:\Windows\RomeTW.ini
[2008/03/11 23:03:46 | 00,000,443 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/02/18 00:21:29 | 00,001,063 | ---- | C] () -- C:\Windows\wininit.ini
[2007/08/27 10:45:31 | 00,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/08/24 15:46:48 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/07/27 16:00:21 | 00,078,848 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV85.sys
[2007/04/22 17:15:29 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/04/22 17:01:47 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/01/11 03:54:06 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007/01/11 03:51:01 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2006/12/18 23:35:57 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006/12/18 21:59:51 | 00,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/18 21:59:51 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 14:37:46 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcypmui.dll
[2006/11/06 14:35:50 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcyserv.dll
[2006/11/06 14:28:08 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcycomm.dll
[2006/11/06 14:26:14 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcylmpm.dll
[2006/11/06 14:24:44 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcyiesc.dll
[2006/11/06 14:21:48 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcypplc.dll
[2006/11/06 14:20:48 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcycomc.dll
[2006/11/06 14:20:14 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcyprox.dll
[2006/11/06 14:12:44 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcyinpa.dll
[2006/11/06 14:11:58 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcyusb1.dll
[2006/11/06 14:07:04 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcyhbn3.dll
[2006/11/02 05:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 03:23:31 | 00,000,179 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/08/14 14:07:04 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxcycaps.dll
[2006/08/08 12:58:04 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxcydrs.dll
[2006/03/23 01:33:20 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxcyvs.dll
[2006/01/25 15:11:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxcycnv4.dll

========== Files - Modified Within 30 Days ==========

[2009/08/29 10:35:38 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{43DBADBC-A8B2-4473-B95F-036E8E86EAFB}.job
[2009/08/29 10:32:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 08:42:23 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 08:42:23 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 00:48:52 | 00,703,448 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 00:48:52 | 00,608,706 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 00:48:52 | 00,109,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 00:42:25 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 00:40:39 | 05,107,232 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/08/29 00:40:39 | 01,015,840 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.dat
[2009/08/29 00:40:39 | 00,040,980 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2009/08/29 00:40:39 | 00,004,552 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.idx
[2009/08/29 00:39:54 | 00,911,740 | -H-- | M] () -- C:\Users\Display\AppData\Local\IconCache.db
[2009/08/28 17:20:19 | 00,000,380 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009/08/25 17:04:30 | 00,075,264 | ---- | M] (<NHN USA Inc>.) -- C:\Windows\System32\uc_holybeast_launching.dll
[2009/08/21 11:52:38 | 00,013,824 | ---- | M] () -- C:\Users\Display\Desktop\ticket info.wps
[2009/08/21 11:52:38 | 00,000,328 | ---- | M] () -- C:\Users\Display\AppData\Roaming\wklnhst.dat
[2009/08/20 19:02:12 | 00,188,416 | ---- | M] () -- C:\Users\Display\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/17 15:33:07 | 00,000,505 | ---- | M] () -- C:\Users\Display\Documents\My Sharing Folders.lnk
[2009/08/14 19:02:15 | 00,009,878 | ---- | M] () -- C:\Users\Display\Documents\QH22QT.docx facebook message.docx
[2009/08/08 19:53:03 | 00,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/08/08 19:53:00 | 00,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2009/07/30 21:08:44 | 00,033,012 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2009/07/30 20:17:10 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
< End of report >

#9 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 12:02 PM

Try this
Run OTL.exe again, ensure you downloaded the copy I linked to in my last reply
DO NOT be running an older version
When the main window opens, Under
Processes
Services
Drivers
Standard Registry
Extra Registry


Ensure the radio button "Use Safelist" is selected
Then run the scan again

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#10 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 03:04 PM

It worked :) It must not have been generating extras logs all along because none was selected for extra registry.




OTL logfile created on: 29/08/2009 1:54:57 PM - Run 11
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Display\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 52.61% Memory free
4.00 Gb Paging File | 3.12 Gb Available in Paging File | 77.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 105.43 Gb Total Space | 19.70 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHASE
Current User Name: Display
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2006/11/29 09:57:20 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcycoms.exe
PRC - [2006/11/24 11:36:54 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/11/24 11:36:54 | 00,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/01/19 00:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2007/08/24 15:54:04 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/08/24 15:54:10 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/19 00:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/10/28 23:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/19 00:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/13 06:32:52 | 00,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2006/11/11 16:35:36 | 00,043,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2006/11/14 11:46:24 | 00,411,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2006/11/28 10:58:40 | 00,546,936 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2006/11/27 22:15:30 | 00,465,016 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/08/24 15:54:00 | 00,154,136 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007/08/24 15:54:08 | 00,129,560 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2006/12/10 20:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2009/07/21 13:52:47 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2009/07/13 14:03:10 | 00,292,128 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2006/11/29 09:57:10 | 00,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3400 Series\ezprint.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008/01/19 00:33:30 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2006/11/13 19:43:36 | 00,472,632 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe
PRC - [2008/01/19 00:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2006/11/13 06:32:49 | 00,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2008/01/19 00:33:19 | 00,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007/08/22 05:06:52 | 00,167,368 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools\daemon.exe
PRC - [2009/03/25 20:10:55 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/19 00:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/08/24 15:54:10 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/19 00:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/01/19 00:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/03/02 19:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2006/11/13 06:32:52 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe
PRC - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/01/19 08:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe
PRC - [2009/08/29 13:41:34 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Display\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/07/21 13:52:47 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 11:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - File not found -- -- (CLTNetCnService [Auto | Stopped])
SRV - [2008/01/19 00:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 05:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 05:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/01/19 00:36:53 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/01/12 09:57:23 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/19 18:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/05/06 22:29:15 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/11/19 19:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Stopped])
SRV - [2005/04/03 20:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/06/19 18:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/11/29 09:57:20 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcycoms.exe -- (lxcy_device [Auto | Running])
SRV - [2006/10/04 19:25:00 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Stopped])
SRV - [2008/06/19 18:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/05/20 01:50:20 | 02,772,302 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/04 19:15:30 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Stopped])
SRV - [2006/10/04 19:06:58 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2006/11/13 18:31:22 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV [On_Demand | Stopped])
SRV - [2008/01/18 17:25:34 | 00,306,432 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
SRV - [2007/01/19 08:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])
SRV - [2007/12/20 07:41:56 | 00,029,440 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])
SRV - [2006/11/24 11:36:54 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service [Auto | Running])
SRV - [2006/10/24 11:32:08 | 02,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
SRV - [2006/10/09 12:02:50 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
SRV - [2006/10/11 16:52:44 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
SRV - [2006/08/28 22:38:04 | 00,491,520 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2006/10/11 19:36:02 | 00,741,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped])
SRV - [2006/10/09 12:02:50 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped])
SRV - [2006/10/11 16:52:44 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped])
SRV - [2008/01/19 00:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 00:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV - [2006/11/13 20:07:45 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2008/08/14 07:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2006/11/02 02:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 02:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 02:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 02:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 02:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2006/11/13 06:32:52 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])
DRV - [2006/11/02 02:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 02:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2006/11/02 01:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 01:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 01:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 01:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 01:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 01:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 02:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/10/18 12:56:30 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\DMICall.sys -- (DMICall [System | Running])
DRV - [2006/11/30 13:01:15 | 00,165,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2006/11/02 00:30:55 | 00,200,704 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\e1e6032.sys -- (e1express [On_Demand | Stopped])
DRV - [2006/11/02 00:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/02 02:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/11/02 02:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 00:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Running])
DRV - [2006/11/02 00:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTDPV3.SYS -- (HSF_DPV [On_Demand | Running])
DRV - [2006/11/02 02:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2007/08/24 15:39:56 | 01,899,008 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 02:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 02:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 02:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/07/21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\kl1.sys -- (kl1 [System | Running])
DRV - [2009/02/10 03:39:49 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\Windows\system32\drivers\klbg.sys -- (klbg [Boot | Running])
DRV - [2009/02/10 03:39:49 | 00,239,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\klif.sys -- (KLIF [System | Running])
DRV - [2008/07/09 17:28:26 | 00,020,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\klim6.sys -- (KLIM6 [System | Running])
DRV - [2006/11/02 02:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 02:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 02:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/11/02 02:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 02:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/10 14:43:38 | 01,786,880 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Running])
DRV - [2006/11/02 02:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2005/01/02 14:43:08 | 00,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2 [On_Demand | Stopped])
DRV - [2006/11/02 00:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/12/13 20:35:15 | 04,456,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2006/11/02 02:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2006/11/02 02:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/11/30 20:13:46 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 02:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/28 18:58:06 | 00,072,704 | ---- | M] (Ricoh) -- C:\Windows\System32\Drivers\R5U870FLx86.sys -- (R5U870FLx86 [On_Demand | Running])
DRV - [2006/11/28 18:58:06 | 00,043,904 | ---- | M] (Ricoh) -- C:\Windows\System32\Drivers\R5U870FUx86.sys -- (R5U870FUx86 [On_Demand | Running])
DRV - [2006/06/30 12:10:56 | 00,026,752 | ---- | M] (Research in Motion Ltd) -- C:\Windows\System32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
DRV - [2008/01/18 22:57:15 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2009/05/21 20:31:08 | 00,011,973 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\SECDRV.SYS -- (SecDrv [Auto | Running])
DRV - [2006/11/20 11:57:47 | 00,074,672 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SI3132.sys -- (SI3132 [Disabled | Stopped])
DRV - [2006/11/20 11:57:47 | 00,017,328 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SiWinAcc.sys -- (SiFilter [Boot | Running])
DRV - [2006/11/20 11:57:47 | 00,012,464 | ---- | M] (Silicon Image, Inc.) -- C:\Windows\system32\DRIVERS\SiRemFil.sys -- (SiRemFil [Boot | Running])
DRV - [2006/11/02 02:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 02:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/06 01:09:26 | 00,027,520 | ---- | M] (Sony Corporation) -- C:\Windows\System32\Drivers\SonyNC.sys -- (SNC [On_Demand | Running])
DRV - [2006/11/08 06:00:13 | 00,030,976 | R--- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\SonyImgF.sys -- (SonyImgF [On_Demand | Running])
DRV - [2007/08/27 10:45:31 | 00,685,816 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2007/07/27 16:00:21 | 00,078,848 | ---- | M] () -- C:\Windows\System32\drivers\SSHDRV85.sys -- (SSHDRV85 [System | Running])
DRV - [2006/11/27 06:09:09 | 00,645,120 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA [On_Demand | Running])
DRV - [2006/11/02 02:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 02:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 02:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2006/11/10 14:50:53 | 00,227,328 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony [On_Demand | Running])
DRV - [2006/11/21 14:57:36 | 00,113,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\Windows\System32\DRIVERS\tosrfbd.sys -- (tosrfbd [On_Demand | Stopped])
DRV - [2006/10/05 17:07:46 | 00,073,600 | ---- | M] (TOSHIBA Corporation.) -- C:\Windows\System32\DRIVERS\Tosrfhid.sys -- (Tosrfhid [On_Demand | Stopped])
DRV - [2006/10/28 01:29:10 | 00,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Windows\System32\DRIVERS\tosrfusb.sys -- (tosrfusb [On_Demand | Stopped])
DRV - [2006/11/02 02:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 02:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 02:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2009/05/29 13:36:16 | 00,039,424 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2005/05/26 09:01:18 | 00,021,344 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbbus.sys -- (usbbus [On_Demand | Stopped])
DRV - [2005/05/26 09:01:36 | 00,038,144 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag [On_Demand | Stopped])
DRV - [2005/06/24 16:36:16 | 00,039,036 | ---- | M] (LG Electronics Inc.) -- C:\Windows\System32\DRIVERS\lgusbmodem.sys -- (USBModem [On_Demand | Stopped])
DRV - [2006/11/02 02:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 02:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/10/18 11:43:18 | 00,124,256 | R--- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])
DRV - [2006/11/02 00:41:48 | 00,654,336 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTCNXT3.SYS -- (winachsf [On_Demand | Running])
DRV - [2006/11/13 20:07:45 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudio [Auto | Stopped])
DRV - [2009/04/08 14:29:52 | 00,056,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\xusb21.sys -- (xusb21 [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/20 14:48:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/08/28 15:50:46 | 00,000,000 | ---D | M]

[2008/09/20 10:10:33 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Extensions
[2008/09/20 10:10:33 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/29 08:23:20 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions
[2009/04/21 20:58:30 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/10/20 07:18:56 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{4AB21F99-91C5-4a9d-813E-425841874FB1}
[2009/06/04 14:14:47 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009/06/04 14:14:47 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2009/01/08 23:28:22 | 00,000,000 | ---D | M] -- C:\Users\Display\AppData\Roaming\mozilla\Firefox\Profiles\qivqzqs5.default\extensions\[email protected]
[2008/02/14 21:22:17 | 00,000,274 | ---- | M] () -- C:\Users\Display\AppData\Roaming\Mozilla\FireFox\Profiles\qivqzqs5.default\searchplugins\search.xml
[2009/08/20 16:28:44 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/05/19 19:49:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/08/08 11:32:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/22 22:02:56 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/07 13:28:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2008/09/20 10:10:24 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/08/08 11:31:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/08 11:31:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/04/10 13:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2008/11/11 00:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/04/22 22:02:24 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2007/04/22 17:02:18 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/04/22 17:03:13 | 00,094,208 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/07/03 00:34:44 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/17 07:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/08 11:31:39 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/04 20:31:00 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/04 20:31:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/04 20:31:01 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[1 C:\Program Files\mozilla firefox\plugins\*.tmp files]
[2009/07/22 13:03:26 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/22 13:03:26 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/22 13:03:27 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/22 13:03:27 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/22 13:03:27 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/22 13:03:27 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/07/22 13:03:27 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (224705 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 7886 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LXCYCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCYtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcymon.exe] C:\Program Files\Lexmark 3400 Series\lxcymon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\MpcStar\Codecs\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIOSecurity] C:\Program Files\Sony\VAIO Security Center\VSC.exe ()
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony Corporation\VAIO Survey\Vista VAIO Survey.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell - "" = AutoRun
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{082c73c1-54c6-11dc-ac30-001a8008d5c3}\Shell\setup\command - "" = F:\setup.exe -- File not found
O33 - MountPoints2\{f4563be1-06d5-11dc-9f43-001a8008d5c3}\Shell - "" = AutoRun
O33 - MountPoints2\{f4563be1-06d5-11dc-9f43-001a8008d5c3}\Shell\AutoRun\command - "" = F:\ONSPCLCK.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/08/29 13:41:28 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Display\Desktop\OTL.exe
[2009/08/28 18:59:09 | 00,075,264 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_holybeast_launching.dll
[2009/08/28 16:13:49 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/08/28 16:13:46 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/08/28 16:13:41 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/08/28 16:13:41 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/08/28 16:13:41 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/08/28 16:13:40 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/08/28 16:13:33 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/08/28 16:13:19 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/08/21 11:52:38 | 00,013,824 | ---- | C] () -- C:\Users\Display\Desktop\ticket info.wps
[2009/08/20 14:38:35 | 00,710,064 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe
[2009/08/20 14:38:35 | 00,208,384 | ---- | C] (<YNK Intractive>) -- C:\Windows\System32\uc_rohan_launching.dll
[2009/08/20 14:38:35 | 00,087,472 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\ijjiChannelingPlugin.dll
[2009/08/20 14:38:35 | 00,064,000 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_sfighters_launching.dll
[2009/08/20 14:38:35 | 00,061,440 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_atlantica_launching.dll
[2009/08/20 14:38:35 | 00,058,800 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe
[2009/08/20 14:38:35 | 00,058,800 | ---- | C] (NHN USA Corp.) -- C:\Windows\System32\ijjiPlugin2.dll
[2009/08/20 14:38:35 | 00,053,248 | ---- | C] (<NHN USA Inc>.) -- C:\Windows\System32\uc_luminary_launching.dll
[2009/08/20 14:08:54 | 00,000,000 | ---D | C] -- C:\Program Files\ijji
[2009/08/16 03:04:11 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/08/16 03:04:05 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/08/16 03:04:03 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/08/16 03:03:42 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/08/16 03:03:30 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/08/14 19:02:13 | 00,009,878 | ---- | C] () -- C:\Users\Display\Documents\QH22QT.docx facebook message.docx
[2009/08/08 19:54:12 | 00,000,000 | ---D | C] -- C:\Users\Display\AppData\Roaming\Ventrilo
[2009/08/08 19:53:00 | 00,000,752 | ---- | C] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2009/08/08 19:52:58 | 00,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2009/08/08 19:52:54 | 00,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/08/08 19:39:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2009/08/07 13:28:20 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/07 13:28:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/07 13:28:20 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/02 10:17:39 | 00,000,000 | ---D | C] -- C:\Users\Display\AppData\Roaming\FaxCtr
[2009/07/30 21:08:49 | 00,000,000 | ---D | C] -- C:\Program Files\lx_cats
[2009/07/30 21:07:57 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXPRMON.DLL
[2009/07/30 21:07:57 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXPMONUI.DLL
[2009/07/30 21:07:37 | 00,339,968 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMGMAN32.DLL
[2009/07/30 21:07:37 | 00,098,345 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMHOST32.DLL
[2009/07/30 21:07:37 | 00,098,304 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XPNG.DEL
[2009/07/30 21:07:37 | 00,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XTIF.DEL
[2009/07/30 21:07:37 | 00,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31IMG.DIL
[2009/07/30 21:07:37 | 00,012,288 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\LXPMONRC.DLL
[2009/07/30 21:07:36 | 00,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
[2009/07/30 21:06:45 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Fax Solutions
[2009/07/30 21:06:16 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2009/07/30 21:06:13 | 00,000,000 | ---D | C] -- C:\Program Files\Lexmark 3400 Series
[2009/07/30 21:05:32 | 00,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2009/07/30 21:05:18 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcyhcp.dll
[2009/07/30 21:05:18 | 00,274,432 | ---- | C] () -- C:\Windows\System32\lxcyinst.dll
[2009/07/30 21:04:25 | 00,033,012 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2009/07/30 20:56:35 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxcycoin.dll
[2009/07/30 20:17:10 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/07/30 20:16:16 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/07/30 20:16:13 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/07/23 18:57:06 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/05/21 20:30:02 | 00,000,248 | ---- | C] () -- C:\Windows\RomeTW.ini
[2008/03/11 23:03:46 | 00,000,443 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/02/18 00:21:29 | 00,001,063 | ---- | C] () -- C:\Windows\wininit.ini
[2007/08/27 10:45:31 | 00,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/08/24 15:46:48 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/07/27 16:00:21 | 00,078,848 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV85.sys
[2007/04/22 17:15:29 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/04/22 17:01:47 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/01/11 03:54:06 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007/01/11 03:51:01 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2006/12/18 23:35:57 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2006/12/18 21:59:51 | 00,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/18 21:59:51 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/06 14:37:46 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcypmui.dll
[2006/11/06 14:35:50 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcyserv.dll
[2006/11/06 14:28:08 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcycomm.dll
[2006/11/06 14:26:14 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcylmpm.dll
[2006/11/06 14:24:44 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcyiesc.dll
[2006/11/06 14:21:48 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcypplc.dll
[2006/11/06 14:20:48 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcycomc.dll
[2006/11/06 14:20:14 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcyprox.dll
[2006/11/06 14:12:44 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcyinpa.dll
[2006/11/06 14:11:58 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcyusb1.dll
[2006/11/06 14:07:04 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcyhbn3.dll
[2006/11/02 05:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 03:23:31 | 00,000,179 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 00:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/08/14 14:07:04 | 00,065,536 | ---- | C] () -- C:\Windows\System32\lxcycaps.dll
[2006/08/08 12:58:04 | 00,692,224 | ---- | C] () -- C:\Windows\System32\lxcydrs.dll
[2006/03/23 01:33:20 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxcyvs.dll
[2006/01/25 15:11:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxcycnv4.dll

========== Files - Modified Within 30 Days ==========

[2009/08/29 13:55:36 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{43DBADBC-A8B2-4473-B95F-036E8E86EAFB}.job
[2009/08/29 13:41:34 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Display\Desktop\OTL.exe
[2009/08/29 12:42:23 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 12:42:22 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 12:09:03 | 00,000,505 | ---- | M] () -- C:\Users\Display\Documents\My Sharing Folders.lnk
[2009/08/29 10:32:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 00:48:52 | 00,703,448 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 00:48:52 | 00,608,706 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 00:48:52 | 00,109,542 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 00:42:25 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 00:40:39 | 05,107,232 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/08/29 00:40:39 | 01,015,840 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.dat
[2009/08/29 00:40:39 | 00,040,980 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2009/08/29 00:40:39 | 00,004,552 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox2.idx
[2009/08/29 00:39:54 | 00,911,740 | -H-- | M] () -- C:\Users\Display\AppData\Local\IconCache.db
[2009/08/28 17:20:19 | 00,000,380 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009/08/25 17:04:30 | 00,075,264 | ---- | M] (<NHN USA Inc>.) -- C:\Windows\System32\uc_holybeast_launching.dll
[2009/08/21 11:52:38 | 00,013,824 | ---- | M] () -- C:\Users\Display\Desktop\ticket info.wps
[2009/08/21 11:52:38 | 00,000,328 | ---- | M] () -- C:\Users\Display\AppData\Roaming\wklnhst.dat
[2009/08/20 19:02:12 | 00,188,416 | ---- | M] () -- C:\Users\Display\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/14 19:02:15 | 00,009,878 | ---- | M] () -- C:\Users\Display\Documents\QH22QT.docx facebook message.docx
[2009/08/08 19:53:03 | 00,000,262 | ---- | M] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/08/08 19:53:00 | 00,000,752 | ---- | M] () -- C:\Users\Public\Desktop\Ventrilo.lnk
[2009/07/30 21:08:44 | 00,033,012 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2009/07/30 20:17:10 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
< End of report >

OTL Extras logfile created on: 29/08/2009 1:54:57 PM - Run 11
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Display\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 52.61% Memory free
4.00 Gb Paging File | 3.12 Gb Available in Paging File | 77.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 105.43 Gb Total Space | 19.70 Gb Free Space | 18.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHASE
Current User Name: Display
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0416CD80-75D6-4B7F-A9D7-FC8BE586530F}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{0720237D-7FC2-4481-85C0-2EA0444AFBAF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1654EB68-4558-48F0-AE29-5B087B464C1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16EB5928-4501-4E71-95FE-76E4E2F067E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1953734A-0CCC-4164-92C0-751ECA2E9ABB}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{215657C9-99CB-496C-9D9F-BE7425F8C4EE}" = lport=5357 | protocol=6 | dir=in | app=system |
"{271E97DD-FD0E-4F1B-8DF0-91A5D70B7E94}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{287B5EF7-7BB8-45C8-B1DD-6F6E600E6CB8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D19F6A5-7300-4B5C-B88E-28F6AD0C17EB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{34481A63-0FC7-41A3-A57B-79C6537D7350}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BD54187-CA09-43CC-9D8C-492F65653C0C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{3C5E8658-A6D6-4D28-910A-444973E179B1}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{496889BC-1876-4AAC-9618-238A2A9FE37C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{53E5237B-CA7F-4CE7-9C8A-0042AA6F546C}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{5940A198-6621-4AC8-BE88-508DA7803C94}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5ABB77A6-0AF6-4CFE-A428-81DA6929ECA6}" = lport=5358 | protocol=6 | dir=in | app=system |
"{5C94AD2B-1977-47E2-8719-414286982001}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6C702081-B828-4D83-8589-39794FFFB093}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CDA2499-FE6D-4C8B-9F42-F730CF6A0E96}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{6E734600-236D-4C16-921D-F8EB70EB9E9A}" = lport=17865 | protocol=17 | dir=in | name=bitcomet 17865 udp |
"{6EBCA977-4A7A-4FD2-A6DC-36B6604C30FB}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{77FFA3E7-C905-4C45-8265-9A0F5C404D4C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79075E86-9648-4C2E-A738-40EDA25FF98F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8779507C-149A-424E-BC12-A41069C8CFA8}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{8845C731-999D-4FF1-A8E9-C642D43A6DB0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9430F262-6C2E-4D18-91E8-6208EF577BB8}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{96DCC36E-E45D-4D6C-B5AD-CEC464443173}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{97F0A823-A8F6-480B-82E6-D25B5B551594}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{981EFA98-C8BF-476E-B6DE-E6A8019F80E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98D2FF00-2AD1-4546-97BA-2BD2C39CB3B0}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{9EC869C8-D073-4077-9807-8FCCD016E75A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9F3A6CEB-4437-4D08-8034-63300BF422D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A1494862-0AEC-4022-B3A2-DDABEE74A166}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{A6AD05E6-F76C-4182-A6D5-BBCD662D058F}" = rport=5358 | protocol=6 | dir=out | app=system |
"{ADCA395C-9DA6-4976-AC4E-7D58D89F3E16}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AF29FA8A-D19F-4D2B-ACCB-BC199F9AE54C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B32EA658-9CEF-48D9-A36B-3BF42C786A0A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C031413D-F506-4A64-95DA-6E7E609B9A4A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0F68B1B-FE98-4CB0-BE7B-8792794A58A4}" = lport=17865 | protocol=6 | dir=in | name=bitcomet 17865 tcp |
"{CC71CA9A-5AA1-4C3C-9ED3-0A3CF994B7EA}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{D272EEC7-BB1D-4388-B247-7E1B7DE20FF0}" = lport=17865 | protocol=6 | dir=in | name=bitcomet 17865 tcp |
"{D4407F3B-E716-48A2-942E-79E381C7832D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7BF49D2-E22D-4BF1-AF4E-6065F05DD433}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D9FC9757-C45C-4AA2-9495-CA64A5B2FE04}" = rport=5357 | protocol=6 | dir=out | app=system |
"{DE6AE742-97FA-4236-94B3-06E43EC36D00}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{E3107032-FAAB-492C-A13B-230913DD135B}" = lport=17865 | protocol=17 | dir=in | name=bitcomet 17865 udp |
"{E5B63AAF-11CA-4C09-A669-1095718E1B2D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E6B481E1-3FEC-4EB8-8C5D-4C7D1580E193}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB3C0DD2-D138-49A4-B1FC-CABAE9AA2F3D}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{ECB25D96-3369-4DB0-8871-B3933AD17906}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{F9966DB0-E1C7-4B9E-8FE1-7589C240AB75}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{FEF638B6-D88F-4065-A570-D58CF056DF08}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FF8405-4779-425F-8DAA-7695EA29029E}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe |
"{0652E7CE-D508-4217-AB60-660769237DB3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08BA518A-AD33-4EE1-8E08-252BD38E83FF}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{0B595509-BF00-4E66-8AC9-5DB422491077}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media 6.0\vc.exe |
"{0FB51C4F-C842-48BA-96CE-2D2D5D6EED0C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{162E213B-836E-41E4-AD86-9994D2FD4518}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{170CF3F8-5AA0-4AB7-9138-A761C9EB075B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{23AE5F82-8F4C-4A20-B60B-3DDAEEA2A6F9}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe |
"{2D1121E5-5C7D-499C-9ED5-4D2BF3A04D52}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DF68AD3-DE25-4526-A7B9-3C4232EEA810}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F80FF3A-6E9C-44BB-930A-BDFC513DBA34}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{36C33F94-B466-4F62-8E08-B7119FA74C98}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{370F4800-0857-4083-9781-B19507F1F3CE}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{37BFA9F1-AC3B-4FD4-B210-1356855C5966}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{40ACB6DC-E427-488A-877F-E12E78B2BCB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40C40BE0-E000-4777-8764-A35CF29D14C1}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{46581C51-4395-4EBD-941C-11CB055E93A7}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{48321603-F3C4-4CD9-AE1F-2B76C70420F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{529E5CFA-A9BC-43EE-A596-1F15A71DFBD2}" = dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{52F970CF-1683-4CA0-8359-AD5619375286}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{5ECA3EDB-EA33-49F5-84CB-DED4C4716C6B}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5FA5695E-F321-4C7A-82CC-668B9581175A}" = protocol=17 | dir=in | app=c:\users\display\appdata\local\temp\purplebean.exe |
"{60CF346B-9151-48F1-99D5-0F5C517B11B1}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{6454E0CC-D69A-41F3-9E38-35A731E9A36E}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
"{64EEFA25-EB98-4DCF-AB25-96A3E83DAE42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65A454DE-BB96-4055-AC7F-D0A8431A65DB}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{679DCED8-990C-454F-844A-CCB0ACC826A7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{68A2A4C2-908B-4075-8B95-2F5BA77DB6EC}" = protocol=6 | dir=in | app=c:\program files\lexmark 3400 series\lxcymon.exe |
"{710B214B-CBEF-437A-A6A3-871D01D83306}" = protocol=17 | dir=in | app=c:\windows\system32\lxcycoms.exe |
"{7B4FA093-0E75-4EC8-AECF-A039CCCB4510}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{7D036299-EB98-447D-A72C-CD940B060BBE}" = protocol=6 | dir=in | app=c:\users\display\appdata\local\temp\purplebean.exe |
"{7DF07C3E-F8F7-4E19-8F37-3CF010F9EEBC}" = protocol=6 | dir=out | app=system |
"{805E5FF4-564A-4B93-898A-D4CB532D8CE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86DC20D3-76C7-4F78-934A-F8C7E75B9970}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{95B2355F-4825-4A67-8259-0761D6ECB062}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
"{966C5E4C-78BA-4449-8E97-DD4F3B3BEDB7}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{99EAAA3C-F24D-4D3D-A461-9C5A235F38BD}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A07943CA-03AE-4037-BF8D-E4A6265BA70B}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{A10E334A-C6E8-4333-B095-AF3D6721F6F2}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{A34FA3EB-E84C-428B-A971-A582FDDE29E6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A4ADC0D1-5D46-4808-B845-A46EB5DF2CEF}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{ABAD00CD-054A-4DC2-A3AB-4167CB820078}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media 6.0\vc.exe |
"{B0695855-45FA-4226-BC88-87CB112A45A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA19C8D2-06F8-457B-AD6C-C65E2B82AF52}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{BBAA3EE2-5582-4B7C-935D-958A05160FFC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BBE91CD1-3047-4981-9AC3-3A4B8346FEFC}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BC17FC93-747A-4F3F-B6E6-B96DD46AA7F2}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{C17D002B-1EEA-464F-8A6C-A8C671F8E388}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C4AE28C3-1DDC-4E6A-AE21-1E1DE31E3049}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C4B91B2F-9A36-4085-B838-5AF738A36234}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{C5E774DB-5164-470F-9317-0F57772AEA98}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C8DF4875-21B1-44A1-AEDB-3A3E8C14603C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CDDC21EF-71D6-45A9-89A2-6FFC8F2C2731}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D23C01F7-A704-4703-A1F6-3AE27B93FC35}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{D475B41A-3621-4E4E-BEB0-91333A84D77A}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{DCDA60A8-0E57-4911-B6EC-CD3F4A312083}" = protocol=17 | dir=in | app=c:\program files\lexmark 3400 series\lxcyaiox.exe |
"{DF9B1A00-B2AC-452A-9102-BD9F373EF45D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E612BE38-3BCA-45BB-A71C-B8C1D7F105B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7CB966E-ED51-4E11-81C3-276EF3BDD046}" = protocol=6 | dir=in | app=c:\windows\system32\lxcycoms.exe |
"{EE09DEEE-5602-4A86-8832-D1ECB09DC9C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F857F75D-92AF-48E9-9E69-3F573C0E76E4}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"TCP Query User{0719EC1D-6166-4848-9B51-6F74D3C884EE}C:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"TCP Query User{0D768177-590A-4D28-AA5A-09995CA64CDD}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{3B2C9B34-4CA7-45A9-9E3A-63B50FCF1F5D}C:\program files\thq\darkcrusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files\thq\darkcrusade\darkcrusade.exe |
"TCP Query User{4C223269-12AB-4481-8E6E-07483A7AE3AF}C:\ijji\english\u_sf\soldierfront.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
"TCP Query User{5599DCB3-CE8F-41CB-BF18-53C6BBB3EE8D}C:\program files\thq\darkcrusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files\thq\darkcrusade\darkcrusade.exe |
"TCP Query User{6CC81331-D55E-4525-B875-E6F2A12F730A}C:\programdata\ijjigame\plauncher.exe" = protocol=6 | dir=in | app=c:\programdata\ijjigame\plauncher.exe |
"TCP Query User{869D38BD-F2AC-4543-811F-5322FDB17F79}C:\program files\thq\dawn of war\w40kwa.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war\w40kwa.exe |
"TCP Query User{A1BC2D36-F5EE-4DA2-B95B-B49E930EFD5E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{AF50016D-48AD-4944-A1C8-28A733F054BD}C:\users\display\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\display\appdata\local\temp\electronicarts_patcher_000.exe |
"TCP Query User{B1215B2E-F880-402F-8BFB-88A3A7DD62AF}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{B34AB8C6-DBA1-4112-AC60-F6B7F865C15E}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{0319869A-CC46-4D84-930D-B6E2981826AB}C:\users\display\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\display\appdata\local\temp\electronicarts_patcher_000.exe |
"UDP Query User{2A76D428-DAA1-4555-A652-06172C5DAF3E}C:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"UDP Query User{4299E404-29BB-4D03-913A-33300BB07998}C:\program files\thq\dawn of war\w40kwa.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war\w40kwa.exe |
"UDP Query User{66D5CBAA-E347-4941-A680-0B721BEF1BC8}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{67765CBB-3C8E-4E9C-951E-A0B7C1202369}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{767ED2B4-74DC-4EB3-9280-57253005D17B}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{888C2CD9-FD09-4E43-A13D-3AFD020ACDB5}C:\program files\thq\darkcrusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files\thq\darkcrusade\darkcrusade.exe |
"UDP Query User{90880A82-AE50-421F-ACE4-B2C462B032C3}C:\programdata\ijjigame\plauncher.exe" = protocol=17 | dir=in | app=c:\programdata\ijjigame\plauncher.exe |
"UDP Query User{C62164D5-C403-4CF1-83DD-A22E79B34D00}C:\ijji\english\u_sf\soldierfront.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
"UDP Query User{E86EAFA6-04FF-43BF-A066-D6EC5CCEE0F7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F41BD245-A556-4E49-AD69-B5A24280EE7D}C:\program files\thq\darkcrusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files\thq\darkcrusade\darkcrusade.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054C3038-FFAC-446D-9682-E25891DC2E05}" = QuickBooks Product Listing Service
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 15
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{478D1ABC-A334-497E-904A-DDA98F087699}" = VAIO Video & Photo Utilities
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{5E3CFCA6-C95A-47CB-A822-7FA80D423AF2}" = MapSource
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Video & Photo Utilities
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADE24B2-DCA4-4A1E-8B52-A5B435522D9E}" = Soldier Front
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F308117-9B2F-45EB-9FAF-B59CD8339673}" = MapSource - Topo Canada v2
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1362843-0E0E-4F74-8662-724CF101ADCE}" = Skype web features
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AdVantage" = AdVantage (Powering DAEMON Tools)
"BitComet" = BitComet 1.12
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"ImgBurn" = ImgBurn
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{9F308117-9B2F-45EB-9FAF-B59CD8339673}" = MapSource - Topo Canada v2
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallWIX_{6580C5A3-2336-4EC5-85F1-3448C5F6208A}" = Kaspersky Anti-Virus 2009
"Lexmark 3400 Series" = Lexmark 3400 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"MpcStar" = MpcStar 1.8
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoStitch" = Canon Utilities PhotoStitch
"PROSet" = Intel® PRO Network Connections Drivers
"PSP Video 9" = PSP Video 9 2.24
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureDC" = Canon Utilities RemoteCapture DC
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SecondLife" = SecondLife (remove only)
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08/08/2009 10:41:40 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f0f, process id 0x964, application
start time 0x01ca189ae8c6bfd0.

Error - 10/08/2009 3:54:02 AM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f0f, process id 0x13ec, application
start time 0x01ca198fb414a4f0.

Error - 10/08/2009 3:54:23 AM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f11, process id 0xeec, application
start time 0x01ca198fc0d87770.

Error - 10/08/2009 4:06:50 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0xffff0000, process id 0x148, application start time
0x01ca19f6139b3b30.

Error - 10/08/2009 5:00:14 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f11, process id 0x1470, application
start time 0x01ca19fd8a5902f0.

Error - 10/08/2009 6:06:26 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f11, process id 0x10dc, application
start time 0x01ca1a06ca20beb0.

Error - 10/08/2009 10:00:45 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application Switcher.exe, version 3.5.0.11270, time stamp
0x456ace92, faulting module npggNT.des_unloaded, version 0.0.0.0, time stamp 0x4a08db47,
exception code 0xc0000005, fault offset 0x458ad360, process id 0xd34, application
start time 0x01ca19d809c15c96.

Error - 12/08/2009 8:39:16 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18813, time stamp
0x4a6621ae, faulting module SkypeIEPlugin.dll, version 3.3.0.3290, time stamp 0x4a02d40b,
exception code 0xc0000005, fault offset 0x00001f0f, process id 0xa24, application
start time 0x01ca1bae73ab8340.

Error - 12/08/2009 8:39:31 PM | Computer Name = Chase | Source = Application Error | ID = 1000
Description = Faulting application VAIOUpdt.exe, version 3.0.0.11250, time stamp
0x45684dd3, faulting module npggNT.des_unloaded, version 0.0.0.0, time stamp 0x4a08db47,
exception code 0xc0000005, fault offset 0x458ad360, process id 0xfa0, application
start time 0x01ca1b1949bfc602.

Error - 14/08/2009 10:01:40 PM | Computer Name = Chase | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Word.

[ Media Center Events ]
Error - 12/04/2008 12:42:38 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 17/04/2008 12:52:19 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 06/05/2008 1:40:18 AM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 08/05/2008 9:11:55 AM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 09/05/2008 3:51:07 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/05/2008 7:26:11 AM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 13/05/2008 8:38:38 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 14/11/2008 9:32:32 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 28/05/2009 11:36:26 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/06/2009 1:24:03 PM | Computer Name = Chase | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 12:24:31 AM | Computer Name = Chase | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 29/08/2009 3:42:25 AM | Computer Name = Chase | Source = HTTP | ID = 15016
Description =

Error - 29/08/2009 3:43:10 AM | Computer Name = Chase | Source = Service Control Manager | ID = 7000
Description =

Error - 29/08/2009 3:43:10 AM | Computer Name = Chase | Source = Service Control Manager | ID = 7026
Description =


< End of report >

#11 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 04:31 PM

Not that this would make for a corrupt startup
But I have witnessed users having problems with Internet Explorer freezing with Skype addon installed
Not Skype itself, but I recommend that you ensure any instance of IE is closed

Then uninstall
Skype web features

Besides that it's hard to tell what may be causing the startup problem
Did you look in your Control Panel for the Recovery Wizard?

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here


#12 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 04:41 PM

No I cant find recovery wizard. But there is a backup and restore center with the options of....

back up your computer
restore data, files, or computer from backup
schedule automated back ups

#13 rdchase1

rdchase1

    Member

  • Members
  • PipPipPip
  • 64 posts

Posted 29 August 2009 - 04:47 PM

I always thought you could only make backup disks when your computer is brand new. I guess that's not true though, right?

#14 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,240 posts

Posted 29 August 2009 - 05:27 PM

Normally, you can make One set of Recovery disks after the computer was purchased
If they were not sent with the unit, you may still have the option to make them, unless your brother already has

From this link
http://www.my-whiteb...aio-laptop.html

Take note of the following, let me know if the option to create recovery disks is there?

NOTE:The VAIO Recovery Center can be accessed from within Windows Help and Support. Click Backup & Recovery, then click Launch VAIO Recovery Center.

If not, you may still have the hidden partition to restore to factory settings on bootup
But if something ever happens to the harddrive, the disks would be great to have on hand
As I said earlier, normally you only have the option to create the disks once
But I see this on that link

NOTE:After the recovery discs have been created the first time, any disc can be created again by selecting the disc from the list and clicking Next.

I'm not sure what they mean by that?

If you still can't see it, Open Help Center and look for
VAIO Recovery Center

Edited by guestolo, 29 August 2009 - 05:40 PM.

Do you want to post your own HijackThis log?
Follow the instructions posted Here

Not required, but if you would like to donate to help my fight against malware
Click Here





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users