Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow Laptop contd...


  • Please log in to reply

#1
chinmay420

chinmay420

    Member

  • Member
  • PipPip
  • 16 posts
Hi guys,

Continuing with the old thread, I've followed the steps recommended by the Malware Guide, and here's the verdict:

Malwarebytes' AntiMalware log:


Malwarebytes' Anti-Malware 1.36
Database version: 2085
Windows 5.1.2600 Service Pack 3

07/05/2009 12:02:01
mbam-log-2009-05-07 (12-02-01).txt

Scan type: Quick Scan
Objects scanned: 91131
Time elapsed: 13 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.








Rooter Log:


Microsoft Windows XP Home Edition (5.1.2600) Service Pack 3

C:\ [Fixed] - NTFS - (Total:70166 Mo/Free:2738 Mo)
D:\ [Removable] (Total:0 Mo/Free:0 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)

07/05/2009|13:34

----------------------\\ Processes..

--Locked-- [System Process]
---------- System
---------- \SystemRoot\System32\smss.exe
---------- \??\C:\WINDOWS\system32\csrss.exe
---------- \??\C:\WINDOWS\system32\winlogon.exe
---------- C:\WINDOWS\system32\services.exe
---------- C:\WINDOWS\system32\lsass.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
---------- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
---------- C:\WINDOWS\system32\spoolsv.exe
---------- C:\WINDOWS\System32\SCardSvr.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
---------- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
---------- C:\Program Files\Bonjour\mDNSResponder.exe
---------- C:\WINDOWS\System32\svchost.exe
---------- C:\Program Files\Java\jre6\bin\jqs.exe
---------- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
---------- C:\WINDOWS\Explorer.EXE
---------- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
---------- C:\WINDOWS\system32\svchost.exe
---------- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
---------- C:\WINDOWS\system32\calc.exe
---------- C:\program files\internet explorer\IEXPLORE.EXE
---------- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
---------- C:\Program Files\UPHClean\uphclean.exe
---------- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
---------- C:\Program Files\Windows Media Player\WMPNetwk.exe
---------- C:\WINDOWS\system32\fxssvc.exe
---------- C:\WINDOWS\system32\igfxext.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
---------- C:\WINDOWS\system32\igfxsrvc.exe
---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
---------- C:\WINDOWS\system32\hkcmd.exe
---------- C:\Program Files\Apoint\Apoint.exe
---------- C:\Program Files\Apoint\Apntex.exe
---------- C:\WINDOWS\RTHDCPL.EXE
---------- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
---------- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
---------- C:\PROGRA~1\AVG\AVG8\avgtray.exe
---------- C:\Program Files\Java\jre6\bin\jusched.exe
---------- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
---------- C:\WINDOWS\system32\ctfmon.exe
---------- C:\PROGRA~1\MI3AA1~1\wcescomm.exe
---------- C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
---------- C:\Program Files\Windows Media Player\WMPNSCFG.exe
---------- C:\PROGRA~1\MI3AA1~1\rapimgr.exe
---------- C:\WINDOWS\system32\wuauclt.exe
---------- C:\WINDOWS\system32\wbem\unsecapp.exe
---------- C:\WINDOWS\system32\wbem\wmiprvse.exe
---------- C:\WINDOWS\System32\alg.exe
---------- C:\Program Files\Mozilla Firefox\firefox.exe
---------- C:\Program Files\AVG\AVG8\avgupd.exe
---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
---------- C:\WINDOWS\system32\cmd.exe
---------- C:\Rooter$\RK.exe

----------------------\\ Search..

----------------------\\ ROOTKIT !!


----------------------\\ Cracks & Keygens..

C:\DOCUME~1\CHB\Application Data\uTorrent\Feeding Frenzy 2 + crack.rar.1.torrent
C:\DOCUME~1\CHB\Application Data\uTorrent\Feeding Frenzy 2 + crack.rar.torrent
C:\DOCUME~1\CHB\Application Data\uTorrent\Feeding Frenzy 2 + crack.rarXXX.torrent
C:\DOCUME~1\CHB\Application Data\uTorrent\IncrediFlash.XTreme.v1.2.incl.Keygen.tsrh.rar.torrent
C:\DOCUME~1\CHB\Application Data\uTorrent\Karaoke.CD+G.Creator.Pro.2.0.9(+crack)-BSA.zip.torrent
C:\DOCUME~1\CHB\Local Settings\Temp\Temporary Directory 1 for Nero Burning Rom 7 Ultra Edition Incl Keygen & Serial.zip


1 - "C:\Rooter$\Rooter_1.txt" - 07/05/2009|13:37

----------------------\\ Scan completed at 13:37







OT ListIt Log:

OTListIt logfile created on: 07/05/2009 13:40:03 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.42 Mb Total Physical Memory | 100.61 Mb Available Physical Memory | 20.02% Memory free
1.20 Gb Paging File | 0.70 Gb Available in Paging File | 58.20% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.52 Gb Total Space | 22.71 Gb Free Space | 33.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHINMAY
Current User Name: CHB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\system32\calc.exe (Microsoft Corporation)
PRC - C:\program files\internet explorer\IEXPLORE.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
PRC - C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\igfxext.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Downloads\OTListIt2.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (avg8wd [Auto | Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Image Converter video recording monitor for VAIO Entertainment [On_Demand | Stopped]) -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (Microsoft Corporation)
SRV - (NBService [On_Demand | Stopped]) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (S24EventMonitor [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SQLAgent$VAIO_VEDB [On_Demand | Stopped]) -- C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (svrhost [Auto | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\MSINFO\svrhost.abc ()
SRV - (Symantec Core LC [Auto | Running]) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (UPHClean [Auto | Running]) -- C:\Program Files\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (usnjsvc [On_Demand | Stopped]) -- C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (ApfiltrService [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (APLMp50 [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\APLMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ASPI32 [System | Running]) -- C:\WINDOWS\System32\drivers\Aspi32.sys (Adaptec)
DRV - (AvgLdx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86 [System | Running]) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (catchme [On_Demand | Stopped]) -- C:\WINDOWS\catchme.exe ()
DRV - (DMICall [System | Running]) -- C:\WINDOWS\system32\DRIVERS\DMICall.sys (Sony Corporation)
DRV - (dpK0Bx01 [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dpK0Bx01.sys (DigitalPersona, Inc.)
DRV - (E100B [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GTEDGWModem [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\GTEDG.sys (Broadcom Corporation)
DRV - (GTEDGWWNIC [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys (Broadcom Corporation)
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (Windows ® Server 2003 DDK provider)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Lbd [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (nm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\NMnt.sys (Microsoft Corporation)
DRV - (odysseyIM4 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys (Funk Software, Inc.)
DRV - (OptionWWSC [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys (Broadcom Corporation)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\system32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (SCDEmu [System | Running]) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SNC [On_Demand | Running]) -- C:\WINDOWS\System32\Drivers\SonyNC.sys (Sony Corporation)
DRV - (symlcbrd [Auto | Running]) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation)
DRV - (tifmsony [On_Demand | Running]) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (tmcomm [Auto | Running]) -- C:\WINDOWS\system32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (USBAAPL [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple, Inc.)
DRV - (UsbdpFP [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\UsbdpFP.sys (DigitalPersona, Inc.)
DRV - (USB_RNDIS [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023.sys (Microsoft Corporation)
DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (w29n51 [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\w29n51.sys (Intel® Corporation)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (zebrmdm [On_Demand | Stopped]) -- C:\WINDOWS\system32\DRIVERS\zebrmdm.sys (MCCI)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-US.start2....en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}:6.0.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.5
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\PROGRAM FILES\AVG\AVG8\FIREFOX [2009/05/06 11:25:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/03/17 11:56:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\PROGRAM FILES\FLOCK\FLOCK\PLUGINS [2009/04/15 13:28:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\PROGRAM FILES\FLOCK\FLOCK\COMPONENTS
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/02 13:42:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/28 14:59:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS [2009/03/19 21:09:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS [2009/04/15 13:28:32 | 00,000,000 | ---D | M]

[2008/06/18 07:45:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Extensions
[2008/06/18 07:45:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/05/06 12:01:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Firefox\Profiles\v85g02r2.default\extensions
[2008/02/12 15:14:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Firefox\Profiles\v85g02r2.default\extensions\{13b4437e-b706-11dc-8314-0800200c9a66}
[2009/02/14 10:11:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Firefox\Profiles\v85g02r2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/08/17 12:17:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\CHB\Application Data\mozilla\Firefox\Profiles\v85g02r2.default\extensions\[email protected]
[2009/05/07 12:13:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/28 14:59:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/09 10:35:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[2008/11/11 16:05:20 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/03/17 11:58:32 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/04/28 14:58:55 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/28 14:58:55 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/04/28 14:59:17 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/28 14:59:17 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/28 14:59:17 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/28 14:59:18 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/28 14:59:18 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/28 14:59:18 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/28 14:59:18 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Key error. File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {463DF6D5-BEC1-4D67-B217-59DB692DFC53} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] ICO.EXE File not found
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary (Sony Corporation)
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe" (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {00000161-9980-0010-8000-00AA00389B71} http://codecs.micros.../i386/msaud.cab (Reg Error: Key error.)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} http://codecs.micros...386/wmv8dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.micr...D0C/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{01DF671F-D0EC-4D33-B790-BA7AFE5D1F20}\\NameServer = 218.248.245.145,218.248.240.181
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\system32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/06 00:02:55 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/12/31 10:24:58 | 00,000,000 | RH-D | M] - C:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{0eb1d981-1683-11db-859b-0013a902608d}\Shell\AutoRun\command - "" = .\Recycled\Driveinfo.exe
O33 - MountPoints2\{0eb1d981-1683-11db-859b-0013a902608d}\Shell\Open\Command - "" = .\Recycled\Driveinfo.exe
O33 - MountPoints2\{126a9cdf-5dcc-11db-85b1-9607e198fcc0}\Shell - "" = AutoRun
O33 - MountPoints2\{126a9cdf-5dcc-11db-85b1-9607e198fcc0}\Shell\Auto\command - "" = F:\svrhost.abc -- File not found
O33 - MountPoints2\{126a9cdf-5dcc-11db-85b1-9607e198fcc0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b59b2fb-a429-11dc-93b8-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{1b59b2fb-a429-11dc-93b8-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b59b2fb-a429-11dc-93b8-00166f546f81}\Shell\ɱ¶¾(&K)\command - "" = F:\delautorun.bat -- File not found
O33 - MountPoints2\{1b59b2fc-a429-11dc-93b8-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{1b59b2fc-a429-11dc-93b8-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b59b2fc-a429-11dc-93b8-00166f546f81}\Shell\ɱ¶¾(&K)\command - "" = F:\delautorun.bat -- File not found
O33 - MountPoints2\{1b59b305-a429-11dc-93b8-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{1b59b305-a429-11dc-93b8-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1b59b305-a429-11dc-93b8-00166f546f81}\Shell\ɱ¶¾(&K)\command - "" = F:\delautorun.bat -- File not found
O33 - MountPoints2\{2ecc4dec-326a-11db-85a4-0013a902608d}\Shell - "" = AutoRun
O33 - MountPoints2\{2ecc4dec-326a-11db-85a4-0013a902608d}\Shell\Auto\command - "" = F:\svrhost.abc -- File not found
O33 - MountPoints2\{2ecc4dec-326a-11db-85a4-0013a902608d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{333f4fcc-f7f9-11dd-87b9-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{333f4fcc-f7f9-11dd-87b9-00166f546f81}\Shell\Auto\command - "" = F:\svrhost.abc -- File not found
O33 - MountPoints2\{333f4fcc-f7f9-11dd-87b9-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{592ccffa-ba0a-11dd-87a1-00166f546f81}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe -- File not found
O33 - MountPoints2\{592ccffa-ba0a-11dd-87a1-00166f546f81}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\service.exe -- File not found
O33 - MountPoints2\{63b41fb5-c8f6-11dc-93bd-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{63b41fb5-c8f6-11dc-93bd-00166f546f81}\Shell\Auto\command - "" = H:\svrhost.abc -- File not found
O33 - MountPoints2\{63b41fb5-c8f6-11dc-93bd-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6e567025-a09c-11db-85c9-0013a902608d}\Shell - "" = AutoRun
O33 - MountPoints2\{6e567025-a09c-11db-85c9-0013a902608d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6e567025-a09c-11db-85c9-0013a902608d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{6e567026-a09c-11db-85c9-0013a902608d}\Shell\AutoRun\command - "" = G:\1weicxa.com -- File not found
O33 - MountPoints2\{6e567026-a09c-11db-85c9-0013a902608d}\Shell\explore\Command - "" = G:\1weicxa.com -- File not found
O33 - MountPoints2\{6e567026-a09c-11db-85c9-0013a902608d}\Shell\open\Command - "" = G:\1weicxa.com -- File not found
O33 - MountPoints2\{8e51e3c0-86cd-11da-99c3-806d6172696f}\Shell\AutoRun\command - "" = E:\sony\Autorun.exe -- File not found
O33 - MountPoints2\{d2ccad24-6fe6-11dc-8612-00166f546f81}\Shell\AutoRun\command - "" = F:\uisvkqr.exe -- File not found
O33 - MountPoints2\{d2ccad24-6fe6-11dc-8612-00166f546f81}\Shell\explore\Command - "" = F:\uisvkqr.exe -- File not found
O33 - MountPoints2\{d2ccad24-6fe6-11dc-8612-00166f546f81}\Shell\open\Command - "" = F:\uisvkqr.exe -- File not found
O33 - MountPoints2\{e96a75a8-22ca-11de-b300-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{e96a75a8-22ca-11de-b300-00166f546f81}\Shell\Auto\command - "" = F:\svrhost.abc -- File not found
O33 - MountPoints2\{e96a75a8-22ca-11de-b300-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f5cca4de-0a13-11dd-8757-00166f546f81}\Shell - "" = AutoRun
O33 - MountPoints2\{f5cca4de-0a13-11dd-8757-00166f546f81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f5cca4de-0a13-11dd-8757-00166f546f81}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f5cca4df-0a13-11dd-8757-00166f546f81}\Shell\AutoRun\command - "" = cayfq2.cmd
O33 - MountPoints2\{f5cca4df-0a13-11dd-8757-00166f546f81}\Shell\explore\Command - "" = cayfq2.cmd
O33 - MountPoints2\{f5cca4df-0a13-11dd-8757-00166f546f81}\Shell\open\Command - "" = cayfq2.cmd
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

========== Files/Folders - Created Within 30 Days ==========

[2 C:\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/07 13:44:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CHB\Local Settings\Apps
[2009/05/07 13:34:01 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/07 11:28:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\CHB\Application Data\Malwarebytes
[2009/05/07 11:28:24 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/07 11:28:21 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/07 11:28:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/05/07 11:28:18 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2009/05/07 11:26:21 | 00,000,162 | -H-- | C] () -- C:\DOCUME~1\CHB\My Documents\~$siness Plan Solvent Dyes.docx
[2009/05/07 10:55:38 | 00,284,970 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG030.jpg
[2009/05/07 10:55:12 | 00,357,431 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG029.jpg
[2009/05/07 10:52:20 | 00,375,864 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG028.jpg
[2009/05/07 10:51:56 | 00,259,483 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG027.jpg
[2009/05/07 10:51:28 | 00,401,877 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG026.jpg
[2009/05/06 22:16:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\Backup
[2009/05/06 22:15:42 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/05 16:01:52 | 00,056,051 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\CDA.pdf
[2009/05/04 15:58:54 | 00,048,640 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\DUTY CALCULATION-1.xls
[2009/05/04 13:10:23 | 00,103,062 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\diploma 2009 exam schedule.pdf
[2009/04/28 18:05:38 | 00,329,198 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG025.jpg
[2009/04/28 18:05:14 | 00,382,181 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG024.jpg
[2009/04/28 18:04:44 | 00,379,145 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG023.jpg
[2009/04/28 18:04:26 | 00,334,846 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG022.jpg
[2009/04/28 18:04:10 | 00,325,605 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\IMG021.jpg
[2009/04/24 08:49:05 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp4res.dll
[2009/04/24 08:49:04 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wordpad.exe
[2009/04/24 08:41:43 | 00,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll
[2009/04/24 08:41:42 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll
[2009/04/24 08:41:42 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe
[2009/04/24 08:41:41 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll
[2009/04/24 08:41:40 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll
[2009/04/24 08:41:40 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe
[2009/04/24 08:41:38 | 00,729,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/04/24 08:41:38 | 00,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll
[2009/04/24 08:41:37 | 00,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll
[2009/04/16 14:48:32 | 00,000,916 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3290093894-592503815-1714274043-1006.job
[2009/04/15 13:28:38 | 00,001,729 | ---- | C] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Adobe Reader 9.lnk
[2009/04/13 15:22:21 | 08,857,088 | ---- | C] () -- C:\DOCUME~1\CHB\Desktop\Opportunities in Water.ppt
[2009/04/10 12:43:16 | 00,635,392 | ---- | C] () -- C:\DOCUME~1\CHB\My Documents\OG Presentation 97.ppt
[2009/04/09 19:16:44 | 00,000,165 | -H-- | C] () -- C:\DOCUME~1\CHB\My Documents\~$OG Presentation.pptx
[2009/04/09 16:31:26 | 00,069,078 | ---- | C] () -- C:\DOCUME~1\CHB\My Documents\OG Presentation.pptx
[2009/04/09 11:42:07 | 00,438,784 | ---- | C] () -- C:\DOCUME~1\CHB\My Documents\HR Manual - to be printed.doc
[2009/02/14 12:41:27 | 00,000,433 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/11/27 22:09:54 | 07,277,568 | ---- | C] () -- C:\WINDOWS\System32\iPodmedia.dll
[2008/11/10 11:08:49 | 00,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008/10/18 12:08:08 | 00,000,072 | ---- | C] () -- C:\WINDOWS\init.ini
[2008/09/20 03:27:34 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/09/20 03:25:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/09/20 03:25:10 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/09/20 03:24:18 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/09/04 11:15:42 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\avformat-50.dll
[2008/09/04 11:15:42 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\mp4_lib.dll
[2008/09/04 11:15:42 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll
[2008/09/04 11:15:41 | 01,839,104 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll
[2008/09/04 11:14:54 | 00,759,917 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/06/28 14:56:55 | 00,001,364 | ---- | C] () -- C:\WINDOWS\LMAAG2DD.ini
[2008/05/21 12:15:01 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2008/04/06 12:04:13 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/12/07 20:14:55 | 00,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/12/07 13:26:56 | 00,006,154 | -HS- | C] () -- C:\WINDOWS\DelAutorun.ini
[2007/11/28 02:13:16 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/09/18 00:17:30 | 00,000,135 | ---- | C] () -- C:\WINDOWS\Mp3CutterJoiner.ini
[2007/07/14 10:38:03 | 00,000,038 | ---- | C] () -- C:\WINDOWS\ISIS.INI
[2007/03/28 15:49:39 | 00,000,052 | ---- | C] () -- C:\WINDOWS\bp2003.INI
[2007/03/28 12:08:41 | 00,081,973 | ---- | C] () -- C:\WINDOWS\System32\MSFTRG32.DLL
[2007/02/28 15:16:46 | 00,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll
[2007/01/02 16:35:37 | 00,000,067 | ---- | C] () -- C:\WINDOWS\AoADVDRipper.INI
[2006/11/27 14:06:33 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/11/02 23:30:27 | 00,001,651 | ---- | C] () -- C:\WINDOWS\ISISAIHP.INI
[2006/11/02 23:30:27 | 00,000,542 | ---- | C] () -- C:\WINDOWS\ISISAIM.INI
[2006/10/30 15:47:05 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\wh2robo.dll
[2006/08/03 18:20:26 | 00,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/06/23 14:56:12 | 00,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2006/06/03 02:45:44 | 00,294,912 | ---- | C] () -- C:\WINDOWS\System32\LDecVorbis.dll
[2006/05/24 22:07:27 | 00,027,648 | -HS- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2006/05/03 04:08:24 | 00,000,748 | ---- | C] () -- C:\WINDOWS\SetBrowser.ini
[2006/02/23 22:06:20 | 01,798,144 | ---- | C] () -- C:\WINDOWS\System32\ltmm_n.dll
[2006/02/23 22:06:20 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\LMOggSpl.dll
[2006/02/23 22:06:20 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\LMOggMux.dll
[2006/02/21 16:01:05 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2006/01/17 02:18:55 | 00,002,154 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2006/01/17 02:11:00 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2006/01/17 02:08:46 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/01/17 02:08:07 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/01/17 02:08:07 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/01/17 02:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/01/17 02:08:07 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/01/17 02:08:07 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/01/17 02:08:07 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/01/17 02:06:13 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/06 17:28:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/06 16:54:32 | 00,000,104 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/01/06 16:47:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/01/06 00:08:40 | 00,000,800 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/01/05 22:46:49 | 00,000,762 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/01/05 22:46:40 | 00,000,746 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/01/05 22:46:39 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/11/02 07:23:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/07/27 01:57:45 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/04/28 09:52:34 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/28 09:52:34 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/02/24 22:26:45 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2003/09/30 15:17:47 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003/09/30 15:17:47 | 00,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003/09/30 15:17:47 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003/09/30 15:17:47 | 00,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003/09/30 15:17:46 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003/09/30 15:17:46 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/06/13 01:51:12 | 00,049,152 | R--- | C] () -- C:\WINDOWS\System32\winchip.dll
[2002/04/01 18:45:50 | 00,047,616 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL

========== Files - Modified Within 30 Days ==========

[2 C:\*.tmp files]
[6 C:\WINDOWS\System32\*.tmp files]
[5 C:\WINDOWS\*.tmp files]
[2009/05/07 13:34:16 | 35,879,638 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/05/07 13:34:16 | 00,051,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/05/07 13:30:42 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/05/07 13:27:51 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\CHB\Local Settings\desktop.ini
[2009/05/07 13:27:47 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/05/07 13:27:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/05/07 13:27:14 | 52,689,7152 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/07 12:50:59 | 00,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3290093894-592503815-1714274043-1006.job
[2009/05/07 11:40:57 | 00,424,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/05/07 11:40:57 | 00,072,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/05/07 11:40:55 | 00,503,662 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/05/07 11:26:21 | 00,000,162 | -H-- | M] () -- C:\DOCUME~1\CHB\My Documents\~$siness Plan Solvent Dyes.docx
[2009/05/07 10:55:38 | 00,284,970 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG030.jpg
[2009/05/07 10:55:12 | 00,357,431 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG029.jpg
[2009/05/07 10:52:20 | 00,375,864 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG028.jpg
[2009/05/07 10:51:56 | 00,259,483 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG027.jpg
[2009/05/07 10:51:28 | 00,401,877 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG026.jpg
[2009/05/06 22:11:21 | 00,000,575 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\My Sharing Folders.lnk
[2009/05/06 22:09:38 | 00,000,018 | ---- | M] () -- C:\WINDOWS\System32\package.lst
[2009/05/06 17:35:43 | 00,021,463 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\Business Plan Solvent Dyes.docx
[2009/05/06 11:24:46 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2009/05/06 11:24:44 | 00,325,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2009/05/06 11:24:44 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2009/05/05 16:01:52 | 00,056,051 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\CDA.pdf
[2009/05/04 15:59:29 | 00,048,640 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\DUTY CALCULATION-1.xls
[2009/05/04 13:10:23 | 00,103,062 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\diploma 2009 exam schedule.pdf
[2009/05/01 13:49:23 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/04/28 18:05:38 | 00,329,198 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG025.jpg
[2009/04/28 18:05:14 | 00,382,181 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG024.jpg
[2009/04/28 18:04:44 | 00,379,145 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG023.jpg
[2009/04/28 18:04:26 | 00,334,846 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG022.jpg
[2009/04/28 18:04:10 | 00,325,605 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\IMG021.jpg
[2009/04/24 10:38:58 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/04/24 10:36:30 | 00,000,433 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2009/04/23 23:36:40 | 00,000,746 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/04/23 23:36:40 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/04/23 23:36:40 | 00,000,216 | RHS- | M] () -- C:\boot.ini
[2009/04/18 12:54:54 | 00,434,673 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2009/04/15 13:28:41 | 00,001,729 | ---- | M] () -- C:\DOCUME~1\ALLUSE~1\Desktop\Adobe Reader 9.lnk
[2009/04/13 17:50:50 | 08,857,088 | ---- | M] () -- C:\DOCUME~1\CHB\Desktop\Opportunities in Water.ppt
[2009/04/10 12:43:27 | 00,635,392 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\OG Presentation 97.ppt
[2009/04/10 10:28:43 | 00,069,078 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\OG Presentation.pptx
[2009/04/09 21:36:26 | 02,679,588 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\CBA Ppt.pptx
[2009/04/09 19:16:44 | 00,000,165 | -H-- | M] () -- C:\DOCUME~1\CHB\My Documents\~$OG Presentation.pptx
[2009/04/09 15:45:14 | 00,438,784 | ---- | M] () -- C:\DOCUME~1\CHB\My Documents\HR Manual - to be printed.doc
< End of report >







Extras Log:


OTListIt Extras logfile created on: 07/05/2009 13:40:04 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.3 Folder = C:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

502.42 Mb Total Physical Memory | 100.61 Mb Available Physical Memory | 20.02% Memory free
1.20 Gb Paging File | 0.70 Gb Available in Paging File | 58.20% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68.52 Gb Total Space | 22.71 Gb Free Space | 33.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHINMAY
Current User Name: CHB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire (Lime Wire, LLC)
C:\Downloads\utorrent.exe:*:Enabled:µTorrent File not found
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger (Yahoo! Inc.)
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module File not found
C:\cs16\hl.exe:*:Enabled:Half-Life Launcher (Valve)
C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent (BitTorrent, Inc.)
C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service File not found
C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server File not found
C:\Program Files\Real\RealPlayer\trueplay.exe:*:Enabled:RealPlayer (RealNetworks, Inc.)
C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer (Microsoft Corporation)
C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (Mozilla Corporation)
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager (Microsoft Corporation)
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application (Microsoft Corporation)
C:\Program Files\Outlook Messenger\OutlookMessenger.exe:*:Enabled:Outlook LAN Messenger (Srimax Software Technology)
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook (Microsoft Corporation)
C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe (AVG Technologies CZ, s.r.o.)
C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service File not found
C:\Program Files\Sony\VAIO Media 5.0\Vc.exe:*:Enabled:[VAIO Media] VAIO Media (Sony Corporation)
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 (Microsoft Corporation)
C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) (Microsoft Corporation)
C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour (Apple Inc.)
C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes (Apple Inc.)
C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary (Sun Microsystems, Inc.)
C:\Downloads\blobby\volley.exe:*:Enabled:volley ()
C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin (Google)
C:\Documents and Settings\CHB\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin (Google)
C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype (Skype Technologies S.A.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0DF00135-D5A7-476A-BFB3-EDFF2840076A}" = VAIO Wireless LAN Setup Utility
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2238A301-6A20-4bdb-A655-C84AB629F6B6}" = hph_readme
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{235BBFC6-D863-4066-A01A-3BD504C31033}" = Nero 7 Ultra Edition
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 12
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2EA7CF7E-0C76-44A5-B0CF-A1D171476E42}" = VAIO Breeze Wallpaper
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B7CBDC4-20D1-4E0F-8E36-ADFED7E767E5}" = SAP Business One Client
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{49140327-BEBF-43dd-B386-43311A065609}" = hph_ProductContext
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{5012BC0C-7E1A-329A-8F02-B6846070C5F8}" = Google Talk Plugin
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 5.0
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 5.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{63B8FB69-A1B6-425D-B67D-5257B7A1F663}" = Image Converter 2 Plus
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 5.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80EE18E6-F16C-11D4-8BE8-006097C9A3ED}" = ISScript
"{82081533-F045-469E-BD53-F16839E445C3}" = VAIO Support Central
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{903B0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Project Professional 2002
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D404F8F-05A1-4734-9550-6EC2FEE916B8}" = HP Photosmart and Deskjet 7.0 Software
"{9E158BB9-37B9-464B-837E-CC1D5766291B}" = VAIO Update 3
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.3
"{A4DE0CBD-85BC-4075-B23E-6971C5989573}" = D1300
"{A6C38A49-367A-443D-BBEA-403A3BF8C877}" = GlobeTrotter Mobility Manager
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 5.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B2B30EC0-FB6A-43BB-9B38-0C3B32D75B40}_is1" = Sony Download Taxi 1.5.0.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BBEB5679-6E2C-47C6-A9B5-3C6D4CD19B60}" = hph_software_req
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{C44A1657-3998-4B6E-8BB6-40071222EF5D}" = D1300_Help
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D6346347-B8CD-4B52-BF5F-9676CDE79801}" = hph_software
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"{FB714F13-10C9-48DB-91C9-DDBCCCBF9370}" = VAIO Original Screen Saver VAIO Cozy Screen SD Wide Contents
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE3BF611-9B8B-44DC-A424-F8C4BA122A1D}" = VAIO Security Center
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Amara - Flash Photo Animation Software" = Amara - Flash Photo Animation Software
"AoA DVD Ripper_is1" = AoA DVD Ripper
"AVG8Uninstall" = AVG Free 8.5
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.0
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Feeding Frenzy 2 1.0" = Feeding Frenzy 2 1.0
"FLV Player1.33T" = FLV Player
"Freez iPod Video Converter 1.5_is1" = Freez iPod Video Converter
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HP-LaserJet 1018" = LaserJet 1018
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"igLoader" = igLoader
"InfodriveIndia Trade Intelligence MenuBar_is1" = InfodriveIndia Trade Intelligence MenuBar ver 1
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{3B7CBDC4-20D1-4E0F-8E36-ADFED7E767E5}" = SAP Business One Client
"InstallShield_{BA46CCF2-2C59-4DEB-93DC-7000B7C53B4E}" = VAIOSurveySA
"InstallShield_{F5E4C38C-73BC-4D44-8BFC-969C2B4DABCA}" = OpenMG Secure Module 4.3.00
"Internet Scrabble Club_is1" = WordBiz version 1.8
"IrfanView" = IrfanView (remove only)
"ISIS Draw 2.1.4 Standalone" = ISIS Draw 2.1.4 Standalone
"JEOPARDY!" = JEOPARDY! (remove only)
"Lexmark Printer Software Uninstall" = Lexmark Printer Software Uninstall
"LimeWire" = LimeWire PRO 4.10.9
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MouseSuite98" = Sony USB Mouse
"MozBackup_is1" = MozBackup 1.4.6
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"Mozilla Thunderbird (2.0.0.21)" = Mozilla Thunderbird (2.0.0.21)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"National Chemical Inventories" = National Chemical Inventories
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OSHA Hazard Awareness Advisor_is1" = Hazard Awareness Version 1.0
"OutlookMessenger_is1" = OutlookMessenger V4.1
"PDFCreator Toolbar" = PDFCreator Toolbar
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"SAP DB (ALL)" = MaxDB
"Spb Arkaball II" = Spb Arkaball II
"Spb Balltracker" = Spb Balltracker
"Spb Brain Evolution" = Spb Brain Evolution
"Spb Quadronica" = Spb Quadronica
"Spb Sudoku" = Spb Sudoku
"Spb Xonix II qVGA" = Spb Xonix II qVGA
"Super TextTwist" = Super TextTwist
"Theorica Divx ;-) Codecs" = Theorica Divx ;-) Codecs (remove only)
"VLC media player" = VideoLAN VLC media player 0.8.6b
"Wheel of Fortune" = Wheel of Fortune (remove only)
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD 1.1 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 04/05/2009 01:20:47 | Computer Name = CHINMAY | Source = Application Error | ID = 1000
Description = Faulting application svrhost.abc, version 0.0.0.0, faulting module
kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb.

Error - 04/05/2009 01:21:11 | Computer Name = CHINMAY | Source = Application Error | ID = 1000
Description = Faulting application svrhost.abc, version 0.0.0.0, faulting module
kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb.

Error - 04/05/2009 01:21:39 | Computer Name = CHINMAY | Source = Application Error | ID = 1001
Description = Fault bucket 1239009797.

Error - 04/05/2009 01:21:42 | Computer Name = CHINMAY | Source = Application Error | ID = 1001
Description = Fault bucket 1239009797.

Error - 05/05/2009 06:03:37 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

Error - 06/05/2009 07:21:20 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

Error - 06/05/2009 11:46:10 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

Error - 06/05/2009 12:45:32 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

Error - 06/05/2009 13:46:10 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

Error - 07/05/2009 01:54:21 | Computer Name = CHINMAY | Source = Google Update | ID = 20
Description =

[ OSession Events ]
Error - 22/06/2008 23:48:38 | Computer Name = CHINMAY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 335270
seconds with 780 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 04/05/2009 01:53:57 | Computer Name = CHINMAY | Source = Dhcp | ID = 1002
Description = The IP address lease 117.98.11.210 for the Network Card with network
address 00904C000000 has been denied by the DHCP server 117.0.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 04/05/2009 01:55:06 | Computer Name = CHINMAY | Source = Dhcp | ID = 1002
Description = The IP address lease 117.98.38.143 for the Network Card with network
address 00904C000000 has been denied by the DHCP server 117.0.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 04/05/2009 01:56:11 | Computer Name = CHINMAY | Source = Dhcp | ID = 1002
Description = The IP address lease 117.98.116.45 for the Network Card with network
address 00904C000000 has been denied by the DHCP server 117.0.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 04/05/2009 01:57:05 | Computer Name = CHINMAY | Source = Dhcp | ID = 1002
Description = The IP address lease 117.98.25.237 for the Network Card with network
address 00904C000000 has been denied by the DHCP server 117.0.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 05/05/2009 01:01:43 | Computer Name = CHINMAY | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 06/05/2009 02:04:56 | Computer Name = CHINMAY | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'updatecomps.cfg' on the volume 'HarddiskVolume2'. It
has stopped monitoring the volume.

Error - 06/05/2009 02:05:08 | Computer Name = CHINMAY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows WorkGroup service
to connect.

Error - 06/05/2009 11:43:05 | Computer Name = CHINMAY | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Netman service.

Error - 07/05/2009 03:59:09 | Computer Name = CHINMAY | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Windows WorkGroup service
to connect.

Error - 07/05/2009 03:59:50 | Computer Name = CHINMAY | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
IntelIde


< End of report >





Btw, I've got AVG free now, and it keeps showing two exe files called down[1].exe and down[2].exe as potential trojans.
Also, I've noticed that I get iexplore.exe in my processes even when I don't have Internet Explorer running. When I try and stop the process, it just restarts again by itself.

I hope I've done everything right!

Edited by chinmay420, 07 May 2009 - 02:44 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP