Post by: tanya on September 17, 2011, 04:51:01 AM
My laptop boots up but then hangs and I am unable to use it in normal mode. I have now managed to log in in Safe mode with networking, please help me troubleshoot and fix this!
Thanks!
Tanya
Post by: tanya on September 17, 2011, 05:03:02 AM
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55:03, on 17-09-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaio-online.sony.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [GSISETUP] F:\setup.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Logan_S2P] C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - .DEFAULT User Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: BSEGadget.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CE96795-E26D-490E-BB2A-BD8D83E891A8}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11312 bytes
Post by: tanya on September 17, 2011, 05:04:58 AM
OTL logfile created on: 17-09-2011 14:00:21 - Run 5
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
2.00 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.12% Memory free
4.00 Gb Paging File | 3.72 Gb Available in Paging File | 93.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.64 Gb Total Space | 26.85 Gb Free Space | 15.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 14.92 Gb Total Space | 12.70 Gb Free Space | 85.08% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TANYA-PC
Current User Name: Tanya
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard
========== Processes (All) ==========
PRC - [2011-06-22 14:16:12 | 00,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011-06-22 14:16:11 | 00,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
PRC - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-11 10:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 10:28:13 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 10:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 10:28:04 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 10:27:59 | 00,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 10:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-01-19 11:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - 984 -- C:\Windows\System32\svchost.exe
PRC - 956 -- C:\Windows\System32\svchost.exe
PRC - 876 -- C:\Windows\System32\svchost.exe
PRC - 840 -- C:\Windows\System32\svchost.exe
PRC - 784 -- C:\Windows\System32\svchost.exe
PRC - 1352 -- C:\Windows\System32\svchost.exe
PRC - 1240 -- C:\Windows\System32\svchost.exe
PRC - 1076 -- C:\Windows\System32\svchost.exe
PRC - 1060 -- C:\Windows\System32\svchost.exe
PRC - 1016 -- C:\Windows\System32\svchost.exe
PRC - [2008-01-19 11:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 11:33:05 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-19 11:33:05 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
========== Modules (All) ==========
MOD - [2011-04-23 03:32:21 | 09,703,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2011-04-23 03:30:18 | 01,102,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2011-04-23 03:26:21 | 01,785,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2011-04-15 13:46:37 | 01,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2011-01-21 20:35:22 | 11,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2011-01-21 20:35:22 | 00,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2011-01-20 20:07:42 | 00,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2011-01-20 20:07:03 | 01,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-12-20 20:35:04 | 00,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-11-04 22:51:35 | 01,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\GdiPlus.dll
MOD - [2010-10-15 17:48:59 | 01,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-08-31 19:43:52 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-06-28 21:00:21 | 01,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 20:46:48 | 00,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
MOD - [2009-10-09 01:08:01 | 00,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2009-10-01 05:02:17 | 02,537,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdshext.dll
MOD - [2009-07-17 17:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 18:53:43 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 18:52:42 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 16:15:07 | 00,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 10:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 10:28:25 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 10:28:25 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 10:28:25 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2009-04-11 10:28:25 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 10:28:25 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 10:28:24 | 01,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 10:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 10:28:24 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 10:28:23 | 00,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 10:28:23 | 00,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 10:28:23 | 00,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 10:28:23 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 10:28:22 | 00,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 10:28:20 | 00,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 10:28:20 | 00,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 10:28:20 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 10:28:20 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 10:28:19 | 00,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 10:28:19 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontext.dll
MOD - [2009-04-11 10:28:18 | 00,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 10:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 10:28:17 | 00,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 10:28:17 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-19 11:37:12 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 11:37:09 | 00,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 11:36:48 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 11:36:47 | 00,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 11:36:35 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 11:35:57 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 11:33:52 | 00,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2006-11-02 16:34:48 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2006-11-02 13:46:12 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 13:46:07 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2006-11-02 12:33:06 | 00,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
========== Win32 Services (All) ==========
SRV - [2011-04-20 10:50:46 | 00,792,976 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011-03-18 08:11:02 | 00,947,528 | ---- | M] () -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011-03-02 19:44:27 | 00,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011-02-22 17:33:09 | 00,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010-12-10 18:30:50 | 00,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010-12-10 18:29:30 | 29,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2010-12-10 18:29:30 | 00,238,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010-12-10 18:29:30 | 00,044,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2010-11-04 22:55:12 | 00,601,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010-10-20 11:22:24 | 00,630,272 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-09-21 14:03:14 | 01,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-09-06 20:20:29 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010-08-17 18:11:37 | 00,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010-07-21 15:52:54 | 00,540,968 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2010-06-10 21:03:08 | 00,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-05-18 16:35:14 | 00,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2010-02-18 17:30:03 | 00,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009-10-10 01:56:18 | 01,181,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009-10-10 01:55:52 | 00,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009-10-01 05:01:54 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009-09-16 13:27:12 | 00,480,624 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009-09-08 18:09:14 | 00,083,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009-08-24 15:36:45 | 00,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-08-16 09:27:14 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009-08-16 09:27:08 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009-08-07 06:23:45 | 01,929,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009-07-14 21:48:26 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2009-07-11 23:01:42 | 00,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009-07-10 15:47:42 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009-07-10 15:47:42 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009-06-10 15:42:23 | 00,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009-04-11 10:28:26 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2009-04-11 10:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009-04-11 10:28:25 | 00,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009-04-11 10:28:25 | 00,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2009-04-11 10:28:25 | 00,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009-04-11 10:28:25 | 00,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009-04-11 10:28:25 | 00,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2009-04-11 10:28:25 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009-04-11 10:28:25 | 00,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009-04-11 10:28:25 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009-04-11 10:28:25 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009-04-11 10:28:24 | 00,558,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2009-04-11 10:28:24 | 00,550,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009-04-11 10:28:24 | 00,550,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009-04-11 10:28:24 | 00,449,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2009-04-11 10:28:24 | 00,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009-04-11 10:28:24 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009-04-11 10:28:24 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009-04-11 10:28:24 | 00,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009-04-11 10:28:24 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009-04-11 10:28:24 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009-04-11 10:28:23 | 00,758,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2009-04-11 10:28:23 | 00,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009-04-11 10:28:23 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009-04-11 10:28:20 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009-04-11 10:28:20 | 00,407,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009-04-11 10:28:20 | 00,364,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009-04-11 10:28:19 | 00,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2009-04-11 10:28:19 | 00,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009-04-11 10:28:19 | 00,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009-04-11 10:28:19 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009-04-11 10:28:18 | 00,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009-04-11 10:28:18 | 00,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009-04-11 10:28:18 | 00,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009-04-11 10:28:18 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009-04-11 10:28:18 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009-04-11 10:28:18 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009-04-11 10:28:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV - [2009-04-11 10:28:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009-04-11 10:28:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009-04-11 10:28:15 | 00,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009-04-11 10:28:10 | 01,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009-04-11 10:28:09 | 00,385,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009-04-11 10:28:07 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009-04-11 10:27:59 | 00,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009-04-11 10:27:49 | 03,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2009-04-11 10:27:45 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009-04-11 10:27:31 | 02,092,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR)
SRV - [2009-03-30 08:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-05 18:59:50 | 00,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009-03-05 18:59:50 | 00,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009-03-05 18:59:50 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009-03-05 18:41:58 | 05,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009-02-18 22:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-02-18 22:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-02-18 22:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-02-19 00:32:49 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-02-19 00:25:15 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008-01-19 11:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-19 11:36:52 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008-01-19 11:36:50 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008-01-19 11:36:50 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008-01-19 11:36:46 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008-01-19 11:36:42 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008-01-19 11:36:39 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008-01-19 11:36:36 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008-01-19 11:36:36 | 00,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008-01-19 11:36:21 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008-01-19 11:36:21 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008-01-19 11:36:20 | 00,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008-01-19 11:36:20 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008-01-19 11:36:15 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008-01-19 11:36:14 | 00,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008-01-19 11:36:06 | 01,502,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008-01-19 11:36:03 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008-01-19 11:35:57 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008-01-19 11:35:38 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008-01-19 11:35:36 | 00,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008-01-19 11:35:36 | 00,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008-01-19 11:35:27 | 00,052,736 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2008-01-19 11:34:56 | 00,344,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008-01-19 11:34:53 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008-01-19 11:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008-01-19 11:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008-01-19 11:34:44 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008-01-19 11:34:42 | 00,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008-01-19 11:34:36 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008-01-19 11:34:35 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008-01-19 11:34:34 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008-01-19 11:34:34 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008-01-19 11:34:21 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008-01-19 11:34:08 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008-01-19 11:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008-01-19 11:33:49 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008-01-19 11:33:43 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008-01-19 11:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008-01-19 11:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008-01-19 11:33:16 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008-01-19 11:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008-01-19 11:33:01 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008-01-11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007-10-27 04:17:00 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007-10-05 04:02:21 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007-09-23 23:36:38 | 02,818,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007-09-11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007-08-15 08:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007-08-09 12:51:32 | 00,499,712 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007-06-15 07:07:44 | 00,075,952 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007-06-15 07:07:36 | 00,059,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007-01-11 04:51:06 | 00,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007-01-05 07:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-12-14 14:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 14:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 13:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006-11-02 16:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006-11-02 16:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006-11-02 16:35:24 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006-11-02 13:46:13 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006-11-02 13:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006-11-02 13:46:04 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006-11-02 13:46:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006-11-02 13:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006-11-02 13:45:21 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006-11-02 13:45:02 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006-10-27 02:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005-11-14 13:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (All) ==========
DRV - File not found -- -- (NwlnkFwd)
DRV - File not found -- -- (NwlnkFlt)
DRV - File not found -- -- (IpInIp)
DRV - File not found -- -- (CED7CAB4EF465688)
DRV - File not found -- -- (blbdrive)
DRV - [2011-04-29 17:25:10 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011-04-29 17:25:09 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011-04-29 17:24:50 | 00,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011-04-29 17:24:42 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011-04-29 17:24:40 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011-04-21 17:58:27 | 00,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2011-04-14 18:59:03 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011-02-22 17:23:55 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011-02-18 18:03:32 | 00,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011-01-20 20:37:37 | 00,638,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010-07-30 14:16:44 | 00,008,192 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 00,023,040 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 00,018,048 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-06-16 20:04:57 | 00,905,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010-06-16 20:04:57 | 00,905,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010-04-19 20:47:42 | 00,041,984 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010-02-21 00:53:34 | 00,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010-02-18 15:28:13 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009-12-08 21:26:18 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009-10-01 05:01:54 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009-08-16 09:27:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-16 09:27:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-07-14 21:45:07 | 00,445,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009-07-14 21:45:07 | 00,132,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2009-07-14 21:45:07 | 00,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2009-06-17 20:58:04 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-06-16 03:15:25 | 00,439,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)
DRV - [2009-05-18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-05-09 11:58:09 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009-04-11 10:33:03 | 00,292,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009-04-11 10:32:55 | 00,226,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volsnap.sys -- (volsnap)
DRV - [2009-04-11 10:32:55 | 00,177,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)
DRV - [2009-04-11 10:32:55 | 00,149,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pci.sys -- (pci)
DRV - [2009-04-11 10:32:52 | 00,053,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009-04-11 10:32:49 | 01,083,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009-04-11 10:32:49 | 00,527,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)
DRV - [2009-04-11 10:32:46 | 00,265,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\acpi.sys -- (ACPI)
DRV - [2009-04-11 10:32:46 | 00,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009-04-11 10:32:46 | 00,190,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2009-04-11 10:32:46 | 00,180,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009-04-11 10:32:46 | 00,161,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009-04-11 10:32:43 | 00,141,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009-04-11 10:32:31 | 00,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009-04-11 10:32:31 | 00,053,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\disk.sys -- (disk)
DRV - [2009-04-11 10:32:31 | 00,048,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\mup.sys -- (Mup)
DRV - [2009-04-11 10:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\atapi.sys -- (atapi)
DRV - [2009-04-11 08:51:27 | 00,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009-04-11 08:46:40 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009-04-11 08:46:32 | 00,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009-04-11 08:46:30 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009-04-11 08:45:56 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009-04-11 08:45:51 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2009-04-11 08:45:37 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2009-04-11 08:45:22 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009-04-11 08:43:28 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009-04-11 08:43:16 | 00,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009-04-11 08:43:12 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM)
DRV - [2009-04-11 08:43:10 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV - [2009-04-11 08:43:10 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2009-04-11 08:43:10 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV - [2009-04-11 08:43:09 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2009-04-11 08:43:08 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV - [2009-04-11 08:43:04 | 00,062,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2009-04-11 08:42:55 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009-04-11 08:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2009-04-11 08:42:54 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV - [2009-04-11 08:42:52 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009-04-11 08:42:48 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009-04-11 08:42:42 | 00,561,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009-04-11 08:39:17 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009-04-11 08:38:40 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009-04-11 08:14:40 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009-04-11 08:14:29 | 00,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009-04-11 08:14:01 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009-04-11 08:13:59 | 00,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009-04-11 08:13:53 | 00,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009-04-11 08:13:52 | 00,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-20 17:44:44 | 00,324,120 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2008-01-19 11:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008-01-19 11:42:28 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008-01-19 11:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volmgr.sys -- (volmgr)
DRV - [2008-01-19 11:41:52 | 00,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008-01-19 11:41:52 | 00,034,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008-01-19 11:41:49 | 00,031,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008-01-19 11:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008-01-19 11:41:25 | 00,020,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2008-01-19 11:41:20 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\intelide.sys -- (intelide)
DRV - [2008-01-19 11:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008-01-19 11:41:14 | 00,015,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008-01-19 10:14:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008-01-19 10:14:09 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008-01-19 10:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008-01-19 10:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008-01-19 10:01:08 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008-01-19 10:01:08 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008-01-19 10:01:07 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008-01-19 09:57:16 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008-01-19 09:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008-01-19 09:56:34 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008-01-19 09:56:34 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008-01-19 09:56:31 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008-01-19 09:56:31 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008-01-19 09:56:31 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008-01-19 09:56:29 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008-01-19 09:56:28 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008-01-19 09:56:28 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008-01-19 09:56:24 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008-01-19 09:56:23 | 00,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008-01-19 09:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008-01-19 09:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008-01-19 09:55:45 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008-01-19 09:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008-01-19 09:55:40 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008-01-19 09:55:19 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008-01-19 09:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008-01-19 09:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008-01-19 09:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008-01-19 09:53:44 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan)
DRV - [2008-01-19 09:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008-01-19 09:53:38 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008-01-19 09:53:29 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008-01-19 09:53:20 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008-01-19 09:53:16 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008-01-19 09:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008-01-19 09:52:06 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008-01-19 09:49:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008-01-19 09:49:19 | 00,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008-01-19 09:49:18 | 00,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008-01-19 09:49:18 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008-01-19 09:49:18 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008-01-19 09:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008-01-19 09:49:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008-01-19 09:49:12 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008-01-19 09:49:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008-01-19 09:32:47 | 00,014,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008-01-19 09:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008-01-19 09:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008-01-19 09:28:09 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008-01-19 09:28:02 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008-01-19 09:27:21 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2007-10-30 04:33:23 | 07,115,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-10-30 04:00:32 | 00,075,008 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007-10-30 04:00:32 | 00,043,904 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007-10-27 04:17:08 | 00,330,240 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007-10-26 10:21:13 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007-10-10 04:03:56 | 00,017,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007-10-10 04:03:54 | 00,099,880 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007-10-10 04:03:54 | 00,081,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007-10-10 04:03:13 | 00,028,464 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2007-10-05 04:02:21 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-10-05 04:02:18 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007-10-05 04:02:18 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2007-10-05 04:02:17 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007-10-05 04:02:17 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007-10-05 04:02:08 | 00,246,784 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007-09-20 01:38:18 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007-09-19 07:29:09 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007-08-29 05:58:45 | 00,009,344 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007-06-10 04:12:18 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007-06-06 04:00:39 | 00,812,544 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-05-26 12:03:06 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-04-18 08:09:28 | 00,011,032 | ---- | M] (InterVideo) -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007-04-03 10:43:28 | 01,131,136 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2007-01-10 03:46:25 | 00,005,120 | ---- | M] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-11-02 13:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 13:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 13:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 13:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 13:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 13:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 13:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 13:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 13:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 13:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2006-11-02 13:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 13:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 13:50:24 | 00,047,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2006-11-02 13:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 13:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2006-11-02 13:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 13:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2006-11-02 13:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006-11-02 13:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 13:50:13 | 00,040,
Post by: tanya on September 17, 2011, 05:06:44 AM
OTL Extras logfile created on: 17-09-2011 14:00:21 - Run 5
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
2.00 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.12% Memory free
4.00 Gb Paging File | 3.72 Gb Available in Paging File | 93.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.64 Gb Total Space | 26.85 Gb Free Space | 15.20% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 14.92 Gb Total Space | 12.70 Gb Free Space | 85.08% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TANYA-PC
Current User Name: Tanya
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Standard
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069C634D-D8CF-45E4-8311-3E776E515E5C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{0DD3B570-6E6A-4D91-92BA-523BD7BA2A61}" = rport=445 | protocol=6 | dir=out | app=system |
"{11505407-3B07-4C20-8347-FDFDED6CB3DD}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{13DF9584-22F5-4758-BBC1-25A26892374E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1E7494E1-ECEB-4BF8-A09F-960D452BFB6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27191E8A-2921-479C-B224-A7CE3647B951}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{28FF1C2D-73ED-445E-984B-FF3FF3D67D56}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2C07293C-60FC-4169-8ADD-181A50F32E6D}" = lport=5358 | protocol=6 | dir=in | app=system |
"{2E0D267C-D964-45F7-8B58-644B5BFE8055}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{33AA000F-2B94-4D36-A3B3-2D95982B0DC4}" = lport=137 | protocol=17 | dir=in | app=system |
"{369A212D-4D94-46E1-90FE-BA22395AAE5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C24A7C2-4FEF-4CE6-8DC4-D8AAB6BB9087}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C7FBC79-CD78-4B19-816B-2D0E417E22C6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3C8F2256-5C38-4869-B13E-6E69DCC6032D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A97B129-9051-40FD-AD14-1C24D0E15C18}" = lport=139 | protocol=6 | dir=in | app=system |
"{5CD4C19A-E5D5-480C-81EB-CA7E79B3D818}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{5CE5E4DF-730F-41FA-BB8D-4651E3DE9F77}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{61DA1ABD-63B9-4CA8-BCBF-7E9E41E54F61}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{6340DDA8-7C4F-42F9-8A8D-EC8886FC80A5}" = lport=5357 | protocol=6 | dir=in | app=system |
"{65D9CBF7-708D-42B4-8C03-A446E17B66DF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6C729297-1D39-4924-B131-27916B12044C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7022AB4A-72F2-4971-AA34-CBC7B1713A5E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{74F52193-166F-4016-BE28-A353274F1AA5}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{788F8CB9-827E-45CB-81A2-C70EEAF4DCAD}" = rport=5358 | protocol=6 | dir=out | app=system |
"{78E3D056-B6C4-40E6-B7AD-903E51214DFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{826D60E0-E005-4027-B528-E551D298531E}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{83193F19-8DE7-429D-B468-6CD7404C73B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{857396BB-49C3-4E30-9FD9-B5A3EE7A6893}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{88377FF0-D9B1-4C72-824C-A3DFD54643B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BC29B8D-19AB-454B-A902-711F53D36C46}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{90C6ABC1-28EF-4934-BAA7-D9BE8515495D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97A69BB5-9E6C-4A08-84EC-9F07AD373F6E}" = lport=445 | protocol=6 | dir=in | app=system |
"{982ACAEF-5B9C-472F-B4F3-27BB1E0BE7E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A101D71-9599-4FF1-B749-A471E99B82E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C2F3419-A472-440C-A400-A28A2E99DF8D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9C529976-1F6A-4ABF-8305-83E9E5B2BB44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3E7A14D-A87B-4503-B22C-C561DD3806DC}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A7B2D24E-02AB-421A-88AC-E4C8FF1322E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8DAC8A1-00CC-4D77-9F29-30B19B89D91D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A95A5D63-7D22-45EB-9806-195CEABBBAB0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE2906F1-5FE4-43ED-AC84-531108F85AFD}" = lport=138 | protocol=17 | dir=in | app=system |
"{AFBFD6DD-3543-4657-A1EE-5F8187A20E71}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{B26F5D85-89FA-49F4-B9A1-F26007FB96DB}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{BCF07AA2-3965-48E1-9E25-84B02093D083}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4B5A2DD-0A73-4C71-A349-6C892BE8CC6C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{CB31F2FB-BF63-4231-8EC0-0CEC1163FE50}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDFADE04-85B6-4920-837F-DA269B12A924}" = rport=139 | protocol=6 | dir=out | app=system |
"{CEF6CEAA-D890-4EBA-A8B4-4BE0BC8BCAEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D2A432BA-E4CD-4243-96CF-52CA50D2136A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8534ED6-0945-4055-B6F1-892E338CC900}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{D94C66F3-0DCF-48A6-A67A-74F074CC0264}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB8309A8-AC29-4BE6-835E-E1AD567D5102}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{DEA39E1B-33BB-43AD-953C-0410C8C745B4}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{EB8FB0AA-A812-4DF0-A004-45BEE77EE901}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFA2147A-ED82-4F2A-8D16-E358A93715C6}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{F691A256-8B0C-4486-825C-64AA2957BE40}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F70241E6-765C-4B1C-8387-E3B7B892A69A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{FA16A737-B16F-40EE-ADEC-40F72522F616}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FFC92EE4-C086-4A19-8235-0CA0E90C33FF}" = rport=5357 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05F9E681-AECC-4112-97C2-F2B97E3251B1}" = protocol=1 | dir=out | [email protected],-28544 |
"{151BE122-A55F-4512-8422-C25323E5609D}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{1937DCF2-CA60-48FA-9585-B648518D96DA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{34B51FE7-5D66-4FBF-B326-89F4A336A5F2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{375554CC-6724-4C9D-9138-148E9DB97101}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3874056C-BD10-4958-90AF-6DEF80661386}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{3C020347-5397-4BBE-B154-EB0CDB709B9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CAE976A-8153-4FB6-B5F9-1A7C5F67DADC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{42D52C7F-1176-4B61-AA84-A6EBAE7E68CF}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{46E17383-F4F3-42A7-B901-E247CD907771}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5739EA23-ACD6-402E-9460-B04FDC49F4BE}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{57CE0B0E-27D7-4168-A80A-F7E9FE71A1ED}" = protocol=1 | dir=in | [email protected],-28543 |
"{5DBB6FB2-0A0D-437D-AC56-E1D60DA794B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6305F94D-84F1-4E73-8ED4-66E91051D62B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6321CD21-0BD9-4224-844B-56C3FACB406A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70EA73BC-905C-46BF-B236-792A9E06E2B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{757F4307-21A3-4F2F-822B-ACA43C271C96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81D91EA6-630D-4EDA-A4CE-3DF8A4611C59}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8489F26A-DFA9-4B4D-8C57-660C6F287516}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{853DA4F3-9332-4298-84C1-9EF6DD2D8EB5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{86FDBC0F-6488-4ECC-9551-75C70BD6C577}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{886582EA-B2E7-45F5-B246-D899A1550FD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88DB5803-8618-4FCC-91AE-579CFC599580}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9250C0A8-9C44-49A5-BE89-6AB6A025D425}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95D6DF78-FD2D-4543-8BE1-FB3BA04FC4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{961F782C-009F-4669-8BFF-0BD0CB68583E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A265C4C4-C4E2-4275-A986-27D74916D400}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A55501D7-F05C-4DD3-BD6E-AC70FF9F276F}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{ADAAC908-C89E-40D5-95E4-752DCC2ABC8C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B44841D8-9CDC-474F-82DB-F567F762A524}" = protocol=6 | dir=out | app=system |
"{B5E4BEA4-41B6-47C9-9D56-545E3B5F5CCC}" = protocol=58 | dir=in | [email protected],-28545 |
"{C26950C2-5A2F-4852-A314-78DE8F2C4AED}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA607BD9-4DC6-4087-B9ED-95620BA7B482}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CFB5349D-7F3C-4D39-B773-77ED4992DDE4}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D0BFADB4-F21F-4D7E-A47B-568BD99A431F}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{DBB869AC-2C99-4D2F-8ADA-121EBBBD2909}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{DC862DEB-3838-44DC-89F6-72B5D04CBFEF}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{E0974573-607C-4AC9-84EF-411A2BFBC248}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{E556E751-F660-4647-B157-3DCEA293B13E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E6995F72-1A8F-444F-AB7B-44FBAFF7FBAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ECD3FF85-4F6A-42F4-80D6-642D9EE6AA72}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4F8D540-4885-42BE-B486-84718BE5838A}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{071E3CA7-5057-4E4A-B4FD-92E67C594888}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{10AC9536-EE6D-4849-8CD3-7A04DCD896DF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{13C29712-08C8-458D-B165-6C82018DC124}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2D9354F8-DDE4-4C72-B92B-5C9A1B17AC3C}C:\program files\sopcast\sopvod.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"TCP Query User{656DA1BF-F4E8-45C5-9674-11F582D83383}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6F14138E-D4A1-4232-800B-451426ECD2F4}C:\program files\rediff bol\rediffmessenger.exe" = protocol=6 | dir=in | app=c:\program files\rediff bol\rediffmessenger.exe |
"TCP Query User{701B7135-312B-44F5-AB02-9CC581A352B7}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{92220C38-E074-4EBB-AF02-1FBE614C059F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{9F3D2A2A-98A5-4808-B94B-96055C48C16C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A28EA05A-F715-4DED-B772-CC3D90B7DB08}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{B075D737-17D9-46BA-A515-E7915F87C01B}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{CB814108-16DF-42CA-999A-8B53F79C5CB9}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{DEB4E4E0-D6DF-47C9-BC43-D4144D49ACE9}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{EB594EBE-71B2-4CBB-BDF3-AE1DC0FD1991}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{297634D3-CA7D-4898-8EFD-7B86972AF76A}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{325D6D73-0F1B-460D-B91E-E49C4C059347}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3B396F40-3ABE-44F0-AEBB-0EF89E940926}C:\program files\sopcast\sopvod.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"UDP Query User{4D554AAB-3564-42E0-AA32-74168C038B5F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{61089322-0557-4AC1-BA57-1E5DA5A23341}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{61F4AEA7-56B2-4ECA-8203-61B2A288BFCC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{6CA2D4BC-394E-400A-B80C-C1B768FF4A0E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{81C1DCE1-9B4F-4978-B571-504B513EDD44}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{8929AC83-F5AC-4786-9D46-80EDBFDC6708}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{8ED315FF-E310-47A5-8923-746652F4B5F8}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{B83D7A56-5EAB-4C5F-B617-FFD0256A24AB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{D4C62443-58CA-4F0C-A2C9-9BB3EE1E58B6}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{ED4F3F30-2EBE-464C-9021-76B0F54268BA}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{F54D6EE8-36D5-4F88-AD13-DDC62578429B}C:\program files\rediff bol\rediffmessenger.exe" = protocol=17 | dir=in | app=c:\program files\rediff bol\rediffmessenger.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{133F46FF-B547-4462-AEAA-2322CA89CF67}" = VAIO Database Converter Ver 1.0
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 26
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{28AD24E2-BC9F-49B8-A20C-31C6C2D78428}" = VAIO Database Converter 1.0
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}" = Safari
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{3A5371B8-6BFD-4251-B339-6422A9987337}" = VAIO Media Registration Tool
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4F23468F-48BB-48FE-B2D5-E34C07DE52AF}" = Formtec Design Pro 7 English
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B3D4A3-6AF9-4A9E-9E90-6228408764D6}" = VAIO Edit Components
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1" = Convert VOB to AVI 1.7
"{604AD47E-B003-46A2-B952-518801708B5F}" = Image Converter 3
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.2
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{82B4F1D8-FB2E-4A89-B648-0A0596E239CA}" = Nokia Software Updater
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96296507-058A-4BFA-A042-998487514AC9}" = VAIO Entertainment Platform
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DCFE532-7DBD-4B03-8A04-E8D37346E29A}" = VAIO Media
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA171A69-F942-40DA-AE3A-EA91026A1CAE}" = VAIO Manual
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.6
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BA53CEA3-10FE-44A0-8B22-9EA5ED4EA315}" = VAIO Movie Story 1.3 Upgrade
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1" = AMR to MP3 Converter 1.4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}" = Nokia Connectivity Cable Driver
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}" = Microsoft WorldWide Telescope
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"AVG8Uninstall" = AVG Free 8.5
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Cool MP3 Splitter_is1" = Cool MP3 Splitter 2.0
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Download Manager" = Download Manager 2.3.10
"Free CD Music Converter 10" = Free CD Music Converter 10
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Picasa 3" = Picasa 3
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"Prince of Persia: The Sands of Time" = Prince of Persia: The Sands of Time
"PROHYBRIDR" = 2007 Microsoft Office system
"RealAlt_is1" = Real Alternative 1.60 Lite
"Samsung SCX-4500 Series" = Samsung SCX-4500 Series
"Scribe" = Express Scribe
"SopCast" = SopCast 2.0.4
"ToolBox" = NCH Toolbox
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6h
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SmartDraw 2009" = SmartDraw 2009
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19-02-2010 07:14:30 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 21-02-2010 05:25:19 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 22-02-2010 00:12:11 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 22-02-2010 12:56:19 | Computer Name = Tanya-PC | Source = Windows Search Service | ID = 3079
Description =
Error - 22-02-2010 12:57:18 | Computer Name = Tanya-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23-02-2010 11:10:10 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 23-02-2010 15:28:31 | Computer Name = Tanya-PC | Source = Application Error | ID = 1000
Description = Faulting application VCSW.exe, version 3.4.0.12080, time stamp 0x493d1eef,
faulting module ole32.dll, version 6.0.6002.18005, time stamp 0x49e037d7, exception
code 0xc0000005, fault offset 0x0005d2d6, process id 0x13a8, application start time
0x01cab49a4a8a4abe.
Error - 24-02-2010 00:40:12 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 26-02-2010 05:05:32 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 27-02-2010 05:24:48 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
[ OSession Events ]
Error - 22-08-2009 02:51:20 | Computer Name = Tanya-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 2429 seconds with 1800 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 05:44:32 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 05:45:02 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 05:45:02 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 05:51:04 | Computer Name = Tanya-PC | Source = DCOM | ID = 10005
Description =
< End of report >
Post by: tanya on September 17, 2011, 07:17:02 AM
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7733
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421
17-09-2011 16:15:58
mbam-log-2011-09-17 (16-15-58).txt
Scan type: Quick scan
Objects scanned: 173578
Time elapsed: 3 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Post by: guestolo on September 17, 2011, 10:43:43 AM
Please try System restore to a point before the computer won't boot
http://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/
Post by: tanya on September 17, 2011, 11:38:08 AM
let's ensure that System Restore won't get you back in Windows in Normal mode
Please try System restore to a point before the computer won't boot
http://www.howtogeek...system-restore/ (http://"http://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/")
[/quote]
Thank you for replying! I clicked system restore in my current safe mode and the only restore point it is showing is a Windows Update from 13 July, I am going to run it now and update you.
Thanks!
Tanya
Post by: tanya on September 17, 2011, 12:09:25 PM
I start system restore, it tries to restart the computer but then I got an error saying "Your computer was unable to start' and then Startup Repair begins, once again it says to System Restore and then when it restarts it goes to normal mode and hangs again.
I did the same things again but after start up repair when the computer restarted I pressed F8 and have now logged in into safe mode with networking.
Not sure what to do next, so please let me know!
Thanks!
Tanya
Post by: guestolo on September 17, 2011, 12:29:18 PM
Is that the free version of AVG? <--never mind, I see it is
Post by: tanya on September 17, 2011, 12:35:38 PM
I see an older version of AVG, is it possible after an update that the problems started?
Is that the free version of AVG? <--never mind, I see it is
[/quote]
Yes it is the free version. Sorry but I am not sure after which update the problem happened, I think it was a windows update and I had shut my laptop down, next day when I restarted that's when it started hanging.
Thank you again.
Tanya
Post by: guestolo on September 17, 2011, 12:46:10 PM
Can you download and save to your desktop the 32bit version of AVG removal tool
http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_1796.exe
Run the tool, follow the prompts, reboot when finished, any luck?
Post by: tanya on September 17, 2011, 01:08:26 PM
Let's eliminate the possibility that it's an AVG issue
Can you download and save to your desktop the 32bit version of AVG removal tool
http://download.avg....6_2012_1796.exe (http://"http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_1796.exe")
Run the tool, follow the prompts, reboot when finished, any luck?
[/quote]
I ran the tool and the computer restarted in normal mode, it worked for 5 minutes and then hung again
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />Let me know what to do next.
Thanks!
Tanya
Post by: guestolo on September 17, 2011, 01:15:12 PM
Post by: tanya on September 17, 2011, 01:33:45 PM
OTL logfile created on: 17-09-2011 22:30:34 - Run 5
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.46% Memory free
4.00 Gb Paging File | 3.86 Gb Available in Paging File | 96.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.64 Gb Total Space | 27.08 Gb Free Space | 15.33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TANYA-PC
Current User Name: Tanya
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2011-06-22 14:16:11 | 00,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
PRC - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-11 10:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 10:28:13 | 00,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 10:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 10:28:04 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 10:27:59 | 00,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 10:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-01-19 11:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - 992 -- C:\Windows\System32\svchost.exe
PRC - 964 -- C:\Windows\System32\svchost.exe
PRC - 884 -- C:\Windows\System32\svchost.exe
PRC - 844 -- C:\Windows\System32\svchost.exe
PRC - 784 -- C:\Windows\System32\svchost.exe
PRC - 1360 -- C:\Windows\System32\svchost.exe
PRC - 1248 -- C:\Windows\System32\svchost.exe
PRC - 1084 -- C:\Windows\System32\svchost.exe
PRC - 1064 -- C:\Windows\System32\svchost.exe
PRC - 1024 -- C:\Windows\System32\svchost.exe
PRC - [2008-01-19 11:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 11:33:05 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-19 11:33:05 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
========== Modules (All) ==========
MOD - [2011-01-21 20:35:22 | 11,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2011-01-21 20:35:22 | 00,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2011-01-20 20:07:42 | 00,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2011-01-20 20:07:03 | 01,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-12-20 20:35:04 | 00,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-10-15 17:48:59 | 01,205,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-08-31 19:43:52 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-06-28 21:00:21 | 01,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 20:46:48 | 00,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
MOD - [2009-10-09 01:08:01 | 00,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2009-07-17 17:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 18:53:43 | 00,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 18:52:42 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 16:15:07 | 00,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 10:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 10:28:25 | 00,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 10:28:25 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 10:28:25 | 00,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2009-04-11 10:28:25 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 10:28:25 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 10:28:24 | 01,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 10:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 10:28:24 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 10:28:23 | 00,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 10:28:23 | 00,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 10:28:23 | 00,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 10:28:23 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 10:28:22 | 00,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 10:28:20 | 00,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 10:28:20 | 00,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 10:28:20 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 10:28:20 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 10:28:19 | 00,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 10:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 10:28:17 | 00,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 10:28:17 | 00,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2008-01-19 11:37:12 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 11:37:09 | 00,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 11:36:48 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 11:36:47 | 00,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 11:36:35 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 11:35:57 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 11:33:52 | 00,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2006-11-02 13:46:12 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 13:46:07 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
========== Win32 Services (All) ==========
SRV - [2011-04-20 10:50:46 | 00,792,976 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011-03-02 19:44:27 | 00,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011-02-22 17:33:09 | 00,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010-12-10 18:30:50 | 00,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010-12-10 18:29:30 | 29,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2010-12-10 18:29:30 | 00,238,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010-12-10 18:29:30 | 00,044,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2010-11-04 22:55:12 | 00,601,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010-10-20 11:22:24 | 00,630,272 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-09-21 14:03:14 | 01,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-09-06 20:20:29 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010-08-17 18:11:37 | 00,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010-07-21 15:52:54 | 00,540,968 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2010-06-10 21:03:08 | 00,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-05-18 16:35:14 | 00,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2010-02-18 17:30:03 | 00,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009-10-10 01:56:18 | 01,181,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009-10-10 01:55:52 | 00,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009-10-01 05:01:54 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009-09-16 13:27:12 | 00,480,624 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009-09-08 18:09:14 | 00,083,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009-08-24 15:36:45 | 00,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009-08-07 06:23:45 | 01,929,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009-07-14 21:48:26 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2009-07-11 23:01:42 | 00,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009-07-10 15:47:42 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009-07-10 15:47:42 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2009-06-15 16:48:49 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009-06-10 15:42:23 | 00,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009-04-11 10:28:26 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2009-04-11 10:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009-04-11 10:28:25 | 00,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009-04-11 10:28:25 | 00,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2009-04-11 10:28:25 | 00,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009-04-11 10:28:25 | 00,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009-04-11 10:28:25 | 00,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2009-04-11 10:28:25 | 00,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009-04-11 10:28:25 | 00,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009-04-11 10:28:25 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009-04-11 10:28:25 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009-04-11 10:28:24 | 00,558,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2009-04-11 10:28:24 | 00,550,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009-04-11 10:28:24 | 00,550,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009-04-11 10:28:24 | 00,449,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2009-04-11 10:28:24 | 00,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009-04-11 10:28:24 | 00,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009-04-11 10:28:24 | 00,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009-04-11 10:28:24 | 00,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009-04-11 10:28:24 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009-04-11 10:28:24 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009-04-11 10:28:23 | 00,758,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009-04-11 10:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2009-04-11 10:28:23 | 00,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009-04-11 10:28:23 | 00,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009-04-11 10:28:20 | 00,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009-04-11 10:28:20 | 00,407,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009-04-11 10:28:20 | 00,364,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009-04-11 10:28:19 | 00,576,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2009-04-11 10:28:19 | 00,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009-04-11 10:28:19 | 00,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009-04-11 10:28:19 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009-04-11 10:28:18 | 00,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009-04-11 10:28:18 | 00,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009-04-11 10:28:18 | 00,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009-04-11 10:28:18 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009-04-11 10:28:18 | 00,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009-04-11 10:28:18 | 00,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009-04-11 10:28:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthserv.dll -- (BthServ)
SRV - [2009-04-11 10:28:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009-04-11 10:28:18 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009-04-11 10:28:15 | 00,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009-04-11 10:28:10 | 01,055,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009-04-11 10:28:09 | 00,385,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009-04-11 10:28:07 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009-04-11 10:27:59 | 00,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009-04-11 10:27:49 | 03,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2009-04-11 10:27:45 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009-04-11 10:27:31 | 02,092,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR)
SRV - [2009-03-30 08:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-05 18:59:50 | 00,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009-03-05 18:59:50 | 00,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009-03-05 18:59:50 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009-03-05 18:41:58 | 05,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009-02-18 22:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-02-18 22:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-02-18 22:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-02-19 00:32:49 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-02-19 00:25:15 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008-01-19 11:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-19 11:36:52 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008-01-19 11:36:50 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008-01-19 11:36:50 | 00,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008-01-19 11:36:46 | 00,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008-01-19 11:36:42 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008-01-19 11:36:39 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008-01-19 11:36:36 | 00,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008-01-19 11:36:36 | 00,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008-01-19 11:36:21 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008-01-19 11:36:21 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008-01-19 11:36:20 | 00,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008-01-19 11:36:20 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008-01-19 11:36:15 | 00,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008-01-19 11:36:14 | 00,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008-01-19 11:36:06 | 01,502,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008-01-19 11:36:03 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008-01-19 11:35:57 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008-01-19 11:35:38 | 00,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008-01-19 11:35:36 | 00,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008-01-19 11:35:36 | 00,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008-01-19 11:35:27 | 00,052,736 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2008-01-19 11:34:56 | 00,344,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008-01-19 11:34:53 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008-01-19 11:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008-01-19 11:34:49 | 00,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008-01-19 11:34:44 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008-01-19 11:34:42 | 00,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008-01-19 11:34:36 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008-01-19 11:34:35 | 00,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008-01-19 11:34:34 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008-01-19 11:34:34 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008-01-19 11:34:21 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008-01-19 11:34:08 | 00,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008-01-19 11:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008-01-19 11:33:49 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008-01-19 11:33:43 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008-01-19 11:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008-01-19 11:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008-01-19 11:33:16 | 00,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008-01-19 11:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008-01-19 11:33:01 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008-01-11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007-10-27 04:17:00 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007-10-05 04:02:21 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007-09-23 23:36:38 | 02,818,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007-09-11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007-08-15 08:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007-08-09 12:51:32 | 00,499,712 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007-06-15 07:07:44 | 00,075,952 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007-06-15 07:07:36 | 00,059,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007-01-11 04:51:06 | 00,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007-01-05 07:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-12-14 14:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 14:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 13:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006-11-02 16:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006-11-02 16:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006-11-02 16:35:24 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006-11-02 13:46:13 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006-11-02 13:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006-11-02 13:46:04 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006-11-02 13:46:02 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006-11-02 13:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006-11-02 13:45:21 | 00,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006-11-02 13:45:02 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006-10-27 02:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005-11-14 13:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (All) ==========
DRV - File not found -- -- (NwlnkFwd)
DRV - File not found -- -- (NwlnkFlt)
DRV - File not found -- -- (IpInIp)
DRV - File not found -- -- (CED7CAB4EF465688)
DRV - File not found -- -- (blbdrive)
DRV - [2011-04-29 17:25:10 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011-04-29 17:25:09 | 00,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011-04-29 17:24:50 | 00,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011-04-29 17:24:42 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011-04-29 17:24:40 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011-04-21 17:58:27 | 00,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2011-04-14 18:59:03 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011-02-22 17:23:55 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011-02-18 18:03:32 | 00,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011-01-20 20:37:37 | 00,638,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010-07-30 14:16:44 | 00,008,192 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 00,023,040 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 00,018,048 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-06-16 20:04:57 | 00,905,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010-06-16 20:04:57 | 00,905,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010-04-19 20:47:42 | 00,041,984 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010-02-21 00:53:34 | 00,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010-02-18 15:28:13 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009-12-08 21:26:18 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009-10-01 05:01:54 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2009-07-14 21:45:07 | 00,445,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009-07-14 21:45:07 | 00,132,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2009-07-14 21:45:07 | 00,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2009-06-17 20:58:04 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-06-16 03:15:25 | 00,439,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)
DRV - [2009-05-18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-04-11 10:33:03 | 00,292,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009-04-11 10:32:55 | 00,226,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volsnap.sys -- (volsnap)
DRV - [2009-04-11 10:32:55 | 00,177,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)
DRV - [2009-04-11 10:32:55 | 00,149,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\pci.sys -- (pci)
DRV - [2009-04-11 10:32:52 | 00,053,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009-04-11 10:32:49 | 01,083,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009-04-11 10:32:49 | 00,527,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)
DRV - [2009-04-11 10:32:46 | 00,265,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\acpi.sys -- (ACPI)
DRV - [2009-04-11 10:32:46 | 00,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009-04-11 10:32:46 | 00,190,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2009-04-11 10:32:46 | 00,180,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2009-04-11 10:32:46 | 00,161,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009-04-11 10:32:43 | 00,141,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2009-04-11 10:32:31 | 00,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009-04-11 10:32:31 | 00,053,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\disk.sys -- (disk)
DRV - [2009-04-11 10:32:31 | 00,048,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\mup.sys -- (Mup)
DRV - [2009-04-11 10:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\atapi.sys -- (atapi)
DRV - [2009-04-11 08:51:27 | 00,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009-04-11 08:46:40 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009-04-11 08:46:32 | 00,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009-04-11 08:46:30 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009-04-11 08:45:56 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009-04-11 08:45:51 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2009-04-11 08:45:37 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2009-04-11 08:45:22 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009-04-11 08:43:28 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009-04-11 08:43:16 | 00,196,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009-04-11 08:43:12 | 00,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rfcomm.sys -- (RFCOMM)
DRV - [2009-04-11 08:43:10 | 00,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys -- (BTHPORT)
DRV - [2009-04-11 08:43:10 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2009-04-11 08:43:10 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthenum.sys -- (BthEnum)
DRV - [2009-04-11 08:43:09 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2009-04-11 08:43:08 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS -- (BTHUSB)
DRV - [2009-04-11 08:43:04 | 00,062,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2009-04-11 08:42:55 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009-04-11 08:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2009-04-11 08:42:54 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV - [2009-04-11 08:42:52 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009-04-11 08:42:48 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009-04-11 08:42:42 | 00,561,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009-04-11 08:39:17 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009-04-11 08:38:40 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2009-04-11 08:14:40 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009-04-11 08:14:29 | 00,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009-04-11 08:14:01 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009-04-11 08:13:59 | 00,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009-04-11 08:13:53 | 00,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009-04-11 08:13:52 | 00,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-20 17:44:44 | 00,324,120 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2008-01-19 11:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008-01-19 11:42:28 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008-01-19 11:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\volmgr.sys -- (volmgr)
DRV - [2008-01-19 11:41:52 | 00,035,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008-01-19 11:41:52 | 00,034,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008-01-19 11:41:49 | 00,031,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008-01-19 11:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008-01-19 11:41:25 | 00,020,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2008-01-19 11:41:20 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\intelide.sys -- (intelide)
DRV - [2008-01-19 11:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008-01-19 11:41:14 | 00,015,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008-01-19 10:14:40 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008-01-19 10:14:09 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2008-01-19 10:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008-01-19 10:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008-01-19 10:01:08 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008-01-19 10:01:08 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008-01-19 10:01:07 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008-01-19 09:57:16 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008-01-19 09:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008-01-19 09:56:34 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008-01-19 09:56:34 | 00,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008-01-19 09:56:31 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008-01-19 09:56:31 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008-01-19 09:56:31 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008-01-19 09:56:29 | 00,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008-01-19 09:56:28 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008-01-19 09:56:28 | 00,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008-01-19 09:56:24 | 00,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008-01-19 09:56:23 | 00,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008-01-19 09:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008-01-19 09:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008-01-19 09:55:45 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008-01-19 09:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008-01-19 09:55:40 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008-01-19 09:55:19 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008-01-19 09:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008-01-19 09:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008-01-19 09:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008-01-19 09:53:44 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthpan.sys -- (BthPan)
DRV - [2008-01-19 09:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008-01-19 09:53:38 | 00,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008-01-19 09:53:29 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008-01-19 09:53:20 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008-01-19 09:53:16 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008-01-19 09:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008-01-19 09:52:06 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008-01-19 09:49:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008-01-19 09:49:19 | 00,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008-01-19 09:49:18 | 00,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008-01-19 09:49:18 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008-01-19 09:49:18 | 00,005,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008-01-19 09:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sermouse.sys -- (sermouse)
DRV - [2008-01-19 09:49:16 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008-01-19 09:49:12 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008-01-19 09:49:10 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008-01-19 09:32:47 | 00,014,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008-01-19 09:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2008-01-19 09:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008-01-19 09:28:09 | 00,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008-01-19 09:28:02 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008-01-19 09:27:21 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2007-10-30 04:33:23 | 07,115,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-10-30 04:00:32 | 00,075,008 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007-10-30 04:00:32 | 00,043,904 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007-10-27 04:17:08 | 00,330,240 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007-10-26 10:21:13 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007-10-10 04:03:56 | 00,017,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007-10-10 04:03:54 | 00,099,880 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007-10-10 04:03:54 | 00,081,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007-10-10 04:03:13 | 00,028,464 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2007-10-05 04:02:21 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-10-05 04:02:18 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007-10-05 04:02:18 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2007-10-05 04:02:17 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007-10-05 04:02:17 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007-10-05 04:02:08 | 00,246,784 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007-09-20 01:38:18 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007-09-19 07:29:09 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007-08-29 05:58:45 | 00,009,344 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007-06-10 04:12:18 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007-06-06 04:00:39 | 00,812,544 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-05-26 12:03:06 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-04-18 08:09:28 | 00,011,032 | ---- | M] (InterVideo) -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007-04-03 10:43:28 | 01,131,136 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2007-01-10 03:46:25 | 00,005,120 | ---- | M] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-11-02 13:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 13:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 13:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 13:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 13:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 13:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 13:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 13:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 13:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 13:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2006-11-02 13:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 13:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 13:50:24 | 00,047,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2006-11-02 13:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 13:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2006-11-02 13:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 13:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2006-11-02 13:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006-11-02 13:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 13:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 13:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 13:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 13:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 13:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 13:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 13:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 13:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 13:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 13:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 13:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 13:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 13:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\gagp30kx.sys -- (gagp30kx)
DRV - [2006-11-02 13:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2006-11-02 13:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 13:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\uagp35.sys -- (uagp35)
DRV - [2006-11-02 13:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [20
Post by: tanya on September 17, 2011, 02:11:04 PM
OTL Extras logfile created on: 17-09-2011 22:30:34 - Run 5
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.46% Memory free
4.00 Gb Paging File | 3.86 Gb Available in Paging File | 96.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.64 Gb Total Space | 27.08 Gb Free Space | 15.33% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TANYA-PC
Current User Name: Tanya
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069C634D-D8CF-45E4-8311-3E776E515E5C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{0DD3B570-6E6A-4D91-92BA-523BD7BA2A61}" = rport=445 | protocol=6 | dir=out | app=system |
"{11505407-3B07-4C20-8347-FDFDED6CB3DD}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{13DF9584-22F5-4758-BBC1-25A26892374E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1E7494E1-ECEB-4BF8-A09F-960D452BFB6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27191E8A-2921-479C-B224-A7CE3647B951}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{28FF1C2D-73ED-445E-984B-FF3FF3D67D56}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2C07293C-60FC-4169-8ADD-181A50F32E6D}" = lport=5358 | protocol=6 | dir=in | app=system |
"{2E0D267C-D964-45F7-8B58-644B5BFE8055}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{33AA000F-2B94-4D36-A3B3-2D95982B0DC4}" = lport=137 | protocol=17 | dir=in | app=system |
"{369A212D-4D94-46E1-90FE-BA22395AAE5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C24A7C2-4FEF-4CE6-8DC4-D8AAB6BB9087}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3C7FBC79-CD78-4B19-816B-2D0E417E22C6}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3C8F2256-5C38-4869-B13E-6E69DCC6032D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A97B129-9051-40FD-AD14-1C24D0E15C18}" = lport=139 | protocol=6 | dir=in | app=system |
"{5CD4C19A-E5D5-480C-81EB-CA7E79B3D818}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{5CE5E4DF-730F-41FA-BB8D-4651E3DE9F77}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{61DA1ABD-63B9-4CA8-BCBF-7E9E41E54F61}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{6340DDA8-7C4F-42F9-8A8D-EC8886FC80A5}" = lport=5357 | protocol=6 | dir=in | app=system |
"{65D9CBF7-708D-42B4-8C03-A446E17B66DF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6C729297-1D39-4924-B131-27916B12044C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7022AB4A-72F2-4971-AA34-CBC7B1713A5E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{74F52193-166F-4016-BE28-A353274F1AA5}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{788F8CB9-827E-45CB-81A2-C70EEAF4DCAD}" = rport=5358 | protocol=6 | dir=out | app=system |
"{78E3D056-B6C4-40E6-B7AD-903E51214DFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{826D60E0-E005-4027-B528-E551D298531E}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{83193F19-8DE7-429D-B468-6CD7404C73B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{857396BB-49C3-4E30-9FD9-B5A3EE7A6893}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{88377FF0-D9B1-4C72-824C-A3DFD54643B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BC29B8D-19AB-454B-A902-711F53D36C46}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{90C6ABC1-28EF-4934-BAA7-D9BE8515495D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97A69BB5-9E6C-4A08-84EC-9F07AD373F6E}" = lport=445 | protocol=6 | dir=in | app=system |
"{982ACAEF-5B9C-472F-B4F3-27BB1E0BE7E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A101D71-9599-4FF1-B749-A471E99B82E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C2F3419-A472-440C-A400-A28A2E99DF8D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9C529976-1F6A-4ABF-8305-83E9E5B2BB44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3E7A14D-A87B-4503-B22C-C561DD3806DC}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A7B2D24E-02AB-421A-88AC-E4C8FF1322E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8DAC8A1-00CC-4D77-9F29-30B19B89D91D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A95A5D63-7D22-45EB-9806-195CEABBBAB0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE2906F1-5FE4-43ED-AC84-531108F85AFD}" = lport=138 | protocol=17 | dir=in | app=system |
"{AFBFD6DD-3543-4657-A1EE-5F8187A20E71}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{B26F5D85-89FA-49F4-B9A1-F26007FB96DB}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{BCF07AA2-3965-48E1-9E25-84B02093D083}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4B5A2DD-0A73-4C71-A349-6C892BE8CC6C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{CB31F2FB-BF63-4231-8EC0-0CEC1163FE50}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDFADE04-85B6-4920-837F-DA269B12A924}" = rport=139 | protocol=6 | dir=out | app=system |
"{CEF6CEAA-D890-4EBA-A8B4-4BE0BC8BCAEA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D2A432BA-E4CD-4243-96CF-52CA50D2136A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D8534ED6-0945-4055-B6F1-892E338CC900}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{D94C66F3-0DCF-48A6-A67A-74F074CC0264}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB8309A8-AC29-4BE6-835E-E1AD567D5102}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{DEA39E1B-33BB-43AD-953C-0410C8C745B4}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{EB8FB0AA-A812-4DF0-A004-45BEE77EE901}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFA2147A-ED82-4F2A-8D16-E358A93715C6}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{F691A256-8B0C-4486-825C-64AA2957BE40}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F70241E6-765C-4B1C-8387-E3B7B892A69A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{FA16A737-B16F-40EE-ADEC-40F72522F616}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FFC92EE4-C086-4A19-8235-0CA0E90C33FF}" = rport=5357 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05F9E681-AECC-4112-97C2-F2B97E3251B1}" = protocol=1 | dir=out | [email protected],-28544 |
"{151BE122-A55F-4512-8422-C25323E5609D}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{1937DCF2-CA60-48FA-9585-B648518D96DA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{34B51FE7-5D66-4FBF-B326-89F4A336A5F2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{375554CC-6724-4C9D-9138-148E9DB97101}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3874056C-BD10-4958-90AF-6DEF80661386}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{3C020347-5397-4BBE-B154-EB0CDB709B9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CAE976A-8153-4FB6-B5F9-1A7C5F67DADC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{42D52C7F-1176-4B61-AA84-A6EBAE7E68CF}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{46E17383-F4F3-42A7-B901-E247CD907771}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5739EA23-ACD6-402E-9460-B04FDC49F4BE}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{57CE0B0E-27D7-4168-A80A-F7E9FE71A1ED}" = protocol=1 | dir=in | [email protected],-28543 |
"{5DBB6FB2-0A0D-437D-AC56-E1D60DA794B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6305F94D-84F1-4E73-8ED4-66E91051D62B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6321CD21-0BD9-4224-844B-56C3FACB406A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70EA73BC-905C-46BF-B236-792A9E06E2B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{757F4307-21A3-4F2F-822B-ACA43C271C96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81D91EA6-630D-4EDA-A4CE-3DF8A4611C59}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8489F26A-DFA9-4B4D-8C57-660C6F287516}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{853DA4F3-9332-4298-84C1-9EF6DD2D8EB5}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{86FDBC0F-6488-4ECC-9551-75C70BD6C577}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{886582EA-B2E7-45F5-B246-D899A1550FD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88DB5803-8618-4FCC-91AE-579CFC599580}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9250C0A8-9C44-49A5-BE89-6AB6A025D425}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95D6DF78-FD2D-4543-8BE1-FB3BA04FC4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{961F782C-009F-4669-8BFF-0BD0CB68583E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A265C4C4-C4E2-4275-A986-27D74916D400}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A55501D7-F05C-4DD3-BD6E-AC70FF9F276F}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{ADAAC908-C89E-40D5-95E4-752DCC2ABC8C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B44841D8-9CDC-474F-82DB-F567F762A524}" = protocol=6 | dir=out | app=system |
"{B5E4BEA4-41B6-47C9-9D56-545E3B5F5CCC}" = protocol=58 | dir=in | [email protected],-28545 |
"{C26950C2-5A2F-4852-A314-78DE8F2C4AED}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CA607BD9-4DC6-4087-B9ED-95620BA7B482}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CFB5349D-7F3C-4D39-B773-77ED4992DDE4}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{D0BFADB4-F21F-4D7E-A47B-568BD99A431F}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{DBB869AC-2C99-4D2F-8ADA-121EBBBD2909}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{DC862DEB-3838-44DC-89F6-72B5D04CBFEF}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{E0974573-607C-4AC9-84EF-411A2BFBC248}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{E556E751-F660-4647-B157-3DCEA293B13E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E6995F72-1A8F-444F-AB7B-44FBAFF7FBAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ECD3FF85-4F6A-42F4-80D6-642D9EE6AA72}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4F8D540-4885-42BE-B486-84718BE5838A}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{071E3CA7-5057-4E4A-B4FD-92E67C594888}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{10AC9536-EE6D-4849-8CD3-7A04DCD896DF}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{13C29712-08C8-458D-B165-6C82018DC124}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2D9354F8-DDE4-4C72-B92B-5C9A1B17AC3C}C:\program files\sopcast\sopvod.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"TCP Query User{656DA1BF-F4E8-45C5-9674-11F582D83383}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6F14138E-D4A1-4232-800B-451426ECD2F4}C:\program files\rediff bol\rediffmessenger.exe" = protocol=6 | dir=in | app=c:\program files\rediff bol\rediffmessenger.exe |
"TCP Query User{701B7135-312B-44F5-AB02-9CC581A352B7}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{92220C38-E074-4EBB-AF02-1FBE614C059F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{9F3D2A2A-98A5-4808-B94B-96055C48C16C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A28EA05A-F715-4DED-B772-CC3D90B7DB08}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{B075D737-17D9-46BA-A515-E7915F87C01B}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{CB814108-16DF-42CA-999A-8B53F79C5CB9}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{DEB4E4E0-D6DF-47C9-BC43-D4144D49ACE9}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{EB594EBE-71B2-4CBB-BDF3-AE1DC0FD1991}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{297634D3-CA7D-4898-8EFD-7B86972AF76A}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{325D6D73-0F1B-460D-B91E-E49C4C059347}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3B396F40-3ABE-44F0-AEBB-0EF89E940926}C:\program files\sopcast\sopvod.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"UDP Query User{4D554AAB-3564-42E0-AA32-74168C038B5F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{61089322-0557-4AC1-BA57-1E5DA5A23341}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{61F4AEA7-56B2-4ECA-8203-61B2A288BFCC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{6CA2D4BC-394E-400A-B80C-C1B768FF4A0E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{81C1DCE1-9B4F-4978-B571-504B513EDD44}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{8929AC83-F5AC-4786-9D46-80EDBFDC6708}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{8ED315FF-E310-47A5-8923-746652F4B5F8}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{B83D7A56-5EAB-4C5F-B617-FFD0256A24AB}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{D4C62443-58CA-4F0C-A2C9-9BB3EE1E58B6}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{ED4F3F30-2EBE-464C-9021-76B0F54268BA}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{F54D6EE8-36D5-4F88-AD13-DDC62578429B}C:\program files\rediff bol\rediffmessenger.exe" = protocol=17 | dir=in | app=c:\program files\rediff bol\rediffmessenger.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{133F46FF-B547-4462-AEAA-2322CA89CF67}" = VAIO Database Converter Ver 1.0
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 26
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{28AD24E2-BC9F-49B8-A20C-31C6C2D78428}" = VAIO Database Converter 1.0
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}" = Safari
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{3A5371B8-6BFD-4251-B339-6422A9987337}" = VAIO Media Registration Tool
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4F23468F-48BB-48FE-B2D5-E34C07DE52AF}" = Formtec Design Pro 7 English
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B3D4A3-6AF9-4A9E-9E90-6228408764D6}" = VAIO Edit Components
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FE0C13A-63F1-4394-88A8-2D8722A75FE0}_is1" = Convert VOB to AVI 1.7
"{604AD47E-B003-46A2-B952-518801708B5F}" = Image Converter 3
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.2
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{82B4F1D8-FB2E-4A89-B648-0A0596E239CA}" = Nokia Software Updater
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96296507-058A-4BFA-A042-998487514AC9}" = VAIO Entertainment Platform
"{989ED050-E296-4FDC-9E4E-C48B4AF76E32}" = VAIO Content Metadata Intelligent Analyzing Manager
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DCFE532-7DBD-4B03-8A04-E8D37346E29A}" = VAIO Media
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8DF8593-F619-47DE-AD27-BCABF233433A}" = STOIK Video Converter 2
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA171A69-F942-40DA-AE3A-EA91026A1CAE}" = VAIO Manual
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B1991F22-4F93-4D11-9866-A7DFE551DF9E}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.6
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BA53CEA3-10FE-44A0-8B22-9EA5ED4EA315}" = VAIO Movie Story 1.3 Upgrade
"{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}" = VAIO Movie Story 1.5 Upgrade
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1" = AMR to MP3 Converter 1.4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}" = Click to Disc
"{D22AFEDF-6A5B-459D-A9EA-D16E422E4C18}" = Nokia Connectivity Cable Driver
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}" = Microsoft WorldWide Telescope
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Cool MP3 Splitter_is1" = Cool MP3 Splitter 2.0
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Download Manager" = Download Manager 2.3.10
"Free CD Music Converter 10" = Free CD Music Converter 10
"Free PS Convert driver_is1" = Free PS Convert driver 8.15
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Picasa 3" = Picasa 3
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"Prince of Persia: The Sands of Time" = Prince of Persia: The Sands of Time
"PROHYBRIDR" = 2007 Microsoft Office system
"RealAlt_is1" = Real Alternative 1.60 Lite
"Samsung SCX-4500 Series" = Samsung SCX-4500 Series
"Scribe" = Express Scribe
"SopCast" = SopCast 2.0.4
"ToolBox" = NCH Toolbox
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6h
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SmartDraw 2009" = SmartDraw 2009
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19-02-2010 07:14:30 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 21-02-2010 05:25:19 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 22-02-2010 00:12:11 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 22-02-2010 12:56:19 | Computer Name = Tanya-PC | Source = Windows Search Service | ID = 3079
Description =
Error - 22-02-2010 12:57:18 | Computer Name = Tanya-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 23-02-2010 11:10:10 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 23-02-2010 15:28:31 | Computer Name = Tanya-PC | Source = Application Error | ID = 1000
Description = Faulting application VCSW.exe, version 3.4.0.12080, time stamp 0x493d1eef,
faulting module ole32.dll, version 6.0.6002.18005, time stamp 0x49e037d7, exception
code 0xc0000005, fault offset 0x0005d2d6, process id 0x13a8, application start time
0x01cab49a4a8a4abe.
Error - 24-02-2010 00:40:12 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 26-02-2010 05:05:32 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 27-02-2010 05:24:48 | Computer Name = Tanya-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
[ OSession Events ]
Error - 22-08-2009 02:51:20 | Computer Name = Tanya-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 2429 seconds with 1800 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 14:05:20 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 17-09-2011 14:05:33 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 17-09-2011 14:05:33 | Computer Name = Tanya-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
Post by: guestolo on September 17, 2011, 02:22:14 PM
click the Start button
then type [color="#800080"]msconfig[/color] in the Search box, and then press ENTER.
In the System Configuration Utility dialog box, click Selective Startup on the General tab.
Click to clear the Load Startup Items check box.
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Click Disable All, and then click OK.
When you are prompted, click Restart.
Post by: tanya on September 17, 2011, 03:01:53 PM
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> Got this error in a Microsoft Windows pop up box "Host process for Windows Services stopped working and was closed. A problem caused the application to stop working correctly. Windows will notify you if a solution is available."
Tanya
Post by: guestolo on September 17, 2011, 03:31:58 PM
When you got to this part
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Did you ensure you hid all microsoft services?
Post by: tanya on September 17, 2011, 03:56:58 PM
just double checking
When you got to this part
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Did you ensure you hid all microsoft services?
[/quote]
Yes positive I checked that box.
Post by: guestolo on September 17, 2011, 04:02:33 PM
In addition, can you check your disk for errors please
Open Computer by clicking Start button Computer.
Right-click the C: drive and then click Properties.
Click the Tools tab, and then, under Error-checking, click Check Now. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Select both Automatically fix file system errors and Scan for and attempt recovery of bad sectors.
Click Start.
you'll be prompted to reschedule the disk check for the next time you restart your computer. do so
and then restart
This can take some time, so be patient
After it's done see if it will boot to Normal windows please
Post by: tanya on September 17, 2011, 04:17:21 PM
I tried error checking but as soon as I click Start I immediately get an error pop up box saying 'Windows was unable to complete the disk check.'
Tanya
Post by: guestolo on September 17, 2011, 05:32:36 PM
Safe mode with networking, can you do the following
Download ComboFix from the following location
[color="#0000FF"]Link 1[/color] (http://"http://download.bleepingcomputer.com/sUBs/ComboFix.exe")
Save it ONLY to your Desktop
double click on combofix and follow the prompts
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply
NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please
Post by: tanya on September 18, 2011, 11:00:13 AM
Here is the combofix log:
ComboFix 11-09-17.04 - Tanya 18-09-2011 8:45.2.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.91.1033.18.2046.1389 [GMT 4:00]
Running from: c:\users\Tanya\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\comct332.ocx
.
.
((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 04:51 . 2011-09-18 04:51 -------- d-----w- c:\users\Tanya\AppData\Local\temp
2011-09-18 04:51 . 2011-09-18 04:51 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - c:\program files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2008-2-19 5733664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 04:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Tanya^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Audio Filter.lnk]
path=c:\users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk
backup=c:\windows\pss\Audio Filter.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Tanya^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BSEGadget.lnk]
path=c:\users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BSEGadget.lnk
backup=c:\windows\pss\BSEGadget.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 19:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-06-10 00:12 118784 ----a-w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-07-13 11:10 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-01-05 17:00 133104 ----atw- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2007-09-19 19:09 311296 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 11:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logan_S2P]
2007-06-10 23:58 253952 ----a-w- c:\program files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2011-05-29 05:11 1047656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-11-06 12:00 2090272 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-10-30 00:32 8429568 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-10-30 00:33 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 06:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 01:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2008-02-12 11:11 536576 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 08:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 CED7CAB4EF465688;CED7CAB4EF465688;c:\users\Tanya\Desktop\CED7CAB4EF465688\CED7CAB4EF465688
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-09 5120]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-10-30 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-10-30 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R4 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [2007-06-15 75952]
R4 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-11 745472]
R4 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-08-09 397312]
R4 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-08-09 1089536]
R4 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003Core.job
- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-05 17:00]
.
2011-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003UA.job
- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-05 17:00]
.
2011-09-17 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2008-10-02 03:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vaio-online.sony.com/
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1CE96795-E26D-490E-BB2A-BD8D83E891A8}: NameServer = 8.8.8.8,8.8.4.4
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\3tapd7rs.default\
FF - prefs.js: browser.startup.homepage - www.google.ae
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc9abb2&v=6.103.018.001&i=29&tp=ab&iy=&ychte=aa&lng=en-US&q=
FF - prefs.js: network.proxy.ftp - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: Effective Measure Community Plugin: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-GSISETUP - F:\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-18 08:51
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CED7CAB4EF465688]
"ImagePath"="\??\c:\users\Tanya\Desktop\CED7CAB4EF465688\CED7CAB4EF465688"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{568E84CA-AB6A-4E5A-3FDD-2C44B76369DC}*]
@Allowed: (Read) (RestrictedCode)
"abekbmpdkhafkolecfbmiedbmjodkimnln"=hex:61,61,00,00
"bbekbmpdkhafkolecfambilpkgbobhnbkmfd"=hex:61,61,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-09-18 08:53:41
ComboFix-quarantined-files.txt 2011-09-18 04:53
.
Pre-Run: 29,525,053,440 bytes free
Post-Run: 30,885,134,336 bytes free
.
- - End Of File - - BE860252215A3539631815F4692E9373
Post by: tanya on September 18, 2011, 11:17:59 AM
/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' />Thank you for all your help!
Tanya
Post by: guestolo on September 18, 2011, 11:25:05 AM
Wait a couple minutes
Restart the computer into Normal windows
Can you remain in Normal windows now?
Check again if you have access to either IE or Firefox
Post by: tanya on September 18, 2011, 12:57:35 PM
I'm stepping out soon, what happens if you shut down the computer
Wait a couple minutes
Restart the computer into Normal windows
Can you remain in Normal windows now?
Check again if you have access to either IE or Firefox
[/quote]
I shut it down, it works briefly in normal windows 10-15 mins and then hangs again. My IE and Firefox are working now.
Thanks!
Tanya
Post by: guestolo on September 18, 2011, 01:19:07 PM
- Download [color="#0000FF"]TDSSKiller[/color] (http://"http://support.kaspersky.com/downloads/utils/tdsskiller.zip") and save it to your Desktop.
- Extract its contents to your desktop.
- Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
- If an infected file is detected, the default action will be Cure, click on Continue.
- If a suspicious file is detected, the default action will be Skip, click on Continue.
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
- If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
- If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Post by: tanya on September 18, 2011, 02:31:48 PM
2011/09/18 23:29:17.0131 1748 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/18 23:29:17.0848 1748 ================================================================================
2011/09/18 23:29:17.0848 1748 SystemInfo:
2011/09/18 23:29:17.0848 1748
2011/09/18 23:29:17.0848 1748 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/18 23:29:17.0848 1748 Product type: Workstation
2011/09/18 23:29:17.0848 1748 ComputerName: TANYA-PC
2011/09/18 23:29:17.0848 1748 UserName: Tanya
2011/09/18 23:29:17.0848 1748 Windows directory: C:\Windows
2011/09/18 23:29:17.0848 1748 System windows directory: C:\Windows
2011/09/18 23:29:17.0848 1748 Processor architecture: Intel x86
2011/09/18 23:29:17.0848 1748 Number of processors: 2
2011/09/18 23:29:17.0848 1748 Page size: 0x1000
2011/09/18 23:29:17.0848 1748 Boot type: Safe boot with network
2011/09/18 23:29:17.0848 1748 ================================================================================
2011/09/18 23:29:19.0190 1748 Initialize success
2011/09/18 23:29:24.0197 1188 ================================================================================
2011/09/18 23:29:24.0197 1188 Scan started
2011/09/18 23:29:24.0197 1188 Mode: Manual;
2011/09/18 23:29:24.0197 1188 ================================================================================
2011/09/18 23:29:25.0133 1188 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/18 23:29:25.0258 1188 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/09/18 23:29:25.0336 1188 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/09/18 23:29:25.0399 1188 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/09/18 23:29:25.0508 1188 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/09/18 23:29:25.0648 1188 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/18 23:29:25.0757 1188 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/09/18 23:29:25.0898 1188 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/18 23:29:25.0960 1188 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/09/18 23:29:26.0023 1188 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/09/18 23:29:26.0069 1188 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/09/18 23:29:26.0179 1188 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/09/18 23:29:26.0241 1188 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/09/18 23:29:26.0381 1188 ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/18 23:29:26.0522 1188 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/09/18 23:29:26.0631 1188 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/09/18 23:29:26.0756 1188 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/18 23:29:26.0849 1188 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/18 23:29:26.0974 1188 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/18 23:29:27.0193 1188 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/18 23:29:27.0302 1188 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/18 23:29:27.0349 1188 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/18 23:29:27.0458 1188 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/18 23:29:27.0536 1188 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/18 23:29:27.0598 1188 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/18 23:29:27.0676 1188 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/18 23:29:27.0770 1188 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/09/18 23:29:27.0895 1188 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/18 23:29:28.0019 1188 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/09/18 23:29:28.0113 1188 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/09/18 23:29:28.0238 1188 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/09/18 23:29:28.0378 1188 btwaudio (f2195899900e358614fa535ea503373e) C:\Windows\system32\drivers\btwaudio.sys
2011/09/18 23:29:28.0472 1188 btwavdt (769dfbe72448b31221db818a049760a5) C:\Windows\system32\drivers\btwavdt.sys
2011/09/18 23:29:28.0519 1188 btwl2cap (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/09/18 23:29:28.0659 1188 btwrchid (9fa7311ce621683aab68a324e623f9b2) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/09/18 23:29:28.0924 1188 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/18 23:29:29.0033 1188 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/18 23:29:29.0252 1188 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/09/18 23:29:29.0330 1188 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/18 23:29:29.0548 1188 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/18 23:29:29.0611 1188 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/09/18 23:29:29.0673 1188 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/18 23:29:29.0720 1188 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/18 23:29:29.0767 1188 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/09/18 23:29:29.0938 1188 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/18 23:29:30.0125 1188 DgiVecp (b327b0ca9fce58893d456ee2360378af) C:\Windows\system32\Drivers\DgiVecp.sys
2011/09/18 23:29:30.0281 1188 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/18 23:29:30.0328 1188 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/09/18 23:29:30.0500 1188 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/18 23:29:30.0593 1188 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/18 23:29:30.0687 1188 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/18 23:29:30.0843 1188 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/18 23:29:30.0952 1188 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/09/18 23:29:31.0108 1188 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/18 23:29:31.0186 1188 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/18 23:29:31.0280 1188 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/18 23:29:31.0405 1188 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/18 23:29:31.0483 1188 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/18 23:29:31.0576 1188 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/18 23:29:31.0701 1188 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/18 23:29:31.0857 1188 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/18 23:29:31.0919 1188 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/18 23:29:32.0013 1188 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/09/18 23:29:32.0122 1188 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/18 23:29:32.0247 1188 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/18 23:29:32.0356 1188 HidBth (fcb3f4be408f72c1bd81bcaba87fc22f) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/18 23:29:32.0434 1188 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/18 23:29:32.0543 1188 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/18 23:29:32.0637 1188 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/09/18 23:29:32.0746 1188 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/18 23:29:32.0855 1188 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/18 23:29:32.0996 1188 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/18 23:29:33.0105 1188 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/09/18 23:29:33.0199 1188 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/09/18 23:29:33.0323 1188 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/18 23:29:33.0417 1188 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\drivers\iastor.sys
2011/09/18 23:29:33.0495 1188 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/09/18 23:29:33.0589 1188 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/18 23:29:33.0698 1188 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/18 23:29:33.0807 1188 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/18 23:29:33.0916 1188 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/18 23:29:34.0025 1188 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/18 23:29:34.0135 1188 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/18 23:29:34.0275 1188 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/18 23:29:34.0337 1188 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/09/18 23:29:34.0415 1188 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/18 23:29:34.0493 1188 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/18 23:29:34.0618 1188 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/18 23:29:34.0727 1188 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/18 23:29:34.0790 1188 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/18 23:29:34.0883 1188 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/18 23:29:35.0024 1188 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/18 23:29:35.0102 1188 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/18 23:29:35.0164 1188 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/18 23:29:35.0242 1188 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/18 23:29:35.0351 1188 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/18 23:29:35.0429 1188 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/18 23:29:35.0523 1188 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/09/18 23:29:35.0601 1188 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/18 23:29:35.0695 1188 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/18 23:29:35.0804 1188 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/18 23:29:35.0851 1188 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/18 23:29:35.0929 1188 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/18 23:29:36.0007 1188 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/09/18 23:29:36.0085 1188 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/18 23:29:36.0163 1188 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/18 23:29:36.0241 1188 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/18 23:29:36.0365 1188 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/18 23:29:36.0475 1188 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/18 23:29:36.0584 1188 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/18 23:29:36.0646 1188 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/09/18 23:29:36.0724 1188 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/09/18 23:29:36.0865 1188 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/18 23:29:36.0943 1188 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/18 23:29:37.0083 1188 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/18 23:29:37.0161 1188 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/18 23:29:37.0208 1188 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/18 23:29:37.0286 1188 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/18 23:29:37.0395 1188 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/18 23:29:37.0582 1188 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/18 23:29:37.0894 1188 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/18 23:29:38.0019 1188 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/18 23:29:38.0128 1188 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/18 23:29:38.0721 1188 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/18 23:29:39.0236 1188 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/18 23:29:39.0501 1188 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/18 23:29:39.0688 1188 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/18 23:29:39.0875 1188 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/18 23:29:40.0000 1188 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/18 23:29:40.0234 1188 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/09/18 23:29:40.0343 1188 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/18 23:29:40.0468 1188 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys
2011/09/18 23:29:40.0889 1188 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys
2011/09/18 23:29:41.0451 1188 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/18 23:29:41.0966 1188 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/18 23:29:42.0793 1188 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/18 23:29:43.0339 1188 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/18 23:29:43.0432 1188 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/18 23:29:44.0321 1188 nvlddmkm (39d8f5a92427c57309355199592ead9f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/18 23:29:45.0257 1188 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/09/18 23:29:45.0320 1188 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/09/18 23:29:45.0367 1188 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/09/18 23:29:45.0601 1188 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/18 23:29:45.0725 1188 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/18 23:29:45.0928 1188 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/18 23:29:45.0991 1188 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/18 23:29:46.0115 1188 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/09/18 23:29:46.0193 1188 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/18 23:29:46.0287 1188 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/09/18 23:29:46.0396 1188 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/18 23:29:46.0724 1188 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/18 23:29:47.0083 1188 Ph3xIB32 (9f2f541c52cd7a452e235e885f7d95de) C:\Windows\system32\DRIVERS\Ph3xIB32.sys
2011/09/18 23:29:47.0363 1188 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/18 23:29:47.0457 1188 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/09/18 23:29:47.0707 1188 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/18 23:29:47.0925 1188 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/18 23:29:48.0112 1188 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/09/18 23:29:48.0206 1188 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/18 23:29:48.0284 1188 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/18 23:29:48.0377 1188 R5U870FLx86 (619fee09714903ef72f0fb80882cc946) C:\Windows\system32\Drivers\R5U870FLx86.sys
2011/09/18 23:29:48.0549 1188 R5U870FUx86 (3f75ba4b7e81a42781b725657883a2b4) C:\Windows\system32\Drivers\R5U870FUx86.sys
2011/09/18 23:29:48.0736 1188 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/18 23:29:48.0986 1188 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/18 23:29:49.0079 1188 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/18 23:29:49.0142 1188 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/18 23:29:49.0235 1188 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/18 23:29:49.0345 1188 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/18 23:29:49.0407 1188 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/09/18 23:29:49.0501 1188 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/18 23:29:49.0610 1188 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/18 23:29:49.0719 1188 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/09/18 23:29:49.0828 1188 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/09/18 23:29:50.0000 1188 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/18 23:29:50.0078 1188 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/18 23:29:50.0140 1188 secdrv (71768f197395dbfb4e876311172d4d93) C:\Windows\system32\drivers\secdrv.sys
2011/09/18 23:29:50.0234 1188 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/18 23:29:50.0296 1188 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/18 23:29:50.0374 1188 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/18 23:29:50.0546 1188 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/09/18 23:29:50.0764 1188 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/09/18 23:29:50.0983 1188 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/18 23:29:51.0076 1188 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/18 23:29:51.0123 1188 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/18 23:29:51.0185 1188 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/09/18 23:29:51.0263 1188 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/09/18 23:29:51.0373 1188 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/09/18 23:29:51.0451 1188 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/18 23:29:51.0731 1188 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/18 23:29:51.0919 1188 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/18 23:29:52.0043 1188 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/18 23:29:52.0106 1188 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/18 23:29:52.0215 1188 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
2011/09/18 23:29:52.0371 1188 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
2011/09/18 23:29:52.0527 1188 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2011/09/18 23:29:52.0636 1188 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/18 23:29:52.0777 1188 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/18 23:29:52.0933 1188 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/18 23:29:52.0995 1188 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/18 23:29:53.0104 1188 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/09/18 23:29:53.0213 1188 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/18 23:29:53.0338 1188 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/18 23:29:53.0416 1188 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/18 23:29:53.0479 1188 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/18 23:29:53.0650 1188 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/18 23:29:53.0900 1188 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/18 23:29:54.0025 1188 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
2011/09/18 23:29:54.0134 1188 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/18 23:29:54.0290 1188 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/18 23:29:54.0399 1188 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/18 23:29:54.0477 1188 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/09/18 23:29:54.0602 1188 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/18 23:29:54.0711 1188 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/18 23:29:54.0789 1188 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/09/18 23:29:54.0851 1188 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/18 23:29:54.0914 1188 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/18 23:29:55.0023 1188 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/18 23:29:55.0179 1188 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2011/09/18 23:29:55.0257 1188 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2011/09/18 23:29:55.0351 1188 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/09/18 23:29:55.0460 1188 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/18 23:29:55.0678 1188 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/18 23:29:55.0772 1188 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/18 23:29:55.0912 1188 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/18 23:29:56.0084 1188 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/18 23:29:56.0146 1188 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/18 23:29:56.0255 1188 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/18 23:29:56.0333 1188 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
2011/09/18 23:29:56.0411 1188 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/18 23:29:56.0505 1188 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/18 23:29:56.0677 1188 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/18 23:29:56.0895 1188 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/18 23:29:56.0973 1188 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/18 23:29:57.0067 1188 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/09/18 23:29:57.0160 1188 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/09/18 23:29:57.0238 1188 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/09/18 23:29:57.0316 1188 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/18 23:29:57.0394 1188 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/18 23:29:57.0472 1188 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/18 23:29:57.0597 1188 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/09/18 23:29:57.0753 1188 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/18 23:29:57.0909 1188 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 23:29:57.0940 1188 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 23:29:58.0034 1188 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/09/18 23:29:58.0127 1188 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/18 23:29:58.0315 1188 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/09/18 23:29:58.0424 1188 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/18 23:29:58.0627 1188 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/18 23:29:58.0783 1188 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/18 23:29:58.0861 1188 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/18 23:29:59.0001 1188 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/09/18 23:29:59.0079 1188 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/18 23:29:59.0141 1188 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/18 23:29:59.0344 1188 yukonwlh (2d07e65ed0023bb10b13a912b27dfb1a) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/09/18 23:29:59.0391 1188 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/18 23:29:59.0422 1188 Boot (0x1200) (6133ba64ebc59ebed67d5ad3ff04dca4) \Device\Harddisk0\DR0\Partition0
2011/09/18 23:29:59.0422 1188 ================================================================================
2011/09/18 23:29:59.0422 1188 Scan finished
2011/09/18 23:29:59.0422 1188 ================================================================================
2011/09/18 23:29:59.0438 1008 Detected object count: 0
2011/09/18 23:29:59.0438 1008 Actual detected object count: 0
Post by: guestolo on September 18, 2011, 02:46:34 PM
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' /> In the meantime, can you do the following please
Please download DeFogger (http://"http://www.jpshortstuff.247fixes.com/Defogger.exe") to your desktop.
Double click DeFogger to run the tool.
The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK
Do not re-enable these drivers until otherwise instructed.
Copy ALL the below in the Code box and paste to an empty notepad file
Don't use anything else than notepad or the script will not work
To open Notepad you can go to Start>Programs>> Accessories, and then clicking Notepad.
Code: [Select]
Driver::
CED7CAB4EF465688
File::
c:\windows\Tasks\SDMsgUpdate (TE).job
Folder::
c:\users\Tanya\Desktop\CED7CAB4EF465688
Registry::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CED7CAB4EF465688]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CED7CAB4EF465688]
Reglock::
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
Save this as txtfile on your desktop, with the exact name ofCFScript
(http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif)
Drag CFScript.txt into ComboFix.exe
Combofix will start>>Follow the prompts
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
When finished, it shall produce a log for you with the same name C:\ComboFix.txt..
I'll need to see that log again
In addition:
[color="#0000FF"]ESET Online Scanner[/color] (http://"http://www.eset.com/onlinescan/")[/url]
Click on the Button "Eset Online Scanner"
A new window will open, Download and save to your desktop
esetsmartinstaller_enu.exe
Right click on 'esetsmartinstaller_enu.exe' and choose to "Run as Administrator"
Put a tick in "Yes, I accept the Terms of Use" then click START
Eset will download components
When done click START again
Downloading of Virus signature database will begin
Depending on your connection speed, this can take awhile
When complete the scan will start
This scan can take some time, so be patient
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic
Post by: tanya on September 18, 2011, 04:19:17 PM
I ran the defogger but after finish it did not ask me to reboot.
After the reboot after running combofix I again could not access firefox or IE as it said something like this "Access Denied. Attempt to access a registry key that has been marked for deletion." I rebooted again and then got access. Here is the combofix log:
ComboFix 11-09-18.02 - Tanya 19-09-2011 0:45.2.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.91.1033.18.2046.1532 [GMT 4:00]
Running from: c:\users\Tanya\Desktop\ComboFix.exe
Command switches used :: c:\users\Tanya\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\SDMsgUpdate (TE).job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\Tasks\SDMsgUpdate (TE).job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CED7CAB4EF465688
-------\Service_CED7CAB4EF465688
.
.
((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 20:58 . 2011-09-18 21:01 -------- d-----w- c:\users\Tanya\AppData\Local\temp
2011-09-18 20:58 . 2011-09-18 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-18 20:26 . 2011-09-18 20:26 -------- d-----w- C:\0da76018af0c496421a87383552d
2011-09-18 15:56 . 2011-09-18 15:56 -------- d-----w- C:\found.001
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - c:\program files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2008-2-19 5733664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 04:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Tanya^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Audio Filter.lnk]
path=c:\users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk
backup=c:\windows\pss\Audio Filter.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Tanya^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BSEGadget.lnk]
path=c:\users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BSEGadget.lnk
backup=c:\windows\pss\BSEGadget.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 19:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2007-06-10 00:12 118784 ----a-w- c:\program files\Apoint\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-07-13 11:10 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-01-05 17:00 133104 ----atw- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
2009-10-27 17:18 1103216 ----a-w- c:\program files\Download Manager\DLM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2007-09-19 19:09 311296 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 11:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logan_S2P]
2007-06-10 23:58 253952 ----a-w- c:\program files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2011-05-29 05:11 1047656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-11-06 12:00 2090272 ----a-w- c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-10-30 00:32 8429568 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-10-30 00:33 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 06:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 01:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2008-02-12 11:11 536576 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 08:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-09 5120]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-10-30 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-10-30 43904]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R4 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [2007-06-15 75952]
R4 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-11 745472]
R4 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-08-09 397312]
R4 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-08-09 1089536]
R4 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-09-16 480624]
R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003Core.job
- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-05 17:00]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003UA.job
- c:\users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-05 17:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vaio-online.sony.com/
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1CE96795-E26D-490E-BB2A-BD8D83E891A8}: NameServer = 8.8.8.8,8.8.4.4
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\3tapd7rs.default\
FF - prefs.js: browser.startup.homepage - www.google.ae
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc9abb2&v=6.103.018.001&i=29&tp=ab&iy=&ychte=aa&lng=en-US&q=
FF - prefs.js: network.proxy.ftp - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy1.emirates.net.ae
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: Effective Measure Community Plugin: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-19 01:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-963744613-1606295528-1370569751-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{568E84CA-AB6A-4E5A-3FDD-2C44B76369DC}*]
@Allowed: (Read) (RestrictedCode)
"abekbmpdkhafkolecfbmiedbmjodkimnln"=hex:61,61,00,00
"bbekbmpdkhafkolecfambilpkgbobhnbkmfd"=hex:61,61,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1096)
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wbem\unsecapp.exe
c:\windows\helppane.exe
.
**************************************************************************
.
Completion time: 2011-09-19 01:07:54 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-18 21:06
ComboFix2.txt 2011-09-18 20:26
ComboFix3.txt 2011-09-18 04:53
.
Pre-Run: 30,176,997,376 bytes free
Post-Run: 30,851,457,024 bytes free
.
- - End Of File - - 8257F077FD4D3135563E80B6C1C77074
Post by: guestolo on September 18, 2011, 11:23:26 PM
Post by: tanya on September 18, 2011, 11:56:53 PM
Here is the log for ESET:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=c0016d958af976459e07fa25d4216dbb
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-18 10:44:39
# local_time=2011-09-19 02:44:39 (+0400, Arabian Standard Time)
# country="India"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 90581094 90581094 0 0
# compatibility_mode=1026 16777214 0 2 99186 99186 0 0
# compatibility_mode=5892 16776573 100 100 6241301 153910266 0 0
# compatibility_mode=8192 67108863 100 0 277 277 0 0
# scanned=183161
# found=1
# cleaned=1
# scan_time=4740
C:\Program Files\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Post by: tanya on September 19, 2011, 10:12:08 AM
Update - For the last half hour my laptop has been working in normal mode! Yayy!! Hope this lasts...Windows update is saying new updates need to be installed, am extremely wary now...please let me know if I should install them.
Thank you very much for all your help!
Tanya
Post by: tanya on September 19, 2011, 11:38:37 AM
/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Post by: tanya on September 19, 2011, 03:26:01 PM
So far normal mode is working fine. I am shutting it down for the night and hopefully tomorrow it would work as well. Will keep you posted. Do let me know what needs to be done next. Thank you very much for all your help!
Tanya
Post by: guestolo on September 19, 2011, 08:01:54 PM
We'll get you a new AntiVirus
Why not, tomorrow, download and install the free AntiVirus from Microsoft
Microsoft Security essentials
http://www.microsoft.com/en-ca/security_essentials/SystemRequirements.aspx
Normally a quick scheduled scan is good enough, but since it's a new install, why not try a Full Scan
Let me know the outcome please
Quote
Windows update is saying new updates need to be installed, am extremely wary now...please let me know if I should install them.Yes, of course, go ahead and install the updates
Post by: tanya on September 21, 2011, 03:12:31 AM
Thank you for all your help, laptop seems to be working fine now
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' /> I have installed the Microsoft antivirus and ran a full scan yesterday. It found 2 trojans:[size="2"]Trojan:Win32/Dynamer!dtc[/size]
[size="2"] &
[/size]
[size="2"]TrojanDownloader:Java/OpenConnection.DG[/size]
I have removed both of them. Do let me know if anything else needs to be done.
I also noticed there is an X on my internet connection even though I am connected. It says 'Connection status: unknown. The dependency service or group failed to start.' Should I be worried??
Once again, Thank you very much!
Tanya
Post by: guestolo on September 22, 2011, 07:07:03 PM
Quote
I also noticed there is an X on my internet connection even though I am connected. It says 'Connection status: unknown. The dependency service or group failed to start.' Should I be worried??
Can you do the following please
click the Start button
then type [color="#800080"]msconfig[/color] in the Search box, and then press ENTER.
In the System Configuration Utility dialog box
On the General tab, click the Normal Startup option, and then click OK.
When you are prompted to restart the computer, click Restart.
Does that clear the problem?
Post by: tanya on September 27, 2011, 03:44:34 PM
Sorry for not replying earlier. I tried what you said but status is still the same. Also got some errors, will attach images in the next post.
Thanks,
Tanya
Post by: tanya on September 27, 2011, 03:58:59 PM
Attached are all the errors I got when I restarted the laptop.
Thanks!
Tanya
[attachment=5335:photo.JPG]
[attachment=5337:photo (3).JPG]
[attachment=5336:photo (2).JPG]
Post by: guestolo on September 27, 2011, 09:25:38 PM
Run a fresh SCAN and post the new log that opens
Post by: tanya on October 01, 2011, 04:32:09 AM
Here is the log from the OTL scan:
OTL logfile created on: 01-10-2011 13:27:50 - Run 6
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004009 | Country: India | Language: ENN | Date Format: dd-MM-yyyy
2.00 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.25% Memory free
4.00 Gb Paging File | 3.11 Gb Available in Paging File | 77.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.64 Gb Total Space | 21.80 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TANYA-PC
Current User Name: Tanya
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2011-07-12 11:20:50 | 00,387,944 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2011-06-15 15:16:48 | 00,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011-05-25 14:06:20 | 00,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011-04-27 15:39:26 | 00,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011-04-27 15:39:26 | 00,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011-04-20 10:50:48 | 02,848,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
PRC - [2011-04-20 10:50:46 | 00,792,976 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
PRC - [2011-04-08 12:59:52 | 00,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-12-10 18:30:50 | 00,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010-12-10 18:29:30 | 00,238,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2010-10-20 11:22:24 | 00,630,272 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-10-20 11:20:46 | 00,149,504 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-09-21 14:03:14 | 01,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010-09-21 14:03:14 | 00,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010-09-20 23:07:44 | 00,932,288 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010-05-11 11:16:34 | 00,140,288 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
PRC - [2009-11-11 10:57:36 | 01,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009-10-27 18:36:16 | 01,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009-10-27 10:15:02 | 00,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-09-16 13:27:12 | 00,480,624 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009-07-14 21:45:07 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009-04-11 10:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 10:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 10:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 10:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 10:27:28 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009-03-05 18:59:50 | 00,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009-03-05 18:59:50 | 00,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009-03-05 18:41:58 | 05,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009-02-18 22:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
PRC - [2008-02-12 15:11:18 | 00,536,576 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008-01-19 11:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-19 11:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-01-11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007-10-27 04:17:00 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007-10-23 06:18:14 | 05,733,664 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007-10-05 04:02:21 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007-09-19 23:09:58 | 00,311,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007-09-11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007-08-15 08:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007-08-15 08:05:18 | 00,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007-06-16 00:45:20 | 00,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007-06-11 03:58:45 | 00,253,952 | ---- | M] () -- C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe
PRC - [2007-06-10 04:12:18 | 00,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007-06-10 04:12:18 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2007-06-10 04:12:16 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007-01-05 07:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
========== Modules (SafeList) ==========
MOD - [2010-08-31 19:43:52 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009-11-15 01:29:58 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Tanya\Desktop\Folders & Extras\Anti Spyware and Malware Programs\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2011-07-12 11:20:50 | 00,387,944 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011-05-25 14:06:20 | 00,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011-04-27 15:39:26 | 00,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011-04-27 15:39:26 | 00,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011-04-20 10:50:46 | 00,792,976 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011-02-22 17:33:09 | 00,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010-12-10 18:30:50 | 00,086,880 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010-12-10 18:29:30 | 29,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2010-12-10 18:29:30 | 00,238,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010-12-10 18:29:30 | 00,044,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2010-10-20 11:22:24 | 00,630,272 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-09-21 14:03:14 | 01,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010-07-21 15:52:54 | 00,540,968 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009-09-16 13:27:12 | 00,480,624 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009-09-08 18:09:14 | 00,083,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009-03-30 08:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-05 18:59:50 | 00,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009-03-05 18:59:50 | 00,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009-03-05 18:59:50 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009-03-05 18:41:58 | 05,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009-02-18 22:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-02-18 22:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009-02-18 22:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-02-19 00:32:49 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-02-19 00:25:15 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008-01-19 11:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-19 11:35:27 | 00,052,736 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2008-01-19 11:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008-01-19 11:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008-01-11 17:50:16 | 00,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007-10-27 04:17:00 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007-10-05 04:02:21 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007-09-23 23:36:38 | 02,818,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007-09-11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007-08-15 08:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007-08-09 12:51:32 | 00,499,712 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007-08-09 12:51:30 | 01,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007-08-09 12:51:30 | 00,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007-06-15 07:07:44 | 00,075,952 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007-06-15 07:07:36 | 00,059,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007-01-11 04:51:06 | 00,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007-01-05 07:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-12-14 14:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006-12-14 14:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006-12-14 13:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006-11-02 16:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006-11-02 16:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006-10-27 02:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005-11-14 13:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - [2011-10-01 11:54:32 | 00,028,752 | ---- | M] (Microsoft Corporation) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3FAA1C62-0383-42B4-A27A-798877133328}\MpKslec07154e.sys -- (MpKslec07154e)
DRV - [2011-04-27 15:25:24 | 00,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011-04-18 13:18:50 | 00,165,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2011-04-18 13:18:50 | 00,043,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010-07-30 14:16:44 | 00,008,192 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-07-30 14:16:42 | 00,023,040 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-07-30 14:16:38 | 00,018,048 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010-04-19 20:47:42 | 00,041,984 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009-06-17 20:58:04 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-05-18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-04-11 08:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2009-04-11 08:42:54 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-20 17:44:44 | 00,324,120 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007-10-30 04:33:23 | 07,115,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-10-30 04:00:32 | 00,075,008 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007-10-30 04:00:32 | 00,043,904 | ---- | M] (Ricoh) -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007-10-27 04:17:08 | 00,330,240 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007-10-26 10:21:13 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007-10-10 04:03:56 | 00,017,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007-10-10 04:03:54 | 00,099,880 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007-10-10 04:03:54 | 00,081,448 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2007-10-10 04:03:13 | 00,028,464 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2007-10-05 04:02:21 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007-10-05 04:02:18 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007-10-05 04:02:18 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2007-10-05 04:02:17 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007-10-05 04:02:17 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007-10-05 04:02:08 | 00,246,784 | ---- | M] (Marvell) -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007-09-20 01:38:18 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007-09-19 07:29:09 | 02,222,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007-08-29 05:58:45 | 00,009,344 | ---- | M] (Sony Corporation) -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007-06-10 04:12:18 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007-06-06 04:00:39 | 00,812,544 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007-05-26 12:03:06 | 00,128,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007-04-18 08:09:28 | 00,011,032 | ---- | M] (InterVideo) -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2007-04-03 10:43:28 | 01,131,136 | ---- | M] (Philips Semiconductors GmbH) -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2007-01-10 03:46:25 | 00,005,120 | ---- | M] (Samsung Electronics) -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-11-02 13:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 13:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 13:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 13:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 13:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 13:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 13:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 13:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 13:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 13:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 13:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 13:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 13:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 13:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 13:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 13:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 13:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 13:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 13:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 13:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 13:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 13:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 13:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 13:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 13:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 13:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 13:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 13:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 13:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 13:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 13:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 13:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 13:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 13:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 12:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid)
DRV - [2006-11-02 12:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 12:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 12:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 12:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 12:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 11:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006-11-02 11:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 11:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2006-11-02 10:37:21 | 00,020,480 | ---- | M] () -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2004-10-18 15:02:20 | 00,049,152 | ---- | M] (DeviceGuys, Inc.) -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vaio-online.sony.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.ae"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.22
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cc9abb2&v=6.103.018.001&i=29&tp=ab&iy=&ychte=aa&lng=en-US&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.gopher: ""
FF - prefs.js..network.proxy.backup.gopher_port: 0
FF - prefs.js..network.proxy.backup.socks: "localhost"
FF - prefs.js..network.proxy.backup.socks_port: 9050
FF - prefs.js..network.proxy.backup.ssl: "localhost"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "proxy1.emirates.net.ae"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "proxy1.emirates.net.ae"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "proxy1.emirates.net.ae"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy1.emirates.net.ae"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "proxy1.emirates.net.ae"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-09-02 17:48:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-01-06 10:47:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-10-01 12:08:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-10-01 12:08:17 | 00,000,000 | ---D | M]
[2008-06-20 05:37:20 | 00,000,000 | ---D | M] -- C:\Users\Tanya\AppData\Roaming\Mozilla\Extensions
[2010-06-24 23:26:40 | 00,000,000 | ---D | M] -- C:\Users\Tanya\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011-10-01 13:26:52 | 00,000,000 | ---D | M] -- C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\3tapd7rs.default\extensions
[2010-11-29 23:02:11 | 00,000,000 | ---D | M] -- C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\3tapd7rs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-09-17 21:55:37 | 00,000,000 | ---D | M] -- C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\3tapd7rs.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011-09-18 21:46:01 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2011-09-18 20:03:54 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008-11-10 11:35:59 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2008-12-03 08:07:46 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009-08-25 02:55:58 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009-11-10 03:24:32 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010-04-18 23:49:51 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-10-28 22:25:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-07-05 00:57:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-09-18 20:03:44 | 00,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2011-09-18 20:03:44 | 00,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2011-05-04 04:52:23 | 00,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-09-18 20:03:48 | 00,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2011-04-14 03:39:02 | 00,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2006-10-07 05:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2011-10-01 12:08:15 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2011-10-01 12:08:15 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2011-10-01 12:08:15 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2011-10-01 12:08:16 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2011-10-01 12:08:16 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2011-10-01 12:08:16 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2011-10-01 12:08:17 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2006-10-07 05:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2011-09-18 20:03:49 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2011-09-18 20:03:49 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2011-05-13 13:19:36 | 00,002,359 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2011-09-18 20:03:49 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2011-09-18 20:03:49 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2011-09-18 20:03:49 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2011-09-18 20:03:49 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2011-09-18 20:03:49 | 00,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (27 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Logan_S2P] C:\Program Files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Tanya\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O4 - Startup: C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BSEGadget.lnk = C:\Program Files\BSEMktWatch\BSE Mkt Watch.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (CDownloadCtrl Object)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-11-03 20:23:29 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2011-10-01 13:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2011-10-01 13:24:35 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011-10-01 12:15:22 | 00,000,000 | ---D | C] -- C:\Windows\LastGood
[2011-10-01 12:07:25 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011-10-01 12:02:56 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011-10-01 11:58:41 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011-10-01 11:58:36 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2011-09-20 22:28:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011-09-20 22:27:59 | 00,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011-09-20 21:54:35 | 02,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-09-20 21:54:35 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011-09-20 21:54:33 | 01,791,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011-09-20 21:54:32 | 00,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011-09-20 21:54:32 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-09-20 21:54:31 | 01,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011-09-20 21:54:31 | 01,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2011-09-20 21:54:31 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-09-20 21:54:29 | 09,704,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2011-09-20 21:54:29 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2011-09-20 21:54:29 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011-09-20 21:54:25 | 12,273,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2011-09-19 18:53:46 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011-09-19 18:53:43 | 00,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthport.sys
[2011-09-19 18:53:43 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\BTHUSB.SYS
[2011-09-19 18:53:40 | 02,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-09-19 18:53:27 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011-09-19 18:53:17 | 00,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2011-09-19 18:53:07 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011-09-19 18:42:20 | 00,892,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2011-09-19 18:41:44 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
[2011-09-19 01:21:01 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2011-09-19 01:20:13 | 02,322,184 | ---- | C] (ESET) -- C:\Users\Tanya\Desktop\esetsmartinstaller_enu.exe
[2011-09-19 01:13:30 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2011-09-19 01:07:56 | 00,000,000 | ---D | C] -- C:\Users\Tanya\AppData\Local\temp
[2011-09-19 01:00:47 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011-09-19 00:43:47 | 00,000,000 | ---D | C] -- C:\ComboFix
[2011-09-19 00:26:30 | 00,000,000 | ---D | C] -- C:\0da76018af0c496421a87383552d
[2011-09-19 00:25:38 | 00,913,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2011-09-19 00:25:38 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys
[2011-09-18 23:28:33 | 01,404,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tanya\Desktop\TDSSKiller.exe
[2011-09-18 19:56:54 | 00,000,000 | ---D | C] -- C:\found.001
[2011-09-18 08:38:41 | 00,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011-09-18 08:38:41 | 00,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011-09-18 08:38:41 | 00,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011-09-18 08:37:21 | 00,000,000 | ---D | C] -- C:\Qoobox
[2011-09-18 08:36:09 | 04,217,591 | R--- | C] (Swearware) -- C:\Users\Tanya\Desktop\ComboFix.exe
[2011-09-17 23:44:45 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2 C:\Users\Tanya\Desktop\*.tmp files -> C:\Users\Tanya\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011-10-01 13:27:53 | 04,718,592 | -HS- | M] () -- C:\Users\Tanya\ntuser.dat
[2011-10-01 13:26:34 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-10-01 13:26:34 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-10-01 12:39:02 | 00,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003UA.job
[2011-10-01 12:26:32 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011-10-01 12:08:03 | 00,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011-10-01 11:58:20 | 00,001,039 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011-10-01 11:51:11 | 00,780,070 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011-10-01 11:51:11 | 00,662,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-10-01 11:51:11 | 00,130,758 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-10-01 11:44:49 | 00,108,931 | ---- | M] () -- C:\Users\Tanya\AppData\Roaming\nvModes.001
[2011-10-01 11:43:20 | 00,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011-10-01 11:43:06 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-10-01 11:43:00 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-09-28 01:02:23 | 00,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-09-28 01:00:26 | 00,065,536 | -HS- | M] () -- C:\Users\Tanya\ntuser.dat{1a81cb27-ab1f-11e0-9991-001e3d8820d6}.TM.blf
[2011-09-28 01:00:25 | 00,524,288 | -HS- | M] () -- C:\Users\Tanya\ntuser.dat{1a81cb27-ab1f-11e0-9991-001e3d8820d6}.TMContainer00000000000000000001.regtrans-ms
[2011-09-28 01:00:18 | 02,050,614 | -H-- | M] () -- C:\Users\Tanya\AppData\Local\IconCache.db
[2011-09-28 00:36:33 | 00,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-963744613-1606295528-1370569751-1003Core.job
[2011-09-20 22:29:40 | 00,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011-09-20 22:09:39 | 00,409,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-09-19 22:29:27 | 00,038,912 | R--- | M] () -- C:\Users\Tanya\Desktop\Tanya CV (2).doc
[2011-09-19 01:20:17 | 02,322,184 | ---- | M] (ESET) -- C:\Users\Tanya\Desktop\esetsmartinstaller_enu.exe
[2011-09-19 01:00:30 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2011-09-19 01:00:25 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011-09-19 00:01:15 | 04,217,591 | R--- | M] (Swearware) -- C:\Users\Tanya\Desktop\ComboFix.exe
[2011-09-18 23:56:38 | 00,000,000 | ---- | M] () -- C:\Users\Tanya\defogger_reenable
[2011-09-18 23:56:09 | 00,050,477 | ---- | M] () -- C:\Users\Tanya\Desktop\Defogger.exe
[2011-09-18 01:14:20 | 00,001,356 | ---- | M] ()
Post by: guestolo on October 01, 2011, 03:21:47 PM
- Press the Windows Key and R on your keyboard. This will bring up the Run... command.
- Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
- Please follow the prompts to uninstall Combofix.
- You will then receive a message saying Combofix was uninstalled successfully once it's done uninstalling itself.
You can go ahead and uninstall Eset Online Scanner from Programs and Features in Control Panel
Right click on OTL.exe and choose to "Run as Admin"
- Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote pleaseQuote
:OTL
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cc9abb2&v=6.103.018.001&i=29&tp=ab&iy=&ychte=aa&lng=en-US&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
[2011-05-13 13:19:36 | 00,002,359 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll File not found
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Malwarebytes Anti-Malware (reboot)"=-
"QuickTime Task"=-
:Files
C:\Users\Tanya\Desktop\esetsmartinstaller_enu.exe
C:\Users\Tanya\Desktop\TDSSKiller.exe
C:\Program Files\ESET
:Commands
[Reboot] - Then click the [color="#FF0000"]Run Fix[/color] button at the top
- Let the program run unhindered, reboot the PC when it is done
On startup, Allow OTL to run if prompted
A log should open, I don't need to see it, you can just close it out
To enable CD Emulation programs using DeFogger please perform these steps:
1.Double-click on the DeFogger icon to start the tool.
2.The application window will now appear. You should now click on the Enable button to enable your CD Emulation drivers
3.When it prompts you whether or not you want to continue, please click on the Yes button to continue
4.When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
5.If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button."
If you do have to reboot, back in Windows
One last reboot please
Again, right click on OTL.exe and choose to "run as Admin"
Click on the CLEANUP button, this will remove files/folders related to OTL.exe and other tools
It will also delete OTL.exe itself
Please reboot when prompted
Come back here and let me know how things are still running>> Last time
I'll lock this topic if everything is alright