hey guys i havent been on here in a long long time (which is a good thing right?) and i need your help once again

there is a little warning box saying my computer is vulnerable etc.
originally it changed my background to an all black background with white letters that say you are in danger, your data might be lost blah blah

also sometimes IE is opened with random ads that are videos (but you cannot see it just hear it) i just turn it off with the task manager

i dont know if its with the rest of the issues but itunes will not open. i click on it and the process runs but i cannot see itunes

heres the HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:15:38 PM, on 6/25/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\mobile PhoneTools\WatchDog.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\TEMP\symlcsv1.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: QXK Olive - {48776EE4-6AEA-4121-A341-559129C4A0DE} - C:\WINDOWS\twmxbsqrobw.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: rafbsvnx - {C091867D-17C0-4855-B6E5-797649ED7A9A} - C:\WINDOWS\rafbsvnx.dll (file missing)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - HKLM\..\Run: [16855934] C:\Documents and Settings\All Users\Application Data\16855934\16855934.exe
O4 - HKLM\..\Run: [96865926] C:\Documents and Settings\All Users\Application Data\96865926\96865926.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrlAPI - Unknown owner - C:\cygwin\bin\cygrunsrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 15666 bytes

Please Click here!, and follow the recommendations in the guide.

Someone will be along to tell you what steps to take after you post the contents of the scan results.

sorry...as you can tell i havent been here for a while
MBAM would not run for some reason..i opened it and it didnt do anything but i have the others

the OTL.txt is

OTL logfile created on: 6/27/2009 9:33:06 PM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\ning yang\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.11 Mb Total Physical Memory | 216.91 Mb Available Physical Memory | 21.39% Memory free
2.38 Gb Paging File | 1.01 Gb Available in Paging File | 42.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.07 Gb Total Space | 2.24 Gb Free Space | 3.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NING-COMPUTER
Current User Name: ning yang
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\WINDOWS\System32\igfxext.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\WINDOWS\eHome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\mobile PhoneTools\WatchDog.exe ()
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\AIM6\aim6.exe (AOL LLC)
PRC - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
PRC - C:\Program Files\AIM6\aolsoftware.exe (America Online, Inc.)
PRC - C:\Program Files\Trend Micro\Tmas\Tmas.exe (Trend Micro Incorporated)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\TEMP\symlcsv1.exe ()
PRC - C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Documents and Settings\ning yang\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (Automatic LiveUpdate Scheduler [Auto | Running]) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (BrlAPI [On_Demand | Stopped]) -- C:\cygwin\bin\cygrunsrv.exe ()
SRV - (ccEvtMgr [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLTNetCnService [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (comHost [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation)
SRV - (ehRecvr [Auto | Running]) -- C:\WINDOWS\eHome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [Auto | Running]) -- C:\WINDOWS\eHome\ehSched.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (GameConsoleService [On_Demand | Stopped]) -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe (WildTangent, Inc.)
SRV - (GoogleDesktopManager-092308-165331 [On_Demand | Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment [On_Demand | Stopped]) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (ISPwdSvc [On_Demand | Stopped]) -- C:\Program Files\Norton Internet Security\isPwdSvc.exe (Symantec Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LiveUpdate [On_Demand | Stopped]) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)
SRV - (LiveUpdate Notice Ex [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Service [Auto | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (McrdSvc [Auto | Running]) -- C:\WINDOWS\ehome\mcrdsvc.exe (Microsoft Corporation)
SRV - (MHN [On_Demand | Stopped]) -- C:\WINDOWS\System32\mhn.dll (Microsoft Corporation)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SonicStageMonitoring [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe (Sony Corporation)
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SQLAgent$VAIO_VEDB [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (StyleXPService [Auto | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ()
SRV - (Symantec Core LC [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (SymAppCore [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (Viewpoint Manager Service [Auto | Stopped]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DMICall [System | Running]) -- C:\WINDOWS\System32\DRIVERS\DMICall.sys (Sony Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (FsVga [System | Running]) -- C:\WINDOWS\System32\DRIVERS\fsvga.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Maplom [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\maplom.sys (Jacal Consulting)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NETw3x32 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NETw3x32.sys (Intel® Corporation)
DRV - (NPF [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\npf.sys (CACE Technologies)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SNC [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SonyNC.sys (Sony Corporation)
DRV - (SPBBCDrv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (sptd [Boot | Running]) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SRTSP [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\SRTSPL.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\WINDOWS\System32\Drivers\SRTSPX.SYS (Symantec Corporation)
DRV - (StyleXPHelper [System | Running]) -- C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe (Windows ® 2000 DDK provider)
DRV - (SYMDNS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMIDS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMIDSCO [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20071031.003\SymIDSCo.sys (Symantec Corporation)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\System32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (SYMNDIS [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation)
DRV - (SYMREDRV [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (ti21sony [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (usbser [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\usbser.sys (Microsoft Corporation)
DRV - (usbsermpt [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\usbsermpt.sys (Microsoft Corporation)
DRV - (wceusbsh [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys (Microsoft Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (yukonwxp [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\yk51x86.sys (Marvell)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll (America Online, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "gmail.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/02/14 01:22:36 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/21 20:33:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/06/14 17:45:03 | 00,000,000 | ---D | M]

[2009/02/14 01:29:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ning yang\Application Data\mozilla\Extensions
[2008/09/04 19:23:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ning yang\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/02/14 01:29:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ning yang\Application Data\mozilla\Extensions\mozswing@mozswing.org
[2009/05/12 13:40:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\ning yang\Application Data\mozilla\Firefox\Profiles\lck460yz.default\extensions
[2009/06/24 12:10:30 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/06/14 17:45:03 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/02/14 01:23:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/06/14 17:44:53 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/14 17:44:53 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/12/07 12:15:57 | 00,122,880 | ---- | M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2007/04/30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/02/14 01:22:34 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2006/10/02 13:59:14 | 01,859,584 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2006/09/28 21:21:47 | 00,094,208 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/08/15 20:15:12 | 00,069,632 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npitunes.dll
[2006/12/12 11:48:22 | 01,440,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/06/14 17:44:55 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/01/09 17:29:04 | 00,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2007/09/05 18:31:47 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/08/07 12:23:12 | 00,159,744 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2005/08/09 13:42:53 | 00,057,344 | ---- | M] (America Online, Inc.) -- C:\Program Files\mozilla firefox\plugins\npunagi2.dll
[2007/01/05 10:31:49 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2008/12/21 13:55:51 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/12/21 13:55:51 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/12/21 13:55:51 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/12/21 13:55:51 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/12/21 13:55:51 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/12/21 13:55:51 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/12/21 13:55:52 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (916 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.winfixer.com ## added by CiD
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (Symantec Corporation)
O2 - BHO: (QXK Olive) - {48776EE4-6AEA-4121-A341-559129C4A0DE} - C:\WINDOWS\twmxbsqrobw.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CoTGT_BHO Class) - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (rafbsvnx) - {C091867D-17C0-4855-B6E5-797649ED7A9A} - C:\WINDOWS\rafbsvnx.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [16855934] C:\Documents and Settings\All Users\Application Data\16855934\16855934.exe (Microsoft Corporation)
O4 - HKLM..\Run: [96865926] C:\Documents and Settings\All Users\Application Data\96865926\96865926.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] File not found
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MSPY2002] File not found
O4 - HKLM..\Run: [net] C:\WINDOWS\System32\net.net ()
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 2] File not found
O4 - HKLM..\Run: [WatchDog] C:\Program Files\mobile PhoneTools\WatchDog.exe ()
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [net] C:\WINDOWS\System32\net.net ()
O4 - HKCU..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe (Trend Micro Incorporated)
O4 - Startup: C:\Documents and Settings\ning yang\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMorePrograms = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab (CKAVWebScan Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.77.0.11 207.200.7.21 12.207.232.47
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe ()
O20 - HKLM Winlogon: UIHost - (C:\Program) - File not found
O20 - HKLM Winlogon: UIHost - (Files\TGTSoft\StyleXP\Logon\CurrentLogon.EXE) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 () -
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {03A80B1D-5C6A-42c2-9DFB-81B6005D8023} - C:\Program Files\Trend Micro\Tmas\sshook.dll (Trend Micro Incorporated)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/01 17:15:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/06/13 18:40:45 | 00,000,145 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{36983c70-c8b4-11dd-99b0-0018de10c12c}\Shell - "" = AutoRun
O33 - MountPoints2\{36983c70-c8b4-11dd-99b0-0018de10c12c}\Shell\Auto\command - "" = C:\WINDOWS\System32\Setup.exe -- [2006/03/15 07:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{36983c70-c8b4-11dd-99b0-0018de10c12c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{849198fc-67b5-11db-b99d-806d6172696f}\Shell\AutoRun\command - "" = C:\Setup\rsrc\autorun.exe -- [2005/08/25 17:11:23 | 00,045,056 | ---- | M] ()
O33 - MountPoints2\{849198fc-67b5-11db-b99d-806d6172696f}\Shell\dinstall\command - "" = C:\Directx\dxsetup.exe -- [2007/04/04 18:48:34 | 00,503,144 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[11 C:\WINDOWS\System32\*.tmp files]
[2009/06/27 21:32:06 | 00,173,119 | ---- | C] (Eric_71) -- C:\Documents and Settings\ning yang\Desktop\Rooter.exe
[2009/06/27 17:13:55 | 10,558,400 | ---- | C] (Vuze Inc.) -- C:\Documents and Settings\ning yang\Desktop\Vuze_4.2.0.2_windows.exe
[2009/06/26 20:34:13 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ning yang\Desktop\OTL.exe
[2009/06/26 07:59:08 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec
[2009/06/25 11:59:08 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\96865926.ini
[2009/06/25 11:59:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\96865926
[2009/06/25 11:59:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\16855934
[2009/06/22 11:54:23 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\net.net
[2009/06/21 19:06:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ning yang\Desktop\New Folder (2)
[2009/06/21 19:05:27 | 00,055,074 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\06-12-Readme.html
[2009/06/20 13:41:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\ning yang\Desktop\New Folder
[2009/06/18 12:35:01 | 85,438,532 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\JanaCova_BlackThighHighs_09242008.avi
[2009/06/16 18:05:42 | 00,006,180 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\transcript.pdf
[2009/06/15 22:21:54 | 02,180,006 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\UV260 part2.pdf
[2009/06/15 22:21:49 | 02,301,284 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\UV260 part 1.pdf
[2009/06/13 14:25:10 | 00,068,096 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\ebay stuff.doc
[2009/06/12 18:42:35 | 00,050,688 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\MDAW
[2009/06/03 09:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\Pineapple Works
[2009/06/01 09:54:58 | 00,000,725 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\Shortcut to online.exe.lnk
[2009/06/01 09:36:54 | 00,120,832 | ---- | C] () -- C:\Documents and Settings\ning yang\Desktop\pass.doc
[2009/05/29 12:14:30 | 00,000,000 | ---D | C] -- C:\Program Files\Phantasy Star Online Blue Burst
[2009/04/23 09:57:22 | 00,000,035 | ---- | C] () -- C:\WINDOWS\worldbuilder.INI
[2008/06/29 11:00:09 | 00,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2008/04/02 00:25:05 | 00,081,332 | ---- | C] () -- C:\WINDOWS\System32\BASS.DLL
[2008/03/06 21:07:06 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2007/12/16 20:06:51 | 00,749,568 | R--- | C] () -- C:\WINDOWS\System32\agissi.dll
[2007/12/16 20:06:40 | 11,194,368 | R--- | C] () -- C:\WINDOWS\System32\zhhp_res.dll
[2007/12/16 20:06:37 | 00,114,688 | R--- | C] () -- C:\WINDOWS\System32\vshp2600.dll
[2007/05/13 16:54:02 | 00,000,123 | ---- | C] () -- C:\WINDOWS\STONEHDS.INI
[2006/12/18 21:08:04 | 00,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/12/09 17:31:21 | 00,000,090 | ---- | C] () -- C:\WINDOWS\WA.INI
[2006/11/17 18:22:56 | 00,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2006/11/11 21:54:05 | 00,716,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2006/09/15 13:58:10 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/09/15 13:51:27 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/09/15 13:51:27 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/09/15 13:51:27 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/09/15 13:51:26 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/09/15 13:51:26 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/09/15 13:51:26 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/09/15 13:49:29 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/09/15 13:49:01 | 00,002,154 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2006/09/15 13:47:18 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/15 13:40:54 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/09/01 19:06:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/01 18:54:50 | 00,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/09/01 18:46:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/09/01 17:58:29 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006/09/01 17:22:45 | 00,000,811 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/09/01 16:56:18 | 00,000,764 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/09/01 16:55:33 | 00,000,603 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/09/01 16:55:30 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/09/01 16:55:13 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/07/27 12:28:42 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/07/11 17:33:49 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2005/11/01 20:53:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 16:01:54 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/07 17:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/12 14:21:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[11 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[22 C:\Documents and Settings\ning yang\My Documents\*.tmp files]
[2009/06/27 21:32:06 | 00,173,119 | ---- | M] (Eric_71) -- C:\Documents and Settings\ning yang\Desktop\Rooter.exe
[2009/06/27 17:14:28 | 10,558,400 | ---- | M] (Vuze Inc.) -- C:\Documents and Settings\ning yang\Desktop\Vuze_4.2.0.2_windows.exe
[2009/06/27 10:05:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/26 20:34:14 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ning yang\Desktop\OTL.exe
[2009/06/26 20:04:13 | 00,000,572 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - ning yang.job
[2009/06/26 20:04:05 | 00,000,016 | ---- | M] () -- C:\WINDOWS\System32\coh.cache
[2009/06/26 18:06:48 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/06/25 11:59:08 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\96865926.ini
[2009/06/25 11:11:46 | 00,068,096 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\ebay stuff.doc
[2009/06/24 11:57:55 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/24 11:57:17 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/06/24 11:55:40 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/24 11:55:11 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/24 11:55:03 | 10,634,40384 | -HS- | M] () -- C:\hiberfil.sys
[2009/06/22 11:54:23 | 00,110,592 | ---- | M] () -- C:\WINDOWS\System32\net.net
[2009/06/21 19:05:30 | 00,055,074 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\06-12-Readme.html
[2009/06/18 12:45:35 | 00,035,840 | ---- | M] () -- C:\Documents and Settings\ning yang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/16 18:05:44 | 00,006,180 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\transcript.pdf
[2009/06/16 18:03:41 | 00,042,496 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\to do list.doc
[2009/06/15 22:22:02 | 02,180,006 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\UV260 part2.pdf
[2009/06/15 22:22:00 | 02,301,284 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\UV260 part 1.pdf
[2009/06/12 18:42:37 | 00,050,688 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\MDAW
[2009/06/05 23:24:47 | 00,120,832 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\pass.doc
[2009/06/05 08:55:13 | 01,579,722 | -H-- | M] () -- C:\Documents and Settings\ning yang\Local Settings\Application Data\IconCache.db
[2009/06/01 09:54:58 | 00,000,725 | ---- | M] () -- C:\Documents and Settings\ning yang\Desktop\Shortcut to online.exe.lnk
< End of report >

----------------------------------------------------------------------
EXTRAS.txt is

OTL Extras logfile created on: 6/27/2009 9:33:08 PM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\Documents and Settings\ning yang\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.11 Mb Total Physical Memory | 216.91 Mb Available Physical Memory | 21.39% Memory free
2.38 Gb Paging File | 1.01 Gb Available in Paging File | 42.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.07 Gb Total Space | 2.24 Gb Free Space | 3.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NING-COMPUTER
Current User Name: ning yang
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"57745:TCP" = 57745:TCP:*:Enabled:Pando Media Booster
"57745:UDP" = 57745:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System (Digital Interactive Systems Corporation)
C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP (Digital Interactive Systems Corporation, Inc.)
C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger (Microsoft Corporation)
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader (AOL LLC)
C:\Program Files\Common Files\AOL\1158345819\ee\aolsoftware.exe:*:Enabled:AOL Services File not found
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Computer, Inc.)
C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager (Nexon)
C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus File not found
C:\Program Files\Sony\VAIO Media 5.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media (Sony Corporation)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core (Nexon Corp.)
C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0DF00135-D5A7-476A-BFB3-EDFF2840076A}" = VAIO Wireless LAN Setup Utility
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BA16E5A-72B9-44B7-9FDA-FB6CE7FF6C0C}" = Camtasia Studio 4
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2EA7CF7E-0C76-44A5-B0CF-A1D171476E42}" = VAIO Breeze Wallpaper
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{319D9385-EEC1-4ae5-BFD1-C5DE1E063F30}" = Trend Micro Anti-Spyware
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{37ADBECF-1420-4557-B8CC-BED57053C3FF}" = Click to DVD Tutorial
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{39C8EFBA-042B-11DC-A860-0EE955D89593}" = ProductName
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 2
"{492724FC-3B26-46B4-824F-3CE2722D9AA0}" = Apple Software Update
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5958CAC6-373E-402F-84FE-0A699AA920B9}" = LAN Setting Utility
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5B82682E-C555-45DA-8E2C-CE6525427AC9}" = Click to DVD 2.5.30
"{5D95AD35-368F-47D5-B63A-A082DDF00111}" = Microsoft Digital Image Starter Edition 2006 Editor
"{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}" = Macromedia Flash Player 8
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{691F4068-81BF-49E3-B32E-FE3E16400111}" = Microsoft Digital Image Starter Edition 2006 Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{763E8D6C-0098-4FF4-801A-3F311D2D9D80}" = Apple Mobile Device Support
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{82081533-F045-469E-BD53-F16839E445C3}" = VAIO Support Central
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{908994F4-EBD2-40E0-B8F3-7004FA54E909}" = VAIO Media Tutorial
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{974C05A0-C76C-4724-A9A2-11D5D1355729}" = iTunes
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9B953606-000E-491C-B74D-78ECFDD520A0}" = OpenMG Metadata Extractor for Windows Media Player
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.0
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A87EBA79-93DB-4A87-B9BA-62F8FB12D993}" = ImageStation
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0.7
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D9952D4E-766C-4CD3-BF2E-A2C3D8B15EF3}" = VAIO Backup Utility
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB5F474C-B584-417F-810B-DEBBC1893C2A}" = TBS WMP Plug-in
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E3D278BD-FC97-4F87-BB1F-689AE0CB9122}" = Macromedia Flash Player 8 Plugin
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E601665F-7D55-4983-AA72-43551164FC03}" = ActiveDolls
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE3BF611-9B8B-44DC-A424-F8C4BA122A1D}" = VAIO Security Center
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Acoustica MP3 Audio Mixer" = Acoustica MP3 Audio Mixer
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"AIM_6" = AIM 6
"AOL Search Enhancement" = Search Enhancement by AOL Search
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_104D1700" = Soft Data Fax Modem with SmartCP
"Colorizer 1.0.0.1" = Colorizer 1.0.0.1
"Combat Arms" = Combat Arms
"DISCover" = DISCover
"DivX Content Uploader" = DivX Content Uploader
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"HP-Color LaserJet 2600n" = Color LaserJet 2600n
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{23BE930B-6AC4-4D0D-B5C3-03062A2BF2A3}" = OpenMG AAC Add-on Module 1.0.00
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{3633BA28-67CE-4AC8-A677-3406CA84C3D8}" = OpenMG Secure Module 4.5.01
"InstallShield_{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"InstallShield_{DB5F474C-B584-417F-810B-DEBBC1893C2A}" = TBS WMP Plug-in
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"Kevtris" = Kevtris
"LimeWire" = LimeWire 5.0.11
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Hearts for Pocket PC" = Microsoft Hearts for Pocket PC (Remove Only)
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"net" = Advertisement Service
"OpenMG HotFix4.5-06-05-10-01" = OpenMG Limited Patch 4.5-06-05-12-01
"Phantasy Star Online Blue Burst_is1" = Phantasy Star Online Blue Burst 1.0
"PictureItSuiteTrial_v11" = Microsoft Digital Image Starter Edition 2006
"PowerISO" = PowerISO
"ProInst" = Intel® PROSet/Wireless Software
"StyleXP" = StyleXP (remove only)
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6a
"WGA" = Windows Genuine Advantage Validation Tool
"WildTangent wildgames Master Uninstall" = WildGames
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = T-Mobile Shadow™ User Manual
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/23/2009 11:31:57 PM | Computer Name = NING-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 6/23/2009 11:33:09 PM | Computer Name = NING-COMPUTER | Source = Application Error | ID = 1004
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 6/24/2009 12:55:54 PM | Computer Name = NING-COMPUTER | Source = .NET Runtime | ID = 0
Description =

Error - 6/24/2009 12:56:09 PM | Computer Name = NING-COMPUTER | Source = Application Error | ID = 1000
Description = Faulting application ViewpointService.exe, version 2.0.0.54, faulting
module ViewpointService.exe, version 2.0.0.54, fault address 0x00002250.

Error - 6/24/2009 12:56:48 PM | Computer Name = NING-COMPUTER | Source = .NET Runtime | ID = 0
Description =

Error - 6/26/2009 9:28:50 PM | Computer Name = NING-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5145, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2009 6:21:12 PM | Computer Name = NING-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application IDriver.exe, version 7.7.0.262, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2009 6:21:13 PM | Computer Name = NING-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application IDriver.exe, version 7.7.0.262, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2009 6:32:00 PM | Computer Name = NING-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application IDriver.exe, version 7.7.0.262, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/27/2009 10:31:16 PM | Computer Name = NING-COMPUTER | Source = Application Hang | ID = 1002
Description = Hanging application IDriver.exe, version 7.7.0.262, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 6/24/2009 12:56:24 PM | Computer Name = NING-COMPUTER | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.

Error - 6/24/2009 12:56:27 PM | Computer Name = NING-COMPUTER | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SRTSP

Error - 6/24/2009 12:56:27 PM | Computer Name = NING-COMPUTER | Source = SRTSP | ID = 524292
Description = Error loading virus definitions.

Error - 6/24/2009 12:57:18 PM | Computer Name = NING-COMPUTER | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.

Error - 6/24/2009 1:01:24 PM | Computer Name = NING-COMPUTER | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 6/24/2009 1:45:46 PM | Computer Name = NING-COMPUTER | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
address 0018DE10C12C has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 6/24/2009 6:47:25 PM | Computer Name = NING-COMPUTER | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{71866752-C8DA-4969-97FA-1C3A6C1AFA0B}
because another computer on the network has the same name. The server could not
start.

Error - 6/24/2009 7:03:26 PM | Computer Name = NING-COMPUTER | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0018DE10C12C. The following
error occurred: %%121. Your computer will continue to try and obtain an address on
its own from the network address (DHCP) server.

Error - 6/24/2009 7:11:39 PM | Computer Name = NING-COMPUTER | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0018DE10C12C. The following
error occurred: %%121. Your computer will continue to try and obtain an address on
its own from the network address (DHCP) server.

Error - 6/25/2009 2:34:03 AM | Computer Name = NING-COMPUTER | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.3 on
the Network Card with network address 0013A94D22EA.


< End of report >
-----------------------------------------------------------------------
lastly the rooter

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP . (5.1.2600) Service Pack 2
[32_bits] - x86 Family 6 Model 14 Stepping 8, GenuineIntel
.
[wscsvc] STOPPED (state:1) : Security Center -> Disabled !
[SharedAccess] STOPPED (state:1) : Windows Firewall -> Disabled !
.
Internet Explorer 6.0.2900.2180
.
C:\ [Fixed-NTFS] .. ( Total:69 Go - Free:2 Go )
D:\ [Removable]
E:\ [Removable]
F:\ [CD_Rom]
G:\ [CD_Rom]
H:\ [CD_Rom]
.
Scan : 21:37.12
Path : C:\Documents and Settings\ning yang\Desktop\Rooter.exe
User : ning yang ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \??\C:\WINDOWS\system32\csrss.exe (908)
______ \??\C:\WINDOWS\system32\winlogon.exe (932)
______ C:\WINDOWS\system32\services.exe (984)
______ C:\WINDOWS\system32\lsass.exe (996)
______ C:\WINDOWS\system32\svchost.exe (1176)
______ C:\WINDOWS\system32\svchost.exe (1308)
______ C:\WINDOWS\System32\svchost.exe (1396)
______ C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (1440)
______ C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1516)
______ C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (1600)
______ C:\WINDOWS\system32\svchost.exe (1716)
______ C:\WINDOWS\system32\svchost.exe (1768)
______ C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (252)
______ C:\WINDOWS\Explorer.EXE (256)
______ C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (1452)
______ C:\WINDOWS\system32\spoolsv.exe (656)
______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (1792)
______ C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (1824)
______ C:\Program Files\Bonjour\mDNSResponder.exe (2016)
______ C:\WINDOWS\eHome\ehRecvr.exe (2036)
______ C:\WINDOWS\eHome\ehSched.exe (748)
______ C:\WINDOWS\System32\svchost.exe (1008)
______ C:\Program Files\Java\jre6\bin\jqs.exe (1000)
______ C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (1472)
______ C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (1296)
______ C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe (244)
______ C:\WINDOWS\system32\svchost.exe (344)
______ C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (560)
______ C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (2028)
______ C:\WINDOWS\system32\igfxext.exe (2180)
______ C:\WINDOWS\system32\igfxsrvc.exe (2212)
______ C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (2532)
______ C:\WINDOWS\ehome\mcrdsvc.exe (2568)
______ C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (2624)
______ C:\Program Files\Windows Media Player\WMPNetwk.exe (2860)
______ C:\WINDOWS\system32\wbem\wmiprvse.exe (3284)
______ C:\WINDOWS\system32\hkcmd.exe (3948)
______ C:\WINDOWS\system32\igfxpers.exe (3968)
______ C:\Program Files\Apoint\Apoint.exe (220)
______ C:\WINDOWS\ehome\ehtray.exe (272)
______ C:\WINDOWS\eHome\ehmsas.exe (516)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1876)
______ C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (1520)
______ C:\Program Files\Sony\ISB Utility\ISBMgr.exe (1648)
______ C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe (1188)
______ C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (1272)
______ C:\Program Files\DISC\DISCover.exe (1776)
______ C:\Program Files\Common Files\Symantec Shared\ccApp.exe (1328)
______ C:\Program Files\mobile PhoneTools\WatchDog.exe (2156)
______ C:\Program Files\Apoint\Apntex.exe (2704)
______ C:\Program Files\QuickTime\QTTask.exe (2796)
______ C:\Program Files\iTunes\iTunesHelper.exe (2816)
______ C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3044)
______ C:\WINDOWS\system32\ctfmon.exe (3104)
______ C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3120)
______ C:\Program Files\TGTSoft\StyleXP\StyleXP.exe (3140)
______ C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3172)
______ C:\Program Files\AIM6\aim6.exe (3228)
______ C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (3656)
______ C:\Program Files\AIM6\aolsoftware.exe (3752)
______ C:\Program Files\Trend Micro\Tmas\Tmas.exe (3756)
______ C:\PROGRA~1\MI3AA1~1\rapimgr.exe (3960)
______ C:\Program Files\Mozilla Firefox\firefox.exe (4092)
______ C:\Program Files\Java\jre6\bin\jucheck.exe (3596)
______ C:\WINDOWS\TEMP\symlcsv1.exe (2444)
______ C:\Program Files\iTunes\iTunes.exe (6344)
______ C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe (6380)
______ C:\Documents and Settings\ning yang\Desktop\Rooter.exe (8932)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:5864592384)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:5864624640 | Length:74159124480)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - ning yang.job
C:\WINDOWS\Tasks\SA.DAT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\DOCUME~1\NINGYA~1\Desktop\Adobe CS3\WinCS3Clean\acs3_keygen.rar
C:\DOCUME~1\NINGYA~1\Desktop\Adobe CS3\WinCS3Clean\keygen.exe
==> Cracks & Keygens <==
.
----------------------\\ Scan completed at 21:38.14
.
C:\Rooter$\Rooter_1.txt - (27/06/2009 | 21:38.14).c

Let's get going then.

The source of your infections is likely related to all the cracks and keygens that I found on your computer. If you are truly interested in staying clean in the future, I strongly recommend that you stay away from Cracks and Keygens. Failure to heed my warning may result in the reinfection of your computer. If you choose to continue down this path, we may not be able to help you here in the future.

Step 1.
ComboFix:

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Step 2.
Lop S&D:

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here and save it to the desktop

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

Step 3.
Things I would like to see in your reply:

1. The content of C:\ComboFix.txt from step 1.
2. The content of C:\lopR.txt from step 2.

yeah those are all really old...i stopped because i didnt wana deal with viruses and stuff
anyway heres the lopsd


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel® CPU T2050 @ 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : ning yang ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:2 Go)
D:\ (USB)
E:\ (USB)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( Sun 06/28/2009|13:05 )

--------------------\\ Listing folders in APPLIC~1

[09/01/2006|05:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[09/15/2006|01:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Intuit
[09/01/2006|07:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[09/15/2006|01:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sony Corporation

[06/25/2009|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> 16855934
[06/25/2009|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> 96865926
[11/17/2007|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[07/26/2007|07:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[12/17/2007|04:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[12/18/2006|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
[09/05/2007|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[11/01/2006|06:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[08/29/2008|06:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software
[11/23/2006|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CopyPod
[11/22/2006|02:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Digital Interactive Systems Corporation
[05/06/2007|07:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[09/01/2006|05:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intel
[09/15/2006|01:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Intuit
[02/16/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kaspersky Lab
[08/21/2008|05:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[08/27/2008|08:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[09/01/2006|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Napster
[06/30/2008|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NexonUS
[04/02/2008|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pianosoft
[01/09/2009|05:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PMB Files
[10/30/2006|09:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[09/01/2006|05:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[11/20/2007|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SlySoft
[11/01/2006|05:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sony Corporation
[01/22/2008|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/14/2009|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[08/20/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[10/29/2006|08:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trymedia
[09/15/2006|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> VAIO Media Platform
[10/31/2007|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[05/10/2008|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WildTangent
[12/05/2006|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[09/01/2006|05:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[09/15/2006|01:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Intuit
[09/01/2006|07:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[09/15/2006|01:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sony Corporation

[12/05/2006|07:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[09/01/2006|07:06] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Intel
[09/01/2006|05:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[12/18/2006|11:59] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> acccore
[08/04/2008|02:18] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Adobe
[11/21/2006|09:11] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> AdobeUM
[02/25/2008|08:41] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Apple Computer
[05/27/2009|10:31] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Dev-Cpp
[11/04/2006|03:38] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> DivX
[06/10/2009|11:24] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> dvdcss
[02/03/2007|08:54] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> fretsonfire
[03/12/2009|09:39] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> GPass
[11/23/2006|01:46] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Help
[09/01/2006|05:15] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Identities
[12/27/2008|12:30] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> InstallShield Installation Information
[11/02/2006|07:48] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> InterVideo
[09/15/2006|01:40] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Intuit
[11/11/2006|10:48] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Leadertech
[06/24/2009|01:06] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> LimeWire
[08/03/2008|03:08] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Macromedia
[08/21/2008|05:00] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Malwarebytes
[06/17/2008|05:43] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Microsoft
[06/16/2009|11:55] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Move Networks
[09/04/2008|07:23] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Mozilla
[08/13/2007|12:52] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Nexon
[05/27/2009|10:31] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Notepad++
[08/26/2008|11:49] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> SecuROM
[11/11/2006|10:48] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Sonic
[08/01/2007|07:05] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Sony Corporation
[04/13/2008|06:21] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> STOIK
[11/21/2006|10:09] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Sun
[03/05/2008|09:55] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Template
[08/20/2008|11:54] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> TmpRecentIcons
[11/23/2007|02:27] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> U3
[06/03/2007|10:59] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> Viewpoint
[02/15/2007|08:15] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> vlc
[05/10/2008|09:45] C:\DOCUME~1\NINGYA~1\APPLIC~1\<DIR> WildTangent

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[06/27/2009 10:05 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/26/2009 08:04 PM][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - ning yang.job
[06/24/2009 11:55 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[03/15/2006 07:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[11/24/2006|12:04] C:\Program Files\<DIR> 1964
[04/02/2008|12:29] C:\Program Files\<DIR> Acoustica MP3 Audio Mixer
[11/20/2007|10:03] C:\Program Files\<DIR> Adobe
[12/17/2007|04:26] C:\Program Files\<DIR> AIM6
[03/16/2008|03:26] C:\Program Files\<DIR> Alcohol Soft
[07/26/2007|07:25] C:\Program Files\<DIR> AOL
[09/01/2006|10:07] C:\Program Files\<DIR> Apoint
[09/05/2007|06:29] C:\Program Files\<DIR> Apple Software Update
[02/11/2009|10:28] C:\Program Files\<DIR> Azureus
[11/04/2007|02:04] C:\Program Files\<DIR> Bonjour
[06/02/2007|11:25] C:\Program Files\<DIR> Colorizer
[06/02/2009|09:14] C:\Program Files\<DIR> Common Files
[09/01/2006|05:11] C:\Program Files\<DIR> ComPlus Applications
[09/01/2006|05:34] C:\Program Files\<DIR> CONEXANT
[11/11/2006|09:59] C:\Program Files\<DIR> DAEMON Tools
[09/15/2006|01:44] C:\Program Files\<DIR> DISC
[11/04/2006|03:37] C:\Program Files\<DIR> DivX
[04/16/2009|09:19] C:\Program Files\<DIR> EA Games
[03/16/2008|04:13] C:\Program Files\<DIR> EA SPORTS
[12/07/2008|12:15] C:\Program Files\<DIR> Google
[11/01/2006|08:26] C:\Program Files\<DIR> Gridwars file
[12/16/2007|08:06] C:\Program Files\<DIR> Hewlett-Packard
[04/16/2009|09:31] C:\Program Files\<DIR> InstallShield Installation Information
[09/01/2006|05:56] C:\Program Files\<DIR> Intel
[08/14/2008|03:01] C:\Program Files\<DIR> Internet Explorer
[09/15/2006|01:51] C:\Program Files\<DIR> InterVideo
[09/05/2007|06:33] C:\Program Files\<DIR> iPod
[09/05/2007|06:34] C:\Program Files\<DIR> iTunes
[02/14/2009|01:22] C:\Program Files\<DIR> Java
[02/14/2009|01:24] C:\Program Files\<DIR> LimeWire
[11/20/2007|11:11] C:\Program Files\<DIR> Magicbit
[08/21/2008|05:00] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[12/03/2006|05:50] C:\Program Files\<DIR> Maplom
[08/14/2008|03:02] C:\Program Files\<DIR> Messenger
[01/01/2009|03:06] C:\Program Files\<DIR> Microsoft ActiveSync
[09/15/2006|01:38] C:\Program Files\<DIR> Microsoft Digital Image 2006
[09/01/2006|05:15] C:\Program Files\<DIR> microsoft frontpage
[05/29/2008|03:36] C:\Program Files\<DIR> Microsoft Office
[04/06/2009|09:48] C:\Program Files\<DIR> Microsoft Silverlight
[09/01/2006|06:50] C:\Program Files\<DIR> Microsoft SQL Server
[09/15/2006|01:40] C:\Program Files\<DIR> Microsoft Works
[09/15/2006|01:46] C:\Program Files\<DIR> Microsoft.NET
[09/05/2007|06:06] C:\Program Files\<DIR> mobile PhoneTools
[09/01/2006|06:56] C:\Program Files\<DIR> MobiTV
[02/18/2008|12:42] C:\Program Files\<DIR> Movie Maker
[09/01/2006|06:56] C:\Program Files\<DIR> Movielink
[06/28/2009|12:44] C:\Program Files\<DIR> Mozilla Firefox
[05/29/2008|03:36] C:\Program Files\<DIR> MSECache
[09/01/2006|05:10] C:\Program Files\<DIR> MSN Gaming Zone
[11/01/2006|05:59] C:\Program Files\<DIR> MSXML 4.0
[09/01/2006|06:56] C:\Program Files\<DIR> Napster
[09/01/2006|05:12] C:\Program Files\<DIR> NetMeeting
[07/29/2008|02:38] C:\Program Files\<DIR> Norton Internet Security
[05/27/2009|10:31] C:\Program Files\<DIR> Notepad++
[09/15/2006|01:43] C:\Program Files\<DIR> Online Services
[06/13/2007|03:03] C:\Program Files\<DIR> Outlook Express
[01/09/2009|05:28] C:\Program Files\<DIR> Pando Networks
[06/01/2009|09:55] C:\Program Files\<DIR> Phantasy Star Online Blue Burst
[06/03/2009|09:51] C:\Program Files\<DIR> Pineapple Works
[01/07/2007|03:46] C:\Program Files\<DIR> Power Tab Software
[12/25/2006|11:57] C:\Program Files\<DIR> PowerISO
[02/11/2009|11:01] C:\Program Files\<DIR> Project64 1.6
[01/01/2009|03:08] C:\Program Files\<DIR> Quicken
[09/05/2007|06:31] C:\Program Files\<DIR> QuickTime
[09/01/2006|05:57] C:\Program Files\<DIR> Realtek
[09/01/2006|06:54] C:\Program Files\<DIR> Roxio
[09/01/2006|06:55] C:\Program Files\<DIR> Shield
[08/23/2008|04:25] C:\Program Files\<DIR> SmartAudioConverter
[09/15/2006|01:57] C:\Program Files\<DIR> Sony
[09/01/2006|06:47] C:\Program Files\<DIR> Sony Corporation
[01/12/2008|06:57] C:\Program Files\<DIR> Spybot - Search & Destroy
[10/30/2006|05:20] C:\Program Files\<DIR> Symantec
[08/18/2007|08:00] C:\Program Files\<DIR> TechSmith
[10/31/2006|10:52] C:\Program Files\<DIR> TGTSoft
[11/01/2007|07:23] C:\Program Files\<DIR> T-Mobile Shadow User Manual
[01/12/2008|07:15] C:\Program Files\<DIR> Trend Micro
[01/01/2009|03:10] C:\Program Files\<DIR> Trillian
[09/01/2006|06:50] C:\Program Files\<DIR> Uninstall Information
[02/15/2007|07:53] C:\Program Files\<DIR> VideoLAN
[10/31/2007|04:10] C:\Program Files\<DIR> Viewpoint
[05/10/2008|09:44] C:\Program Files\<DIR> WildGames
[12/05/2006|07:33] C:\Program Files\<DIR> Windows Media Connect
[12/05/2006|07:38] C:\Program Files\<DIR> Windows Media Connect 2
[12/05/2006|07:38] C:\Program Files\<DIR> Windows Media Player
[09/01/2006|05:10] C:\Program Files\<DIR> Windows NT
[09/01/2006|05:10] C:\Program Files\<DIR> Windows Plus
[09/01/2006|05:13] C:\Program Files\<DIR> WindowsUpdate
[11/07/2006|11:13] C:\Program Files\<DIR> WinRAR
[09/01/2006|05:15] C:\Program Files\<DIR> xerox
[12/16/2007|08:06] C:\Program Files\<DIR> Zenographics
[11/01/2006|06:05] C:\Program Files\<DIR> Zero G Registry

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/20/2007|10:06] C:\Program Files\Common Files\<DIR> Adobe
[07/27/2007|11:23] C:\Program Files\Common Files\<DIR> AOL
[09/05/2007|06:28] C:\Program Files\Common Files\<DIR> Apple
[09/15/2006|01:46] C:\Program Files\Common Files\<DIR> DESIGNER
[08/21/2008|05:00] C:\Program Files\Common Files\<DIR> Download Manager
[09/01/2006|06:42] C:\Program Files\Common Files\<DIR> InstallShield
[09/15/2006|01:51] C:\Program Files\Common Files\<DIR> InterVideo
[09/01/2006|06:33] C:\Program Files\Common Files\<DIR> Java
[11/04/2007|01:53] C:\Program Files\Common Files\<DIR> Macrovision Shared
[05/29/2008|03:36] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/01/2006|05:12] C:\Program Files\Common Files\<DIR> MSSoap
[09/01/2006|06:56] C:\Program Files\Common Files\<DIR> Napster Shared
[12/18/2006|09:35] C:\Program Files\Common Files\<DIR> Nullsoft
[09/01/2006|10:03] C:\Program Files\Common Files\<DIR> ODBC
[09/01/2006|05:12] C:\Program Files\Common Files\<DIR> Services
[09/01/2006|06:54] C:\Program Files\Common Files\<DIR> Sonic Shared
[09/15/2006|01:58] C:\Program Files\Common Files\<DIR> Sony Shared
[09/01/2006|10:03] C:\Program Files\Common Files\<DIR> SpeechEngines
[06/21/2009|08:03] C:\Program Files\Common Files\<DIR> Symantec Shared
[06/13/2007|03:03] C:\Program Files\Common Files\<DIR> System
[11/18/2006|09:01] C:\Program Files\Common Files\<DIR> Totem Shared

--------------------\\ Process

( 72 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file MODIFIED

127.0.0.1 www.winfixer.com ## added by CiD

-> 72 [ 1 ## added by CiD ]

/!\ 70 Not 127.0.0.1 !!

--------------------\\ Searching for hidden files with Catchme


--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\NINGYA~1\Desktop\Adobe CS3\WinCS3Clean\acs3_keygen.rar
C:\DOCUME~1\NINGYA~1\Desktop\Adobe CS3\WinCS3Clean\keygen.exe
C:\DOCUME~1\NINGYA~1\Desktop\Music\Lil Wayne Discography + Mixtapes\Lil Wayne - The Leak 2\05-Lil Wayne - Crack House (Ft. Fat Joe)-RGF.mp3
C:\DOCUME~1\NINGYA~1\Desktop\Music\Lil Wayne Discography + Mixtapes\Lil Wayne - Worldwide Legacy Presents Waynes World\lil_wayne-17-crack_the_bottle.mp3
C:\DOCUME~1\NINGYA~1\Shared\Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle.mp3


[F:969][D:99]-> C:\DOCUME~1\NINGYA~1\LOCALS~1\Temp
[F:9][D:0]-> C:\DOCUME~1\NINGYA~1\Cookies
[F:2845][D:4]-> C:\DOCUME~1\NINGYA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Sun 06/28/2009|13:22 - Option : [1]

--------------------\\ Scan completed at 13:22:23
------------------------------------------------------------------
i downloaded combofix (all 3 times even) and i would click on the exe and nothing would happen...this also happened to malwarebytes anti malware...=(

Let's run Combofix like this then

Delete ComboFix.exe from your desktop

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3





--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt so we can continue cleaning the system.

How long do i have to wait for combofix? i did what you said and it loads up a blue window saying please wait. combofix is preparing to run
and nothing happens.

also my taskbar and google desktop (docked to the right) are blinking and now my taskbar is frozen (but i can still switch to applications using task manager...)

Make sure that your Antivirus-software and antispyware software disabled before running Combo-Fix.exe

This post has been edited by heir: Jun 28 2009, 01:09 PM

well...i have norton but i dont even know how to disable it...its not in my taskbar so idk
ugh i am so computer-dumb haha sorry

Check this link on how to disable security programs.

yeah i clicked on norton and it wouldnt open
my computer also froze so ihad to turn it off and when i turned it on now i have more problems...
the background is changed to black and it says "warning youre in danger your computer is infected blah blah"

also i have 2 FAKE 'scanners' that keep saying i have problems and pop up ugh. i know theres a problem now

what do you want me to do

Let's use another tool then.

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
• Choose your usual account.

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard ready for posting back on the forum).
• Finally paste the contents of the Report.txt back on the forum

okay things are literally getting worse and worse
i tried doing what you said and when it loaded it said scanning processes and applications i think? and it stoppped there for like5 minutes.
also i restarted my computer and the fake anti virus closes task manager and firefox saying its infected...ugh

am i not waiting enough time for the scan? is it supposed to do something else

Let's see what information an online scanner brings us.

Please do an online scan with Kaspersky Online Scanner

Kaspersky online scanner uses JAVA tecnology to perform the scan. If you do not have the latest JAVA version, follow the instrutions below under Upgrading Java, to download and install the latest vesion.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure the following is checked.
   
   Spyware, Adware, Dialers, and other potentially dangerous programs
   Archives
   Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply.

Upgrading Java:

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:

• Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 14.
• Click the "Download" button to the right.
• Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
• Click on Continue.
• Click on the link to download Windows Offline Installation (jre-6u14-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java version.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u14-windows-i586-p.exe and select "Run as an Administrator.")

the fake virus scanner says java cannot be executed...so it wont let me use kaspersky
is there another offline thing i can use in safe mode? that seemed like the best way but idk youre the expert