Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Redirect vrus


(!)

Diggidy's Avatar
Diggidy Diggidy is offline
Computer Specs
Junior Member with 3 posts.
THREAD STARTER
 
Join Date: Jul 2010
20-Jul-2010, 12:12 PM #1
Redirect vrus
Hello,

My Sony AR520 Intel Centrino Duo Laptop is running Windows Vista.
I AM EXPERIENCING AN AGONIZING REDIRECT VIRUS.
When ever i use google or any other search engine I am redirected.
PPPPPlease Help!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
I ran OTL and here are the following OTL and OTL Extra logs:

OTL logfile created on: 7/20/2010 11:38:49 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Robin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.22 Gb Total Space | 74.88 Gb Free Space | 41.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBIN-PC
Current User Name: Robin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Processes (SafeList) ==========

PRC - C:\Users\Robin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\PX Storage Engine\VxBlockServer.exe (Sonic Solutions)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Robin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (ITGrdEngine) -- C:\Users\Robin\AppData\Local\Microsoft\Windows\services.exe File not found
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (RoxWatch12) -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe (Sonic Solutions)
SRV - (RoxMediaDB12) -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe (Sonic Solutions)
SRV - (CinemaNow Service) -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (ICScsiSV) -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe (Sony Corporation)
SRV - (IcVzMonLauncher) -- C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe ( )
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (s117obex) -- C:\Windows\System32\drivers\s117obex.sys (MCCI Corporation)
DRV - (s117mdm) -- C:\Windows\System32\drivers\s117mdm.sys (MCCI Corporation)
DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s117mgmt.sys (MCCI Corporation)
DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\Windows\System32\drivers\s117unic.sys (MCCI Corporation)
DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\Windows\System32\drivers\s117nd5.sys (MCCI Corporation)
DRV - (s117mdfl) -- C:\Windows\System32\drivers\s117mdfl.sys (MCCI Corporation)
DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\Windows\System32\drivers\s117bus.sys (MCCI Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SonyImgF) -- C:\Windows\System32\drivers\SonyImgF.sys (Sony Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (slim) -- C:\Windows\System32\drivers\slim.sys (Sony Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE8ENUS/701
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/sea...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/...ab-en-us&query="


FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files\eMusic Download Manager\xulrunner\components [2010/06/12 21:02:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files\eMusic Download Manager\xulrunner\plugins [2010/06/12 21:02:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/12 21:02:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/12 22:10:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/12 21:17:48 | 000,000,000 | ---D | M]

[2009/06/24 23:50:57 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions
[2009/06/24 23:50:57 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 21:29:54 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions
[2010/06/12 21:03:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/12 20:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/01/28 04:13:07 | 000,004,546 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\aim-search.xml
[2010/06/12 19:18:25 | 000,002,168 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\inbox-search.xml
[2010/06/12 19:18:24 | 000,009,944 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\puredefmusic.xml
[2010/06/13 20:14:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/12 21:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/06/12 21:02:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/05 19:54:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/04/07 00:21:14 | 001,212,416 | ---- | M] (cedelia) -- C:\Program Files\Mozilla Firefox\plugins\NPStreamPlug.dll
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2010/06/04 19:06:08 | 000,403,693 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13965 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Miva)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Miva)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RunSpySweeperScheduleAtStartup] C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: qflix.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: roxio.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: sonic.com ([redirect] http in Trusted sites)
O15 - HKCU\..Trusted Domains: sonic.com ([redirect2] http in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: bdsripcab https://media.bdsrealtime.com/components/bdsripcab.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\sm3_wp1280x1024.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\sm3_wp1280x1024.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{bfce8bc5-9860-11de-85e4-0013a9e2bb24}\Shell\AutoRun\command - "" = G:\MI.exe -- File not found
O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\AutoRun\command - "" = xpbkh.com
O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\explore\Command - "" = xpbkh.com
O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\open\Command - "" = xpbkh.com
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/07/20 11:17:55 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2010/07/15 19:01:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Luis
[2010/07/14 21:23:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\monster
[2010/07/14 15:24:32 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\restaurant week menus
[2010/07/12 20:30:21 | 000,000,000 | ---D | C] -- C:\Roxio
[2010/07/03 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\sdcard2
[2010/07/03 13:40:24 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\sdcard
[2010/06/29 16:58:05 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/24 08:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/20 20:43:09 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\SafeReturner
[2010/06/20 20:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Safe Returner
[2010/06/20 20:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/06/20 20:38:20 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Yahoo!
[2010/06/20 20:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/06/12 17:23:52 | 000,000,000 | ---D | C] -- C:\Program Files\puredefmusic
[2010/06/09 13:09:59 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/06/05 19:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/06/05 19:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/06/05 19:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar Installer
[2010/06/05 19:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/03 21:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/06/03 21:10:10 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Simply Super Software
[2010/06/03 20:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic Anti-Virus PLUS
[2010/06/03 20:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2010/05/26 23:04:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/05/26 23:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/05/26 23:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/05/26 22:44:39 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Malwarebytes
[2010/05/26 22:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/26 22:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/26 22:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/05/26 22:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Robin\Desktop\*.tmp files -> C:\Users\Robin\Desktop\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/20 11:42:56 | 008,126,464 | -HS- | M] () -- C:\Users\Robin\ntuser.dat
[2010/07/20 11:35:59 | 000,037,453 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\nvModes.001
[2010/07/20 11:17:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2010/07/20 10:49:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/19 21:36:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/19 21:36:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/18 02:29:47 | 000,553,065 | ---- | M] () -- C:\Users\Robin\Documents\Tony_EPK.docx
[2010/07/18 01:24:36 | 000,303,773 | ---- | M] () -- C:\Users\Robin\Documents\Tony_EPK.pdf
[2010/07/15 23:47:24 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C5F41DDD-25A2-496D-B963-3747E0C393A7}.job
[2010/07/15 13:21:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/14 15:09:26 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TMContainer00000000000000000001.regtrans-ms
[2010/07/14 15:09:26 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TM.blf
[2010/07/04 12:28:33 | 000,000,809 | ---- | M] () -- C:\Users\Robin\Desktop\CCleaner.lnk
[2010/07/04 08:01:54 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/29 17:02:15 | 004,399,507 | -H-- | M] () -- C:\Users\Robin\AppData\Local\IconCache.db
[2010/06/29 16:58:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/28 15:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/27 22:27:35 | 000,000,680 | ---- | M] () -- C:\Users\Robin\AppData\Local\d3d9caps.dat
[2010/06/27 18:50:58 | 000,037,453 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\nvModes.dat
[2010/06/24 09:40:43 | 000,333,802 | ---- | M] () -- C:\Users\Robin\Documents\Nielsen BDS How to Submit Music.pdf
[2010/06/24 08:25:01 | 000,001,960 | ---- | M] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/24 08:23:54 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/24 08:23:32 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/20 21:51:44 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Safe Returner.lnk
[2010/06/18 13:08:45 | 000,769,194 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/06/18 13:08:45 | 000,650,720 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/06/18 13:08:45 | 000,122,622 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/06/13 19:48:03 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/06/12 22:35:50 | 000,161,153 | ---- | M] () -- C:\Users\Robin\Desktop\All on the line TREATMENT.docx
[2010/06/12 21:28:29 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TMContainer00000000000000000002.regtrans-ms
[2010/06/12 21:16:49 | 003,932,160 | -HS- | M] () -- C:\Users\Robin\ntuser.dat_previous
[2010/06/12 19:29:48 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{c1e39317-b8e1-11dd-bdfa-0013e82a6b2d}.TMContainer00000000000000000001.regtrans-ms
[2010/06/12 19:29:48 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{c1e39317-b8e1-11dd-bdfa-0013e82a6b2d}.TM.blf
[2010/06/05 19:34:32 | 000,000,134 | ---- | M] () -- C:\Users\Robin\Desktop\Power Options - Shortcut (2).lnk
[2010/06/05 19:34:11 | 000,000,134 | ---- | M] () -- C:\Users\Robin\Desktop\Power Options - Shortcut.lnk
[2010/06/05 15:18:56 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/04 19:06:08 | 000,403,693 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/06/04 18:58:20 | 000,001,084 | ---- | M] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/06/04 18:58:20 | 000,001,060 | ---- | M] () -- C:\Users\Robin\Desktop\Spybot - Search & Destroy.lnk
[2010/06/04 15:50:07 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TMContainer00000000000000000002.regtrans-ms
[2010/06/04 15:50:07 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TMContainer00000000000000000001.regtrans-ms
[2010/06/04 15:50:07 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TM.blf
[2010/06/04 06:58:06 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TMContainer00000000000000000001.regtrans-ms
[2010/06/04 06:58:06 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TM.blf
[2010/05/26 23:45:37 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TMContainer00000000000000000002.regtrans-ms
[2010/05/26 23:44:24 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TMContainer00000000000000000001.regtrans-ms
[2010/05/26 23:44:24 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TM.blf
[2010/05/25 01:15:37 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TMContainer00000000000000000002.regtrans-ms
[2010/05/11 01:31:40 | 013,639,762 | ---- | M] () -- C:\Users\Robin\Documents\locomotivecdcover.psd
[2010/04/30 10:59:54 | 001,728,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/29 11:55:24 | 039,109,056 | ---- | M] () -- C:\Users\Robin\Desktop\1 Track 01.aiff
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Robin\Desktop\*.tmp files -> C:\Users\Robin\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/18 01:27:07 | 000,553,065 | ---- | C] () -- C:\Users\Robin\Documents\Tony_EPK.docx
[2010/07/18 01:24:30 | 000,303,773 | ---- | C] () -- C:\Users\Robin\Documents\Tony_EPK.pdf
[2010/07/15 17:49:18 | 000,000,392 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{C5F41DDD-25A2-496D-B963-3747E0C393A7}.job
[2010/06/27 20:36:06 | 000,000,680 | ---- | C] () -- C:\Users\Robin\AppData\Local\d3d9caps.dat
[2010/06/24 09:40:43 | 000,333,802 | ---- | C] () -- C:\Users\Robin\Documents\Nielsen BDS How to Submit Music.pdf
[2010/06/24 08:25:01 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/24 08:25:01 | 000,001,960 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/24 08:23:54 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/24 08:23:32 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/06/20 21:51:44 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Safe Returner.lnk
[2010/06/13 19:48:03 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/06/12 22:35:49 | 000,161,153 | ---- | C] () -- C:\Users\Robin\Desktop\All on the line TREATMENT.docx
[2010/06/12 21:28:26 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TMContainer00000000000000000002.regtrans-ms
[2010/06/12 21:28:25 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TMContainer00000000000000000001.regtrans-ms
[2010/06/12 21:28:25 | 000,065,536 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TM.blf
[2010/06/05 19:34:32 | 000,000,134 | ---- | C] () -- C:\Users\Robin\Desktop\Power Options - Shortcut (2).lnk
[2010/06/05 19:34:11 | 000,000,134 | ---- | C] () -- C:\Users\Robin\Desktop\Power Options - Shortcut.lnk
[2010/06/04 18:58:20 | 000,001,084 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/06/04 18:58:20 | 000,001,060 | ---- | C] () -- C:\Users\Robin\Desktop\Spybot - Search & Destroy.lnk
[2010/06/04 13:47:43 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TMContainer00000000000000000002.regtrans-ms
[2010/06/04 13:47:43 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TMContainer00000000000000000001.regtrans-ms
[2010/06/04 13:47:43 | 000,065,536 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{f9965bc9-6fdd-11df-9542-0013e82a6b2d}.TM.blf
[2010/05/26 23:45:37 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TMContainer00000000000000000002.regtrans-ms
[2010/05/26 23:45:37 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TMContainer00000000000000000001.regtrans-ms
[2010/05/26 23:45:37 | 000,065,536 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{a83bc0e7-6945-11df-a081-0013a9e2bb24}.TM.blf
[2010/05/25 01:15:37 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 01:15:37 | 000,524,288 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 01:15:37 | 000,065,536 | -HS- | C] () -- C:\Users\Robin\ntuser.dat{2d2e54a2-67bb-11df-baa2-caf5feb2c323}.TM.blf
[2010/05/10 23:37:35 | 013,639,762 | ---- | C] () -- C:\Users\Robin\Documents\locomotivecdcover.psd
[2010/04/29 11:24:23 | 039,109,056 | ---- | C] () -- C:\Users\Robin\Desktop\1 Track 01.aiff
[2010/01/11 05:07:48 | 000,000,362 | ---- | C] () -- C:\Windows\bdsrip.ini
[2009/10/12 13:06:20 | 001,103,360 | ---- | C] () -- C:\Windows\System32\cidfont.dll
[2009/09/10 19:14:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/17 02:26:01 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/02/20 21:05:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/02/20 21:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/02/20 21:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/02/20 21:03:24 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/10/02 02:07:44 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007/10/02 02:00:13 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2007/05/29 23:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/05/29 21:52:09 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/15 13:31:02 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/03/15 13:31:00 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2007/03/15 13:30:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/01/28 00:54:21 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\acccore
[2010/03/17 10:53:21 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\eMusic
[2009/08/11 18:33:12 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Image Zone Express
[2008/04/01 01:02:12 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\InterVideo
[2010/06/12 20:51:40 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\LimeWire
[2009/07/02 16:08:56 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Printer Info Cache
[2010/07/04 18:03:14 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\SafeReturner
[2009/12/06 02:54:51 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Simple Star
[2009/09/30 03:14:22 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Sony
[2010/06/12 20:49:43 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Sony Setup
[2008/06/21 09:47:21 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Template
[2009/11/02 16:06:20 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\YouSendIt
[2010/07/15 23:48:21 | 000,032,566 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/07/15 23:47:24 | 000,000,392 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C5F41DDD-25A2-496D-B963-3747E0C393A7}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/05/29 22:27:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/03/31 01:16:47 | 000,000,164 | ---- | M] () -- C:\install.dat
[2009/07/02 16:09:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/28 00:53:40 | 000,000,706 | -H-- | M] () -- C:\IPH.PH
[2009/07/02 16:09:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/14 15:10:35 | 3533,185,024 | -HS- | M] () -- C:\pagefile.sys
[2009/04/05 22:40:25 | 000,002,912 | ---- | M] () -- C:\process.dot
[2008/06/15 01:05:50 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG1
[2008/06/15 01:05:50 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG2
[2009/09/11 10:11:00 | 3451,852,800 | ---- | M] () -- C:\PutDataSample.yuv
[2009/12/10 01:41:20 | 000,006,094 | ---- | M] () -- C:\scramble.log
[2008/10/24 04:46:35 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log
[2007/10/02 02:12:47 | 000,383,228 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 01:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 01:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_03_Mov.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_02a_Mov.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_01_MOV.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\Five_Wink_pt_1_revised.mp4:TOC.WMV
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >

OTL Extras logfile created on: 7/20/2010 11:38:49 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Robin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.22 Gb Total Space | 74.88 Gb Free Space | 41.78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBIN-PC
Current User Name: Robin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"UacDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{08EF0BAA-D4D0-4B8B-8B66-0E438C9ADFDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{41859A26-8303-4D58-BD3D-ABAEA160093D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{552B6BA7-A1B7-45B0-BD87-FAC2069CFE02}" = rport=137 | protocol=17 | dir=out | app=system |
"{59CBE7BE-6929-4873-AA5D-8843C1654077}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66132F1B-2CAE-4264-8FB6-7FA5304E9F3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{692FF581-E074-4151-8A4A-76D5598C06CF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{80C4D03F-A789-4AA1-987D-181EDF8EEB52}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{93E29C39-CA9D-4E6B-AA60-5BE8C2AA5239}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9A5F7C50-513C-49C1-9621-EE482813377D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A44BDDD6-8BA2-4B81-AF38-04DEF8A8D1C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADC93564-52C4-4196-A71E-1AFCA8FAD814}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1757ED4-BE98-4B7F-B127-333DBAA5FB68}" = lport=445 | protocol=6 | dir=in | app=system |
"{BE763CD6-9E8C-44E1-8B27-C2F440E7D818}" = rport=138 | protocol=17 | dir=out | app=system |
"{C60C75B5-63FB-4A5B-A79A-04B404C10B2A}" = lport=139 | protocol=6 | dir=in | app=system |
"{D072C7BF-BA5F-45A5-B3D5-24EEFCF60F11}" = lport=138 | protocol=17 | dir=in | app=system |
"{F92A9044-648C-4651-A8DC-9B06799C23A0}" = rport=139 | protocol=6 | dir=out | app=system |
"{FC2457DC-09FF-4928-B4E6-A053AA8F3620}" = lport=137 | protocol=17 | dir=in | app=system |
"{FC65FC5F-3374-4643-8582-9DEC22E067D4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{1565E9EB-DF73-41CC-B613-D794A5C74F8D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{191CA513-F684-4F38-B4EF-53011FA11AFB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{212732B8-C1B9-48B4-BEBA-430779252F6C}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{34D45B8D-5A29-4D42-A4E4-6691A97AA958}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{38730B1C-DCE9-4948-9022-295A97B7D15C}" = protocol=17 | dir=in | app=c:\program files\roxio 2010\venue\venue.exe |
"{467BFED8-901F-4E7C-87AC-69C6F94143EE}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{4FEBED2E-1437-45F4-94AA-F6A4884EC6E0}" = protocol=17 | dir=in | app=c:\program files\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{58A94D99-4DF7-4134-B576-66293D682A7F}" = protocol=17 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{65E802FC-2404-4A32-8903-C4B027924FF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C469AFD-DFD7-4A3A-8B2F-785FE399751C}" = protocol=6 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{8D6B58E0-C5A4-41D5-9B4A-61C158825098}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9673BBC4-A116-4058-B859-3C54AF8DA0C0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{98421D80-EF2C-4DC3-9236-52CC7428DFAE}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{985DA24C-BB7B-410E-853E-E029640F1A98}" = protocol=6 | dir=in | app=c:\program files\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{A48A9A24-969D-4E78-B987-1B3C7E18829C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A8172699-E457-449C-AA16-43D223201193}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{B2CBF0BE-5AAE-40D1-9C98-C01B29ADAB94}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media 6.0\vc.exe |
"{B533A315-A121-44DF-B519-679DAC1F882F}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media 6.0\vc.exe |
"{BE3DC147-DF92-4EA7-8B96-1B6564061499}" = protocol=6 | dir=in | app=c:\program files\roxio 2010\venue\venue.exe |
"{C1892DF3-A88D-4360-9B3B-22BB18F77868}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CEF0404E-D541-4FAE-80C2-9E2BF2EC7582}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E118D529-30C6-48D9-85BF-735BD7EBCB6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FEDFD225-E1F0-48BA-889D-209FCBE5DF48}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{1B4EF5A4-0747-47BF-8DFB-42E617DCCC15}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1BDEE2C7-37A4-4D5C-BA2E-072E82A3BA21}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{2EC42FCC-0C43-487E-A8EF-83B44AFFB5CF}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{587DF62E-9210-43CA-8384-ADAB3674B180}H:\bin\ia\core\mdm_util.exe" = protocol=6 | dir=in | app=h:\bin\ia\core\mdm_util.exe |
"TCP Query User{79C345B7-3600-41BB-B1BE-95FC2404F662}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{D1D335E8-859F-47DD-91CF-69288D06109B}C:\program files\sony\vaio media registration tool\vmpclient.exe" = protocol=6 | dir=in | app=c:\program files\sony\vaio media registration tool\vmpclient.exe |
"UDP Query User{096F5D8C-FEF4-4F71-84EA-4A484B0F24D8}C:\program files\sony\vaio media registration tool\vmpclient.exe" = protocol=17 | dir=in | app=c:\program files\sony\vaio media registration tool\vmpclient.exe |
"UDP Query User{29133E20-0FED-4022-96D3-DA62E5F92395}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{4927D4E8-4D43-43D7-B1EE-0F654C68B99F}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{6CDD8B14-3B85-4E81-9F45-6E5509507C47}H:\bin\ia\core\mdm_util.exe" = protocol=17 | dir=in | app=h:\bin\ia\core\mdm_util.exe |
"UDP Query User{D3862CC6-A9C0-4342-832D-CB7785C56255}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{F04B43F7-8B6C-49A8-9057-6450983BBB69}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{04A6FA31-F1A6-426E-9DB4-276FD7FEB91B}" = AOL Helper
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{337CBC16-F6F3-411A-9A3F-DB21C57BFDFD}" = Simple Start Entice
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{3B203763-8CA0-4A62-AFFD-44F7F7C8889A}" = VAIO Video & Photo Suite
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{428A6DA3-FD56-44AE-B602-15DCCD6A7515}" = VAIO AV Mode Launcher
"{43CD257A-4F32-4BDE-9B3D-14E6E10C8307}" = Roxio Creator 2010
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4D0AAB66-E604-4E82-A5AF-01AB97CB506D}" = Roxio Creator 2010 Content
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" =
"{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5491453D-8C3E-4785-AC5C-E9A4DABF378A}" = Roxio Venue
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65A79175-3C4C-41F4-92AF-BA1DDDBA0626}" = Roxio Burn Manager CDB
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{661F85B9-FB7F-4884-BFCB-09C71930BA8F}" = ArcSoft MediaImpression for Kodak
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Video & Photo Suite
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733CDF24-0A93-426E-AA89-DF281EB54793}" = Roxio CinePlayer
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator 2010
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{7E545666-F419-45FD-B3DF-C0B99A1A579F}" = QuickBooks Simple Start Free Starter Edition
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{88908767-B7AD-4b0d-ACBC-FBCCF2761D31}" = HP Photosmart All-In-One Software 9.0
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator 2010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C44C027-7B9F-46F1-8FD8-5767403A7CA5}" = AppMon Utility
"{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{906C01EE-B242-4197-AE85-6C506E1B869B}" = Roxio Burn Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9FDC7042-CB9F-4336-A14C-DF10F53762E2}" = Topaz Adjust 4
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{AFB6AFBA-88B1-48A7-AF52-BA59BA5F183B}" = Image Converter 3
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BABC878D-BB64-4688-9A88-1D9E88F339A9}" = VAIO Productivity Center
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer
"{C299F969-AE3D-4679-ADF5-682A186CE62E}" = VAIO Center Access Bar
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36E4755-83B9-4B10-BE51-0AC5B9F43C1F}" = VAIO Media
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D6651810-8439-4F25-BACC-5FB66D4B1A63}" = VAIO Media Registration Tool
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{D937DD80-3928-4617-876F-538A25AECB17}" = LocationFree Player
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}" = MobileMe Control Panel
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E5874895-A35A-4EF9-8720-8FA946AF842F}_is1" = Safe Returner version 1.24
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E74F7423-77CB-4F6A-A44D-604E1010FE50}" = VAIO Entertainment Center
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"alotToolbar" = ALOT Toolbar
"AOL Toolbar 4.0" = AOL Toolbar 4.0
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"eMusic Download Manager" = eMusic Download Manager 4.1.3.1
"Google Chrome" = Google Chrome
"Grouper Screen Saver_is1" = Grouper Screen Saver 1.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE}" = YouSendIt Express
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Ken Ward's Zipper_is1" = Ken Ward's Zipper 1.4000
"LimeWire" = LimeWire 5.1.4
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"office Convert Image TIFF Jpeg to Pdf Free_is1" = office Convert Image TIFF Jpeg to Pdf Free 6.2
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-13-24-01
"Roxio PhotoShow" = Roxio PhotoShow
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Spiderman 3" = Spiderman 3 XXXX
"StreamPlug" = StreamPlug Player
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Service Utility" = VAIO Service Utility
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/22/2008 9:44:56 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:45:55 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:46:16 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:46:41 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:47:29 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:48:28 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:49:08 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 11/22/2008 9:50:16 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 5/27/2010 5:32:28 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

Error - 6/9/2010 8:47:50 PM | Computer Name = Robin-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 7/19/2010 3:31:20 PM | Computer Name = Robin-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
0x47918b89, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x0004a20d, process id 0x16d4, application
start time 0x01cb2778f69732f0.

Error - 7/19/2010 3:31:24 PM | Computer Name = Robin-PC | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/19/2010 8:34:13 PM | Computer Name = Robin-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
0x47918b89, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000374, fault offset 0x000afaf8, process id 0x11e0, application
start time 0x01cb277912161410.

Error - 7/19/2010 8:34:34 PM | Computer Name = Robin-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
0x47918b89, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x0004a20d, process id 0x16a0, application
start time 0x01cb27a3534c6860.

Error - 7/19/2010 8:34:39 PM | Computer Name = Robin-PC | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/19/2010 8:35:34 PM | Computer Name = Robin-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
0x47918b89, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821,
exception code 0xc0000005, fault offset 0x0004a20d, process id 0xef0, application
start time 0x01cb27a377113500.

Error - 7/19/2010 8:35:39 PM | Computer Name = Robin-PC | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/19/2010 11:47:55 PM | Computer Name = Robin-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module Flash10c.ocx, version 10.0.32.18, time stamp 0x4a613d79,
exception code 0xc0000005, fault offset 0x00157429, process id 0xf28, application
start time 0x01cb27a09c8873f0.

Error - 7/20/2010 12:40:01 PM | Computer Name = Robin-PC | Source = SPP | ID = 16387
Description =

Error - 7/20/2010 12:40:01 PM | Computer Name = Robin-PC | Source = System Restore | ID = 8193
Description =

[ Media Center Events ]
Error - 8/28/2008 11:02:33 AM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 3/14/2009 7:43:03 PM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 54 seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/4/2009 12:27:31 PM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 2080 seconds with 780 seconds of active time. This session ended with a
crash.

Error - 10/1/2009 2:01:01 AM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 37 seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/18/2009 3:22:54 AM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 83 seconds with 60 seconds of active time. This session ended with a crash.

Error - 1/22/2010 4:16:25 AM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4517
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/20/2010 9:21:51 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:21:56 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:01 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:06 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:11 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:16 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:21 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:26 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 9:22:31 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 7/20/2010 11:49:02 AM | Computer Name = Robin-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.


< End of report >
SweetTech's Avatar
Senior Member with 1,016 posts.
 
Join Date: Jan 1970
Location: Antarctica
20-Jul-2010, 12:36 PM #2
My name is SweetTech. I would be glad to take a look at your log and help you with solving any malware problems.

If you have already received help elsewhere please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instruction that I give you.
    Reading too lightly will cause you to miss important steps, which could have destructive effects.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. It's important to note that these instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. The only time you can and should PM me is when I have not been replying to you for several days (usually around 3 days) and you need an explanation. If that's the case, just send me a message to me on here.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.
____________________________________________________

OTL Fix

We need to run an OTL Fix
  1. Please reopen on your desktop.
  2. Copy and Paste the following code into the textbox. Do not include the word "Code"

    Code:
    :Services
    :OTL
    SRV - (ITGrdEngine) -- C:\Users\Robin\AppData\Local\Microsoft\Windows\services.exe File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe File not found
    O15 - HKCU\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
    O15 - HKCU\..Trusted Domains: qflix.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: roxio.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: sonic.com ([redirect] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: sonic.com ([redirect2] http in Trusted sites)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: bdsripcab https://media.bdsrealtime.com/components/bdsripcab.cab (Reg Error: Key error.)
    O33 - MountPoints2\{bfce8bc5-9860-11de-85e4-0013a9e2bb24}\Shell\AutoRun\command - "" = G:\MI.exe -- File not found
    O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\AutoRun\command - "" = xpbkh.com
    O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\explore\Command - "" = xpbkh.com
    O33 - MountPoints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\Shell\open\Command - "" = xpbkh.com
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe -- File not found
    [2010/06/09 13:09:59 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
    @Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_03_Mov.avi:TOC.WMV
    @Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_02a_Mov.avi:TOC.WMV
    @Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\T_01_MOV.avi:TOC.WMV
    @Alternate Data Stream - 64 bytes -> C:\Users\Robin\Desktop\Five_Wink_pt_1_revised.mp4:TOC.WMV
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CB0AACC9
    
    :Reg
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [start explorer]
    [Reboot]
  3. Push
  4. OTL may ask to reboot the machine. Please do so if asked.
  5. Click .
  6. A report will open. Copy and Paste that report in your next reply.
  7. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.


NEXT:



Running TDSSKiller


Please Note: If you have a previous version of TDSSKiller downloaded please delete it now and download a fresh copy using the links provided below.


Download TDSSKiller from one of the links below:

Zipped Version or Executable (Not Zipped) Version


Note: If you download the TDSSKiller.zip version you will first need to unzip (extract) the file to your computer before running it.


Please ensure that you save the TDSSKiller file to you desktop.


If TDSSKiller asks you to close all programs please allow it to do so.


If you see the following:
To finalize removal of infection and avoid loosing of data program will reboot your PC now.
Close all programs and choose Y to restart or N to continue.


Please enter Y and allow TDSSKiller to reboot your computer.


Once completed it will create a log in your C:\ drive. An example of a log file is: C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.


Please post the content of the TDSSKiller log.



NEXT:



Please post the request logs above as well as an update on how your computer is currently running.
Diggidy's Avatar
Diggidy Diggidy is offline
Computer Specs
Junior Member with 3 posts.
THREAD STARTER
 
Join Date: Jul 2010
20-Jul-2010, 02:13 PM #3
Thanks Sweet Tech,

The problem seems to be solved. No more reidirecting when using google.

Please find the following requested logs below:

All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Service ITGrdEngine stopped successfully!
Service ITGrdEngine deleted successfully!
File C:\Users\Robin\AppData\Local\Microsoft\Windows\services.exe File not found not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUp dateSched deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cinemanow.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cinemanow.com\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\qflix.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\roxio.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sonic.com\redirect\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sonic.com\redirect2\ deleted successfully.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\CONFLICT.2\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control bdsripcab
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\bdsripcab\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\bdsripcab\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\bdsripcab\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{bfce8bc5-9860-11de-85e4-0013a9e2bb24}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfce8bc5-9860-11de-85e4-0013a9e2bb24}\ not found.
File G:\MI.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ not found.
File xpbkh.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ not found.
File xpbkh.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e868a5a0-b924-11dd-9850-0013a9e2bb24}\ not found.
File xpbkh.com not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountP oints2\G\ deleted successfully.
File G:\MI.exe not found.
C:\Windows\System32\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\System32\%APPDATA%\Microsoft\Windows folder moved successfully.
C:\Windows\System32\%APPDATA%\Microsoft folder moved successfully.
C:\Windows\System32\%APPDATA% folder moved successfully.
ADS C:\Users\Robin\Desktop\T_03_Mov.avi:TOC.WMV deleted successfully.
ADS C:\Users\Robin\Desktop\T_02a_Mov.avi:TOC.WMV deleted successfully.
ADS C:\Users\Robin\Desktop\T_01_MOV.avi:TOC.WMV deleted successfully.
ADS C:\Users\Robin\Desktop\Five_Wink_pt_1_revised.mp4:TOC.WMV deleted successfully.
ADS C:\ProgramData\TEMP:CB0AACC9 deleted successfully.
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Robin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 414487822 bytes
->Java cache emptied: 61660666 bytes
->FireFox cache emptied: 74259377 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 14043 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19018732 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 137477 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\ Temporary Internet Files folder emptied: 108319098 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deploy ment folder emptied: 13700848 bytes
RecycleBin emptied: 150464 bytes

Total Files Cleaned = 660.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Public

User: Robin
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 07202010_125901
Files\Folders moved on Reboot...
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\ads[8].txt moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\iframescript[2].htm moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\sh20[1].html moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\tag[1].aspx moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\tag[2].aspx moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U4RSLYNT\tag[3].aspx moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\937064-redirect-vrus[1].html moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\ads[7].txt moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\en[1].txt moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\mail[2].htm moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\mail[3].txt moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\960N3LEQ\mail[5].htm moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\01K4C2AU\ads[8].txt moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File\Folder C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLCL9V8R(7270)\ver;chan=beauty;cont=subsubtopic;sect=make over;pageid=207626!c=btf;!c=btf;tile=3;pos=3;sz=300x250,160x600,300x600,120 x600;ord=1235404342;pm=1;tandomad=none;!c=ugc[1] not found!
File\Folder C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CD2X9HZ5(7268)\chan=beauty;cont=subsubtopic;sect=makeover ;pageid=207626;dcopt=ist;!c=nopopup;!c=nopopunder;tile=1;pos=1;sz=728x90,97 0x66;ord=1235404342;pm=1;tandomad=none;!c=ugc[1] not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\JET2A4A.tmp not found!
Registry entries deleted on Reboot...

13:09:13:063 5868 TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49
13:09:13:063 5868 =========================================================================== =====
13:09:13:063 5868 SystemInfo:
13:09:13:063 5868 OS Version: 6.0.6002 ServicePack: 2.0
13:09:13:063 5868 Product type: Workstation
13:09:13:063 5868 ComputerName: ROBIN-PC
13:09:13:063 5868 UserName: Robin
13:09:13:063 5868 Windows directory: C:\Windows
13:09:13:063 5868 System windows directory: C:\Windows
13:09:13:063 5868 Processor architecture: Intel x86
13:09:13:063 5868 Number of processors: 2
13:09:13:063 5868 Page size: 0x1000
13:09:13:063 5868 Boot type: Normal boot
13:09:13:063 5868 =========================================================================== =====
13:09:13:594 5868 Initialize success
13:09:13:594 5868
13:09:13:594 5868 Scanning Services ...
13:09:14:857 5868 Raw services enum returned 489 services
13:09:14:873 5868
13:09:14:873 5868 Scanning Drivers ...
13:09:15:778 5868 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:09:16:152 5868 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:09:16:464 5868 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:09:16:885 5868 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:09:17:400 5868 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:09:17:712 5868 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
13:09:18:040 5868 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
13:09:18:430 5868 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
13:09:18:679 5868 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:09:19:584 5868 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
13:09:19:927 5868 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
13:09:20:738 5868 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
13:09:21:175 5868 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:09:21:316 5868 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:09:21:378 5868 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:09:21:425 5868 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:09:21:518 5868 aswFsBlk (0c0b08847f2f24baa7bd43d8f2c6c8b0) C:\Windows\system32\drivers\aswFsBlk.sys
13:09:21:815 5868 aswMonFlt (effc39a1edf04e83a42279d9daa696a7) C:\Windows\system32\drivers\aswMonFlt.sys
13:09:22:127 5868 aswRdr (f385ffd39165453fda96736aa3edfd9d) C:\Windows\system32\drivers\aswRdr.sys
13:09:22:517 5868 aswSP (45adea26bf613a54fed64ecdd12e58a7) C:\Windows\system32\drivers\aswSP.sys
13:09:22:829 5868 aswTdi (c4ee975c87176f1900662d2874233c7f) C:\Windows\system32\drivers\aswTdi.sys
13:09:23:016 5868 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:09:23:063 5868 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:09:23:406 5868 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:09:24:358 5868 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
13:09:24:498 5868 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:09:24:654 5868 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:09:24:935 5868 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:09:25:418 5868 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:09:25:840 5868 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:09:26:276 5868 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:09:26:729 5868 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:09:27:181 5868 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
13:09:27:634 5868 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:09:28:226 5868 Cdr4_xp (b025339fbc76547db7d9633d83d0706d) C:\Windows\system32\drivers\Cdr4_xp.sys
13:09:28:538 5868 Cdralw2k (2ede09c61866fac671953576fe4ca3bc) C:\Windows\system32\drivers\Cdralw2k.sys
13:09:29:272 5868 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:09:29:490 5868 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:09:29:615 5868 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:09:29:958 5868 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:09:30:410 5868 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
13:09:30:722 5868 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:09:31:409 5868 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:09:31:924 5868 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:09:32:189 5868 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
13:09:32:844 5868 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:09:33:062 5868 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
13:09:33:530 5868 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
13:09:34:030 5868 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:09:34:388 5868 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
13:09:34:888 5868 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:09:35:153 5868 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
13:09:35:558 5868 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:09:35:824 5868 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:09:36:323 5868 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:09:37:274 5868 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:09:37:774 5868 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:09:38:351 5868 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
13:09:38:616 5868 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:09:38:678 5868 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:09:39:209 5868 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
13:09:39:677 5868 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:09:40:020 5868 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:09:40:379 5868 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:09:40:644 5868 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\Windows\system32\Drivers\GEARAspiWDM.sys
13:09:40:972 5868 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
13:09:41:440 5868 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:09:41:642 5868 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:09:41:674 5868 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:09:41:689 5868 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
13:09:41:720 5868 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:09:41:798 5868 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:09:42:235 5868 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:09:42:532 5868 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
13:09:42:781 5868 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:09:43:655 5868 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:09:44:029 5868 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:09:44:404 5868 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
13:09:44:716 5868 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:09:45:043 5868 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:09:45:589 5868 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
13:09:46:151 5868 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
13:09:46:307 5868 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:09:46:385 5868 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:09:46:900 5868 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:09:47:149 5868 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:09:47:648 5868 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:09:48:085 5868 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
13:09:48:428 5868 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:09:48:694 5868 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:09:48:725 5868 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:09:48:772 5868 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:09:48:803 5868 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
13:09:48:850 5868 klmd23 (316353165feba3d0538eaa9c2f60c5b7) C:\Windows\system32\drivers\klmd.sys
13:09:49:037 5868 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:09:49:130 5868 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:09:49:286 5868 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:09:49:364 5868 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:09:49:396 5868 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:09:49:427 5868 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:09:49:598 5868 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:09:49:708 5868 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:09:49:754 5868 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:09:49:910 5868 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:09:49:957 5868 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:09:50:051 5868 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\DRIVERS\mouhid.sys
13:09:50:176 5868 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:09:50:347 5868 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:09:50:441 5868 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:09:50:800 5868 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:09:50:862 5868 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:09:51:034 5868 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:09:51:112 5868 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:09:51:143 5868 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:09:51:330 5868 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
13:09:51:361 5868 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:09:51:424 5868 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:09:51:611 5868 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:09:51:704 5868 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:09:51:954 5868 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:09:52:266 5868 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:09:52:718 5868 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:09:53:202 5868 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:09:53:686 5868 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:09:54:122 5868 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:09:54:512 5868 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:09:55:027 5868 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:09:55:324 5868 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:09:55:589 5868 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:09:55:932 5868 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:09:56:244 5868 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:09:56:587 5868 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:09:56:852 5868 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:09:57:476 5868 NETw4v32 (c022869bc89479a4d646435b858876b5) C:\Windows\system32\DRIVERS\NETw4v32.sys
13:09:57:944 5868 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:09:58:319 5868 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:09:58:631 5868 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:09:59:099 5868 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:09:59:458 5868 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:09:59:988 5868 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:10:02:047 5868 nvlddmkm (4b3ce1a85c7f32800d737f3c69675791) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:10:02:952 5868 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:10:03:404 5868 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:10:03:857 5868 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
13:10:05:074 5868 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:10:05:698 5868 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:10:06:025 5868 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:10:06:228 5868 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:10:06:587 5868 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:10:07:024 5868 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
13:10:07:538 5868 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
13:10:07:897 5868 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:10:08:334 5868 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:10:08:568 5868 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:10:08:615 5868 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:10:08:740 5868 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
13:10:08:864 5868 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:10:09:067 5868 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:10:09:098 5868 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:10:09:161 5868 R5U870FLx86 (9c9d24115f13af3aea05e1343a032bb1) C:\Windows\system32\Drivers\R5U870FLx86.sys
13:10:09:208 5868 R5U870FUx86 (18b4c879647661de37b49c2e48d65820) C:\Windows\system32\Drivers\R5U870FUx86.sys
13:10:09:348 5868 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:10:09:410 5868 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:10:09:442 5868 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:10:09:488 5868 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:10:09:660 5868 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:10:09:707 5868 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:10:09:863 5868 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
13:10:09:925 5868 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:10:09:956 5868 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:10:10:003 5868 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
13:10:10:081 5868 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:10:10:190 5868 s117bus (1f561844318914e7eb6e54673a4cc54c) C:\Windows\system32\DRIVERS\s117bus.sys
13:10:10:253 5868 s117mdfl (ba93eec3cdf6a63b77ae66221aa4f902) C:\Windows\system32\DRIVERS\s117mdfl.sys
13:10:10:409 5868 s117mdm (cba12fd8a8ee5b5cdfbbae2381cd6703) C:\Windows\system32\DRIVERS\s117mdm.sys
13:10:10:440 5868 s117mgmt (bd6483e64b1da17e812b34bcdefd9459) C:\Windows\system32\DRIVERS\s117mgmt.sys
13:10:10:471 5868 s117nd5 (c7ca36c3054b4cd47a1f6611b046e2f9) C:\Windows\system32\DRIVERS\s117nd5.sys
13:10:10:534 5868 s117obex (e290b3a6b58fb72ca97dd48d64e4fc1c) C:\Windows\system32\DRIVERS\s117obex.sys
13:10:10:596 5868 s117unic (5c4d1ba23c7511ac880e8ba7baa80dba) C:\Windows\system32\DRIVERS\s117unic.sys
13:10:10:627 5868 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:10:10:674 5868 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:10:10:721 5868 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:10:10:846 5868 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:10:10:892 5868 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:10:10:986 5868 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
13:10:11:048 5868 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
13:10:11:111 5868 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
13:10:11:204 5868 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:10:11:298 5868 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
13:10:11:376 5868 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:10:11:501 5868 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:10:11:626 5868 slim (256281b8d91455ece034b3cbd4536b12) C:\Windows\system32\drivers\slim.sys
13:10:11:813 5868 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:10:11:860 5868 SNC (db31d8989b3450569c29780e7fa98c48) C:\Windows\system32\Drivers\SonyNC.sys
13:10:11:891 5868 SonyImgF (ffdb6f1cb87b42f41b6de116cd6ef809) C:\Windows\system32\DRIVERS\SonyImgF.sys
13:10:12:062 5868 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:10:12:125 5868 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys
13:10:12:452 5868 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
13:10:13:030 5868 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
13:10:13:529 5868 STHDA (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys
13:10:13:966 5868 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:10:14:387 5868 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:10:14:808 5868 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:10:15:151 5868 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:10:15:650 5868 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
13:10:16:337 5868 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys
13:10:16:898 5868 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys
13:10:17:444 5868 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:10:17:912 5868 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:10:18:193 5868 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:10:18:536 5868 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:10:18:817 5868 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:10:19:160 5868 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
13:10:19:457 5868 tosrfbd (42a23ff09bd172fa3f6a3a0a589ef1b0) C:\Windows\system32\DRIVERS\tosrfbd.sys
13:10:19:800 5868 Tosrfhid (410aa85d04cfe697a2c3368286ddd128) C:\Windows\system32\DRIVERS\Tosrfhid.sys
13:10:20:190 5868 tosrfusb (967316fb4777bc6eaaa0e15552fef768) C:\Windows\system32\DRIVERS\tosrfusb.sys
13:10:20:627 5868 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:10:20:736 5868 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:10:20:861 5868 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:10:21:142 5868 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:10:21:469 5868 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:10:22:000 5868 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
13:10:22:218 5868 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:10:22:624 5868 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:10:22:904 5868 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:10:23:060 5868 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:10:23:544 5868 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\Windows\system32\Drivers\usbaapl.sys
13:10:23:981 5868 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:10:24:262 5868 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:10:24:745 5868 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:10:25:276 5868 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:10:25:993 5868 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:10:26:430 5868 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:10:26:695 5868 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:10:27:194 5868 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:10:28:162 5868 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:10:29:160 5868 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
13:10:29:846 5868 usb_rndisx (db4721908daa0383ee82ffe430aebae1) C:\Windows\system32\DRIVERS\usb8023x.sys
13:10:30:361 5868 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:10:30:860 5868 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:10:31:266 5868 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
13:10:32:030 5868 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:10:32:311 5868 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
13:10:32:873 5868 volmgr (8d4f8b006f306b239e1e10a82e9ef419) C:\Windows\system32\drivers\volmgr.sys
13:10:32:873 5868 Suspicious file (Forged): C:\Windows\system32\drivers\volmgr.sys. Real md5: 8d4f8b006f306b239e1e10a82e9ef419, Fake md5: 69503668ac66c77c6cd7af86fbdf8c43
13:10:32:873 5868 File "C:\Windows\system32\drivers\volmgr.sys" infected by TDSS rootkit ... 13:10:32:982 5868 Backup copy found, using it..
13:10:32:998 5868 will be cured on next reboot
13:10:33:450 5868 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:10:34:214 5868 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:10:34:854 5868 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:10:35:416 5868 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:10:37:350 5868 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:10:37:381 5868 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:10:38:676 5868 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
13:10:39:628 5868 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:10:40:548 5868 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
13:10:41:468 5868 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:10:42:108 5868 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
13:10:42:607 5868 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:10:43:434 5868 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:10:43:933 5868 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:10:44:339 5868 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
13:10:44:869 5868 yukonwlh (7927e830ecde6db3682cc319bad26984) C:\Windows\system32\DRIVERS\yk60x86.sys
13:10:44:885 5868 Reboot required for cure complete..
13:10:45:103 5868 Cure on reboot scheduled successfully
13:10:45:103 5868
13:10:45:103 5868 Completed
13:10:45:103 5868
13:10:45:103 5868 Results:
13:10:45:119 5868 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
13:10:45:119 5868 File objects infected / cured / cured on reboot: 1 / 0 / 1
13:10:45:119 5868
13:10:45:119 5868 KLMD(ARK) unloaded successfully
SweetTech's Avatar
Senior Member with 1,016 posts.
 
Join Date: Jan 1970
Location: Antarctica
20-Jul-2010, 02:20 PM #4
Hello,

Lets make sure that we've gotten everything, and that nothing else is still hiding.

Malwarebytes' Anti-Malware

I see that you have Malwarebytes' Anti-Malware installed on your computer could you please do a scan using these settings:
  • Open Malwarebytes' Anti-Malware
  • Select the Update tab
  • Click Check for Updates
  • After the update have been completed, Select the Scanner tab.
  • Select Perform quick scan, then click on Scan
  • Leave the default options as it is and click on Start Scan
  • When done, you will be prompted. Click OK, then click on Show Results
  • Checked (ticked) all items and click on Remove Selected
  • After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT:



ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Make sure that the option "Remove found threats" is Unchecked
  9. Push the Start button.
  10. ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  11. When the scan completes, push
  12. Push , and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  13. Push the button.
  14. Push


NEXT:



Security Check
Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



NEXT:



OTL Custom Scan

We need to run an OTL Custom Scan
  1. Please reopen on your desktop.
  2. Copy and Paste the following bolded text into the textbox.

    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs
  3. Push
  4. A report will open. Copy and Paste that report in your next reply.





Please make sure you include the following items in your next post:
1. Any comments or questions you may have that you'd like for me to answer in my next post to you.
2. The log that is produced after running the MalwareBytes' Anti-Malware scan.
3. The log that is produced after running the ESET Online Virus Scanner.
4. The log that is produced after running the SecurityCheck scan.
5. The log that is produced after running the OTL scan.
6. An update on how your computer is currently running.
It would be helpful if you could answer each question in the order asked, as well as numbering your answers.

Cheers,
SweetTech.
Diggidy's Avatar
Diggidy Diggidy is offline
Computer Specs
Junior Member with 3 posts.
THREAD STARTER
 
Join Date: Jul 2010
21-Jul-2010, 12:08 AM #5
Hello SweetTech,

**1.* I saw one threat in the ESET online scan-a variant of Win32/Adware.180Solutions application


*2.* Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4333
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
7/20/2010 9:23:51 PM
mbam-log-2010-07-20 (21-23-51).txt
Scan type: Quick scan
Objects scanned: 144073
Time elapsed: 7 minute(s), 56 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8 b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b2c 7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> No action taken.
HKEY_CURRENT_USER\Software\AppDataLow\Software\MarketPrecision (Adware.Adparatus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inte rnet AntiVirus Pro_is1 (Rogue.InternetAntiVirus) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\prs (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\uniname (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\$Recycle.Bin\S-1-5-21-3966030994-1603193903-1900431255-1005\$R3JJLAL.exe (Rogue.AntiMalwarePro) -> No action taken.
C:\Windows\System32\VolumeMSPrLam.dll (Rogue.AntiMalwarePro) -> No action taken.

*3.* C:\Users\Robin\Documents\Setup.exe a variant of Win32/Adware.180Solutions application

*4.* Results of screen317's Security Check version 0.99.4
Windows Vista Service Pack 2 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
Adobe After Effects CS3 Presets
SonicStage Mastering Studio Audio Filter Custom Preset
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 20
Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player 10.0.22.87
Adobe Reader 8.1.3
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
````````````````````````````````
DNS Vulnerability Check:

Unknown. This method cannot test your vulnerability to DNS cache poisoning.
``````````End of Log````````````

*5.* OTL logfile created on: 7/20/2010 11:42:56 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Robin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 50.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.22 Gb Total Space | 59.87 Gb Free Space | 33.41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROBIN-PC
Current User Name: Robin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Robin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\PX Storage Engine\VxBlockServer.exe (Sonic Solutions)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Robin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (RoxWatch12) -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe (Sonic Solutions)
SRV - (RoxMediaDB12) -- C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe (Sonic Solutions)
SRV - (CinemaNow Service) -- C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (ICScsiSV) -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe (Sony Corporation)
SRV - (IcVzMonLauncher) -- C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe (Sony Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe ( )
SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (s117obex) -- C:\Windows\System32\drivers\s117obex.sys (MCCI Corporation)
DRV - (s117mdm) -- C:\Windows\System32\drivers\s117mdm.sys (MCCI Corporation)
DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s117mgmt.sys (MCCI Corporation)
DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\Windows\System32\drivers\s117unic.sys (MCCI Corporation)
DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\Windows\System32\drivers\s117nd5.sys (MCCI Corporation)
DRV - (s117mdfl) -- C:\Windows\System32\drivers\s117mdfl.sys (MCCI Corporation)
DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\Windows\System32\drivers\s117bus.sys (MCCI Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SonyImgF) -- C:\Windows\System32\drivers\SonyImgF.sys (Sony Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (slim) -- C:\Windows\System32\drivers\slim.sys (Sony Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE8ENUS/701
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/sea...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/...ab-en-us&query="


FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files\eMusic Download Manager\xulrunner\components [2010/06/12 21:02:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files\eMusic Download Manager\xulrunner\plugins [2010/06/12 21:02:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/12 21:02:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/12 22:10:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/12 21:17:48 | 000,000,000 | ---D | M]

[2009/06/24 23:50:57 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions
[2009/06/24 23:50:57 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 21:29:54 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions
[2010/06/12 21:03:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/06/12 20:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\ex tensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/01/28 04:13:07 | 000,004,546 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\aim-search.xml
[2010/06/12 19:18:25 | 000,002,168 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\inbox-search.xml
[2010/06/12 19:18:24 | 000,009,944 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\p6jyymdu.default\se archplugins\puredefmusic.xml
[2010/06/13 20:14:43 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/12 21:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/06/12 21:02:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/05 19:54:25 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/04/07 00:21:14 | 001,212,416 | ---- | M] (cedelia) -- C:\Program Files\Mozilla Firefox\plugins\NPStreamPlug.dll
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

O1 HOSTS File: ([2010/06/04 19:06:08 | 000,403,693 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13965 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Miva)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Miva)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RunSpySweeperScheduleAtStartup] C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab (DLM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: bdsripcab Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\sm3_wp1280x1024.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\sm3_wp1280x1024.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/07/20 21:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/07/20 21:13:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/07/20 21:13:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/07/20 20:30:27 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\AVP 2009
[2010/07/20 20:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\AntiMalware Pro
[2010/07/20 16:38:18 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\instrumentals
[2010/07/20 16:37:24 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\TonyPhotoShoot 9_08_09
[2010/07/20 16:37:24 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\tonycollinspics
[2010/07/20 16:37:22 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\big deal
[2010/07/20 16:36:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\tony
[2010/07/20 16:36:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\tony_font
[2010/07/20 16:36:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\sdcard
[2010/07/20 16:36:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Camille
[2010/07/20 16:35:03 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\STUDIO_10_03_09
[2010/07/20 16:35:02 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\mpc_drums
[2010/07/20 16:33:38 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\tc_RT_small
[2010/07/20 16:33:24 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\TonyVocalClassPerformance_9_23_09
[2010/07/20 16:33:22 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\dre
[2010/07/20 16:33:15 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\vectors
[2010/07/20 16:28:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\tony_promo_cd_artwork
[2010/07/20 16:28:46 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\copyright001
[2010/07/20 16:28:43 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\rt
[2010/07/20 16:28:39 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\AI
[2010/07/20 16:19:13 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Tony PhotoShoot_9_08_09
[2010/07/20 16:18:14 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Tony Studio_9_05_09
[2010/07/20 16:15:30 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\pics
[2010/07/20 16:12:20 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\wink video
[2010/07/20 16:12:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Tonyvideoclips
[2010/07/20 16:02:02 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\mpsounds
[2010/07/20 16:02:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\mpc2500
[2010/07/20 15:54:51 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\winklocbeats
[2010/07/20 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Tony Collins Dance Rehearsal 03-30-2010
[2010/07/20 14:38:16 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\personalpics
[2010/07/20 14:35:59 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\rusty
[2010/07/20 14:29:45 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\wink beats
[2010/07/20 14:28:33 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\WINK
[2010/07/20 14:28:02 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\brushes
[2010/07/20 14:26:52 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\photoshop
[2010/07/20 14:19:01 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\more brushes
[2010/07/20 13:34:54 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/07/20 13:34:54 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/07/20 13:34:54 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/07/20 13:30:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/07/20 13:30:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/07/20 13:30:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/07/20 13:30:07 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/07/20 13:30:07 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/07/20 13:30:07 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/07/20 13:30:07 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/07/20 13:30:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/07/20 13:30:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/07/20 13:30:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/07/20 13:30:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/07/20 13:30:01 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/07/20 13:30:01 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/07/20 13:30:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/07/20 13:30:01 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/07/20 13:30:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/07/20 13:29:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/07/20 13:29:55 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/07/20 13:29:28 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/07/20 13:29:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/07/20 13:29:20 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/07/20 12:59:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/20 12:52:48 | 001,013,584 | ---- | C] (Kaspersky Lab) -- C:\Users\Robin\Desktop\tdsskiller.exe
[2010/07/20 11:17:55 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2010/07/15 19:01:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\Luis
[2010/07/14 21:23:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\monster
[2010/07/14 15:24:32 | 000,000,000 | ---D | C] -- C:\Users\Robin\Documents\restaurant week menus
[2010/07/12 20:30:21 | 000,000,000 | ---D | C] -- C:\Roxio
[2010/07/03 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Robin\Desktop\sdcard2
[2010/06/29 16:58:05 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/24 08:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[1 C:\Users\Robin\Desktop\*.tmp files -> C:\Users\Robin\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/20 23:46:41 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C5F41DDD-25A2-496D-B963-3747E0C393A7}.job
[2010/07/20 23:45:26 | 008,126,464 | -HS- | M] () -- C:\Users\Robin\ntuser.dat
[2010/07/20 23:36:00 | 000,867,892 | ---- | M] () -- C:\Users\Robin\Desktop\SecurityCheck.exe
[2010/07/20 23:26:23 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/20 23:26:23 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/20 21:26:32 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\Anti_Malware_Pro.job
[2010/07/20 21:26:31 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/20 21:26:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/20 21:24:55 | 000,524,288 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TMContainer00000000000000000001.regtrans-ms
[2010/07/20 21:24:55 | 000,065,536 | -HS- | M] () -- C:\Users\Robin\ntuser.dat{230c5294-7682-11df-b449-0013a9e2bb24}.TM.blf
[2010/07/20 21:24:54 | 006,291,456 | -H-- | M] () -- C:\Users\Robin\AppData\Local\IconCache.db
[2010/07/20 21:13:38 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/20 16:02:55 | 000,037,453 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\nvModes.001
[2010/07/20 13:58:19 | 001,728,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/20 12:53:04 | 001,013,584 | ---- | M] (Kaspersky Lab) -- C:\Users\Robin\Desktop\tdsskiller.exe
[2010/07/20 11:17:59 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.exe
[2010/07/18 02:29:47 | 000,553,065 | ---- | M] () -- C:\Users\Robin\Documents\Tony_EPK.docx
[2010/07/18 01:24:36 | 000,303,773 | ---- | M] () -- C:\Users\Robin\Documents\Tony_EPK.pdf
[2010/07/04 12:28:33 | 000,000,809 | ---- | M] () -- C:\Users\Robin\Desktop\CCleaner.lnk
[2010/07/04 08:01:54 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/29 16:58:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/06/28 15:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/06/28 15:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/28 15:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 15:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 15:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 15:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/27 22:27:35 | 000,000,680 | ---- | M] () -- C:\Users\Robin\AppData\Local\d3d9caps.dat
[2010/06/27 18:50:58 | 000,037,453 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\nvModes.dat
[2010/06/24 09:40:43 | 000,333,802 | ---- | M] () -- C:\Users\Robin\Documents\Nielsen BDS How to Submit Music.pdf
[2010/06/24 08:25:01 | 000,001,960 | ---- | M] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/24 08:23:54 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/24 08:23:32 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[1 C:\Users\Robin\Desktop\*.tmp files -> C:\Users\Robin\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/20 23:35:57 | 000,867,892 | ---- | C] () -- C:\Users\Robin\Desktop\SecurityCheck.exe
[2010/07/20 21:13:38 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/20 20:30:28 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\Anti_Malware_Pro.job
[2010/07/20 16:38:18 | 000,034,348 | ---- | C] () -- C:\Users\Robin\Documents\TonyCollinsExpenseBooks_Categorised.xlsx
[2010/07/20 16:37:24 | 000,059,004 | ---- | C] () -- C:\Users\Robin\Documents\Gill_Sans_MT_Ext_Condensed_Bold.ttf
[2010/07/20 16:37:22 | 002,928,477 | ---- | C] () -- C:\Users\Robin\Documents\3 strikes.M4A
[2010/07/20 16:37:20 | 032,234,066 | ---- | C] () -- C:\Users\Robin\Documents\tut.psd
[2010/07/20 16:36:58 | 239,970,931 | ---- | C] () -- C:\Users\Robin\Documents\Natalia.MOV
[2010/07/20 16:36:58 | 003,389,221 | ---- | C] () -- C:\Users\Robin\Documents\Cowards.mp3
[2010/07/20 16:36:58 | 000,776,894 | ---- | C] () -- C:\Users\Robin\Documents\contactsheet.psd
[2010/07/20 16:36:58 | 000,051,200 | ---- | C] () -- C:\Users\Robin\Documents\ArtistProdn-Corey.doc
[2010/07/20 16:36:41 | 007,184,399 | ---- | C] () -- C:\Users\Robin\Documents\tonycomp.psd
[2010/07/20 16:36:41 | 000,216,882 | ---- | C] () -- C:\Users\Robin\Documents\t.jpg
[2010/07/20 16:36:40 | 007,196,464 | ---- | C] () -- C:\Users\Robin\Documents\letter rough Video ver.mp3
[2010/07/20 16:36:40 | 000,496,724 | ---- | C] () -- C:\Users\Robin\Documents\Stanley_Tookie_Williams_Graffiti.jpg
[2010/07/20 16:35:02 | 000,927,991 | ---- | C] () -- C:\Users\Robin\Documents\Tony_9_09_5693_rt.psd
[2010/07/20 16:35:02 | 000,781,270 | ---- | C] () -- C:\Users\Robin\Documents\t.psd
[2010/07/20 16:35:02 | 000,551,027 | ---- | C] () -- C:\Users\Robin\Documents\roughdraft.jpg
[2010/07/20 16:35:02 | 000,121,239 | ---- | C] () -- C:\Users\Robin\Documents\Bluefly Checkout - Printer-friendly Reciept Page.mht
[2010/07/20 16:35:02 | 000,011,093 | ---- | C] () -- C:\Users\Robin\Documents\LLC cert. of pub..docx
[2010/07/20 16:31:59 | 1022,972,348 | ---- | C] () -- C:\Users\Robin\Documents\T_03_Mov.avi
[2010/07/20 16:31:59 | 000,736,726 | ---- | C] () -- C:\Users\Robin\Documents\LLC.jpg
[2010/07/20 16:31:59 | 000,340,705 | ---- | C] () -- C:\Users\Robin\Documents\KareemandUnc.jpg
[2010/07/20 16:31:15 | 477,801,060 | ---- | C] () -- C:\Users\Robin\Documents\T_02a_Mov.avi
[2010/07/20 16:29:52 | 1098,510,336 | ---- | C] () -- C:\Users\Robin\Documents\RoxioCreator2010Content_HV13AXD0SQA.exe
[2010/07/20 16:29:06 | 538,447,380 | ---- | C] () -- C:\Users\Robin\Documents\T_01_MOV.avi
[2010/07/20 16:28:42 | 005,034,940 | ---- | C] () -- C:\Users\Robin\Documents\06 Don't Say Your Leaving.mp3
[2010/07/20 16:28:42 | 000,223,310 | ---- | C] () -- C:\Users\Robin\Documents\Proof1.jpg
[2010/07/20 16:28:42 | 000,062,578 | ---- | C] () -- C:\Users\Robin\Documents\BW LLC AO.pdf
[2010/07/20 16:28:42 | 000,032,323 | ---- | C] () -- C:\Users\Robin\Documents\TonyCollinsExpenseBooks.xlsx
[2010/07/20 16:28:38 | 005,409,815 | ---- | C] () -- C:\Users\Robin\Documents\Brooklyn_Bridge_pic.jpg
[2010/07/20 16:28:38 | 000,367,010 | ---- | C] () -- C:\Users\Robin\Documents\certificate of publication.pdf
[2010/07/20 16:28:36 | 030,626,754 | ---- | C] () -- C:\Users\Robin\Documents\cd_glass.psd
[2010/07/20 16:28:35 | 002,134,803 | ---- | C] () -- C:\Users\Robin\Documents\Brooklyn_Bridge_by_seenew.jpg
[2010/07/20 16:28:35 | 000,442,618 | ---- | C] () -- C:\Users\Robin\Documents\cd_thermal.psd
[2010/07/20 16:28:34 | 011,456,556 | ---- | C] () -- C:\Users\Robin\Documents\TC_CDinsert_Front.psd
[2010/07/20 16:28:33 | 025,275,244 | ---- | C] () -- C:\Users\Robin\Documents\contactsheet001.tif
[2010/07/20 16:28:33 | 012,200,686 | ---- | C] () -- C:\Users\Robin\Documents\TC_CDinsert_Back.psd
[2010/07/20 16:28:12 | 234,165,521 | ---- | C] () -- C:\Users\Robin\Documents\tony_collins_small.zip
[2010/07/20 16:19:13 | 000,014,007 | ---- | C] () -- C:\Users\Robin\Documents\BWE EIN LETTER.pdf
[2010/07/20 16:19:12 | 004,203,724 | ---- | C] () -- C:\Users\Robin\Documents\American-Express-Titanium-Black-Card.psd
[2010/07/20 16:19:12 | 000,353,324 | ---- | C] () -- C:\Users\Robin\Documents\American-Express-Titanium-Black-Card copy.jpg
[2010/07/20 16:19:12 | 000,136,256 | ---- | C] () -- C:\Users\Robin\Documents\americanexpresscenturioncard.jpg
[2010/07/20 16:19:12 | 000,083,270 | ---- | C] () -- C:\Users\Robin\Documents\American-Express-Titanium-Black-Card.jpg
[2010/07/20 16:18:57 | 175,349,967 | ---- | C] () -- C:\Users\Robin\Documents\Letter to Tookie Video.mp4
[2010/07/20 16:18:57 | 004,377,600 | ---- | C] () -- C:\Users\Robin\Documents\I Can Hardly Breath.mp3
[2010/07/20 16:18:57 | 000,030,059 | ---- | C] () -- C:\Users\Robin\Documents\amexblkcrd.jpg
[2010/07/20 16:18:57 | 000,015,130 | ---- | C] () -- C:\Users\Robin\Documents\ameblkcrd2.jpg
[2010/07/20 16:15:30 | 006,830,592 | ---- | C] () -- C:\Users\Robin\Documents\eco-tutorial.pps
[2010/07/20 16:12:19 | 000,296,724 | ---- | C] () -- C:\Users\Robin\Documents\Blackwell_Biz_Card2.psd
[2010/07/20 16:02:01 | 005,346,040 | ---- | C] () -- C:\Users\Robin\Documents\SMOOTHEDAHUSTLER BACK GRINDING SMG ENT. 09.mp3
[2010/07/20 16:02:01 | 000,161,153 | ---- | C] () -- C:\Users\Robin\Documents\All on the line TREATMENT.docx
[2010/07/20 16:01:02 | 000,605,718 | ---- | C] () -- C:\Users\Robin\Documents\panoramic-template.pdf
[2010/07/20 15:59:27 | 054,328,010 | ---- | C] () -- C:\Users\Robin\Documents\Five_Wink_pt_1_revised.mp4
[2010/07/20 15:58:03 | 007,836,317 | ---- | C] () -- C:\Users\Robin\Documents\UNDERWORLD.psd
[2010/07/20 15:57:53 | 007,209,976 | ---- | C] () -- C:\Users\Robin\Documents\HOTTEST IN DA HOOD.psd
[2010/07/20 15:57:23 | 005,261,102 | ---- | C] () -- C:\Users\Robin\Documents\The Year of the eight.mp3
[2010/07/20 15:54:32 | 000,168,026 | ---- | C] () -- C:\Users\Robin\Documents\Club Providence - December 29th 81 .jpg
[2010/07/20 15:54:13 | 005,005,837 | ---- | C] () -- C:\Users\Robin\Documents\RUNNING_THE_CITY!!!!!!!.mp3
[2010/07/20 15:54:13 | 004,402,288 | ---- | C] () -- C:\Users\Robin\Documents\war.mp3
[2010/07/20 15:54:13 | 002,827,063 | ---- | C] () -- C:\Users\Robin\Documents\Letter to Tookie.mp3
[2010/07/20 15:54:13 | 002,291,102 | ---- | C] () -- C:\Users\Robin\Documents\mo'murder.mp3
[2010/07/20 14:35:30 | 000,084,480 | ---- | C] () -- C:\Users\Robin\Documents\Recommendation_Letter (2).doc
[2010/07/20 14:34:51 | 000,084,480 | ---- | C] () -- C:\Users\Robin\Documents\Recommendation_Letter.doc
[2010/07/20 14:32:56 | 000,122,297 | ---- | C] () -- C:\Users\Robin\Documents\CROSSVER.jpg
[2010/07/20 14:32:56 | 000,099,608 | ---- | C] () -- C:\Users\Robin\Documents\kenmore theatre.jpg
[2010/07/20 14:32:56 | 000,097,425 | ---- | C] () -- C:\Users\Robin\Documents\Warehouse-Wink.jpg
[2010/07/20 14:31:57 | 000,026,913 | ---- | C] () -- C:\Users\Robin\Documents\StephenDubose_Resume (2).docx
[2010/07/20 14:31:21 | 000,027,692 | ---- | C] () -- C:\Users\Robin\Documents\StephenDubose_Resume_update.docx
[2010/07/20 14:30:22 | 000,047,616 | ---- | C] () -- C:\Users\Robin\Documents\Blackwell-ArtistProdn-K.doc
[2010/07/20 14:23:47 | 404,287,653 | ---- | C] () -- C:\Users\Robin\Documents\Tony_Showcase.MP4
[2010/07/20 14:23:12 | 000,037,371 | ---- | C] () -- C:\Users\Robin\Documents\tonycollins_97_1.jpg
[2010/07/20 14:22:25 | 004,084,059 | ---- | C] () -- C:\Users\Robin\Documents\cd_.psd
[2010/07/20 14:15:32 | 000,021,555 | ---- | C] () -- C:\Users\Robin\Documents\ArtistProdn-K.docx
[2010/07/18 01:27:07 | 000,553,065 | ---- | C] () -- C:\Users\Robin\Documents\Tony_EPK.docx
[2010/07/18 01:24:30 | 000,303,773 | ---- | C] () -- C:\Users\Robin\Documents\Tony_EPK.pdf
[2010/07/15 17:49:18 | 000,000,392 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{C5F41DDD-25A2-496D-B963-3747E0C393A7}.job
[2010/06/27 20:36:06 | 000,000,680 | ---- | C] () -- C:\Users\Robin\AppData\Local\d3d9caps.dat
[2010/06/24 09:40:43 | 000,333,802 | ---- | C] () -- C:\Users\Robin\Documents\Nielsen BDS How to Submit Music.pdf
[2010/06/24 08:25:01 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/24 08:25:01 | 000,001,960 | ---- | C] () -- C:\Users\Robin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/06/24 08:23:54 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/24 08:23:32 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/01/11 05:07:48 | 000,000,362 | ---- | C] () -- C:\Windows\bdsrip.ini
[2009/10/12 13:06:20 | 001,103,360 | ---- | C] () -- C:\Windows\System32\cidfont.dll
[2009/09/10 19:14:56 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/17 02:26:01 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/02/20 21:05:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/02/20 21:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/02/20 21:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/02/20 21:03:24 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/10/02 02:07:44 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007/10/02 02:00:13 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2007/05/29 23:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/05/29 21:52:09 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/15 13:31:02 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/03/15 13:31:00 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2007/03/15 13:30:04 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/05/29 22:27:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/03/31 01:16:47 | 000,000,164 | ---- | M] () -- C:\install.dat
[2009/07/02 16:09:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/28 00:53:40 | 000,000,706 | -H-- | M] () -- C:\IPH.PH
[2009/07/02 16:09:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/20 21:25:49 | 3533,185,024 | -HS- | M] () -- C:\pagefile.sys
[2009/04/05 22:40:25 | 000,002,912 | ---- | M] () -- C:\process.dot
[2008/06/15 01:05:50 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG1
[2008/06/15 01:05:50 | 000,000,000 | -H-- | M] () -- C:\ProgramData.LOG2
[2009/09/11 10:11:00 | 3451,852,800 | ---- | M] () -- C:\PutDataSample.yuv
[2009/12/10 01:41:20 | 000,006,094 | ---- | M] () -- C:\scramble.log
[2010/07/20 13:10:45 | 000,060,476 | ---- | M] () -- C:\TDSSKiller.2.3.2.2_20.07.2010_13.09.13_log.txt
[2008/10/24 04:46:35 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log
[2007/10/02 02:12:47 | 000,383,228 | ---- | M] () -- C:\vcredist_x86.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/12/13 15:34:05 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2007/03/28 13:57:34 | 000,274,944 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.scr >
[2010/06/28 15:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/09/27 08:20:29 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 01:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 01:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 01:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/19 02:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 04:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install\\LastSuccessTime: 2010-07-20 18:43:00
< End of report >

*6. An update on how your computer is currently running.*

Thank you very much SweetTech, the computer is running fine now.


Cheers,
Diggidy
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Redirected when clicking on most links. jirk5155 Virus & Other Malware Removal 7 21-Jul-2010 02:48 PM
HELP! Windows Update Does not work, sites being redirected etc MistaBones Virus & Other Malware Removal 2 16-Feb-2010 04:40 PM
Google Redirect Search msdredz Virus & Other Malware Removal 0 02-Jun-2009 07:01 PM
Redirecting virus help IanFTN Virus & Other Malware Removal 1 12-Dec-2008 08:35 PM
Button redirect - Yahoo search kanejake Virus & Other Malware Removal 0 01-Sep-2008 08:02 AM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑