Hello Kahdah!
Wow! That was quick.
Thanks!
Here we go;
Logfile of random's system information tool 1.05 (written by random/random)
Run by AA at 2008-12-28 21:37:29
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 4 GB (15%) free of 29 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:38:05 PM, on 12/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\system32\winscenter.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\AA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\PROGRA~1\MICROS~4\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\AA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\AA\My Documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\AA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.sony.com/vaiopeopleO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Blavi] rundll32.exe "C:\WINDOWS\Ocebiwel.dll",e
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKLM\..\Run: [Inegeri] rundll32.exe "C:\WINDOWS\ucadubad.dll",e
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\AA\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\AA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PowerPanel.lnk = ?
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) -
http://support.rexpl...l//iftwclix.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1213756919344O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://javadl.sun.co...?BundleId=23100O16 - DPF: {F375116A-793C-11D2-BFE1-444553540001} (First American Res MapActiveX Control) -
http://realist2.firs...r/mapviewer.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
--
End of file - 12058 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-06-18 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-06-18 2403392]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2002-08-11 28672]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2002-08-11 290816]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2002-11-01 126976]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2002-11-01 561152]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2002-11-08 61440]
"ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 40960]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-05-07 591696]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17 98616]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2004-12-10 67184]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2004-12-30 120640]
"Blavi"=C:\WINDOWS\Ocebiwel.dll [2008-12-28 40448]
"spywareguard"=C:\Program Files\Spyware Guard 2008\spywareguard.exe [2008-12-28 1007616]
"Inegeri"=C:\WINDOWS\ucadubad.dll [2008-12-28 134656]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"cdloader"=C:\Documents and Settings\AA\Application Data\mjusbsp\cdloader2.exe [2008-08-22 50520]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe [2008-07-08 2828184]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"Google Update"=C:\Documents and Settings\AA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-21 133104]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
PowerPanel.lnk - C:\Program Files\PowerPanel\Program\PcfMgr.exe
Wireless-G Notebook Adapter Utility.lnk - C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2004-12-30 55104]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\PrintServer Utilities\WinUtil\PSAdmin.exe"="C:\Program Files\PrintServer Utilities\WinUtil\PSAdmin.exe:*:Enabled:PSAdmin"
"C:\Documents and Settings\AA\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\AA\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08e3b61c-3d6a-11dd-9cb7-080046739afe}]
shell\AutoRun\command - E:\autorun.exe
shell\phone\command - E:\autorun.exe
======List of files/folders created in the last 1 months======
2008-12-28 21:37:29 ----D---- C:\rsit
2008-12-28 12:28:12 ----D---- C:\Program Files\Spyware Guard 2008
2008-12-28 12:16:08 ----A---- C:\WINDOWS\vmreg.dll
2008-12-28 12:16:08 ----A---- C:\WINDOWS\sysexplorer.exe
2008-12-28 12:16:08 ----A---- C:\WINDOWS\syscert.exe
2008-12-28 12:16:08 ----A---- C:\WINDOWS\sys.com
2008-12-28 12:11:07 ----A---- C:\WINDOWS\reged.exe
2008-12-28 11:24:50 ----A---- C:\WINDOWS\ucadubad.dll
2008-12-28 11:13:20 ----A---- C:\WINDOWS\system32\winscenter.exe
2008-12-28 11:13:11 ----A---- C:\WINDOWS\spoolsystem.exe
2008-12-28 11:12:51 ----A---- C:\WINDOWS\system32\TDSScnsy.dll
2008-12-28 11:11:40 ----A---- C:\WINDOWS\Ocebiwel.dll
2008-12-28 11:11:40 ----A---- C:\Documents and Settings\All Users\Application Data\svhost.exe
2008-12-28 11:10:58 ----A---- C:\WINDOWS\system32\digeste.dll
2008-12-24 23:36:17 ----D---- C:\Program Files\ABC Amber Rocket eBook Converter
2008-12-24 23:28:33 ----D---- C:\Program Files\ABC Amber PDF Converter
2008-12-17 19:56:53 ----D---- C:\Program Files\WinRAR
2008-12-13 20:06:00 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-12-13 20:05:25 ----D---- C:\Program Files\Symantec AntiVirus
======List of files/folders modified in the last 1 months======
2008-12-28 21:37:33 ----D---- C:\WINDOWS\Prefetch
2008-12-28 20:36:14 ----D---- C:\WINDOWS\Temp
2008-12-28 19:56:19 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-28 12:47:31 ----HD---- C:\WINDOWS\system32\drivers
2008-12-28 12:45:30 ----D---- C:\WINDOWS\system32
2008-12-28 12:40:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-28 12:34:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-28 12:30:05 ----A---- C:\WINDOWS\ModemLog_CXT AC-Link Modem for Intel.txt
2008-12-28 12:28:12 ----RD---- C:\Program Files
2008-12-28 12:28:12 ----D---- C:\WINDOWS
2008-12-28 12:27:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-28 11:35:15 ----D---- C:\Documents and Settings\AA\Application Data\Skype
2008-12-28 11:13:07 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-28 08:06:24 ----D---- C:\Documents and Settings\AA\Application Data\skypePM
2008-12-25 18:05:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-21 16:00:06 ----SD---- C:\Documents and Settings\AA\Application Data\Microsoft
2008-12-21 15:42:28 ----SD---- C:\WINDOWS\Tasks
2008-12-17 20:01:11 ----SHD---- C:\WINDOWS\Installer
2008-12-17 20:01:11 ----D---- C:\Config.Msi
2008-12-17 19:55:34 ----D---- C:\Program Files\Registry Mechanic
2008-12-15 21:26:16 ----D---- C:\WINDOWS\system32\config
2008-12-13 20:07:20 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-13 20:06:11 ----D---- C:\Program Files\Symantec
2008-12-13 20:05:25 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-12-13 20:03:02 ----DC---- C:\WINDOWS\system32\dllcache
2008-12-13 20:02:17 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-13 20:01:45 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-13 19:55:03 ----A---- C:\additdiag.txt
2008-12-13 19:43:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2004-12-23 264240]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-10-23 9855]
R2 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2002-08-11 480512]
R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\CBTNDIS5.SYS []
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-08-16 139776]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-07-09 1174192]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2002-07-09 159236]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081228.003\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081228.003\navex15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 odysseyIM3;Odyssey Network Services Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2003-05-14 62673]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SPI;Sony Programmable I/O Control Device; C:\WINDOWS\System32\DRIVERS\SonyPI.sys [2002-08-20 71961]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2004-12-23 16784]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2002-11-01 263152]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 WDM_YAMAHAAC97;YAMAHA AC-XG Audio Device; C:\WINDOWS\system32\drivers\yacxgc.sys [2002-09-19 205056]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-07-09 601488]
S1 TDSSserv.sys;TDSSserv.sys; C:\WINDOWS\system32\drivers\TDSSserv.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-04 31744]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-04 207360]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;USB to IEEE-1284.4 Translation Driver; C:\WINDOWS\system32\DRIVERS\hppausb0.sys [2001-01-16 17872]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 LEX_NIC_SERVICE;IEEE 802.11 Wireless NIC Win2000 Driver; C:\WINDOWS\System32\DRIVERS\Express.sys [2002-03-14 57984]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2008-10-26 16694]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TNET1130x;Wireless-G Notebook Adapter v.2.0; C:\WINDOWS\system32\DRIVERS\tnet1130x.sys [2004-03-10 385536]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-04-17 102712]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2004-12-10 255600]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2004-12-10 243312]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2004-12-30 30528]
R2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2004-12-30 1107784]
R2 VAIOMediaPlatform-MusicServer-AppServer;VAIO Media Music Server (Application); C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe [2002-11-13 376898]
R2 VAIOMediaPlatform-MusicServer-HTTP;VAIO Media Music Server (HTTP); C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe [2002-07-19 45056]
R2 VAIOMediaPlatform-MusicServer-UPnP;VAIO Media Music Server (UPnP); C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe [2002-11-06 585728]
R2 VAIOMediaPlatform-PhotoServer-AppServer;VAIO Media Photo Server (Application); C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe [2002-10-30 462848]
R2 VAIOMediaPlatform-PhotoServer-HTTP;VAIO Media Photo Server (HTTP); C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe [2002-07-19 45056]
R2 VAIOMediaPlatform-PhotoServer-UPnP;VAIO Media Photo Server (UPnP); C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe [2002-11-06 585728]
S2 NICSer_WPC54G;NICSer_WPC54G; C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe [2003-11-13 455680]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2004-12-10 87664]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-09-06 651720]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-18 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2004-12-30 153416]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2004-12-23 202448]
S3 SPTISRV;Sony SPTI Service; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe [2002-07-23 65536]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2002-08-11 131072]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2008-12-28 21:38:13
======Uninstall list======
-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{028EC2AF-F501-4567-9CEA-140030DE8544}\setup.exe" -l0x9 -u
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2580F4DA-324F-4945-B16F-B2B867325085}\setup.exe" -l0x9 -u
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ABC Amber PDF Converter-->C:\PROGRA~1\ABCAMB~1\UNWISE.EXE C:\PROGRA~1\ABCAMB~1\INSTALL.LOG
ABC Amber Rocket eBook Converter-->C:\PROGRA~1\ABCAMB~2\UNWISE.EXE C:\PROGRA~1\ABCAMB~2\INSTALL.LOG
Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Media Player-->msiexec /qb /x {1EBB57D4-63FF-87CC-A0F0-D73982CF6008}
Adobe Media Player-->MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}
Adobe SVG Viewer-->C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
AMBIT Wireless LAN-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8773FC58-B051-47CE-A75F-2347ECCA6CB6}\Setup.exe" -l0x9
ArcSoft MediaImpression-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{531F0013-964C-4BE6-B382-4117DC8BCDF9}\SETUP.EXE" -l0x9
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
DVgate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{29F61465-428A-11D4-B646-00C04F790F76}\setup.exe"
Epson Copy Utility 3.4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}\SETUP.EXE" -l0x9 -UnInstall
Epson Event Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48F22622-1CC2-4A83-9C1E-644DD96F832D}\SETUP.EXE" -l0x9 -u
EPSON Perfection V300 Photo Scanner Driver Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{910D1ECD-39DE-496D-BF7C-45E07319BF99}\Setup.exe" -l0x9
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Help and Support-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{DD18BE6E-F0B8-41DC-A9F3-AC1ABB918587}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HotKey Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB311F54-39D6-4A03-8E18-053D1B2833D7}\setup.exe" -l0x9
HP LaserJet 1200 Uninstaller-->C:\Program Files\Hewlett-Packard\LaserJet All-in-one\Uninstall\1200\setup.exe uninst12.ini
ImageStation Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28336AFC-722C-4E17-B286-2A7C906183C0}\setup.exe"
Intel® PRO Ethernet Adapter and Software-->Prounstl.exe
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
iSqFt Full Viewer V4.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19A71C4F-94D9-44EA-AC98-FF8A045273AB}\Setup.exe" CPUninstall
Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveUpdate 2.0 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Learning and Research Plus Support Files-->MsiExec.exe /I{00000000-3976-4267-9F39-1DC4745090B7}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Picture It! Express 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE130}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
MovieShaker 3.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4A49B00-02F8-11D5-B64D-00C04F790F76}\setup.exe"
MSN Internet Software-->C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe
MSN Messenger 5.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314B00527}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Music Visualizer Library 1.4.00-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}\setup.exe" -l0x9
Network Smart Capture-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30642CE1-217B-40C0-92E2-6BF849599D9E}\setup.exe" -l0x9
Odyssey Client-->MsiExec.exe /X{99D42EC7-652B-4819-B3E6-6450C815E03F}
OpenMG Limited Patch 3.1-02-10-22-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix3.1-02-10-22-01\HotFixSetup\setup.exe /u
OpenMG Limited Patch 3.1-02-10-23-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix3.1-02-10-23-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 3.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{117C01B5-9D68-4A15-85E2-A7CDFA82CEB9}\Setup.exe" -l0x9 UNINSTALL
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Palm-->MsiExec.exe /X{A005B38F-D5AB-4E35-93DD-9886E449FAF1}
PicoPlayer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C70C75F-A265-4C62-B90F-8F80AA69F262}\Setup.exe"
PicoPlayer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BAAFE2F-300A-46AF-BB1D-FD2F98EDD606}\Setup.exe"
PicoPlayerSplashScreen-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00609F70-5043-4C20-895A-D6EF7ACE9304}\setup.exe"
PictureGear Studio 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27C5164D-ED0E-4D64-B788-93305BD62100}\setup.exe"
PowerPanel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCB53CB5-E82D-4F5E-BFE2-CBB200E19BEF}\setup.exe" -l0x9
PrimoPDF-->"C:\WINDOWS\PrimoPDF4\uninstall.exe" "/U:C:\Program Files\activePDF\PrimoPDF\Uninstall\uninstallPrimoPDF4.xml"
PrintServer Utilities-->C:\Program Files\PrintServer Utilities\Uninstall.exe
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
RealProducer Basic 8.5-->C:\Program Files\Real\RealProducer\rnuninst.exe RealNetworks|RealProducer|8.5
Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
REXplorer Component Upgrade-->C:\Program Files\InstallShield Installation Information\{A639BD63-8CE6-11D5-B4CC-00105A07274A}\setup.exe -u
Russian Phonetic YaZHert - RusWin.net-->MsiExec.exe /I{B4AB2BF1-AE6B-46AF-8809-56743597CCAF}
Screenblast ACID 2.0a-->MsiExec.exe /I{662E1348-3D8D-4BCE-B345-BF7EB40308FD}
Screenblast Sound Forge 1.0b-->MsiExec.exe /I{197A2B90-A998-4603-9B25-2B7D7CC0060E}
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoftK56 Data Fax-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_2486&SUBSYS_812B104D\HXFSETUP.EXE -U -IVEN_8086&DEV_2486&SUBSYS_812B104D
SoftK56 Data Fax-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_2486&SUBSYS_8142104D\HXFSETUP.EXE -U -IVEN_8086&DEV_2486&SUBSYS_8142104D
SonicStage 1.5.05-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x9 UNINSTALL
Sony Certificate PCH-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0448678-1203-4158-A58F-B3D0B616BF9E}\setup.exe"
Sony DV Shared Library-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6990A2BF-D1D2-11D3-81BC-00609789C908}\setup.exe"
Sony Notebook Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{936FADC9-C609-471A-B6F2-A33E2E660D1A}\setup.exe" -l0x9
Sony on Yahoo! Essentials-->C:\Program Files\Yahoo!\unwise.exe C:\progra~1\yahoo!\install.log
Sony USB Mouse-->Pmuninst.exe MouseSuite98
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\setup.exe" -l0x9
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Guard 2008-->C:\Program Files\Spyware Guard 2008\uninstall.exe
Support Actions WinXP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48BE827A-2D06-4804-90C3-4F2F8460F9D4}\setup.exe"
Symantec AntiVirus-->MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
VAIO Media 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\setup.exe" -l0x9 UNINSTALL
VAIO Media Installer 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7128C69B-8F7E-4336-8698-3FD3CDD955EC}\setup.exe" -l0x9 UNINSTALL
VAIO Media Music Server 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF733005-0F40-11D6-9254-0000F460E7A9}\setup.exe" -l0x9 UNINSTALL
VAIO Media Photo Server 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8E1A8479-D871-4573-AA8C-90BF0338B242}\setup.exe"
VAIO Media Platform 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF0DD6E9-F673-4466-8353-70B50A506FD9}\setup.exe"
VAIO Registration-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{AA14D661-8B7A-4A8F-B093-405C160178AF}
VAIO Serenus Wallpaper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802EF464-4992-42B3-8434-45151AD3C933}\setup.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wireless-G Notebook Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A2EDF5F-F3C6-4919-AE34-C08A71AD034A}\Setup.exe" -l0x9
======Security center information======
AV: Symantec AntiVirus Corporate Edition
System event log
Computer Name: AAYZ
Event Code: 7016
Message: The VAIO Media Photo Server (Application) service has reported an invalid current state 272.
Record Number: 4358
Source Name: Service Control Manager
Time Written: 20080917225719.000000-240
Event Type: error
User:
Computer Name: AAYZ
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the running state.
Record Number: 4357
Source Name: Service Control Manager
Time Written: 20080917225719.000000-240
Event Type: information
User:
Computer Name: AAYZ
Event Code: 7035
Message: The IMAPI CD-Burning COM Service service was successfully sent a start control.
Record Number: 4356
Source Name: Service Control Manager
Time Written: 20080917225719.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: AAYZ
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the stopped state.
Record Number: 4355
Source Name: Service Control Manager
Time Written: 20080917225113.000000-240
Event Type: information
User:
Computer Name: AAYZ
Event Code: 35
Message: The time service is now synchronizing the system time with the time
source time.windows.com (ntp.m|0x1|192.168.3.102:123->207.46.232.182:123).
Record Number: 4354
Source Name: W32Time
Time Written: 20080917225110.000000-240
Event Type: information
User:
Application event log
Computer Name: AAYZ
Event Code: 6
Message:
Scan could not open file C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atriprxx.tha [00000017]
Record Number: 152629
Source Name: Symantec AntiVirus
Time Written: 20081110164628.000000-300
Event Type: warning
User:
Computer Name: AAYZ
Event Code: 6
Message:
Scan could not open file C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atriprxx.sve [00000017]
Record Number: 152628
Source Name: Symantec AntiVirus
Time Written: 20081110164628.000000-300
Event Type: warning
User:
Computer Name: AAYZ
Event Code: 6
Message:
Scan could not open file C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atriprxx.rus [00000017]
Record Number: 152627
Source Name: Symantec AntiVirus
Time Written: 20081110164628.000000-300
Event Type: warning
User:
Computer Name: AAYZ
Event Code: 6
Message:
Scan could not open file C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atriprxx.ptb [00000017]
Record Number: 152626
Source Name: Symantec AntiVirus
Time Written: 20081110164628.000000-300
Event Type: warning
User:
Computer Name: AAYZ
Event Code: 6
Message:
Scan could not open file C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\atriprxx.plk [00000017]
Record Number: 152625
Source Name: Symantec AntiVirus
Time Written: 20081110164628.000000-300
Event Type: warning
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Common Files\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------